Allied Telesis IE200-6FT Industrial Ethernet, Layer 2 Switch manual
Add to my manuals
1592 Pages
Allied Telesis IE200-6FT is a powerful industrial managed PoE+ switch designed for demanding industrial environments. It offers a robust and reliable networking solution for industries such as manufacturing, transportation, and energy. With its advanced features and rugged design, the IE200-6FT is an ideal choice for mission-critical applications where uptime and performance are paramount.
advertisement
▼
Scroll to page 2
of 1592
IE200 Series INDUSTRIAL MANAGED POE+ SWITCHES AT-IE200-6FT-80 AT-IE200-6FP-80 AT-IE200-6GT-80 AT-IE200-6GP-80 Command Reference for AlliedWare Plus™ Version 5.4.6-0.x C613-50081-01 REV A Acknowledgments This product includes software developed by the University of California, Berkeley and its contributors. Copyright ©1982, 1986, 1990, 1991, 1993 The Regents of the University of California. All rights reserved. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. For information about this see www.openssl.org/ Copyright ©1998-2008 The OpenSSL Project. All rights reserved. This product includes software licensed under v2 and v3 of the GNU General Public License, available from: www.gnu.org/licenses/ gpl2.html and www.gnu.org/licenses/gpl.html respectively. Source code for all GPL licensed software in this product can be obtained from the Allied Telesis GPL Code Download Center at: www.alliedtelesis.com/support/default.aspx Allied Telesis is committed to meeting the requirements of the open source licenses including the GNU General Public License (GPL) and will make all required source code available. If you would like a copy of the GPL source code contained in Allied Telesis products, please send us a request by registered mail including a check for US$15 to cover production and shipping costs and a CD with the GPL code will be mailed to you. GPL Code Request Allied Telesis Labs (Ltd) PO Box 8011 Christchurch New Zealand Allied Telesis, AlliedWare Plus, Allied Telesis Management Framework, EPSRing, SwitchBlade, VCStack, and VCStack Plus are trademarks or registered trademarks in the United States and elsewhere of Allied Telesis, Inc. Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. All other product names, company names, logos or other designations mentioned herein may be trademarks or registered trademarks of their respective owners. 2015 Allied Telesis, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesis, Inc. Allied Telesis, Inc. reserves the right to make changes in specifications and other information contained in this document without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied Telesis, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesis, Inc. has been advised of, known, or should have known, the possibility of such damages. Contents PART 1: Setup and Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Chapter 1: CLI Navigation Commands . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . configure terminal . . . . . . . . . . . . . . . . . . . disable (Privileged Exec mode) . . . . . . . . . . . do . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . enable (Privileged Exec mode) . . . . . . . . . . . end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . help . . . . . . . . . . . . . . . . . . . . . . . . . . . . logout . . . . . . . . . . . . . . . . . . . . . . . . . . . show history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 . . . . . . . . . . . .56 . . . . . . . . . . . .57 . . . . . . . . . . . .58 . . . . . . . . . . . .59 . . . . . . . . . . . .60 . . . . . . . . . . . .62 . . . . . . . . . . . .63 . . . . . . . . . . . .64 . . . . . . . . . . . .65 . . . . . . . . . . . .66 Chapter 2: File Management Commands Introduction . . . . . . . . . . . . autoboot enable . . . . . . . . . boot config-file . . . . . . . . . . boot config-file backup . . . . . boot system . . . . . . . . . . . . boot system backup . . . . . . . cd . . . . . . . . . . . . . . . . . . . copy (filename) . . . . . . . . . . copy current-software . . . . . . copy debug . . . . . . . . . . . . copy running-config . . . . . . . copy startup-config . . . . . . . copy zmodem . . . . . . . . . . . create autoboot . . . . . . . . . . delete . . . . . . . . . . . . . . . . delete debug . . . . . . . . . . . . dir . . . . . . . . . . . . . . . . . . . edit . . . . . . . . . . . . . . . . . . edit (filename) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 . . . . . . . . . . . .67 . . . . . . . . . . . .71 . . . . . . . . . . . .72 . . . . . . . . . . . .74 . . . . . . . . . . . .75 . . . . . . . . . . . .77 . . . . . . . . . . . .78 . . . . . . . . . . . .79 . . . . . . . . . . . .81 . . . . . . . . . . . .82 . . . . . . . . . . . .83 . . . . . . . . . . . .84 . . . . . . . . . . . .85 . . . . . . . . . . . .86 . . . . . . . . . . . .87 . . . . . . . . . . . .88 . . . . . . . . . . . .89 . . . . . . . . . . . .91 . . . . . . . . . . . .92 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 3 erase startup-config . . . . . . . . . . . . . ip tftp source-interface . . . . . . . . . . . ipv6 tftp source-interface . . . . . . . . . . mkdir . . . . . . . . . . . . . . . . . . . . . . . move . . . . . . . . . . . . . . . . . . . . . . . move debug . . . . . . . . . . . . . . . . . . pwd . . . . . . . . . . . . . . . . . . . . . . . rmdir . . . . . . . . . . . . . . . . . . . . . . . show autoboot . . . . . . . . . . . . . . . . show boot . . . . . . . . . . . . . . . . . . . show file . . . . . . . . . . . . . . . . . . . . . show file systems . . . . . . . . . . . . . . . show running-config . . . . . . . . . . . . . show running-config access-list . . . . . . show running-config dhcp . . . . . . . . . show running-config full . . . . . . . . . . show running-config interface . . . . . . show running-config ipv6 access-list . . show running-config key chain . . . . . . show running-config lldp . . . . . . . . . . show running-config power-inline . . . . show running-config router-id . . . . . . show running-config security-password show startup-config . . . . . . . . . . . . . show version . . . . . . . . . . . . . . . . . . write file . . . . . . . . . . . . . . . . . . . . . write memory . . . . . . . . . . . . . . . . . write terminal . . . . . . . . . . . . . . . . . Chapter 3: C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . User Access Commands . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . clear line console . . . . . . . . . . . . . . . . . . . . clear line vty . . . . . . . . . . . . . . . . . . . . . . . enable password . . . . . . . . . . . . . . . . . . . . enable secret . . . . . . . . . . . . . . . . . . . . . . . exec-timeout . . . . . . . . . . . . . . . . . . . . . . . flowcontrol hardware (asyn/console) . . . . . . . length (asyn) . . . . . . . . . . . . . . . . . . . . . . . line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . privilege level . . . . . . . . . . . . . . . . . . . . . . security-password history . . . . . . . . . . . . . . . security-password forced-change . . . . . . . . . security-password lifetime . . . . . . . . . . . . . . security-password minimum-categories . . . . . security-password minimum-length . . . . . . . . security-password reject-expired-pwd . . . . . . security-password warning . . . . . . . . . . . . . . service advanced-vty . . . . . . . . . . . . . . . . . . service password-encryption . . . . . . . . . . . . service telnet . . . . . . . . . . . . . . . . . . . . . . . service terminal-length (deleted) . . . . . . . . . . show privilege . . . . . . . . . . . . . . . . . . . . . . show security-password configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 . . . . . . . . . . . 126 . . . . . . . . . . . 128 . . . . . . . . . . . 129 . . . . . . . . . . . 130 . . . . . . . . . . . 133 . . . . . . . . . . . 136 . . . . . . . . . . . 138 . . . . . . . . . . . 140 . . . . . . . . . . . 141 . . . . . . . . . . . 143 . . . . . . . . . . . 144 . . . . . . . . . . . 145 . . . . . . . . . . . 146 . . . . . . . . . . . 147 . . . . . . . . . . . 148 . . . . . . . . . . . 149 . . . . . . . . . . . 150 . . . . . . . . . . . 151 . . . . . . . . . . . 152 . . . . . . . . . . . 153 . . . . . . . . . . . 154 . . . . . . . . . . . 155 . . . . . . . . . . . 156 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93 . .94 . .95 . .96 . .97 . .98 . .99 . 100 . 101 . 102 . 104 . 105 . 107 . 109 . 110 . 111 . 113 . 115 . 116 . 117 . 118 . 119 . 120 . 121 . 122 . 123 . 124 . 125 4 show security-password user show telnet . . . . . . . . . . . . show users . . . . . . . . . . . . telnet . . . . . . . . . . . . . . . . telnet server . . . . . . . . . . . terminal length . . . . . . . . . terminal resize . . . . . . . . . . username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 . 158 . 159 . 160 . 161 . 162 . 163 . 164 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 . . . . . . . . . . . 166 . . . . . . . . . . . 167 . . . . . . . . . . . 168 Chapter 4: GUI Commands Introduction . . . service http . . . . show http . . . . . . . . . . . . . . . . . Chapter 5: System Configuration and Monitoring Commands Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . banner exec . . . . . . . . . . . . . . . . . . . . . . . . . . . banner login (system) . . . . . . . . . . . . . . . . . . . . . banner motd . . . . . . . . . . . . . . . . . . . . . . . . . . . clock set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clock summer-time date . . . . . . . . . . . . . . . . . . . clock summer-time recurring . . . . . . . . . . . . . . . . clock timezone . . . . . . . . . . . . . . . . . . . . . . . . . continuous-reboot-prevention . . . . . . . . . . . . . . . ecofriendly led . . . . . . . . . . . . . . . . . . . . . . . . . . findme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . findme trigger . . . . . . . . . . . . . . . . . . . . . . . . . . hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . no debug all . . . . . . . . . . . . . . . . . . . . . . . . . . . reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . show continuous-reboot-prevention . . . . . . . . . . . show cpu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show cpu history . . . . . . . . . . . . . . . . . . . . . . . . show debugging . . . . . . . . . . . . . . . . . . . . . . . . show ecofriendly . . . . . . . . . . . . . . . . . . . . . . . . show interface memory . . . . . . . . . . . . . . . . . . . . show memory . . . . . . . . . . . . . . . . . . . . . . . . . . show memory allocations . . . . . . . . . . . . . . . . . . show memory history . . . . . . . . . . . . . . . . . . . . . show memory pools . . . . . . . . . . . . . . . . . . . . . . show memory shared . . . . . . . . . . . . . . . . . . . . . show process . . . . . . . . . . . . . . . . . . . . . . . . . . show reboot history . . . . . . . . . . . . . . . . . . . . . . show router-id . . . . . . . . . . . . . . . . . . . . . . . . . . show system . . . . . . . . . . . . . . . . . . . . . . . . . . . show system environment . . . . . . . . . . . . . . . . . . show system interrupts . . . . . . . . . . . . . . . . . . . . show system mac . . . . . . . . . . . . . . . . . . . . . . . . show system serialnumber . . . . . . . . . . . . . . . . . . show tech-support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169 . . . . . . . . . . . . 169 . . . . . . . . . . . . 171 . . . . . . . . . . . . 173 . . . . . . . . . . . . 175 . . . . . . . . . . . . 177 . . . . . . . . . . . . 178 . . . . . . . . . . . . 180 . . . . . . . . . . . . 182 . . . . . . . . . . . . 183 . . . . . . . . . . . . 185 . . . . . . . . . . . . 186 . . . . . . . . . . . . 188 . . . . . . . . . . . . 189 . . . . . . . . . . . . 191 . . . . . . . . . . . . 192 . . . . . . . . . . . . 193 . . . . . . . . . . . . 194 . . . . . . . . . . . . 196 . . . . . . . . . . . . 197 . . . . . . . . . . . . 200 . . . . . . . . . . . . 202 . . . . . . . . . . . . 203 . . . . . . . . . . . . 204 . . . . . . . . . . . . 206 . . . . . . . . . . . . 208 . . . . . . . . . . . . 210 . . . . . . . . . . . . 211 . . . . . . . . . . . . 212 . . . . . . . . . . . . 213 . . . . . . . . . . . . 215 . . . . . . . . . . . . 216 . . . . . . . . . . . . 217 . . . . . . . . . . . . 218 . . . . . . . . . . . . 219 . . . . . . . . . . . . 220 . . . . . . . . . . . . 221 . . . . . . . . . . . . 222 C613-50081-01 REV A . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 5 speed (asyn) . . . . . . . . . . . system territory (deprecated) terminal monitor . . . . . . . . undebug all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 6: Pluggables and Cabling Commands . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . show system pluggable . . . . . . . . . . . . . . . . show system pluggable detail . . . . . . . . . . . . show system pluggable diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229 . . . . . . . . . . . 229 . . . . . . . . . . . 230 . . . . . . . . . . . 232 . . . . . . . . . . . 236 Chapter 7: Logging Commands . Introduction . . . . . . . clear exception log . . . clear log . . . . . . . . . . clear log buffered . . . . clear log permanent . . default log buffered . . default log console . . . default log email . . . . default log host . . . . . default log monitor . . . default log permanent . log buffered . . . . . . . log buffered (filter) . . . log buffered exclude . . log buffered size . . . . log console . . . . . . . . log console (filter) . . . . log console exclude . . log email . . . . . . . . . log email (filter) . . . . . log email exclude . . . . log email time . . . . . . log facility . . . . . . . . . log host . . . . . . . . . . log host (filter) . . . . . . log host exclude . . . . . log host source . . . . . log host time . . . . . . . log monitor (filter) . . . log monitor exclude . . log permanent . . . . . . log permanent (filter) . log permanent exclude log permanent size . . . log-rate-limit nsm . . . . show counter log . . . . show exception log . . show log . . . . . . . . . show log config . . . . . show log permanent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238 . . . . . . . . . . . 238 . . . . . . . . . . . 240 . . . . . . . . . . . 241 . . . . . . . . . . . 242 . . . . . . . . . . . 243 . . . . . . . . . . . 244 . . . . . . . . . . . 245 . . . . . . . . . . . 246 . . . . . . . . . . . 247 . . . . . . . . . . . 248 . . . . . . . . . . . 249 . . . . . . . . . . . 250 . . . . . . . . . . . 251 . . . . . . . . . . . 254 . . . . . . . . . . . 257 . . . . . . . . . . . 258 . . . . . . . . . . . 259 . . . . . . . . . . . 262 . . . . . . . . . . . 265 . . . . . . . . . . . 266 . . . . . . . . . . . 269 . . . . . . . . . . . 272 . . . . . . . . . . . 274 . . . . . . . . . . . 276 . . . . . . . . . . . 277 . . . . . . . . . . . 280 . . . . . . . . . . . 283 . . . . . . . . . . . 284 . . . . . . . . . . . 286 . . . . . . . . . . . 289 . . . . . . . . . . . 292 . . . . . . . . . . . 293 . . . . . . . . . . . 296 . . . . . . . . . . . 299 . . . . . . . . . . . 300 . . . . . . . . . . . 302 . . . . . . . . . . . 303 . . . . . . . . . . . 304 . . . . . . . . . . . 307 . . . . . . . . . . . 309 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224 . 226 . 227 . 228 6 show running-config log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Chapter 8: Scripting Commands Introduction . . . . . . activate . . . . . . . . . echo . . . . . . . . . . . wait . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311 . . . . . . . . . . . 311 . . . . . . . . . . . 312 . . . . . . . . . . . 313 . . . . . . . . . . . 314 Chapter 9: Interface Commands . Introduction . . . . . . . description (interface) . interface (to configure) mru jumbo . . . . . . . . mtu . . . . . . . . . . . . . show interface . . . . . . show interface brief . . show interface status . shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315 . . . . . . . . . . . 315 . . . . . . . . . . . 316 . . . . . . . . . . . 317 . . . . . . . . . . . 319 . . . . . . . . . . . 320 . . . . . . . . . . . 322 . . . . . . . . . . . 326 . . . . . . . . . . . 327 . . . . . . . . . . . 329 Chapter 10: Interface Testing Commands Introduction . . . . . . . . . . . . clear test interface . . . . . . . . service test . . . . . . . . . . . . . test interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330 . . . . . . . . . . . 330 . . . . . . . . . . . 331 . . . . . . . . . . . 332 . . . . . . . . . . . 333 Chapter 11: Alarm Monitoring Commands . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . alarm facility . . . . . . . . . . . . . . . . . . . . . . . debug alarm . . . . . . . . . . . . . . . . . . . . . . . show alarm settings . . . . . . . . . . . . . . . . . . show debugging alarm . . . . . . . . . . . . . . . . show facility-alarm status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335 . . . . . . . . . . . 335 . . . . . . . . . . . 336 . . . . . . . . . . . 339 . . . . . . . . . . . 340 . . . . . . . . . . . 341 . . . . . . . . . . . 342 PART 2: Layer Two Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343 Chapter 12: Switching Commands . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . backpressure . . . . . . . . . . . . . . . . . . . . . . . clear loop-protection counters . . . . . . . . . . . clear mac address-table dynamic . . . . . . . . . . clear mac address-table static . . . . . . . . . . . . clear port counter . . . . . . . . . . . . . . . . . . . . debug loopprot . . . . . . . . . . . . . . . . . . . . . debug platform packet . . . . . . . . . . . . . . . . duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . flowcontrol (switch port) . . . . . . . . . . . . . . . linkflap action . . . . . . . . . . . . . . . . . . . . . . loop-protection loop-detect . . . . . . . . . . . . . loop-protection action . . . . . . . . . . . . . . . . loop-protection action-delay-time . . . . . . . . . loop-protection timeout . . . . . . . . . . . . . . . C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344 . . . . . . . . . . . 344 . . . . . . . . . . . 346 . . . . . . . . . . . 348 . . . . . . . . . . . 349 . . . . . . . . . . . 351 . . . . . . . . . . . 352 . . . . . . . . . . . 353 . . . . . . . . . . . 354 . . . . . . . . . . . 356 . . . . . . . . . . . 358 . . . . . . . . . . . 360 . . . . . . . . . . . 361 . . . . . . . . . . . 362 . . . . . . . . . . . 363 . . . . . . . . . . . 364 7 Chapter 13: C613-50081-01 REV A mac address-table acquire . . . . . . . . . . . . . . . mac address-table ageing-time . . . . . . . . . . . . mac address-table logging . . . . . . . . . . . . . . . mac address-table static . . . . . . . . . . . . . . . . mirror interface . . . . . . . . . . . . . . . . . . . . . . platform stop-unreg-mc-flooding . . . . . . . . . . platform vlan-stacking-tpid . . . . . . . . . . . . . . polarity . . . . . . . . . . . . . . . . . . . . . . . . . . . show debugging loopprot . . . . . . . . . . . . . . . show debugging platform packet . . . . . . . . . . show flowcontrol interface . . . . . . . . . . . . . . . show interface err-disabled . . . . . . . . . . . . . . show interface switchport . . . . . . . . . . . . . . . show loop-protection . . . . . . . . . . . . . . . . . . show mac address-table . . . . . . . . . . . . . . . . show mirror . . . . . . . . . . . . . . . . . . . . . . . . show mirror interface . . . . . . . . . . . . . . . . . . show platform . . . . . . . . . . . . . . . . . . . . . . . show platform classifier statistics utilization brief . show platform port . . . . . . . . . . . . . . . . . . . . show storm-control . . . . . . . . . . . . . . . . . . . speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . storm-control level . . . . . . . . . . . . . . . . . . . . thrash-limiting . . . . . . . . . . . . . . . . . . . . . . . undebug loopprot . . . . . . . . . . . . . . . . . . . . undebug platform packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . VLAN Commands . . . . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . . port-vlan-forwarding-priority . . . . . . . . . . . . . private-vlan . . . . . . . . . . . . . . . . . . . . . . . . . private-vlan association . . . . . . . . . . . . . . . . . show port-vlan-forwarding-priority . . . . . . . . . show vlan . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan classifier group . . . . . . . . . . . . . . . show vlan classifier group interface . . . . . . . . . show vlan classifier interface group . . . . . . . . . show vlan classifier rule . . . . . . . . . . . . . . . . . show vlan private-vlan . . . . . . . . . . . . . . . . . . switchport access vlan . . . . . . . . . . . . . . . . . . switchport enable vlan . . . . . . . . . . . . . . . . . switchport mode access . . . . . . . . . . . . . . . . . switchport mode private-vlan . . . . . . . . . . . . . switchport mode private-vlan trunk promiscuous switchport mode private-vlan trunk secondary . . switchport mode trunk . . . . . . . . . . . . . . . . . switchport private-vlan host-association . . . . . . switchport private-vlan mapping . . . . . . . . . . . switchport trunk allowed vlan . . . . . . . . . . . . . switchport trunk native vlan . . . . . . . . . . . . . . switchport vlan-stacking (double tagging) . . . . . switchport voice dscp . . . . . . . . . . . . . . . . . . switchport voice vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399 . . . . . . . . . . . 399 . . . . . . . . . . . 401 . . . . . . . . . . . 404 . . . . . . . . . . . 405 . . . . . . . . . . . 406 . . . . . . . . . . . 407 . . . . . . . . . . . 408 . . . . . . . . . . . 409 . . . . . . . . . . . 410 . . . . . . . . . . . 411 . . . . . . . . . . . 412 . . . . . . . . . . . 413 . . . . . . . . . . . 414 . . . . . . . . . . . 415 . . . . . . . . . . . 416 . . . . . . . . . . . 417 . . . . . . . . . . . 419 . . . . . . . . . . . 421 . . . . . . . . . . . 422 . . . . . . . . . . . 423 . . . . . . . . . . . 424 . . . . . . . . . . . 427 . . . . . . . . . . . 429 . . . . . . . . . . . 430 . . . . . . . . . . . 431 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 . 366 . 367 . 368 . 369 . 371 . 373 . 374 . 375 . 376 . 377 . 378 . 379 . 380 . 382 . 384 . 385 . 386 . 387 . 388 . 392 . 393 . 395 . 396 . 397 . 398 8 switchport voice vlan priority vlan . . . . . . . . . . . . . . . . . vlan classifier activate . . . . . vlan classifier group . . . . . . vlan classifier rule ipv4 . . . . . vlan classifier rule proto . . . . vlan database . . . . . . . . . . Chapter 14: C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Spanning Tree Commands . . . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear spanning-tree statistics . . . . . . . . . . . . . . . . . . . clear spanning-tree detected protocols (RSTP and MSTP) debug mstp (RSTP and STP) . . . . . . . . . . . . . . . . . . . instance priority (MSTP) . . . . . . . . . . . . . . . . . . . . . . instance vlan (MSTP) . . . . . . . . . . . . . . . . . . . . . . . . region (MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . revision (MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . show debugging mstp . . . . . . . . . . . . . . . . . . . . . . show spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . show spanning-tree brief . . . . . . . . . . . . . . . . . . . . . show spanning-tree mst . . . . . . . . . . . . . . . . . . . . . show spanning-tree mst config . . . . . . . . . . . . . . . . . show spanning-tree mst detail . . . . . . . . . . . . . . . . . show spanning-tree mst detail interface . . . . . . . . . . . show spanning-tree mst instance . . . . . . . . . . . . . . . . show spanning-tree mst instance interface . . . . . . . . . show spanning-tree mst interface . . . . . . . . . . . . . . . show spanning-tree mst detail interface . . . . . . . . . . . show spanning-tree statistics . . . . . . . . . . . . . . . . . . show spanning-tree statistics instance . . . . . . . . . . . . show spanning-tree statistics instance interface . . . . . . show spanning-tree statistics interface . . . . . . . . . . . . show spanning-tree vlan range-index . . . . . . . . . . . . . spanning-tree autoedge (RSTP and MSTP) . . . . . . . . . . spanning-tree bpdu . . . . . . . . . . . . . . . . . . . . . . . . spanning-tree cisco-interoperability (MSTP) . . . . . . . . . spanning-tree edgeport (RSTP and MSTP) . . . . . . . . . . spanning-tree enable . . . . . . . . . . . . . . . . . . . . . . . spanning-tree errdisable-timeout enable . . . . . . . . . . . spanning-tree errdisable-timeout interval . . . . . . . . . . spanning-tree force-version . . . . . . . . . . . . . . . . . . . spanning-tree forward-time . . . . . . . . . . . . . . . . . . . spanning-tree guard root . . . . . . . . . . . . . . . . . . . . . spanning-tree hello-time . . . . . . . . . . . . . . . . . . . . . spanning-tree link-type . . . . . . . . . . . . . . . . . . . . . . spanning-tree max-age . . . . . . . . . . . . . . . . . . . . . . spanning-tree max-hops (MSTP) . . . . . . . . . . . . . . . . spanning-tree mode . . . . . . . . . . . . . . . . . . . . . . . . spanning-tree mst configuration . . . . . . . . . . . . . . . . spanning-tree mst instance . . . . . . . . . . . . . . . . . . . spanning-tree mst instance path-cost . . . . . . . . . . . . . spanning-tree mst instance priority . . . . . . . . . . . . . . spanning-tree mst instance restricted-role . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433 . 434 . 435 . 436 . 437 . 438 . 441 . . . . . . . . . . 442 . . . . . . . . . . . 442 . . . . . . . . . . . 444 . . . . . . . . . . . 445 . . . . . . . . . . . 446 . . . . . . . . . . . 450 . . . . . . . . . . . 452 . . . . . . . . . . . 454 . . . . . . . . . . . 455 . . . . . . . . . . . 456 . . . . . . . . . . . 457 . . . . . . . . . . . 460 . . . . . . . . . . . 461 . . . . . . . . . . . 462 . . . . . . . . . . . 463 . . . . . . . . . . . 465 . . . . . . . . . . . 467 . . . . . . . . . . . 468 . . . . . . . . . . . 469 . . . . . . . . . . . 470 . . . . . . . . . . . 472 . . . . . . . . . . . 474 . . . . . . . . . . . 475 . . . . . . . . . . . 477 . . . . . . . . . . . 479 . . . . . . . . . . . 480 . . . . . . . . . . . 481 . . . . . . . . . . . 483 . . . . . . . . . . . 484 . . . . . . . . . . . 485 . . . . . . . . . . . 487 . . . . . . . . . . . 488 . . . . . . . . . . . 489 . . . . . . . . . . . 490 . . . . . . . . . . . 491 . . . . . . . . . . . 492 . . . . . . . . . . . 493 . . . . . . . . . . . 494 . . . . . . . . . . . 495 . . . . . . . . . . . 496 . . . . . . . . . . . 497 . . . . . . . . . . . 498 . . . . . . . . . . . 499 . . . . . . . . . . . 501 . . . . . . . . . . . 502 9 spanning-tree mst instance restricted-tcn spanning-tree path-cost . . . . . . . . . . . spanning-tree portfast (STP) . . . . . . . . . spanning-tree portfast bpdu-filter . . . . . spanning-tree portfast bpdu-guard . . . . spanning-tree priority (bridge priority) . . spanning-tree priority (port priority) . . . . spanning-tree restricted-role . . . . . . . . spanning-tree restricted-tcn . . . . . . . . . spanning-tree transmit-holdcount . . . . . undebug mstp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 15: Link Aggregation Commands . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . channel-group . . . . . . . . . . . . . . . . . . . . . . clear lacp counters . . . . . . . . . . . . . . . . . . . debug lacp . . . . . . . . . . . . . . . . . . . . . . . . lacp global-passive-mode enable . . . . . . . . . . lacp port-priority . . . . . . . . . . . . . . . . . . . . lacp system-priority . . . . . . . . . . . . . . . . . . lacp timeout . . . . . . . . . . . . . . . . . . . . . . . show debugging lacp . . . . . . . . . . . . . . . . . show diagnostic channel-group . . . . . . . . . . show etherchannel . . . . . . . . . . . . . . . . . . . show etherchannel detail . . . . . . . . . . . . . . . show etherchannel summary . . . . . . . . . . . . show lacp sys-id . . . . . . . . . . . . . . . . . . . . . show lacp-counter . . . . . . . . . . . . . . . . . . . show port etherchannel . . . . . . . . . . . . . . . . show static-channel-group . . . . . . . . . . . . . . static-channel-group . . . . . . . . . . . . . . . . . . undebug lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 518 . . . . . . . . . . . 518 . . . . . . . . . . . 520 . . . . . . . . . . . 522 . . . . . . . . . . . 523 . . . . . . . . . . . 524 . . . . . . . . . . . 525 . . . . . . . . . . . 526 . . . . . . . . . . . 527 . . . . . . . . . . . 529 . . . . . . . . . . . 530 . . . . . . . . . . . 531 . . . . . . . . . . . 532 . . . . . . . . . . . 533 . . . . . . . . . . . 534 . . . . . . . . . . . 535 . . . . . . . . . . . 536 . . . . . . . . . . . 537 . . . . . . . . . . . 538 . . . . . . . . . . . 540 Chapter 16: Power over Ethernet Commands . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . clear power-inline counters interface . . . . . . . debug power-inline . . . . . . . . . . . . . . . . . . power-inline allow-legacy . . . . . . . . . . . . . . power-inline description . . . . . . . . . . . . . . . power-inline enable . . . . . . . . . . . . . . . . . . power-inline max . . . . . . . . . . . . . . . . . . . . power-inline priority . . . . . . . . . . . . . . . . . . power-inline usage-threshold . . . . . . . . . . . . service power-inline . . . . . . . . . . . . . . . . . . show debugging power-inline . . . . . . . . . . . show power-inline . . . . . . . . . . . . . . . . . . . show power-inline counters . . . . . . . . . . . . . show power-inline interface . . . . . . . . . . . . . show power-inline interface detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541 . . . . . . . . . . . 541 . . . . . . . . . . . 543 . . . . . . . . . . . 544 . . . . . . . . . . . 546 . . . . . . . . . . . 547 . . . . . . . . . . . 548 . . . . . . . . . . . 549 . . . . . . . . . . . 551 . . . . . . . . . . . 553 . . . . . . . . . . . 554 . . . . . . . . . . . 555 . . . . . . . . . . . 556 . . . . . . . . . . . 558 . . . . . . . . . . . 560 . . . . . . . . . . . 562 Chapter 17: GVRP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504 . 505 . 506 . 508 . 510 . 512 . 513 . 514 . 515 . 516 . 517 10 clear gvrp statistics . . . . . . debug gvrp . . . . . . . . . . . gvrp (interface) . . . . . . . . gvrp dynamic-vlan-creation gvrp enable (global) . . . . . gvrp registration . . . . . . . gvrp timer . . . . . . . . . . . show debugging gvrp . . . . show gvrp configuration . . show gvrp machine . . . . . show gvrp statistics . . . . . show gvrp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566 . 567 . 569 . 570 . 571 . 572 . 573 . 574 . 575 . 576 . 577 . 578 PART 3: Layer Three, Switching and Routing . . . . . . . . . . . . . . . . . . . . . . 579 Chapter 18: IP Addressing and Protocol Commands . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . arp-aging-timeout . . . . . . . . . . . . . . . . . . . arp (IP address MAC) . . . . . . . . . . . . . . . . . . arp log . . . . . . . . . . . . . . . . . . . . . . . . . . . arp-reply-bc-dmac . . . . . . . . . . . . . . . . . . . clear arp-cache . . . . . . . . . . . . . . . . . . . . . debug ip packet interface . . . . . . . . . . . . . . . ip address (IP Addressing and Protocol) . . . . . . ip domain-list . . . . . . . . . . . . . . . . . . . . . . ip domain-lookup . . . . . . . . . . . . . . . . . . . . ip domain-name . . . . . . . . . . . . . . . . . . . . ip gratuitous-arp-link . . . . . . . . . . . . . . . . . ip name-server . . . . . . . . . . . . . . . . . . . . . . ip unreachables . . . . . . . . . . . . . . . . . . . . . ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . show arp . . . . . . . . . . . . . . . . . . . . . . . . . show debugging ip packet . . . . . . . . . . . . . . show hosts . . . . . . . . . . . . . . . . . . . . . . . . show ip domain-list . . . . . . . . . . . . . . . . . . show ip domain-name . . . . . . . . . . . . . . . . . show ip interface . . . . . . . . . . . . . . . . . . . . show ip name-server . . . . . . . . . . . . . . . . . . show ip sockets . . . . . . . . . . . . . . . . . . . . . show ip traffic . . . . . . . . . . . . . . . . . . . . . . tcpdump . . . . . . . . . . . . . . . . . . . . . . . . . traceroute . . . . . . . . . . . . . . . . . . . . . . . . . undebug ip packet interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 580 . . . . . . . . . . . 580 . . . . . . . . . . . 582 . . . . . . . . . . . 583 . . . . . . . . . . . 584 . . . . . . . . . . . 587 . . . . . . . . . . . 588 . . . . . . . . . . . 589 . . . . . . . . . . . 591 . . . . . . . . . . . 593 . . . . . . . . . . . 594 . . . . . . . . . . . 595 . . . . . . . . . . . 596 . . . . . . . . . . . 598 . . . . . . . . . . . 600 . . . . . . . . . . . 602 . . . . . . . . . . . 603 . . . . . . . . . . . 605 . . . . . . . . . . . 607 . . . . . . . . . . . 608 . . . . . . . . . . . 609 . . . . . . . . . . . 610 . . . . . . . . . . . 611 . . . . . . . . . . . 612 . . . . . . . . . . . 615 . . . . . . . . . . . 621 . . . . . . . . . . . 622 . . . . . . . . . . . 623 Chapter 19: IPv6 Commands . . Introduction . . . . . clear ipv6 neighbors ipv6 address . . . . . ipv6 enable . . . . . . ipv6 nd raguard . . . ipv6 neighbor . . . . ipv6 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624 . . . . . . . . . . . 624 . . . . . . . . . . . 625 . . . . . . . . . . . 626 . . . . . . . . . . . 627 . . . . . . . . . . . 628 . . . . . . . . . . . 630 . . . . . . . . . . . 631 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 11 ipv6 unreachables . . . . . ping ipv6 . . . . . . . . . . . show ipv6 interface brief . show ipv6 neighbors . . . . show ipv6 route . . . . . . . show ipv6 route summary traceroute ipv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632 . 633 . 634 . 635 . 636 . 638 . 639 Chapter 20: Static Routing Commands for Management Purposes Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip route database . . . . . . . . . . . . . . . . . . . . . . show ip route summary . . . . . . . . . . . . . . . . . . . . . . PART 4: Multicast Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 646 Chapter 21: Multicast Commands . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . clear ip mroute . . . . . . . . . . . . . . . . . . . . . clear ip mroute statistics . . . . . . . . . . . . . . . clear ipv6 mroute . . . . . . . . . . . . . . . . . . . . clear ipv6 mroute statistics . . . . . . . . . . . . . . debug nsm mcast . . . . . . . . . . . . . . . . . . . . debug nsm mcast6 . . . . . . . . . . . . . . . . . . . ip mroute . . . . . . . . . . . . . . . . . . . . . . . . . ip multicast forward-first-packet . . . . . . . . . . ip multicast route . . . . . . . . . . . . . . . . . . . . ip multicast route-limit . . . . . . . . . . . . . . . . ip multicast wrong-vif-suppression . . . . . . . . ip multicast-routing . . . . . . . . . . . . . . . . . . ipv6 multicast route . . . . . . . . . . . . . . . . . . ipv6 multicast route-limit . . . . . . . . . . . . . . . ipv6 multicast-routing . . . . . . . . . . . . . . . . . multicast . . . . . . . . . . . . . . . . . . . . . . . . . show ip mroute . . . . . . . . . . . . . . . . . . . . . show ip mvif . . . . . . . . . . . . . . . . . . . . . . . show ip rpf . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 mroute . . . . . . . . . . . . . . . . . . . show ipv6 mif . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 647 . . . . . . . . . . . 647 . . . . . . . . . . . 649 . . . . . . . . . . . 650 . . . . . . . . . . . 651 . . . . . . . . . . . 652 . . . . . . . . . . . 653 . . . . . . . . . . . 654 . . . . . . . . . . . 655 . . . . . . . . . . . 657 . . . . . . . . . . . 658 . . . . . . . . . . . 660 . . . . . . . . . . . 661 . . . . . . . . . . . 662 . . . . . . . . . . . 663 . . . . . . . . . . . 665 . . . . . . . . . . . 666 . . . . . . . . . . . 667 . . . . . . . . . . . 668 . . . . . . . . . . . 670 . . . . . . . . . . . 671 . . . . . . . . . . . 672 . . . . . . . . . . . 674 Chapter 22: IGMP Snooping Commands . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . clear ip igmp . . . . . . . . . . . . . . . . . . . . . . . clear ip igmp group . . . . . . . . . . . . . . . . . . clear ip igmp interface . . . . . . . . . . . . . . . . . debug igmp . . . . . . . . . . . . . . . . . . . . . . . ip igmp flood specific-query . . . . . . . . . . . . . ip igmp snooping . . . . . . . . . . . . . . . . . . . . ip igmp snooping fast-leave . . . . . . . . . . . . . ip igmp snooping querier . . . . . . . . . . . . . . . ip igmp snooping report-suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 675 . . . . . . . . . . . 675 . . . . . . . . . . . 677 . . . . . . . . . . . 678 . . . . . . . . . . . 679 . . . . . . . . . . . 680 . . . . . . . . . . . 681 . . . . . . . . . . . 682 . . . . . . . . . . . 683 . . . . . . . . . . . 684 . . . . . . . . . . . 685 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . 640 . . . . . . . . . . . 640 . . . . . . . . . . . 641 . . . . . . . . . . . 642 . . . . . . . . . . . 644 . . . . . . . . . . . 645 12 ip igmp snooping routermode . . . . ip igmp snooping tcn query solicit . . ip igmp static-group . . . . . . . . . . . ip igmp trusted . . . . . . . . . . . . . . ip igmp version . . . . . . . . . . . . . . show debugging igmp . . . . . . . . . show ip igmp groups . . . . . . . . . . show ip igmp interface . . . . . . . . . show ip igmp snooping routermode . show ip igmp snooping statistics . . . undebug igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 23: MLD Snooping Commands . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . clear ipv6 mld . . . . . . . . . . . . . . . . . . . . . . clear ipv6 mld group . . . . . . . . . . . . . . . . . . clear ipv6 mld interface . . . . . . . . . . . . . . . . debug mld . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld access-group . . . . . . . . . . . . . . . . . ipv6 mld limit . . . . . . . . . . . . . . . . . . . . . . ipv6 mld snooping . . . . . . . . . . . . . . . . . . . ipv6 mld snooping fast-leave . . . . . . . . . . . . ipv6 mld snooping mrouter . . . . . . . . . . . . . ipv6 mld snooping querier . . . . . . . . . . . . . . ipv6 mld snooping report-suppression . . . . . . ipv6 mld static-group . . . . . . . . . . . . . . . . . show debugging mld . . . . . . . . . . . . . . . . . show ipv6 mld groups . . . . . . . . . . . . . . . . . show ipv6 mld interface . . . . . . . . . . . . . . . . show ipv6 mld snooping mrouter . . . . . . . . . show ipv6 mld snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 703 . . . . . . . . . . . . 703 . . . . . . . . . . . . 704 . . . . . . . . . . . . 705 . . . . . . . . . . . . 706 . . . . . . . . . . . . 707 . . . . . . . . . . . . 708 . . . . . . . . . . . . 709 . . . . . . . . . . . . 711 . . . . . . . . . . . . 713 . . . . . . . . . . . . 714 . . . . . . . . . . . . 716 . . . . . . . . . . . . 717 . . . . . . . . . . . . 719 . . . . . . . . . . . . 721 . . . . . . . . . . . . 722 . . . . . . . . . . . . 723 . . . . . . . . . . . . 724 . . . . . . . . . . . . 725 PART 5: Access and Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 726 Chapter 24: IPv4 Hardware Access Control List (ACL) Commands Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . access-list (hardware IP numbered) . . . . . . . . . . . . . access-list (hardware MAC numbered) . . . . . . . . . . . access-list hardware (named) . . . . . . . . . . . . . . . . . (access-list hardware ICMP filter) . . . . . . . . . . . . . . . (access-list hardware IP protocol filter) . . . . . . . . . . . (access-list hardware MAC filter) . . . . . . . . . . . . . . . (access-list hardware TCP UDP filter) . . . . . . . . . . . . . commit (IPv4) . . . . . . . . . . . . . . . . . . . . . . . . . . . show access-list (IPv4 Hardware ACLs) . . . . . . . . . . . show interface access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 727 . . . . . . . . . . . . 727 . . . . . . . . . . . . 729 . . . . . . . . . . . . 731 . . . . . . . . . . . . 739 . . . . . . . . . . . . 742 . . . . . . . . . . . . 744 . . . . . . . . . . . . 747 . . . . . . . . . . . . 752 . . . . . . . . . . . . 755 . . . . . . . . . . . . 758 . . . . . . . . . . . . 759 . . . . . . . . . . . . 761 Chapter 25: IPv4 Software Access Control List (ACL) Commands Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . access-list extended (named) . . . . . . . . . . . . . . . . access-list (extended numbered) . . . . . . . . . . . . . . . . . . C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 686 . 688 . 690 . 692 . 693 . 694 . 695 . 697 . 700 . 701 . 702 . . . . . . . . . . 762 . . . . . . . . . . . 762 . . . . . . . . . . . 765 . . . . . . . . . . . 773 13 (access-list extended ICMP filter) . . . . (access-list extended IP filter) . . . . . . (access-list extended IP protocol filter) (access-list extended TCP UDP filter) . . access-list standard (named) . . . . . . . access-list (standard numbered) . . . . (access-list standard named filter) . . . (access-list standard numbered filter) . clear ip prefix-list . . . . . . . . . . . . . . ip prefix-list . . . . . . . . . . . . . . . . . . maximum-access-list . . . . . . . . . . . . show access-list (IPv4 Software ACLs) . show ip access-list . . . . . . . . . . . . . vty access-class (numbered) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 26: IPv6 Hardware Access Control List (ACL) Commands Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . commit (IPv6) . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 access-list (named) . . . . . . . . . . . . . . . . . . . . . (ipv6 access-list named ICMP filter) . . . . . . . . . . . . . . (ipv6 access-list named protocol filter) . . . . . . . . . . . (ipv6 access-list named TCP UDP filter) . . . . . . . . . . . ipv6 traffic-filter . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 access-list (IPv6 Hardware ACLs) . . . . . . . . . . . . . . . . . . . . . . . . . . . 802 . . . . . . . . . . . 802 . . . . . . . . . . . 804 . . . . . . . . . . . 805 . . . . . . . . . . . 807 . . . . . . . . . . . 810 . . . . . . . . . . . 814 . . . . . . . . . . . 817 . . . . . . . . . . . 818 Chapter 27: IPv6 Software Access Control List (ACL) Commands Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 access-list standard (named) . . . . . . . . . . . . . . (ipv6 access-list standard filter) . . . . . . . . . . . . . . . show ipv6 access-list (IPv6 Software ACLs) . . . . . . . . vty ipv6 access-class (named) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 819 . . . . . . . . . . . 819 . . . . . . . . . . . 821 . . . . . . . . . . . 823 . . . . . . . . . . . 825 . . . . . . . . . . . 826 Chapter 28: QoS Commands . . . . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . class . . . . . . . . . . . . . . . . . . . . . . . . . . . . class-map . . . . . . . . . . . . . . . . . . . . . . . . . default-action . . . . . . . . . . . . . . . . . . . . . . description (QoS policy-map) . . . . . . . . . . . . egress-rate-limit . . . . . . . . . . . . . . . . . . . . . match access-group . . . . . . . . . . . . . . . . . . match cos . . . . . . . . . . . . . . . . . . . . . . . . . match dscp . . . . . . . . . . . . . . . . . . . . . . . . match eth-format protocol . . . . . . . . . . . . . . match mac-type . . . . . . . . . . . . . . . . . . . . . match tcp-flags . . . . . . . . . . . . . . . . . . . . . match vlan . . . . . . . . . . . . . . . . . . . . . . . . mls qos cos . . . . . . . . . . . . . . . . . . . . . . . . mls qos enable . . . . . . . . . . . . . . . . . . . . . . mls qos map cos-queue to . . . . . . . . . . . . . . mls qos map premark-dscp to . . . . . . . . . . . . no police . . . . . . . . . . . . . . . . . . . . . . . . . police single-rate action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 827 . . . . . . . . . . . 827 . . . . . . . . . . . 829 . . . . . . . . . . . 830 . . . . . . . . . . . 831 . . . . . . . . . . . 832 . . . . . . . . . . . 833 . . . . . . . . . . . 834 . . . . . . . . . . . 836 . . . . . . . . . . . 837 . . . . . . . . . . . 838 . . . . . . . . . . . 841 . . . . . . . . . . . 842 . . . . . . . . . . . 843 . . . . . . . . . . . 844 . . . . . . . . . . . 845 . . . . . . . . . . . 846 . . . . . . . . . . . 847 . . . . . . . . . . . 848 . . . . . . . . . . . 849 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 775 . 777 . 780 . 784 . 786 . 788 . 790 . 792 . 794 . 795 . 797 . 798 . 800 . 801 14 policy-map . . . . . . . . . . . . . . . . . . . . . . . . . priority-queue . . . . . . . . . . . . . . . . . . . . . . . remark new-cos . . . . . . . . . . . . . . . . . . . . . . service-policy input . . . . . . . . . . . . . . . . . . . show class-map . . . . . . . . . . . . . . . . . . . . . . show mls qos . . . . . . . . . . . . . . . . . . . . . . . show mls qos interface . . . . . . . . . . . . . . . . . show mls qos maps cos-queue . . . . . . . . . . . . show mls qos maps premark-dscp . . . . . . . . . . show platform classifier statistics utilization brief . show policy-map . . . . . . . . . . . . . . . . . . . . . trust dscp . . . . . . . . . . . . . . . . . . . . . . . . . . wrr-queue weight queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 29: 802.1X Commands . . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . debug dot1x . . . . . . . . . . . . . . . . . . . . . . . dot1x control-direction . . . . . . . . . . . . . . . . dot1x eap . . . . . . . . . . . . . . . . . . . . . . . . . dot1x eapol-version . . . . . . . . . . . . . . . . . . dot1x initialize interface . . . . . . . . . . . . . . . . dot1x initialize supplicant . . . . . . . . . . . . . . dot1x keytransmit . . . . . . . . . . . . . . . . . . . dot1x max-auth-fail . . . . . . . . . . . . . . . . . . dot1x max-reauth-req . . . . . . . . . . . . . . . . . dot1x port-control . . . . . . . . . . . . . . . . . . . dot1x timeout tx-period . . . . . . . . . . . . . . . . show debugging dot1x . . . . . . . . . . . . . . . . show dot1x . . . . . . . . . . . . . . . . . . . . . . . . show dot1x diagnostics . . . . . . . . . . . . . . . . show dot1x interface . . . . . . . . . . . . . . . . . . show dot1x sessionstatistics . . . . . . . . . . . . . show dot1x statistics interface . . . . . . . . . . . . show dot1x supplicant . . . . . . . . . . . . . . . . show dot1x supplicant interface . . . . . . . . . . undebug dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865 . . . . . . . . . . . 865 . . . . . . . . . . . 866 . . . . . . . . . . . 867 . . . . . . . . . . . 869 . . . . . . . . . . . 870 . . . . . . . . . . . 872 . . . . . . . . . . . 873 . . . . . . . . . . . 874 . . . . . . . . . . . 875 . . . . . . . . . . . 877 . . . . . . . . . . . 879 . . . . . . . . . . . 881 . . . . . . . . . . . 883 . . . . . . . . . . . 884 . . . . . . . . . . . 887 . . . . . . . . . . . 889 . . . . . . . . . . . 894 . . . . . . . . . . . 895 . . . . . . . . . . . 896 . . . . . . . . . . . 898 . . . . . . . . . . . 901 Chapter 30: Authentication Commands . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . auth auth-fail vlan . . . . . . . . . . . . . . . . . . . auth critical . . . . . . . . . . . . . . . . . . . . . . . . auth dynamic-vlan-creation . . . . . . . . . . . . . auth guest-vlan . . . . . . . . . . . . . . . . . . . . . auth guest-vlan forward . . . . . . . . . . . . . . . . auth host-mode . . . . . . . . . . . . . . . . . . . . . auth log . . . . . . . . . . . . . . . . . . . . . . . . . . auth max-supplicant . . . . . . . . . . . . . . . . . . auth profile (Global Configuration) . . . . . . . . . auth profile (Interface Configuration) . . . . . . . auth reauthentication . . . . . . . . . . . . . . . . . auth roaming disconnected . . . . . . . . . . . . . auth roaming enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 902 . . . . . . . . . . . 902 . . . . . . . . . . . 905 . . . . . . . . . . . 907 . . . . . . . . . . . 908 . . . . . . . . . . . 911 . . . . . . . . . . . 914 . . . . . . . . . . . 916 . . . . . . . . . . . 918 . . . . . . . . . . . 920 . . . . . . . . . . . 922 . . . . . . . . . . . 923 . . . . . . . . . . . 924 . . . . . . . . . . . 925 . . . . . . . . . . . 927 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 850 . 851 . 852 . 853 . 854 . 855 . 856 . 858 . 859 . 860 . 861 . 862 . 863 15 auth supplicant-ip . . . . . . . . . . . . . . . . . . . auth supplicant-mac . . . . . . . . . . . . . . . . . . auth timeout connect-timeout . . . . . . . . . . . auth timeout quiet-period . . . . . . . . . . . . . . auth timeout reauth-period . . . . . . . . . . . . . auth timeout server-timeout . . . . . . . . . . . . . auth timeout supp-timeout . . . . . . . . . . . . . auth two-step enable . . . . . . . . . . . . . . . . . auth-mac enable . . . . . . . . . . . . . . . . . . . . auth-mac method . . . . . . . . . . . . . . . . . . . auth-mac password . . . . . . . . . . . . . . . . . . auth-mac reauth-relearning . . . . . . . . . . . . . auth-mac username . . . . . . . . . . . . . . . . . . auth-web enable . . . . . . . . . . . . . . . . . . . . auth-web forward . . . . . . . . . . . . . . . . . . . auth-web max-auth-fail . . . . . . . . . . . . . . . . auth-web method . . . . . . . . . . . . . . . . . . . auth-web-server blocking-mode . . . . . . . . . . auth-web-server dhcp ipaddress . . . . . . . . . . auth-web-server dhcp lease . . . . . . . . . . . . . auth-web-server dhcp-wpad-option . . . . . . . . auth-web-server gateway (deleted) . . . . . . . . auth-web-server host-name . . . . . . . . . . . . . auth-web-server http-redirect (deleted) . . . . . auth-web-server intercept-port . . . . . . . . . . . auth-web-server ipaddress . . . . . . . . . . . . . . auth-web-server page language . . . . . . . . . . auth-web-server login-url . . . . . . . . . . . . . . . auth-web-server mode (deleted) . . . . . . . . . . auth-web-server page logo . . . . . . . . . . . . . auth-web-server page sub-title . . . . . . . . . . . auth-web-server page success-message . . . . . auth-web-server page title . . . . . . . . . . . . . . auth-web-server page welcome-message . . . . auth-web-server ping-poll enable . . . . . . . . . auth-web-server ping-poll failcount . . . . . . . . auth-web-server ping-poll interval . . . . . . . . . auth-web-server ping-poll reauth-timer-refresh auth-web-server ping-poll timeout . . . . . . . . . auth-web-server port . . . . . . . . . . . . . . . . . auth-web-server redirect-delay-time . . . . . . . auth-web-server redirect-url . . . . . . . . . . . . . auth-web-server session-keep . . . . . . . . . . . . auth-web-server ssl . . . . . . . . . . . . . . . . . . . auth-web-server sslport (deleted) . . . . . . . . . auth-web-server ssl intercept-port . . . . . . . . . copy proxy-autoconfig-file . . . . . . . . . . . . . . copy web-auth-https-file . . . . . . . . . . . . . . . description (Authentication Profile) . . . . . . . . erase proxy-autoconfig-file . . . . . . . . . . . . . . erase web-auth-https-file . . . . . . . . . . . . . . . show auth . . . . . . . . . . . . . . . . . . . . . . . . show auth diagnostics . . . . . . . . . . . . . . . . . C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 929 . 932 . 935 . 937 . 938 . 940 . 942 . 944 . 947 . 949 . 951 . 952 . 953 . 954 . 956 . 959 . 961 . 962 . 963 . 964 . 965 . 966 . 967 . 968 . 969 . 970 . 971 . 972 . 973 . 974 . 975 . 976 . 977 . 978 . 979 . 980 . 981 . 982 . 983 . 984 . 985 . 986 . 987 . 988 . 989 . 990 . 991 . 992 . 993 . 994 . 995 . 996 . 998 16 show auth interface . . . . . . . . . . . show auth sessionstatistics . . . . . . . show auth statistics interface . . . . . show auth supplicant . . . . . . . . . . show auth supplicant interface . . . . show auth two-step supplicant brief . show auth-web-server . . . . . . . . . . show auth-web-server page . . . . . . show proxy-autoconfig-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 31: AAA Commands . . . . . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . . aaa accounting auth-mac . . . . . . . . . . . . . . . . aaa accounting auth-web . . . . . . . . . . . . . . . . aaa accounting commands . . . . . . . . . . . . . . . aaa accounting dot1x . . . . . . . . . . . . . . . . . . aaa accounting login . . . . . . . . . . . . . . . . . . . aaa accounting update . . . . . . . . . . . . . . . . . aaa authentication auth-mac . . . . . . . . . . . . . aaa authentication auth-web . . . . . . . . . . . . . aaa authentication dot1x . . . . . . . . . . . . . . . . aaa authentication enable default group tacacs+ aaa authentication enable default local . . . . . . . aaa authentication login . . . . . . . . . . . . . . . . aaa group server . . . . . . . . . . . . . . . . . . . . . aaa local authentication attempts lockout-time . . aaa local authentication attempts max-fail . . . . . aaa login fail-delay . . . . . . . . . . . . . . . . . . . . accounting login . . . . . . . . . . . . . . . . . . . . . clear aaa local user lockout . . . . . . . . . . . . . . . debug aaa . . . . . . . . . . . . . . . . . . . . . . . . . login authentication . . . . . . . . . . . . . . . . . . . show aaa local user locked . . . . . . . . . . . . . . . show debugging aaa . . . . . . . . . . . . . . . . . . . undebug aaa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1013 . . . . . . . . . . 1013 . . . . . . . . . . 1015 . . . . . . . . . . 1017 . . . . . . . . . . 1019 . . . . . . . . . . 1021 . . . . . . . . . . 1023 . . . . . . . . . . 1026 . . . . . . . . . . 1028 . . . . . . . . . . 1030 . . . . . . . . . . 1031 . . . . . . . . . . 1032 . . . . . . . . . . 1034 . . . . . . . . . . 1035 . . . . . . . . . . 1037 . . . . . . . . . . 1039 . . . . . . . . . . 1040 . . . . . . . . . . 1041 . . . . . . . . . . 1042 . . . . . . . . . . 1043 . . . . . . . . . . 1044 . . . . . . . . . . 1045 . . . . . . . . . . 1046 . . . . . . . . . . 1047 . . . . . . . . . . 1048 Chapter 32: RADIUS Commands . . . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . . auth radius send nas-identifier . . . . . . . . . . . . auth radius send service-type . . . . . . . . . . . . . deadtime (RADIUS server group) . . . . . . . . . . . debug radius . . . . . . . . . . . . . . . . . . . . . . . . ip radius source-interface . . . . . . . . . . . . . . . . radius-server deadtime . . . . . . . . . . . . . . . . . radius-server host . . . . . . . . . . . . . . . . . . . . . radius-server key . . . . . . . . . . . . . . . . . . . . . radius-server retransmit . . . . . . . . . . . . . . . . . radius-server timeout . . . . . . . . . . . . . . . . . . server (Server Group) . . . . . . . . . . . . . . . . . . show debugging radius . . . . . . . . . . . . . . . . . show radius . . . . . . . . . . . . . . . . . . . . . . . . show radius statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1049 . . . . . . . . . . 1049 . . . . . . . . . . 1050 . . . . . . . . . . 1051 . . . . . . . . . . 1052 . . . . . . . . . . 1053 . . . . . . . . . . 1054 . . . . . . . . . . 1055 . . . . . . . . . . 1056 . . . . . . . . . . 1059 . . . . . . . . . . 1060 . . . . . . . . . . 1062 . . . . . . . . . . 1064 . . . . . . . . . . 1066 . . . . . . . . . . 1067 . . . . . . . . . . 1070 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1000 . 1003 . 1004 . 1005 . 1008 . 1009 . 1010 . 1011 . 1012 17 undebug radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1071 Chapter 33: TACACS+ Commands Introduction . . . . . . . show tacacs+ . . . . . . tacacs-server host . . . . tacacs-server key . . . . tacacs-server timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1072 . . . . . . . . . . 1072 . . . . . . . . . . 1073 . . . . . . . . . . 1074 . . . . . . . . . . 1076 . . . . . . . . . . 1077 Chapter 34: DHCP Snooping Commands . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . arp security . . . . . . . . . . . . . . . . . . . . . . . . . . . arp security violation . . . . . . . . . . . . . . . . . . . . . clear arp security statistics . . . . . . . . . . . . . . . . . clear ip dhcp snooping binding . . . . . . . . . . . . . . clear ip dhcp snooping statistics . . . . . . . . . . . . . debug arp security . . . . . . . . . . . . . . . . . . . . . . debug ip dhcp snooping . . . . . . . . . . . . . . . . . . ip dhcp snooping . . . . . . . . . . . . . . . . . . . . . . . ip dhcp snooping agent-option . . . . . . . . . . . . . . ip dhcp snooping agent-option allow-untrusted . . . ip dhcp snooping agent-option circuit-id vlantriplet ip dhcp snooping agent-option remote-id . . . . . . . ip dhcp snooping binding . . . . . . . . . . . . . . . . . ip dhcp snooping database . . . . . . . . . . . . . . . . ip dhcp snooping delete-by-client . . . . . . . . . . . . ip dhcp snooping delete-by-linkdown . . . . . . . . . ip dhcp snooping max-bindings . . . . . . . . . . . . . ip dhcp snooping subscriber-id . . . . . . . . . . . . . . ip dhcp snooping trust . . . . . . . . . . . . . . . . . . . ip dhcp snooping verify mac-address . . . . . . . . . . ip dhcp snooping violation . . . . . . . . . . . . . . . . . ip source binding . . . . . . . . . . . . . . . . . . . . . . . service dhcp-snooping . . . . . . . . . . . . . . . . . . . show arp security . . . . . . . . . . . . . . . . . . . . . . . show arp security interface . . . . . . . . . . . . . . . . . show arp security statistics . . . . . . . . . . . . . . . . . show debugging arp security . . . . . . . . . . . . . . . show debugging ip dhcp snooping . . . . . . . . . . . show ip dhcp snooping . . . . . . . . . . . . . . . . . . . show ip dhcp snooping acl . . . . . . . . . . . . . . . . . show ip dhcp snooping agent-option . . . . . . . . . . show ip dhcp snooping binding . . . . . . . . . . . . . show ip dhcp snooping interface . . . . . . . . . . . . . show ip dhcp snooping statistics . . . . . . . . . . . . . show ip source binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1078 . . . . . . . . . . 1078 . . . . . . . . . . 1080 . . . . . . . . . . 1081 . . . . . . . . . . 1083 . . . . . . . . . . 1084 . . . . . . . . . . 1085 . . . . . . . . . . 1086 . . . . . . . . . . 1087 . . . . . . . . . . 1088 . . . . . . . . . . 1089 . . . . . . . . . . 1090 . . . . . . . . . . 1091 . . . . . . . . . . 1092 . . . . . . . . . . 1093 . . . . . . . . . . 1094 . . . . . . . . . . 1095 . . . . . . . . . . 1096 . . . . . . . . . . 1097 . . . . . . . . . . 1098 . . . . . . . . . . 1099 . . . . . . . . . . 1100 . . . . . . . . . . 1101 . . . . . . . . . . 1102 . . . . . . . . . . 1104 . . . . . . . . . . 1106 . . . . . . . . . . 1107 . . . . . . . . . . 1109 . . . . . . . . . . 1111 . . . . . . . . . . 1112 . . . . . . . . . . 1113 . . . . . . . . . . 1114 . . . . . . . . . . 1117 . . . . . . . . . . 1119 . . . . . . . . . . 1121 . . . . . . . . . . 1123 . . . . . . . . . . 1126 Chapter 35: OpenFlow Commands Introduction . . . . . . . openflow . . . . . . . . . openflow controller . . openflow native vlan . . . . . . . . . . . . . . . . . . . . . . . . . . 1127 . . . . . . . . . . 1127 . . . . . . . . . . 1129 . . . . . . . . . . 1130 . . . . . . . . . . 1131 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 openflow version . . . . . show openflow config . . show openflow coverage show openflow flows . . show openflow rules . . . show openflow status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1132 . 1133 . 1135 . 1137 . 1138 . 1140 PART 6: Network Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1143 Chapter 36: Ethernet Protection Switched Ring (EPSRing™) Commands . . . . . . 1144 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1144 debug epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1146 epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1147 epsr configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1148 epsr datavlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1149 epsr enhancedrecovery enable . . . . . . . . . . . . . . . . . . . . . . . . . . . 1150 epsr mode master controlvlan primary port . . . . . . . . . . . . . . . . . . . 1151 epsr mode transit controlvlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1152 epsr priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1153 epsr state . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1154 epsr trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1155 show debugging epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1156 show epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1157 show epsr common segments . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1162 show epsr config-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1163 show epsr <epsr-instance> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1164 show epsr <epsr-instance> counters . . . . . . . . . . . . . . . . . . . . . . . 1165 show epsr counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1166 show epsr summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1167 undebug epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1168 Chapter 37: RRP Snooping Commands Introduction . . . . . . . . . . ip rrp snooping . . . . . . . . show ip rrp snooping . . . . PART 7: Network Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1172 Chapter 38: Allied Telesis Management Framework™ (AMF) Commands . . . . . . 1173 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1173 atmf area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1177 atmf area password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1179 atmf backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1181 atmf backup area-masters delete . . . . . . . . . . . . . . . . . . . . . . . . . . 1182 atmf backup area-masters enable . . . . . . . . . . . . . . . . . . . . . . . . . 1183 atmf backup area-masters now . . . . . . . . . . . . . . . . . . . . . . . . . . . 1184 atmf backup area-masters synchronize . . . . . . . . . . . . . . . . . . . . . . 1185 atmf backup bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1186 atmf backup delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1187 atmf backup enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1188 atmf backup guests delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1189 atmf backup guests enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1190 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1169 . . . . . . . . . . 1169 . . . . . . . . . . 1170 . . . . . . . . . . 1171 19 atmf backup guests now . . . . . . . . . . . . atmf backup guests synchronize . . . . . . . atmf backup now . . . . . . . . . . . . . . . . . atmf backup redundancy enable . . . . . . . atmf backup server . . . . . . . . . . . . . . . . atmf backup stop . . . . . . . . . . . . . . . . . atmf backup synchronize . . . . . . . . . . . . atmf cleanup . . . . . . . . . . . . . . . . . . . . atmf controller . . . . . . . . . . . . . . . . . . . atmf distribute firmware . . . . . . . . . . . . atmf domain vlan . . . . . . . . . . . . . . . . . atmf enable . . . . . . . . . . . . . . . . . . . . atmf group (membership) . . . . . . . . . . . atmf guest-class . . . . . . . . . . . . . . . . . . atmf log-verbose . . . . . . . . . . . . . . . . . atmf management subnet . . . . . . . . . . . atmf management vlan . . . . . . . . . . . . . atmf master . . . . . . . . . . . . . . . . . . . . atmf mtu . . . . . . . . . . . . . . . . . . . . . . atmf network-name . . . . . . . . . . . . . . . atmf node-recovery disable-forwarding . . atmf provision . . . . . . . . . . . . . . . . . . . atmf provision node clone . . . . . . . . . . . atmf provision node configure boot config atmf provision node configure boot system atmf provision node create . . . . . . . . . . . atmf provision node delete . . . . . . . . . . . atmf provision node license-cert . . . . . . . atmf provision node locate . . . . . . . . . . . atmf reboot-rolling . . . . . . . . . . . . . . . . atmf recover . . . . . . . . . . . . . . . . . . . . atmf recover guest . . . . . . . . . . . . . . . . atmf recover led-off . . . . . . . . . . . . . . . atmf remote-login . . . . . . . . . . . . . . . . atmf restricted-login . . . . . . . . . . . . . . . atmf select-area . . . . . . . . . . . . . . . . . . atmf virtual-link . . . . . . . . . . . . . . . . . . atmf working-set . . . . . . . . . . . . . . . . . clear atmf links statistics . . . . . . . . . . . . debug atmf . . . . . . . . . . . . . . . . . . . . . debug atmf packet . . . . . . . . . . . . . . . . discovery . . . . . . . . . . . . . . . . . . . . . . erase factory-default . . . . . . . . . . . . . . . http-enable . . . . . . . . . . . . . . . . . . . . . modeltype . . . . . . . . . . . . . . . . . . . . . show atmf . . . . . . . . . . . . . . . . . . . . . show atmf area . . . . . . . . . . . . . . . . . . show atmf area guests . . . . . . . . . . . . . . show atmf area guests-detail . . . . . . . . . show atmf area nodes . . . . . . . . . . . . . . show atmf area nodes-detail . . . . . . . . . . show atmf area summary . . . . . . . . . . . . show atmf backup . . . . . . . . . . . . . . . . C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1191 . 1192 . 1193 . 1195 . 1196 . 1198 . 1199 . 1200 . 1201 . 1202 . 1204 . 1206 . 1207 . 1209 . 1211 . 1212 . 1214 . 1215 . 1216 . 1217 . 1218 . 1219 . 1220 . 1222 . 1223 . 1224 . 1226 . 1228 . 1230 . 1231 . 1235 . 1237 . 1238 . 1239 . 1240 . 1241 . 1242 . 1244 . 1246 . 1247 . 1249 . 1252 . 1254 . 1255 . 1257 . 1258 . 1262 . 1265 . 1267 . 1269 . 1271 . 1273 . 1274 20 show atmf backup area . . . . . . . . . show atmf backup guest . . . . . . . . show atmf detail . . . . . . . . . . . . . show atmf group . . . . . . . . . . . . . show atmf group members . . . . . . show atmf guest . . . . . . . . . . . . . show atmf links . . . . . . . . . . . . . . show atmf links detail . . . . . . . . . . show atmf links guest . . . . . . . . . . show atmf links statistics . . . . . . . . show atmf memory (deprecated) . . . show atmf nodes . . . . . . . . . . . . . show atmf provision nodes . . . . . . . show atmf tech . . . . . . . . . . . . . . show atmf virtual-links . . . . . . . . . show atmf working-set . . . . . . . . . show debugging atmf . . . . . . . . . . show debugging atmf packet . . . . . show running-config atmf . . . . . . . switchport atmf-arealink remote-area switchport atmf-crosslink . . . . . . . . switchport atmf-guestlink . . . . . . . switchport atmf-link . . . . . . . . . . . type atmf node . . . . . . . . . . . . . . undebug atmf . . . . . . . . . . . . . . . username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1278 . 1280 . 1282 . 1284 . 1286 . 1288 . 1290 . 1292 . 1301 . 1304 . 1307 . 1308 . 1310 . 1311 . 1314 . 1316 . 1317 . 1318 . 1319 . 1320 . 1322 . 1324 . 1326 . 1327 . 1330 . 1331 Chapter 39: Dynamic Host Configuration Protocol (DHCP) Commands . . . . . . . 1333 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1333 ip address dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1334 show counter dhcp-client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1336 show dhcp lease . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1337 Chapter 40: DHCP for IPv6 (DHCPv6) Commands . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . clear counter ipv6 dhcp-client . . . . . . . . . . . . clear ipv6 dhcp client . . . . . . . . . . . . . . . . . ipv6 address dhcp . . . . . . . . . . . . . . . . . . . show counter ipv6 dhcp-client . . . . . . . . . . . show ipv6 dhcp . . . . . . . . . . . . . . . . . . . . . show ipv6 dhcp interface . . . . . . . . . . . . . . . Chapter 41: NTP Commands . . . . Introduction . . . . . . . ntp access-group . . . . ntp authenticate . . . . ntp authentication-key ntp broadcastdelay . . . ntp master . . . . . . . . ntp peer . . . . . . . . . . ntp server . . . . . . . . . ntp source . . . . . . . . C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1339 . . . . . . . . . . 1339 . . . . . . . . . . 1340 . . . . . . . . . . 1341 . . . . . . . . . . 1342 . . . . . . . . . . 1343 . . . . . . . . . . 1345 . . . . . . . . . . 1346 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1347 . . . . . . . . . . 1347 . . . . . . . . . . 1348 . . . . . . . . . . 1349 . . . . . . . . . . 1350 . . . . . . . . . . 1351 . . . . . . . . . . 1352 . . . . . . . . . . 1353 . . . . . . . . . . 1355 . . . . . . . . . . 1357 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 21 ntp trusted-key . . . . show counter ntp . . . show ntp associations show ntp status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 42: SNMP Commands . . . . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . . debug snmp . . . . . . . . . . . . . . . . . . . . . . . . show counter snmp-server . . . . . . . . . . . . . . . show debugging snmp . . . . . . . . . . . . . . . . . show running-config snmp . . . . . . . . . . . . . . . show snmp-server . . . . . . . . . . . . . . . . . . . . show snmp-server community . . . . . . . . . . . . show snmp-server group . . . . . . . . . . . . . . . . show snmp-server user . . . . . . . . . . . . . . . . . show snmp-server view . . . . . . . . . . . . . . . . . snmp trap link-status . . . . . . . . . . . . . . . . . . snmp trap link-status suppress . . . . . . . . . . . . snmp-server . . . . . . . . . . . . . . . . . . . . . . . . snmp-server community . . . . . . . . . . . . . . . . snmp-server contact . . . . . . . . . . . . . . . . . . . snmp-server enable trap . . . . . . . . . . . . . . . . snmp-server engineID local . . . . . . . . . . . . . . snmp-server engineID local reset . . . . . . . . . . . snmp-server group . . . . . . . . . . . . . . . . . . . . snmp-server host . . . . . . . . . . . . . . . . . . . . . snmp-server legacy-ifadminstatus . . . . . . . . . . snmp-server location . . . . . . . . . . . . . . . . . . snmp-server source-interface . . . . . . . . . . . . . snmp-server startup-trap-delay . . . . . . . . . . . . snmp-server user . . . . . . . . . . . . . . . . . . . . . snmp-server view . . . . . . . . . . . . . . . . . . . . . undebug snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1365 . . . . . . . . . . 1365 . . . . . . . . . . 1367 . . . . . . . . . . 1368 . . . . . . . . . . 1372 . . . . . . . . . . 1373 . . . . . . . . . . 1374 . . . . . . . . . . 1375 . . . . . . . . . . 1376 . . . . . . . . . . 1377 . . . . . . . . . . 1378 . . . . . . . . . . 1379 . . . . . . . . . . 1381 . . . . . . . . . . 1383 . . . . . . . . . . 1385 . . . . . . . . . . 1386 . . . . . . . . . . 1387 . . . . . . . . . . 1389 . . . . . . . . . . 1391 . . . . . . . . . . 1392 . . . . . . . . . . 1394 . . . . . . . . . . 1396 . . . . . . . . . . 1397 . . . . . . . . . . 1398 . . . . . . . . . . 1399 . . . . . . . . . . 1400 . . . . . . . . . . 1403 . . . . . . . . . . 1404 Chapter 43: LLDP Commands . . . . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . . clear lldp statistics . . . . . . . . . . . . . . . . . . . . clear lldp table . . . . . . . . . . . . . . . . . . . . . . . debug lldp . . . . . . . . . . . . . . . . . . . . . . . . . lldp faststart-count . . . . . . . . . . . . . . . . . . . . lldp holdtime-multiplier . . . . . . . . . . . . . . . . . lldp management-address . . . . . . . . . . . . . . . lldp med-notifications . . . . . . . . . . . . . . . . . . lldp med-tlv-select . . . . . . . . . . . . . . . . . . . . lldp non-strict-med-tlv-order-check . . . . . . . . . lldp notification-interval . . . . . . . . . . . . . . . . lldp notifications . . . . . . . . . . . . . . . . . . . . . lldp port-number-type . . . . . . . . . . . . . . . . . lldp reinit . . . . . . . . . . . . . . . . . . . . . . . . . . lldp run . . . . . . . . . . . . . . . . . . . . . . . . . . . lldp timer . . . . . . . . . . . . . . . . . . . . . . . . . . lldp tlv-select . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1405 . . . . . . . . . . 1405 . . . . . . . . . . 1407 . . . . . . . . . . 1408 . . . . . . . . . . 1409 . . . . . . . . . . 1411 . . . . . . . . . . 1412 . . . . . . . . . . 1413 . . . . . . . . . . 1414 . . . . . . . . . . 1415 . . . . . . . . . . 1417 . . . . . . . . . . 1418 . . . . . . . . . . 1419 . . . . . . . . . . 1420 . . . . . . . . . . 1421 . . . . . . . . . . 1422 . . . . . . . . . . 1423 . . . . . . . . . . 1424 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1359 . 1360 . 1362 . 1364 22 lldp transmit receive . . . . . . . . . . . lldp tx-delay . . . . . . . . . . . . . . . . location civic-location configuration . location civic-location identifier . . . . location civic-location-id . . . . . . . . location coord-location configuration location coord-location identifier . . . location coord-location-id . . . . . . . location elin-location . . . . . . . . . . location elin-location-id . . . . . . . . . show debugging lldp . . . . . . . . . . show lldp . . . . . . . . . . . . . . . . . . show lldp interface . . . . . . . . . . . . show lldp local-info . . . . . . . . . . . show lldp neighbors . . . . . . . . . . . show lldp neighbors detail . . . . . . . show lldp statistics . . . . . . . . . . . . show lldp statistics interface . . . . . . show location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1426 . 1427 . 1428 . 1432 . 1433 . 1434 . 1436 . 1437 . 1438 . 1439 . 1440 . 1442 . 1444 . 1446 . 1451 . 1453 . 1457 . 1459 . 1461 Chapter 44: SMTP Commands Introduction . . . . debug mail . . . . . delete mail . . . . . mail . . . . . . . . . . mail from . . . . . . mail smtpserver . . show counter mail show mail . . . . . . undebug mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1463 . . . . . . . . . . 1463 . . . . . . . . . . 1464 . . . . . . . . . . 1465 . . . . . . . . . . 1466 . . . . . . . . . . 1467 . . . . . . . . . . 1468 . . . . . . . . . . 1469 . . . . . . . . . . 1470 . . . . . . . . . . 1471 Chapter 45: RMON Commands . . Introduction . . . . . . . rmon alarm . . . . . . . . rmon collection history rmon collection stats . . rmon event . . . . . . . . show rmon alarm . . . . show rmon event . . . . show rmon history . . . show rmon statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1472 . . . . . . . . . . 1472 . . . . . . . . . . 1473 . . . . . . . . . . 1475 . . . . . . . . . . 1476 . . . . . . . . . . 1477 . . . . . . . . . . 1478 . . . . . . . . . . 1479 . . . . . . . . . . 1481 . . . . . . . . . . 1483 Chapter 46: Secure Shell (SSH) Commands . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . banner login (SSH) . . . . . . . . . . . . . . . . . . . clear ssh . . . . . . . . . . . . . . . . . . . . . . . . . . crypto key destroy hostkey . . . . . . . . . . . . . . crypto key destroy userkey . . . . . . . . . . . . . . crypto key generate hostkey . . . . . . . . . . . . . crypto key generate userkey . . . . . . . . . . . . . crypto key pubkey-chain knownhosts . . . . . . . crypto key pubkey-chain userkey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1485 . . . . . . . . . . 1485 . . . . . . . . . . 1487 . . . . . . . . . . 1488 . . . . . . . . . . 1489 . . . . . . . . . . 1490 . . . . . . . . . . 1491 . . . . . . . . . . 1492 . . . . . . . . . . 1493 . . . . . . . . . . 1495 C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . 23 debug ssh client . . . . . . . . . . . . . . . . . . debug ssh server . . . . . . . . . . . . . . . . . service ssh . . . . . . . . . . . . . . . . . . . . . show banner login . . . . . . . . . . . . . . . . show crypto key hostkey . . . . . . . . . . . . show crypto key pubkey-chain knownhosts show crypto key pubkey-chain userkey . . . show crypto key userkey . . . . . . . . . . . . show running-config ssh . . . . . . . . . . . . show ssh . . . . . . . . . . . . . . . . . . . . . . show ssh client . . . . . . . . . . . . . . . . . . show ssh server . . . . . . . . . . . . . . . . . . show ssh server allow-users . . . . . . . . . . show ssh server deny-users . . . . . . . . . . ssh . . . . . . . . . . . . . . . . . . . . . . . . . . ssh client . . . . . . . . . . . . . . . . . . . . . . ssh server . . . . . . . . . . . . . . . . . . . . . . ssh server allow-users . . . . . . . . . . . . . . ssh server authentication . . . . . . . . . . . . ssh server deny-users . . . . . . . . . . . . . . ssh server max-auth-tries . . . . . . . . . . . . ssh server resolve-host . . . . . . . . . . . . . ssh server scp . . . . . . . . . . . . . . . . . . . ssh server sftp . . . . . . . . . . . . . . . . . . . undebug ssh client . . . . . . . . . . . . . . . . undebug ssh server . . . . . . . . . . . . . . . Chapter 47: C613-50081-01 REV A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Trigger Commands . . . . . . . . . . . . . . . . . Introduction . . . . . . . . . . . . . . . . . . . . . . . active (trigger) . . . . . . . . . . . . . . . . . . . . . . day . . . . . . . . . . . . . . . . . . . . . . . . . . . . . debug trigger . . . . . . . . . . . . . . . . . . . . . . description (trigger) . . . . . . . . . . . . . . . . . . repeat . . . . . . . . . . . . . . . . . . . . . . . . . . . script . . . . . . . . . . . . . . . . . . . . . . . . . . . . show debugging trigger . . . . . . . . . . . . . . . show running-config trigger . . . . . . . . . . . . . show trigger . . . . . . . . . . . . . . . . . . . . . . . test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . time (trigger) . . . . . . . . . . . . . . . . . . . . . . . trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . trigger activate . . . . . . . . . . . . . . . . . . . . . type atmf node . . . . . . . . . . . . . . . . . . . . . type cpu . . . . . . . . . . . . . . . . . . . . . . . . . . type interface . . . . . . . . . . . . . . . . . . . . . . type memory . . . . . . . . . . . . . . . . . . . . . . . type periodic . . . . . . . . . . . . . . . . . . . . . . . type ping-poll . . . . . . . . . . . . . . . . . . . . . . type reboot . . . . . . . . . . . . . . . . . . . . . . . . type time . . . . . . . . . . . . . . . . . . . . . . . . . type usb . . . . . . . . . . . . . . . . . . . . . . . . . . undebug trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1533 . . . . . . . . . . 1533 . . . . . . . . . . 1535 . . . . . . . . . . 1536 . . . . . . . . . . 1538 . . . . . . . . . . 1539 . . . . . . . . . . 1540 . . . . . . . . . . 1541 . . . . . . . . . . 1543 . . . . . . . . . . 1544 . . . . . . . . . . 1545 . . . . . . . . . . 1550 . . . . . . . . . . 1551 . . . . . . . . . . 1553 . . . . . . . . . . 1554 . . . . . . . . . . 1555 . . . . . . . . . . 1556 . . . . . . . . . . 1559 . . . . . . . . . . 1560 . . . . . . . . . . 1561 . . . . . . . . . . 1562 . . . . . . . . . . 1563 . . . . . . . . . . 1564 . . . . . . . . . . 1565 . . . . . . . . . . 1566 . . . . . . . . . . 1567 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1497 . 1498 . 1499 . 1501 . 1502 . 1503 . 1504 . 1505 . 1506 . 1508 . 1510 . 1511 . 1513 . 1514 . 1515 . 1517 . 1519 . 1521 . 1523 . 1525 . 1527 . 1528 . 1529 . 1530 . 1531 . 1532 24 Chapter 48: C613-50081-01 REV A Ping-Polling Commands Introduction . . . . . . . . . active (ping-polling) . . . . clear ping-poll . . . . . . . . critical-interval . . . . . . . . debug ping-poll . . . . . . . description (ping-polling) . fail-count . . . . . . . . . . . ip (ping-polling) . . . . . . . length (ping-poll data) . . . normal-interval . . . . . . . ping-poll . . . . . . . . . . . sample-size . . . . . . . . . . show counter ping-poll . . show ping-poll . . . . . . . source-ip . . . . . . . . . . . timeout (ping polling) . . . up-count . . . . . . . . . . . undebug ping-poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1568 . . . . . . . . . . 1568 . . . . . . . . . . 1570 . . . . . . . . . . 1571 . . . . . . . . . . 1572 . . . . . . . . . . 1573 . . . . . . . . . . 1574 . . . . . . . . . . 1575 . . . . . . . . . . 1576 . . . . . . . . . . 1577 . . . . . . . . . . 1578 . . . . . . . . . . 1579 . . . . . . . . . . 1580 . . . . . . . . . . 1582 . . . . . . . . . . 1584 . . . . . . . . . . 1588 . . . . . . . . . . 1590 . . . . . . . . . . 1591 . . . . . . . . . . 1592 25 List of Commands (access-list extended ICMP filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .775 (access-list extended IP filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .777 (access-list extended IP protocol filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .780 (access-list extended TCP UDP filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .784 (access-list hardware ICMP filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .744 (access-list hardware IP protocol filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .747 (access-list hardware MAC filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .752 (access-list hardware TCP UDP filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .755 (access-list standard named filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .790 (access-list standard numbered filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .792 (ipv6 access-list named ICMP filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .807 (ipv6 access-list named protocol filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .810 (ipv6 access-list named TCP UDP filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .814 (ipv6 access-list standard filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .823 aaa accounting auth-mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1015 aaa accounting auth-web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1017 aaa accounting commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1019 aaa accounting dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1021 aaa accounting login. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1023 aaa accounting update. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1026 aaa authentication auth-mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1028 aaa authentication auth-web. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1030 aaa authentication dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1031 aaa authentication enable default group tacacs+ . . . . . . . . . . . . . . . . . . . . . . . 1032 aaa authentication enable default local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1034 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 26 aaa authentication login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1035 aaa group server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1037 aaa local authentication attempts lockout-time. . . . . . . . . . . . . . . . . . . . . . . . . .1039 aaa local authentication attempts max-fail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1040 aaa login fail-delay. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1041 access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 729 access-list (extended numbered) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 773 access-list (hardware IP numbered). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 731 access-list (hardware MAC numbered). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 739 access-list (standard numbered). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 788 access-list extended (named) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 765 access-list hardware (named) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 742 access-list standard (named) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 786 accounting login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1042 activate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312 active (ping-polling) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1570 active (trigger). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1535 alarm facility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336 arp (IP address MAC). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583 arp log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584 arp security violation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1081 arp security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1080 arp-aging-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 582 arp-reply-bc-dmac. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587 atmf area password. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1179 atmf area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1177 atmf backup area-masters delete. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1182 atmf backup area-masters enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1183 atmf backup area-masters now. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1184 atmf backup area-masters synchronize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1185 atmf backup bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1186 atmf backup delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1187 atmf backup enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1188 atmf backup guests delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1189 atmf backup guests enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1190 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 27 atmf backup guests now . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1191 atmf backup guests synchronize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1192 atmf backup now . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1193 atmf backup redundancy enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1195 atmf backup server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1196 atmf backup stop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1198 atmf backup synchronize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1199 atmf backup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1181 atmf cleanup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1200 atmf controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1201 atmf distribute firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1202 atmf domain vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1204 atmf enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1206 atmf group (membership) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1207 atmf guest-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1209 atmf log-verbose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1211 atmf management subnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1212 atmf management vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1214 atmf master . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1215 atmf mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1216 atmf network-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1217 atmf node-recovery disable-forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1218 atmf provision node clone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1220 atmf provision node configure boot config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1222 atmf provision node configure boot system . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1223 atmf provision node create . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1224 atmf provision node delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1226 atmf provision node license-cert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1228 atmf provision node locate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1230 atmf provision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1219 atmf reboot-rolling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1231 atmf recover guest. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1237 atmf recover led-off. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1238 atmf recover. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1235 atmf remote-login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1239 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 28 atmf restricted-login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1240 atmf select-area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1241 atmf virtual-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1242 atmf working-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1244 auth auth-fail vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 905 auth critical. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 907 auth dynamic-vlan-creation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 908 auth guest-vlan forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 914 auth guest-vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 911 auth host-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 916 auth log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 918 auth max-supplicant. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 920 auth profile (Global Configuration) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 922 auth profile (Interface Configuration). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 923 auth radius send nas-identifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1050 auth radius send service-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1051 auth reauthentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 924 auth roaming disconnected. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 925 auth roaming enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 927 auth supplicant-ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 929 auth supplicant-mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 932 auth timeout connect-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 935 auth timeout quiet-period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 937 auth timeout reauth-period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 938 auth timeout server-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 940 auth timeout supp-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 942 auth two-step enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 944 auth-mac enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 947 auth-mac method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 949 auth-mac password. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 951 auth-mac reauth-relearning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 952 auth-mac username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 953 auth-web enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 954 auth-web forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 956 auth-web max-auth-fail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 959 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 29 auth-web method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 961 auth-web-server blocking-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 962 auth-web-server dhcp ipaddress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 963 auth-web-server dhcp lease. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 964 auth-web-server dhcp-wpad-option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 965 auth-web-server gateway (deleted) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 966 auth-web-server host-name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 967 auth-web-server http-redirect (deleted) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 968 auth-web-server intercept-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 969 auth-web-server ipaddress. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 970 auth-web-server login-url . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 972 auth-web-server mode (deleted) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973 auth-web-server page language . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 971 auth-web-server page logo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 974 auth-web-server page sub-title. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 975 auth-web-server page success-message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 976 auth-web-server page title . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 977 auth-web-server page welcome-message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 978 auth-web-server ping-poll enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 979 auth-web-server ping-poll failcount . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 980 auth-web-server ping-poll interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 981 auth-web-server ping-poll reauth-timer-refresh . . . . . . . . . . . . . . . . . . . . . . . . . . 982 auth-web-server ping-poll timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 983 auth-web-server port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 984 auth-web-server redirect-delay-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 985 auth-web-server redirect-url . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 986 auth-web-server session-keep . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 987 auth-web-server ssl intercept-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 990 auth-web-server ssl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 988 auth-web-server sslport (deleted) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 989 autoboot enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 backpressure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346 banner exec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 banner login (SSH). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1487 banner login (system). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 30 banner motd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 boot config-file backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 boot config-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 boot system backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 boot system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 cd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520 class. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 829 class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 830 clear aaa local user lockout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1043 clear arp security statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1083 clear arp-cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 588 clear atmf links statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1246 clear counter ipv6 dhcp-client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1340 clear exception log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 clear gvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566 clear ip dhcp snooping binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1084 clear ip dhcp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1085 clear ip igmp group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 678 clear ip igmp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 679 clear ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 677 clear ip mroute statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 650 clear ip mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 649 clear ip prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 794 clear ipv6 dhcp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1341 clear ipv6 mld group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 705 clear ipv6 mld interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 706 clear ipv6 mld . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 704 clear ipv6 mroute statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 652 clear ipv6 mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651 clear ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 625 clear lacp counters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522 clear line console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 clear line vty. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 clear lldp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1407 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 31 clear lldp table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1408 clear log buffered. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242 clear log permanent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243 clear log. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 clear loop-protection counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348 clear mac address-table dynamic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349 clear mac address-table static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351 clear ping-poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1571 clear port counter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352 clear power-inline counters interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543 clear spanning-tree detected protocols (RSTP and MSTP) . . . . . . . . . . . . . . . . . 445 clear spanning-tree statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444 clear ssh. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1488 clear test interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331 clock set. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 clock summer-time date . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 clock summer-time recurring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 clock timezone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 commit (IPv4) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 758 commit (IPv6) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 804 configure terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 continuous-reboot-prevention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 copy (filename) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 copy current-software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 copy debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 copy proxy-autoconfig-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 991 copy running-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 copy startup-config. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 copy web-auth-https-file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 992 copy zmodem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 create autoboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 critical-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1572 crypto key destroy hostkey. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1489 crypto key destroy userkey. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1490 crypto key generate hostkey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1491 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 32 crypto key generate userkey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1492 crypto key pubkey-chain knownhosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1493 crypto key pubkey-chain userkey. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1495 day. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1536 deadtime (RADIUS server group) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1052 debug aaa. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1044 debug alarm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339 debug arp security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1086 debug atmf packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1249 debug atmf. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1247 debug dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 866 debug epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1146 debug gvrp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567 debug igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 680 debug ip dhcp snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1087 debug ip packet interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589 debug lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523 debug lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1409 debug loopprot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 debug mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1464 debug mld . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 707 debug mstp (RSTP and STP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446 debug nsm mcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 653 debug nsm mcast6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 654 debug ping-poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1573 debug platform packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354 debug power-inline. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 544 debug radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1053 debug snmp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1367 debug ssh client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1497 debug ssh server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1498 debug trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1538 default log buffered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244 default log console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 default log email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 33 default log host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247 default log monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248 default log permanent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 default-action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 831 delete debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 delete mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1465 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 description (Authentication Profile) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 993 description (interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316 description (ping-polling) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1574 description (QoS policy-map) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 832 description (trigger) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1539 dir. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 disable (Privileged Exec mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 discovery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1252 do. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 dot1x control-direction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 867 dot1x eap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 869 dot1x eapol-version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 870 dot1x initialize interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 872 dot1x initialize supplicant. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 873 dot1x keytransmit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 874 dot1x max-auth-fail. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 875 dot1x max-reauth-req . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 877 dot1x port-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 879 dot1x timeout tx-period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 881 duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356 echo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 ecofriendly led . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 edit (filename) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 edit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 egress-rate-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 833 enable (Privileged Exec mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 enable password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 enable secret . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 34 end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 epsr configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1148 epsr datavlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1149 epsr enhancedrecovery enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1150 epsr mode master controlvlan primary port . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1151 epsr mode transit controlvlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1152 epsr priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1153 epsr state. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1154 epsr trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1155 epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1147 erase factory-default. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1254 erase proxy-autoconfig-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 994 erase startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 erase web-auth-https-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 995 exec-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136 exit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 fail-count. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1575 findme trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 findme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 flowcontrol (switch port). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358 flowcontrol hardware (asyn/console) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 gvrp (interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569 gvrp dynamic-vlan-creation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 570 gvrp enable (global) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571 gvrp registration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572 gvrp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 573 help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 http-enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1255 instance priority (MSTP). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450 instance vlan (MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452 interface (to configure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317 ip (ping-polling) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1576 ip address (IP Addressing and Protocol) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 591 ip address dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1334 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 35 ip dhcp snooping agent-option allow-untrusted. . . . . . . . . . . . . . . . . . . . . . . . .1090 ip dhcp snooping agent-option circuit-id vlantriplet . . . . . . . . . . . . . . . . . . . . .1091 ip dhcp snooping agent-option remote-id. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1092 ip dhcp snooping agent-option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1089 ip dhcp snooping binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1093 ip dhcp snooping database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1094 ip dhcp snooping delete-by-client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1095 ip dhcp snooping delete-by-linkdown. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1096 ip dhcp snooping max-bindings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1097 ip dhcp snooping subscriber-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1098 ip dhcp snooping trust. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1099 ip dhcp snooping verify mac-address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1100 ip dhcp snooping violation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1101 ip dhcp snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1088 ip domain-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 593 ip domain-lookup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 594 ip domain-name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 595 ip gratuitous-arp-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596 ip igmp flood specific-query . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 681 ip igmp snooping fast-leave. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 683 ip igmp snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 684 ip igmp snooping report-suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 685 ip igmp snooping routermode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 686 ip igmp snooping tcn query solicit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 688 ip igmp snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 682 ip igmp static-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 690 ip igmp trusted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 692 ip igmp version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 693 ip mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 655 ip multicast forward-first-packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 657 ip multicast route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 658 ip multicast route-limit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 660 ip multicast wrong-vif-suppression. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661 ip multicast-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 662 ip name-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 598 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 36 ip prefix-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 795 ip radius source-interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1054 ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 641 ip rrp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1170 ip source binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1102 ip tftp source-interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 ip unreachables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 600 ipv6 access-list (named). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 805 ipv6 access-list standard (named) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 821 ipv6 address dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1342 ipv6 address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 626 ipv6 enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627 ipv6 mld access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 708 ipv6 mld limit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 709 ipv6 mld snooping fast-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 713 ipv6 mld snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 714 ipv6 mld snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 716 ipv6 mld snooping report-suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717 ipv6 mld snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 711 ipv6 mld static-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 719 ipv6 multicast route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 663 ipv6 multicast route-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 665 ipv6 multicast-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 666 ipv6 nd raguard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 628 ipv6 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 630 ipv6 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 631 ipv6 tftp source-interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 ipv6 traffic-filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 817 ipv6 unreachables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632 lacp global-passive-mode enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524 lacp port-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525 lacp system-priority. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 526 lacp timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527 length (asyn) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140 length (ping-poll data) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1577 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 37 line. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 linkflap action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360 lldp faststart-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1411 lldp holdtime-multiplier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1412 lldp management-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1413 lldp med-notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1414 lldp med-tlv-select. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1415 lldp non-strict-med-tlv-order-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1417 lldp notification-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1418 lldp notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1419 lldp port-number-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1420 lldp reinit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1421 lldp run . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1422 lldp timer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1423 lldp tlv-select . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1424 lldp transmit receive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1426 lldp tx-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1427 location civic-location configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1428 location civic-location identifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1432 location civic-location-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1433 location coord-location configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1434 location coord-location identifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1436 location coord-location-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1437 location elin-location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1438 location elin-location-id. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1439 log buffered (filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251 log buffered exclude. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254 log buffered size. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257 log buffered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250 log console (filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 log console exclude . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 log console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258 log email (filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 log email exclude . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269 log email time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 38 log email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 log facility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274 log host (filter). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 log host exclude . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280 log host source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283 log host time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 log host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276 log monitor (filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286 log monitor exclude . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 log permanent (filter) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 log permanent exclude . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 log permanent size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299 log permanent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292 login authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1045 logout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 log-rate-limit nsm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300 loop-protection action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362 loop-protection action-delay-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363 loop-protection loop-detect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361 loop-protection timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364 mac address-table acquire . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 mac address-table ageing-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366 mac address-table logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367 mac address-table static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368 mail from. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1467 mail smtpserver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1468 mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1466 match access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 834 match cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 836 match dscp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 837 match eth-format protocol. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 838 match mac-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 841 match tcp-flags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 842 match vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 843 maximum-access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 797 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 39 mirror interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369 mkdir . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 mls qos cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 844 mls qos enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 845 mls qos map cos-queue to . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 846 mls qos map premark-dscp to. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 847 modeltype . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1257 move debug. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 move. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 mru jumbo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319 mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320 multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 667 no debug all. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 no police . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 848 normal-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1578 ntp access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1348 ntp authenticate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1349 ntp authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1350 ntp broadcastdelay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1351 ntp master . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1352 ntp peer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1353 ntp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1355 ntp source. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1357 ntp trusted-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1359 openflow controller. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1130 openflow native vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1131 openflow version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1132 openflow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1129 ping ipv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 633 ping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602 ping-poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1579 platform stop-unreg-mc-flooding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371 platform vlan-stacking-tpid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373 polarity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374 police single-rate action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 849 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 40 policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 850 port-vlan-forwarding-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401 power-inline allow-legacy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 546 power-inline description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 547 power-inline enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548 power-inline max . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 549 power-inline priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 551 power-inline usage-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 553 priority-queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 851 private-vlan association. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405 private-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404 privilege level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 pwd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 radius-server deadtime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1055 radius-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1056 radius-server key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1059 radius-server retransmit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1060 radius-server timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1062 reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 region (MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454 reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193 remark new-cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 852 repeat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1540 revision (MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455 rmdir . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 rmon alarm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1473 rmon collection history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1475 rmon collection stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1476 rmon event. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1477 sample-size. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1580 script. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1541 security-password forced-change . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 security-password history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 security-password lifetime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 security-password minimum-categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 41 security-password minimum-length. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 security-password reject-expired-pwd. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 security-password warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 server (Server Group) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1064 service advanced-vty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 service dhcp-snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1104 service http. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 service password-encryption. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 service power-inline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 554 service ssh. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1499 service telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 service terminal-length (deleted). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 service test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332 service-policy input . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 853 show aaa local user locked . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1046 show access-list (IPv4 Hardware ACLs). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 759 show access-list (IPv4 Software ACLs). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 798 show alarm settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340 show arp security interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1107 show arp security statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1109 show arp security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1106 show arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 603 show atmf area guests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1265 show atmf area guests-detail. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1267 show atmf area nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1269 show atmf area nodes-detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1271 show atmf area summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1273 show atmf area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1262 show atmf backup area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1278 show atmf backup guest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1280 show atmf backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1274 show atmf detail. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1282 show atmf group members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1286 show atmf group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1284 show atmf guest. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1288 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 42 show atmf links detail. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1292 show atmf links guest. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1301 show atmf links statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1304 show atmf links. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1290 show atmf memory (deprecated). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1307 show atmf nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1308 show atmf provision nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1310 show atmf tech . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1311 show atmf virtual-links. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1314 show atmf working-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1316 show atmf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1258 show auth diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 998 show auth interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1000 show auth sessionstatistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1003 show auth statistics interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1004 show auth supplicant interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1008 show auth supplicant . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1005 show auth two-step supplicant brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1009 show auth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 996 show auth-web-server page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1011 show auth-web-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1010 show autoboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 show banner login. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1501 show boot. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 show class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 854 show clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 show continuous-reboot-prevention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196 show counter dhcp-client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1336 show counter ipv6 dhcp-client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1343 show counter log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302 show counter mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1469 show counter ntp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1360 show counter ping-poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1582 show counter snmp-server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1368 show cpu history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 43 show cpu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 show crypto key hostkey. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1502 show crypto key pubkey-chain knownhosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1503 show crypto key pubkey-chain userkey. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1504 show crypto key userkey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1505 show debugging aaa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1047 show debugging alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341 show debugging arp security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1111 show debugging atmf packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1318 show debugging atmf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1317 show debugging dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 883 show debugging epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1156 show debugging gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574 show debugging igmp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694 show debugging ip dhcp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1112 show debugging ip packet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 605 show debugging lacp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 529 show debugging lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1440 show debugging loopprot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375 show debugging mld . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 721 show debugging mstp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456 show debugging platform packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376 show debugging power-inline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555 show debugging radius. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1066 show debugging snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1372 show debugging trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1543 show debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 show dhcp lease. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1337 show diagnostic channel-group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530 show dot1x diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 887 show dot1x interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 889 show dot1x sessionstatistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 894 show dot1x statistics interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 895 show dot1x supplicant interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 898 show dot1x supplicant. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 896 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 44 show dot1x. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 884 show ecofriendly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 show epsr <epsr-instance> counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1165 show epsr <epsr-instance> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1164 show epsr common segments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1162 show epsr config-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1163 show epsr counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1166 show epsr summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1167 show epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1157 show etherchannel detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532 show etherchannel summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 533 show etherchannel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531 show exception log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303 show facility-alarm status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342 show file systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 show file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 show flowcontrol interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377 show gvrp configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575 show gvrp machine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576 show gvrp statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 577 show gvrp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 578 show history. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 show hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607 show http . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 show interface access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761 show interface brief. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326 show interface err-disabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 show interface memory. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 show interface status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327 show interface switchport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 show interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322 show ip access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 800 show ip dhcp snooping acl. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1114 show ip dhcp snooping agent-option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1117 show ip dhcp snooping binding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1119 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 45 show ip dhcp snooping interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1121 show ip dhcp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1123 show ip dhcp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1113 show ip domain-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608 show ip domain-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 609 show ip igmp groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695 show ip igmp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 697 show ip igmp snooping routermode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 700 show ip igmp snooping statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 701 show ip interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 610 show ip mroute. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 668 show ip mvif. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 670 show ip name-server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 611 show ip route database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 644 show ip route summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 645 show ip route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642 show ip rpf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671 show ip rrp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1171 show ip sockets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 612 show ip source binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1126 show ip traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 show ipv6 access-list (IPv6 Hardware ACLs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 818 show ipv6 access-list (IPv6 Software ACLs). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 825 show ipv6 dhcp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1346 show ipv6 dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1345 show ipv6 interface brief. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 634 show ipv6 mif . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 674 show ipv6 mld groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 722 show ipv6 mld interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 723 show ipv6 mld snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 724 show ipv6 mld snooping statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 725 show ipv6 mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 672 show ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 635 show ipv6 route summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 638 show ipv6 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 636 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 46 show lacp sys-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534 show lacp-counter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535 show lldp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1444 show lldp local-info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1446 show lldp neighbors detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1453 show lldp neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1451 show lldp statistics interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1459 show lldp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1457 show lldp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1442 show location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1461 show log config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 show log permanent. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309 show log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304 show loop-protection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380 show mac address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382 show mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1470 show memory allocations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 show memory history. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 show memory pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211 show memory shared. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 show memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 show mirror interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385 show mirror . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384 show mls qos interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 856 show mls qos maps cos-queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 858 show mls qos maps premark-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 859 show mls qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 855 show ntp associations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1362 show ntp status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1364 show openflow config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1133 show openflow coverage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1135 show openflow flows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1137 show openflow rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1138 show openflow status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1140 show ping-poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1584 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 47 show platform classifier statistics utilization brief . . . . . . . . . . . . . . . . . . . . . . . . . 387 show platform classifier statistics utilization brief . . . . . . . . . . . . . . . . . . . . . . . . . 860 show platform port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388 show platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386 show policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 861 show port etherchannel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536 show port-vlan-forwarding-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406 show power-inline counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558 show power-inline interface detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 562 show power-inline interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 560 show power-inline. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556 show privilege. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 show process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 show proxy-autoconfig-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1012 show radius statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1070 show radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1067 show reboot history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 show rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1478 show rmon event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1479 show rmon history. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1481 show rmon statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1483 show router-id. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216 show running-config access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 show running-config atmf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1319 show running-config dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 show running-config full. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 show running-config interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 show running-config ipv6 access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 show running-config key chain. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 show running-config lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117 show running-config log. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 show running-config power-inline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 show running-config router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 show running-config security-password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 show running-config snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1373 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 48 show running-config ssh. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1506 show running-config trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1544 show running-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 show security-password configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 show security-password user. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 show snmp-server community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1375 show snmp-server group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1376 show snmp-server user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1377 show snmp-server view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1378 show snmp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1374 show spanning-tree brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460 show spanning-tree mst config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462 show spanning-tree mst detail interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465 show spanning-tree mst detail interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470 show spanning-tree mst detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463 show spanning-tree mst instance interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468 show spanning-tree mst instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467 show spanning-tree mst interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469 show spanning-tree mst . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461 show spanning-tree statistics instance interface . . . . . . . . . . . . . . . . . . . . . . . . . . 475 show spanning-tree statistics instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474 show spanning-tree statistics interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477 show spanning-tree statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472 show spanning-tree vlan range-index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479 show spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457 show ssh client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1510 show ssh server allow-users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1513 show ssh server deny-users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1514 show ssh server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1511 show ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1508 show startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 show static-channel-group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 537 show storm-control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392 show system environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218 show system interrupts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 49 show system mac. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220 show system pluggable detail. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232 show system pluggable diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236 show system pluggable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 show system serialnumber. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 show system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 show tacacs+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1073 show tech-support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222 show telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 show trigger. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1545 show users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 show vlan classifier group interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409 show vlan classifier group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 show vlan classifier interface group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410 show vlan classifier rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 show vlan private-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412 show vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407 shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329 snmp trap link-status suppress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1381 snmp trap link-status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1379 snmp-server community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1385 snmp-server contact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1386 snmp-server enable trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1387 snmp-server engineID local reset. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1391 snmp-server engineID local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1389 snmp-server group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1392 snmp-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1394 snmp-server legacy-ifadminstatus. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1396 snmp-server location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1397 snmp-server source-interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1398 snmp-server startup-trap-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1399 snmp-server user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1400 snmp-server view. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1403 snmp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1383 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 50 source-ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1588 spanning-tree autoedge (RSTP and MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 spanning-tree bpdu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481 spanning-tree cisco-interoperability (MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483 spanning-tree edgeport (RSTP and MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484 spanning-tree enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485 spanning-tree errdisable-timeout enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487 spanning-tree errdisable-timeout interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488 spanning-tree force-version. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 spanning-tree forward-time. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490 spanning-tree guard root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 spanning-tree hello-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492 spanning-tree link-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493 spanning-tree max-age . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494 spanning-tree max-hops (MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495 spanning-tree mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496 spanning-tree mst configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497 spanning-tree mst instance path-cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499 spanning-tree mst instance priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501 spanning-tree mst instance restricted-role. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 502 spanning-tree mst instance restricted-tcn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504 spanning-tree mst instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498 spanning-tree path-cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 505 spanning-tree portfast (STP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506 spanning-tree portfast bpdu-filter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 508 spanning-tree portfast bpdu-guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510 spanning-tree priority (bridge priority) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512 spanning-tree priority (port priority). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513 spanning-tree restricted-role. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514 spanning-tree restricted-tcn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515 spanning-tree transmit-holdcount . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 516 speed (asyn) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224 speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393 ssh client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1517 ssh server allow-users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1521 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 51 ssh server authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1523 ssh server deny-users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1525 ssh server max-auth-tries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1527 ssh server resolve-host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1528 ssh server scp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1529 ssh server sftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1530 ssh server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1519 ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1515 static-channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538 storm-control level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395 switchport access vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413 switchport atmf-arealink remote-area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1320 switchport atmf-crosslink . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1322 switchport atmf-guestlink. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1324 switchport atmf-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1326 switchport enable vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414 switchport mode access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415 switchport mode private-vlan trunk promiscuous. . . . . . . . . . . . . . . . . . . . . . . . . 417 switchport mode private-vlan trunk secondary . . . . . . . . . . . . . . . . . . . . . . . . . . . 419 switchport mode private-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416 switchport mode trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421 switchport private-vlan host-association . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422 switchport private-vlan mapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423 switchport trunk allowed vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424 switchport trunk native vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427 switchport vlan-stacking (double tagging). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429 switchport voice dscp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430 switchport voice vlan priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433 switchport voice vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431 system territory (deprecated) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 tacacs-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1074 tacacs-server key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1076 tacacs-server timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1077 tcpdump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621 telnet server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 52 telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160 terminal length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 terminal monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 terminal resize. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 test interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333 test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1550 thrash-limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396 time (trigger) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1551 timeout (ping polling) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1590 traceroute ipv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 639 traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 622 trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1553 trigger activate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1555 trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1554 trust dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 862 type atmf node . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1327 type atmf node . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1556 type cpu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1559 type interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1560 type memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1561 type periodic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1562 type ping-poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1563 type reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1564 type time. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1565 type usb. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1566 undebug aaa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1048 undebug all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228 undebug atmf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1330 undebug dot1x. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 901 undebug epsr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1168 undebug igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 702 undebug ip packet interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623 undebug lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540 undebug loopprot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397 undebug mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1471 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 53 undebug mstp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517 undebug ping-poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1592 undebug platform packet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398 undebug radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1071 undebug snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1404 undebug ssh client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1531 undebug ssh server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1532 undebug trigger. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1567 up-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1591 username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1331 username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 vlan classifier activate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435 vlan classifier group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436 vlan classifier rule ipv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437 vlan classifier rule proto. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438 vlan database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434 vty access-class (numbered) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 801 vty ipv6 access-class (named) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 826 wait . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314 write file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 write memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124 write terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 wrr-queue weight queues. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 863 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 54 Part 1: Setup and Troubleshooting C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 55 1 CLI Navigation Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference for the commands used to navigate between different modes. This chapter also provides a reference for the help and show commands used to help navigate within the CLI. • “configure terminal” on page 57 • “disable (Privileged Exec mode)” on page 58 • “do” on page 59 • “enable (Privileged Exec mode)” on page 60 • “end” on page 62 • “exit” on page 63 • “help” on page 64 • “logout” on page 65 • “show history” on page 66 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 56 CLI NAVIGATION COMMANDS CONFIGURE TERMINAL configure terminal Overview Syntax Mode Example This command enters the Global Configuration command mode. configure terminal Privileged Exec To enter the Global Configuration command mode (note the change in the command prompt), enter the command: awplus# configure terminal awplus(config)# C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 57 CLI NAVIGATION COMMANDS DISABLE (PRIVILEGED EXEC MODE) disable (Privileged Exec mode) Overview Syntax Mode Example This command exits the Privileged Exec mode, returning the prompt to the User Exec mode. To end a session, use the exit command. disable Privileged Exec To exit the Privileged Exec mode, enter the command: awplus# disable awplus> Related Commands enable (Privileged Exec mode) end exit C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 58 CLI NAVIGATION COMMANDS DO do Overview Syntax Mode Example This command lets you to run User Exec and Privileged Exec mode commands when you are in any configuration mode. do <command> Parameter Description <command> Specify the command and its parameters. Any configuration mode awplus# configure terminal awplus(config)# do ping 192.0.2.23 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 59 CLI NAVIGATION COMMANDS ENABLE (PRIVILEGED EXEC MODE) enable (Privileged Exec mode) Overview Syntax This command enters the Privileged Exec mode and optionally changes the privilege level for a session. If a privilege level is not specified then the maximum privilege level (15) is applied to the session. If the optional privilege level is omitted then only users with the maximum privilege level can access Privileged Exec mode without providing the password as specified by the enable password or enable secret commands. If no password is specified then only users with the maximum privilege level set with the username command can assess Privileged Exec mode. enable [<privilege-level>] Parameter Description <privilege - level> Specify the privilege level for a CLI session in the range <1-15>, where 15 is the maximum privilege level, 7 is the intermediate privilege level and 1 is the minimum privilege level. The privilege level for a user must match or exceed the privilege level set for the CLI session for the user to access Privileged Exec mode. Privilege level for a user is configured by username. Mode User Exec Usage Many commands are available from the Privileged Exec mode that configure operating parameters for the device, so you should apply password protection to the Privileged Exec mode to prevent unauthorized use. Passwords can be encrypted but then cannot be recovered. Note that non-encrypted passwords are shown in plain text in configurations. The username command sets the privilege level for the user. After login, users are given access to privilege level 1. Users access higher privilege levels with the enable (Privileged Exec mode) command. If the privilege level specified is higher than the users configured privilege level specified by the username command, then the user is prompted for the password for that level. Note that a separate password can be configured for each privilege level using the enable password and the enable secret commands from the Global Configuration mode. The service password-encryption command encrypts passwords configured by the enable password and the enable secret commands, so passwords are not shown in plain text in configurations. Example The following example shows the use of the enable command to enter the Privileged Exec mode (note the change in the command prompt). awplus> enable awplus# The following example shows the enable command enabling access the Privileged Exec mode for users with a privilege level of 7 or greater. Users with a privilege level of 7 or greater do not need to enter a password to access Privileged Exec mode. Users with a privilege level 6 or less need to enter a password to access C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 60 CLI NAVIGATION COMMANDS ENABLE (PRIVILEGED EXEC MODE) Privilege Exec mode. Use the enable password command or the enable secret commands to set the password to enable access to Privileged Exec mode. awplus> enable 7 awplus# Related Commands disable (Privileged Exec mode) enable password enable secret exit service password-encryption username C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 61 CLI NAVIGATION COMMANDS END end Overview Syntax Mode Example This command returns the prompt to the Privileged Exec command mode from any other advanced command mode. end All advanced command modes, including Global Configuration and Interface Configuration modes. The following example shows the use of the end command to return to the Privileged Exec mode directly from Interface mode. awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# end awplus# Related Commands disable (Privileged Exec mode) enable (Privileged Exec mode) exit C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 62 CLI NAVIGATION COMMANDS EXIT exit Overview Syntax This command exits the current mode, and returns the prompt to the mode at the previous level. When used in User Exec mode, the exit command terminates the session. exit Mode All command modes, including Global Configuration and Interface Configuration modes. Example The following example shows the use of exit command to exit Interface mode, and return to Configure mode. awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# exit awplus(config)# Related Commands disable (Privileged Exec mode) enable (Privileged Exec mode) end C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 63 CLI NAVIGATION COMMANDS HELP help Overview Syntax Mode Example This command displays a description of the AlliedWare Plus™ OS help system. help All command modes To display a description on how to use the system help, use the command: awplus# help Output Figure 1-1: Example output from the help command When you need help at the command line, press '?'. If nothing matches, the help list will be empty. Delete characters until entering a '?' shows the available options. Enter '?' after a complete parameter to show remaining valid command parameters (e.g. 'show ?'). Enter '?' after part of a parameter to show parameters that complete the typed letters (e.g. 'show ip?'). C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 64 CLI NAVIGATION COMMANDS LOGOUT logout Overview Syntax Mode Example This command exits the User Exec or Privileged Exec modes and ends the session. logout User Exec and Privileged Exec To exit the User Exec mode, use the command: awplus# logout C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 65 CLI NAVIGATION COMMANDS SHOW HISTORY show history Overview This command lists the commands entered in the current session. The history buffer is cleared automatically upon reboot. The output lists all command line entries, including commands that returned an error. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show history User Exec and Privileged Exec To display the commands entered during the current session, use the command: awplus# show history Output Figure 1-2: 1 2 3 4 5 6 7 C613-50081-01 REV A Example output from the show history command en show ru conf t route-map er deny 3 exit ex di Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 66 2 File Management Commands Introduction This chapter provides an alphabetical reference of AlliedWare Plus™ OS file management commands. Filename Syntax and Keyword Usage When you copy a file... Many of the commands in this chapter use the placeholder “filename” to represent the name and location of the file that you want to act on. The following table explains the syntax of the filename for each different type of file location. Use this syntax: Example: Copying in local Flash memory flash:[/][<directory>/]<filename> To specify a file in the configs directory in Flash: flash:configs/example.cfg Copying to or from a USB storage device usb:[/][<directory>/]<filename> To specify a file in the top-level directory of the USB stick: usb:example.cfg Copying with HTTP http://[[<username>:<password>]@] {<hostname>|<host-ip>}[/<filepath >]/<filename> To specify a file in the configs directory on the server: http://www.company.com/configs/exa mple.cfg Copying with TFTP tftp://[[<location>]/<directory>] /<filename> Copying with SCP scp://<username>@<location>[/<dir ectory>][/<filename>] Copying with SFTP sftp://[[<location>]/<directory>] /<filename> C613-50081-01 REV A To specify a file in the top-level directory of the server: tftp://172.1.1.1/example.cfg To specify a file in the configs directory on the server, logging on as user “bob”: e.g. scp://[email protected]/configs/example .cfg To specify a file in the top-level directory of the server: sftp://10.0.0.5/example.cfg Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 67 FILE MANAGEMENT COMMANDS Valid characters The filename and path can include characters from up to four categories. The categories are: 1) uppercase letters: A to Z 2) lowercase letters: a to z 3) digits: 0 to 9 4) special symbols: all printable ASCII characters not included in the previous three categories. Including the following characters: • - • / • . • _ • @ • " • ' • * • : • ~ • ? Do not use spaces or parentheses within filenames. Use hyphens or underscores instead. Syntax for directory listings A leading slash (/) indicates the root of the current filesystem location. In commands where you need to specify the local filesystem’s Flash base directory, you may use flash or flash: or flash:/. For example, these commands are all the same: • dir flash • dir flash: • dir flash:/ Similarly, you can specify the USB storage device base directory with usb or usb: or usb:/ You cannot name a directory or subdirectory flash, nvs, usb, card, tftp, scp, sftp or http. These keywords are reserved for tab completion when using various file commands. Command List C613-50081-01 REV A • “autoboot enable” on page 71 • “boot config-file” on page 72 • “boot config-file backup” on page 74 • “boot system” on page 75 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 68 FILE MANAGEMENT COMMANDS C613-50081-01 REV A • “boot system backup” on page 77 • “cd” on page 78 • “copy (filename)” on page 79 • “copy current-software” on page 81 • “copy debug” on page 82 • “copy running-config” on page 83 • “copy startup-config” on page 84 • “copy zmodem” on page 85 • “create autoboot” on page 86 • “delete” on page 87 • “delete debug” on page 88 • “dir” on page 89 • “edit” on page 91 • “edit (filename)” on page 92 • “erase startup-config” on page 93 • “ip tftp source-interface” on page 94 • “ipv6 tftp source-interface” on page 95 • “mkdir” on page 96 • “move” on page 97 • “move debug” on page 98 • “pwd” on page 99 • “rmdir” on page 100 • “show autoboot” on page 101 • “show boot” on page 102 • “show file” on page 104 • “show file systems” on page 105 • “show running-config” on page 107 • “show running-config access-list” on page 109 • “show running-config dhcp” on page 110 • “show running-config full” on page 111 • “show running-config interface” on page 113 • “show running-config ipv6 access-list” on page 115 • “show running-config key chain” on page 116 • “show running-config lldp” on page 117 • “show running-config power-inline” on page 118 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 69 FILE MANAGEMENT COMMANDS C613-50081-01 REV A • “show running-config router-id” on page 119 • “show running-config security-password” on page 120 • “show startup-config” on page 121 • “show version” on page 122 • “write file” on page 123 • “write memory” on page 124 • “write terminal” on page 125 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 70 FILE MANAGEMENT COMMANDS AUTOBOOT ENABLE autoboot enable Overview This command enables the device to restore a release file and/or a configuration file from external media, such as a USB storage device. When the Autoboot feature is enabled, the device looks for a special file called autoboot.txt on the external media. If this file exists, the device will check the key and values in the file and recover the device with a new release file and/or configuration file from the external media. An example of a valid autoboot.txt file is shown in the following figure. Figure 2-1: Example autoboot.txt file [AlliedWare Plus] Copy_from_external_media_enabled=yes Boot_Release=IE200-5.4.6I-0.1.rel Boot_Config=network1.cfg Use the no variant of this command to disable the Autoboot feature. Syntax autoboot enable no autoboot enable Default Mode Example The Autoboot feature operates the first time the device is powered up in the field, after which the feature is disabled by default. Global Configuration To enable the Autoboot feature, use the command: awplus# configure terminal awplus# configure terminal awplus(config)# no autoboot enable Related Commands create autoboot show autoboot show boot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 71 FILE MANAGEMENT COMMANDS BOOT CONFIG-FILE boot config-file Overview Use this command to set the configuration file to use during the next boot cycle. Use the no variant of this command to remove the configuration file. Syntax boot config-file <filepath-filename> no boot config-file Parameter Description <filepath-filename> Filepath and name of a configuration file. The specified configuration file must exist in the specified filesystem. Valid configuration files must have a . cfg extension. Mode Global Configuration Usage You can only specify that the configuration file is on a USB storage device if there is a backup configuration file already specified in Flash. If you attempt to set the configuration file on a USB storage device and a backup configuration file is not specified in Flash, the following error message is displayed: % Backup configuration files must be stored in the flash filesystem For an explanation of the configuration fallback order, see the File Management Feature Overview and Configuration Guide. Examples To run the configuration file branch.cfg stored on the device’s Flash filesystem the next time the device boots up, use the commands: awplus# configure terminal awplus(config)# boot config-file flash:/branch.cfg To remove the configuration file branch.cfg stored on the device’s Flash filesystem the next time the device boots up, use the commands: awplus# configure terminal awplus(config)# no boot config-file flash:/branch.cfg To run the configuration file branch.cfg stored on the switch’s USB storage device filesystem the next time the device boots up, use the commands: awplus# configure terminal awplus(config)# boot config-file usb:/branch.cfg C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 72 FILE MANAGEMENT COMMANDS BOOT CONFIG-FILE To remove the configuration file branch.cfg stored on the switch’s USB storage device filesystem the next time the device boots up, use the commands: awplus# configure terminal awplus(config)# no boot config-file usb:/branch.cfg Related Commands boot config-file backup boot system boot system backup show boot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 73 FILE MANAGEMENT COMMANDS BOOT CONFIG-FILE BACKUP boot config-file backup Overview Use this command to set a backup configuration file to use if the main configuration file cannot be accessed. Use the no variant of this command to remove the backup configuration file. Syntax boot config-file backup <filepath-filename> no boot config-file backup Parameter Description <filepath-filename> Filepath and name of a backup configuration file. Backup configuration files must be in the Flash filesystem. Valid backup configuration files must have a . cfg extension. backup The specified file is a backup configuration file. Mode Global Configuration Usage For an explanation of the configuration fallback order, see the File Management Feature Overview and Configuration Guide. Examples To set the configuration file backup.cfg as the backup to the main configuration file, use the commands: awplus# configure terminal awplus(config)# boot config-file backup flash:/backup.cfg To remove the configuration file backup.cfg as the backup to the main configuration file, use the commands: awplus# configure terminal awplus(config)# no boot config-file backup flash:/backup.cfg Related Commands boot config-file boot system boot system backup show boot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 74 FILE MANAGEMENT COMMANDS BOOT SYSTEM boot system Overview Use this command to set the release file to load during the next boot cycle. Use the no variant of this command to remove the release file as the boot file. Syntax boot system <filepath-filename> no boot system Parameter Description <filepath-filename> Filepath and name of a release file. The specified release file must exist and must be stored in the root directory of the specified filesystem. Valid release files must have a . rel extension. Mode Global Configuration Usage You can only specify that the release file is on a USB storage device if there is a backup release file already specified in Flash. If you attempt to set the release file on a USB storage device and a backup release file is not specified in Flash, the following error message is displayed: % A backup boot image must be set before setting a current boot image on USB storage device In a VCStack configuration, the stack only accepts a release file on a USB storage device if a USB storage device is inserted in all stack members and all stack members have a bootloader version that supports booting from it. If a stack member has a USB storage device removed an error message is displayed. For example, if stack member 2 does not have a USB storage device inserted the following message is displayed: % Stack member 2 has no USB storage device inserted Examples To run the release file IE200-5.4.6I-0.1.rel stored on the device’s Flash filesystem the next time the device boots up, use the commands: awplus# configure terminal awplus(config)# boot system flash:/IE200-5.4.6I-0.1.rel To remove the release file IE200-5.4.6I-0.1.rel stored on the device’s Flash filesystem the next time the device boots up, use the commands: awplus# configure terminal awplus(config)# no boot system flash:/IE200-5.4.6I-0.1.rel C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 75 FILE MANAGEMENT COMMANDS BOOT SYSTEM To run the release file IE200-5.4.6I-0.1.rel stored on the switch’s USB storage device filesystem the next time the device boots up, use the commands: awplus# configure terminal awplus(config)# boot system usb:/IE200-5.4.6I-0.1.rel To remove the release file IE200-5.4.6I-0.1.rel stored on the switch’s USB storage device filesystem the next time the device boots up, use the commands: awplus# configure terminal awplus(config)# boot system usb:/IE200-5.4.6I-0.1.rel Related Commands boot config-file boot config-file backup boot system backup show boot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 76 FILE MANAGEMENT COMMANDS BOOT SYSTEM BACKUP boot system backup Overview Use this command to set a backup release file to load if the main release file cannot be loaded. Use the no variant of this command to remove the backup release file as the backup boot file. Syntax boot system backup <filepath-filename> no boot system backup Mode Examples Parameter Description <filepath-filename> Filepath and name of a backup release file. Backup release files must be in the Flash filesystem. Valid release files must have a . rel extension. backup The specified file is a backup release file. Global Configuration To specify the file IE200-5.4.6I-0.1.rel as the backup to the main release file, use the commands: awplus# configure terminal awplus(config)# boot system backup flash:/IE200-5.4.6I-0.1.rel To remove the file IE200-5.4.6I-0.1.rel as the backup to the main release file, use the commands: awplus# configure terminal awplus(config)# no boot system backup flash:/IE200-5.4.6I-0.1.rel Related Commands boot config-file boot config-file backup boot system show boot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 77 FILE MANAGEMENT COMMANDS CD cd Overview Syntax Mode Example This command changes the current working directory. cd <directory-name> Parameter Description <directory-name> Name and path of the directory. Privileged Exec To change to the directory called images, use the command: awplus# cd images Related Commands dir pwd show file systems C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 78 FILE MANAGEMENT COMMANDS COPY (FILENAME) copy (filename) Overview Syntax Mode Examples This command copies a file. This allows you to: • copy files from your device to a remote device • copy files from a remote device to your device • copy files stored on Flash memory to or from a different memory type, such as a USB storage device • create two copies of the same file on your device copy <source-name> <destination-name> Parameter Description <source-name> The filename and path of the source file. See Introduction on page 67 for valid syntax. <destination-name> The filename and path for the destination file. See Introduction on page 67 for valid syntax. Privileged Exec To use TFTP to copy the file bob.key into the current directory from the remote server at 10.0.0.1, use the command: awplus# copy tftp://10.0.0.1/bob.key bob.key To use SFTP to copy the file new.cfg into the current directory from a remote server at 10.0.1.2, use the command: awplus# copy sftp://10.0.1.2/new.cfg bob.key To use SCP with the username beth to copy the file old.cfg into the directory config_files on a remote server that is listening on TCP port 2000, use the command: awplus# copy scp://beth@serv:2000/config_files/old.cfg old.cfg To copy the file newconfig.cfg onto your device’s Flash from a USB storage device, use the command: awplus# copy usb:/newconfig.cfg flash:/newconfig.cfg To copy the file newconfig.cfg to a USB storage device from your device’s Flash, use the command: awplus# copy flash:/newconfig.cfg usb:/newconfig.cfg To copy the file config.cfg into the current directory from a USB storage device, and rename it to configtest.cfg, use the command: awplus# copy usb:/config.cfg configtest.cfg C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 79 FILE MANAGEMENT COMMANDS COPY (FILENAME) To copy the file config.cfg into the current directory from a remote file server, and rename it to configtest.cfg, use the command: awplus# copy fserver:/config.cfg configtest.cfg Related Commands copy zmodem edit (filename) show file systems C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 80 FILE MANAGEMENT COMMANDS COPY CURRENT-SOFTWARE copy current-software Overview Syntax Mode Example This command copies the AlliedWare Plus™ OS software that the device has booted from, to a destination file. Specify whether the destination is Flash or USB when saving the software to the local filesystem. copy current-software <destination-name> Parameter Description <destination-name> The filename and path where you would like the current running-release saved. This command creates a file if no file exists with the specified filename. If a file already exists, then the CLI prompts you before overwriting the file. See Introduction on page 67 for valid syntax. Privileged Exec To copy the current software as installed in the working directory with the file name my-release.rel, use the command: awplus# copy current-software my-release.rel Related Commands C613-50081-01 REV A boot system backup show boot Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 81 FILE MANAGEMENT COMMANDS COPY DEBUG copy debug Overview Syntax Mode Example This command copies a specified debug file to a destination file. Specify whether the destination is Flash or USB when saving the software to the local filesystem. copy debug {<destination-name>|debug|flash|nvs|scp|tftp|usb} {<source-name>|debug|flash|nvs|scp|tftp|usb} Parameter Description <destination-name> The filename and path where you would like the debug output saved. See Introduction on page 67 for valid syntax. <source-namee> The filename and path where the debug output originates. See Introduction on page 67 for valid syntax. Privileged Exec To copy debug output to a USB storage device with a filename my-debug, use the following command: awplus# copy debug usb:my-debug Output Figure 2-2: CLI prompt after entering the copy debug command Enter source file name []: Related Commands C613-50081-01 REV A delete debug move debug Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 82 FILE MANAGEMENT COMMANDS COPY RUNNING-CONFIG copy running-config Overview Syntax This command copies the running-config to a destination file, or copies a source file into the running-config. Commands entered in the running-config do not survive a device reboot unless they are saved in a configuration file. copy <source-name> running-config copy running-config [<destination-name>] copy running-config startup-config Mode Examples Parameter Description <source-name> The filename and path of a configuration file. This must be a valid configuration file with a . cfg filename extension. Specify this when you want the script in the file to become the new running-config. See Introduction on page 67 for valid syntax. <destination-name> The filename and path where you would like the current running-config saved. This command creates a file if no file exists with the specified filename. If a file already exists, then the CLI prompts you before overwriting the file. See Introduction on page 67 for valid syntax. If you do not specify a file name, the device saves the running-config to a file called default.cfg. startup-config Copies the running-config into the file set as the current startup-config file. Privileged Exec To copy the running-config into the startup-config, use the command: awplus# copy running-config startup-config To copy the file layer3.cfg into the running-config, use the command: awplus# copy layer3.cfg running-config To use SCP to copy the running-config as current.cfg to the remote server listening on TCP port 2000, use the command: awplus# copy running-config scp://user@server:2000/config_files/current.cfg Related Commands copy startup-config write file write memory C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 83 FILE MANAGEMENT COMMANDS COPY STARTUP-CONFIG copy startup-config Overview Syntax This command copies the startup-config script into a destination file, or alternatively copies a configuration script from a source file into the startup-config file. copy <source-name> startup-config copy startup-config <destination-name> Mode Examples Parameter Description <source-name> The filename and path of a configuration file. This must be a valid configuration file with a . cfg filename extension. Specify this to copy the script in the file into the startupconfig file. Note that this does not make the copied file the new startup file, so any further changes made in the configuration file are not added to the startup-config file unless you reuse this command. See Introduction on page 67 for valid syntax. <destination-name> The destination and filename that you are saving the startup- config as. This command creates a file if no file exists with the specified filename. If a file already exists, then the CLI prompts you before overwriting the file. See Introduction on page 67 for valid syntax. Privileged Exec To copy the file Layer3.cfg to the startup-config, use the command: awplus# copy Layer3.cfg startup-config To copy the startup-config as the file oldconfig.cfg in the current directory, use the command: awplus# copy startup-config oldconfig.cfg Related Commands C613-50081-01 REV A copy running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 84 FILE MANAGEMENT COMMANDS COPY ZMODEM copy zmodem Overview Syntax This command allows you to copy files using ZMODEM using Minicom. ZMODEM works over a serial connection and does not need any interfaces configured to do a file transfer. copy <source-name> zmodem copy zmodem Mode Example Parameter Description <source-name> The filename and path of the source file. See Introduction on page 67 for valid syntax. Privileged Exec To copy the local file asuka.key using ZMODEM, use the command: awplus# copy asuka.key zmodem Related Commands C613-50081-01 REV A copy (filename) show file systems Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 85 FILE MANAGEMENT COMMANDS CREATE AUTOBOOT create autoboot Overview Syntax Mode Example Use this command to create an autoboot.txt file on external media. This command will automatically ensure that the keys and values that are expected in this file are correct. After the file is created the create autoboot command will copy the current release and configuration files across to the external media. The external media is then available to restore a release file and/or a configuration file to the device. create autoboot [usb] Privileged Exec To create an autoboot.txt file on external media, use the command: awplus# create autoboot usb Related Commands autoboot enable show autoboot show boot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 86 FILE MANAGEMENT COMMANDS DELETE delete Overview Syntax Mode Examples This command deletes files or directories. delete [force] [recursive] <filename> Parameter Description force Ignore nonexistent filenames and never prompt before deletion. recursive Remove the contents of directories recursively. <filename> The filename and path of the file to delete. See Introduction on page 67 for valid syntax. Privileged Exec To delete the file temp.cfg from the current directory, use the command: awplus# delete temp.cfg To delete the read-only file one.cfg from the current directory, use the command: awplus# delete force one.cfg To delete the directory old_configs, which is not empty, use the command: awplus# delete recursive old_configs To delete the directory new_configs, which is not empty, without prompting if any read-only files are being deleted, use the command: awplus# delete force recursive new_configs Related Commands C613-50081-01 REV A erase startup-config rmdir Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 87 FILE MANAGEMENT COMMANDS DELETE DEBUG delete debug Overview Syntax Mode Example Use this command to delete a specified debug output file. delete debug <source-name> Parameter Description <source-name> The filename and path where the debug output originates. See Introduction on page 67 for valid URL syntax. Privileged Exec To delete debug output, use the following command: awplus# delete debug Output Figure 2-3: CLI prompt after entering the delete debug command Enter source file name []: Related Commands C613-50081-01 REV A copy debug move debug Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 88 FILE MANAGEMENT COMMANDS DIR dir Overview Syntax Mode Examples This command lists the files on a filesystem. If no directory or file is specified then this command lists the files in the current working directory. dir [all] [recursive] [sort [reverse] [name|size|time]] [<filename>|debug|flash|nvs|usb] Parameter Description all List all files. recursive List the contents of directories recursively. sort Sort directory listing. reverse Sort using reverse order. name Sort by name. size Sort by size. time Sort by modification time (default). <filename> The name of the directory or file. If no directory or file is specified, then this command lists the files in the current working directory. debug Debug root directory flash Flash memory root directory nvs NVS memory root directory usb USB storage device root directory Privileged Exec To list the files in the current working directory, use the command: awplus# dir To list the non-hidden files in the root of the Flash filesystem, use the command: awplus# dir flash To list all the files in the root of the Flash filesystem, use the command: awplus# dir all flash: To list recursively the files in the Flash filesystem, use the command: awplus# dir recursive flash: To list the files in alphabetical order, use the command: awplus# dir sort name C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 89 FILE MANAGEMENT COMMANDS DIR To list the files by size, smallest to largest, use the command: awplus# dir sort reverse size To sort the files by modification time, oldest to newest, use the command: awplus# dir sort reverse time Related Commands C613-50081-01 REV A cd pwd Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 90 FILE MANAGEMENT COMMANDS EDIT edit Overview This command opens a text file in the AlliedWare Plus™ text editor. Once opened you can use the editor to alter to the file. If a filename is specified and it already exists, then the editor opens it in the text editor. If no filename is specified, the editor prompts you for one when you exit it. Before starting the editor make sure your terminal, terminal emulation program, or Telnet client is 100% compatible with a VT100 terminal. The editor uses VT100 control sequences to display text on the terminal. For more information about using the editor, including control sequences, see the File Management Feature Overview and Configuration Guide. Syntax Mode Examples edit [<filename>] Parameter Description <filename> Name of a file in the local Flash filesystem. Privileged Exec To create and edit a new text file, use the command: awplus# edit To edit the existing configuration file myconfig.cfg stored on your device’s Flash memory, use the command: awplus# edit myconfig.cfg Related Commands C613-50081-01 REV A edit (filename) show file Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 91 FILE MANAGEMENT COMMANDS EDIT (FILENAME) edit (filename) Overview This command opens a remote text file as read-only in the AlliedWare Plus™ text editor. Before starting the editor make sure your terminal, terminal emulation program, or Telnet client is 100% compatible with a VT100 terminal. The editor uses VT100 control sequences to display text on the terminal. Syntax Mode Example edit <filename> Parameter Description <filename> The filename and path of the remote file. See Introduction on page 67 for valid syntax. Privileged Exec To view the file bob.key stored in the security directory of a TFTP server, use the command: awplus# edit tftp://security/bob.key Related Commands copy (filename) edit show file C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 92 FILE MANAGEMENT COMMANDS ERASE STARTUP-CONFIG erase startup-config Overview This command deletes the file that is set as the startup-config file, which is the configuration file that the system runs when it boots up. At the next restart, the device loads the default configuration file, default.cfg. If default.cfg no longer exists, then the device loads with the factory default configuration. This provides a mechanism for you to return the device to the factory default settings. Syntax Mode Example erase startup-config Privileged Exec To delete the file currently set as the startup-config, use the command: awplus# erase startup-config Related Commands boot config-file backup copy running-config copy startup-config show boot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 93 FILE MANAGEMENT COMMANDS IP TFTP SOURCE-INTERFACE ip tftp source-interface Overview Use this command to manually specify the IP address that all TFTP requests originate from. This is useful in network configurations where TFTP servers only accept requests from certain devices, or where the server cannot dynamically determine the source of the request. Use the no variant of this command to stop specifying a source. Syntax ip tftp source-interface [<interface>|<ip-add>] no ip tftp source-interface Default Parameter Description <interface> The VLAN that TFTP requests originate from. The device will use the IP address of this interface as its source IP address. <ip-add> The IP address that TFTP requests originate from, in dotted decimal format There is no default source specified. Mode Global Configuration Usage This command is helpful in network configurations where TFTP traffic needs to traverse point-to-point links or subnets within your network, and you do not want to propagate those point-to-point links through your routing tables. In those circumstances, the TFTP server cannot dynamically determine the source of the TFTP request, and therefore cannot send the requested data to the correct device. Specifying a source interface or address enables the TFTP server to send the data correctly. Example To specify that TFTP requests originate from the IP address 192.0.2.1, use the following commands: awplus# configure terminal awplus(config)# ip tftp source-interface 192.0.2.1 Related Commands C613-50081-01 REV A copy (filename) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 94 FILE MANAGEMENT COMMANDS IPV6 TFTP SOURCE-INTERFACE ipv6 tftp source-interface Overview Use this command to manually specify the IPv6 address that all TFTP requests originate from. This is useful in network configurations where TFTP servers only accept requests from certain devices, or where the server cannot dynamically determine the source of the request. Use the no variant of this command to stop specifying a source. Syntax ipv6 tftp source-interface [<interface>|<ipv6-add>] no ipv6 tftp source-interface Default Parameter Description <interface> The VLAN that TFTP requests originate from. The device will use the IPv6 address of this interface as its source IPv6 address. <ipv6-add> The IPv6 address that TFTP requests originate from, in the format x:x::x:x, for example, 2001:db8::8a2e:7334. There is no default source specified. Mode Global Configuration Usage This command is helpful in network configurations where TFTP traffic needs to traverse point-to-point links or subnets within your network, and you do not want to propagate those point-to-point links through your routing tables. In those circumstances, the TFTP server cannot dynamically determine the source of the TFTP request, and therefore cannot send the requested data to the correct device. Specifying a source interface or address enables the TFTP server to send the data correctly. Example To specify that TFTP requests originate from the IPv6 address 2001:db8::8a2e:7334, use the following commands: awplus# configure terminal awplus(config)# ipv6 tftp source-interface 2001:db8::8a2e:7334 Related Commands C613-50081-01 REV A copy (filename) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 95 FILE MANAGEMENT COMMANDS MKDIR mkdir Overview Syntax This command makes a new directory. mkdir <name> Parameter Description <name> The name and path of the directory that you are creating. Mode Privileged Exec Usage You cannot name a directory or subdirectory flash, nvs, usb, card, tftp, scp, sftp or http. These keywords are reserved for tab completion when using various file commands. Example To make a new directory called images in the current directory, use the command: awplus# mkdir images Related Commands cd dir pwd C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 96 FILE MANAGEMENT COMMANDS MOVE move Overview Syntax Mode Examples This command renames or moves a file. move <source-name> <destination-name> Parameter Description <source-name> The filename and path of the source file. See Introduction on page 67 for valid syntax. <destination-name> The filename and path of the destination file. See Introduction on page 67 for valid syntax. Privileged Exec To rename the file temp.cfg to startup.cfg, use the command: awplus# move temp.cfg startup.cfg To move the file temp.cfg from the root of the Flash filesystem to the directory myconfigs, use the command: awplus# move temp.cfg myconfigs/temp.cfg Related Commands delete edit show file show file systems C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 97 FILE MANAGEMENT COMMANDS MOVE DEBUG move debug Overview Syntax Mode Example This command moves a specified debug file to a destination debug file. move debug {<destination-name>|debug|flash|nvs|usb} {<source-name>|debug|flash|nvs|usb} Parameter Description <destination-name> The filename and path where you would like the debug output moved to. See Introduction on page 67 for valid syntax. <source-name> The filename and path where the debug output originates. See Introduction on page 67 for valid syntax. Privileged Exec To move debug output onto a USB storage device with a filename my-debug, use the following command: awplus# move debug usb:my-debug Output Figure 2-4: CLI prompt after entering the move debug command Enter source file name []: Related Commands C613-50081-01 REV A copy debug delete debug Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 98 FILE MANAGEMENT COMMANDS PWD pwd Overview Syntax Mode Example This command prints the current working directory. pwd Privileged Exec To print the current working directory, use the command: awplus# pwd Related Commands C613-50081-01 REV A cd Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 99 FILE MANAGEMENT COMMANDS RMDIR rmdir Overview Syntax Mode Examples This command removes a directory. This command only works on empty directories, unless you specify the optional force keyword. rmdir [force] <name> Parameter Description force Optional keyword that allows you to delete directories that are not empty and contain files or subdirectories. <name> The name and path of the directory. Privileged Exec To remove the directory images from the top level of the Flash filesystem, use the command: awplus# rmdir flash:/images To create a directory called level1 containing a subdirectory called level2, and then force the removal of both directories, use the commands: awplus# mkdir level1 awplus# mkdir level1/level2 awplus# rmdir force level1 Related Commands cd dir mkdir pwd C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 100 FILE MANAGEMENT COMMANDS SHOW AUTOBOOT show autoboot Overview Syntax Mode Example This command displays the Autoboot configuration and status. show autoboot Privileged Exec To show the Autoboot configuration and status, use the command: awplus# show autoboot Output Figure 2-5: Example output from the show autoboot command awplus#show autoboot Autoboot configuration -------------------------------------------------------------------------------- Autoboot status : enabled USB file autoboot.txt exists : yes Restore information on USB Autoboot enable in autoboot.txt : yes Restore release file : IE200-5.4.6I-0.1.rel (file exists) Restore configuration file : network_1.cfg (file exists) Figure 2-6: Example output from the show autoboot command when an external media source is not present awplus#show autoboot Autoboot configuration -------------------------------------------------------------------------------- Autoboot status : disabled External media source : media not found. Related Commands autoboot enable create autoboot show boot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 101 FILE MANAGEMENT COMMANDS SHOW BOOT show boot Overview Syntax Mode Example This command displays the current boot configuration. We recommend that the currently running release is set as the current boot image. show boot Privileged Exec To show the current boot configuration, use the command: awplus# show boot Output Figure 2-7: Example output from the show boot command when the current boot config is on a USB storage device awplus#show boot Boot configuration ---------------------------------------------------------------- Current software : IE200-5.4.6I-0.1.rel Current boot image : usb:/IE200-5.4.6I-0.1.rel Backup boot image : flash:/IE200-5.4.5I-2.1.rel Default boot config: flash:/default.cfg Current boot config: usb:/my.cfg (file exists) Backup boot config: flash:/backup.cfg (file not found) Autoboot status : enabled Table 1: Parameters in the output of the show boot command C613-50081-01 REV A Parameter Description Current software The current software release that the device is using. Current boot image The boot image currently configured for use during the next boot cycle. Backup boot image The boot image to use during the next boot cycle if the device cannot load the main image. Default boot config The default startup configuration file. The device loads this configuration script if no file is set as the startupconfig file. Current boot config The configuration file currently configured as the startup-config file. The device loads this configuration file during the next boot cycle if this file exists. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 102 FILE MANAGEMENT COMMANDS SHOW BOOT Table 1: Parameters in the output of the show boot command (cont.) Related Commands Parameter Description Backup boot config The configuration file to use during the next boot cycle if the main configuration file cannot be loaded. Autoboot status The status of the Autoboot feature; either enabled or disabled. autoboot enable boot config-file backup boot system backup show autoboot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 103 FILE MANAGEMENT COMMANDS SHOW FILE show file Overview Syntax Mode Example This command displays the contents of a specified file. show file <filename> Parameter Description <filename> Name of a file on the local Flash filesystem, or name and directory path of a file. Privileged Exec To display the contents of the file oldconfig.cfg, which is in the current directory, use the command: awplus# show file oldconfig.cfg Related Commands edit edit (filename) show file systems C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 104 FILE MANAGEMENT COMMANDS SHOW FILE SYSTEMS show file systems Overview Syntax Mode Examples This command lists the filesystems and their utilization information where appropriate. show file systems Privileged Exec To display the filesystems, use the command: awplus# show file systems Output Figure 2-8: Example output from the show file systems command awplus#show file systems Size(b) Free(b) Type Flags Prefixes S/D/V Lcl/Ntwk Avail ------------------------------------------------------------------- 63.0M 8.2M flash rw flash: static local Y system rw system: virtual local - 10.0M 9.9M debug rw debug: static local Y 499.0K 430.0K nvs rw nvs: static local Y usbstick rw usb: dynamic local N tftp rw tftp: network - scp rw scp: network - sftp ro sftp: network - http ro http: network - rsync rw rsync: network - Table 2: Parameters in the output of the show file systems command C613-50081-01 REV A Parameter Description Size (B) Available The total memory available to this filesystem. The units are given after the value and are M for Megabytes or k for kilobytes. Free (B) The total memory free within this filesystem. The units are given after the value and are M for Megabytes or k for kilobytes. Type The memory type used for this filesystem; one of: flash system nvs tftp scp sftp http. Flags The file setting options: rw (read write), ro (read only). Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 105 FILE MANAGEMENT COMMANDS SHOW FILE SYSTEMS Table 2: Parameters in the output of the show file systems command (cont.) Related Commands Parameter Description Prefixes The prefixes used when entering commands to access the filesystems; one of: flash system nvs tftp scp sftp http. S/V/D The memory type: static, virtual, dynamic. Lcl / Ntwk Whether the memory is located locally or via a network connection. Avail Whether the memory is accessible: Y (yes), N (no), - (not applicable) edit edit (filename) show file C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 106 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG show running-config Overview This command displays the current configuration of your device. Its output includes all non-default configuration. The default settings are not displayed. You can control the output in the following ways: • To display only lines that contain a particular word, enter the following parameters after the command: | include <word> • To start the display at the first line that contains a particular word, enter the following parameters after the command: | begin <word> • To save the output to a file, enter the following parameters after the command: > <filename> Syntax Mode Example show running-config Privileged Exec and Global Configuration To display the current configuration of your device, use the command: awplus# show running-config Output Figure 2-9: Example output from the show running-config command awplus#show running-config ! service password-encryption ! no banner motd ! username manager privilege 15 password 8 $1$bJoVec4D$JwOJGPr7YqoExA0GVasdE0 ! service telnet no service telnet ipv6 ! no clock timezone ! no snmp-server ipv6 ! ip domain-lookup ! ! spanning-tree mode rstp ! no ipv6 mld snooping ! C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 107 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG no spanning-tree rstp enable ! interface port1.0.1-1.0.6 switchport switchport mode access ! interface vlan1 shutdown ! line con 0 ! end Related Commands C613-50081-01 REV A copy running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 108 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG ACCESS-LIST show running-config access-list Overview Use this command to show the running system status and configuration details for access-list. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show running-config access-list Mode Privileged Exec and Global Configuration Example To display the running system status and configuration details for access-list, use the command: awplus# show running-config access-list Output Figure 2-10: Example output from the show running-config access-list command ! access-list abc remark annai access-list abc deny any access-list abd deny any ! Related Commands C613-50081-01 REV A copy running-config show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 109 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG DHCP show running-config dhcp Overview Syntax Mode Example Use this command to display the running configuration for DHCP server, DHCP snooping, and DHCP relay. show running-config dhcp Privileged Exec and Global Configuration To display to display the running configuration for DHCP server, DHCP snooping, and DHCP relay: awplus# show running-config dhcp Output Figure 2-11: Example output from the show running-config dhcp command awplus#show running-config dhcp no service dhcp-server ! service dhcp-snooping ! interface port1.0.1 ip dhcp snooping trust ! interface port1.0.3 ip dhcp snooping max-bindings 25 access-group dhcpsnooping interface port1.0.4 ip dhcp snooping max-bindings 25 access-group dhcpsnooping ! interface po1 ip dhcp snooping max-bindings 25 arp security violation log ! interface sa1 ip dhcp snooping max-bindings 25 access-group dhcpsnooping arp security violation log ! interface vlan100 ip dhcp snooping arp security ! interface vlan200 ip dhcp snooping arp security ! Related Commands C613-50081-01 REV A copy running-config show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 110 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG FULL show running-config full Overview Use this command to show the complete status and configuration of the running system. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show running-config full Privileged Exec and Global Configuration To display the complete status and configuration of the running system, use the command: awplus# show running-config full Output Figure 2-12: Example output from the show running-config full command awplus#show running-config full ! service password-encryption ! no banner motd ! username manager privilege 15 password 8 $1$bJoVec4D$JwOJGPr7YqoExA0GVasdE0 ! service telnet no service telnet ipv6 ! no clock timezone ! no snmp-server ipv6 ! ip domain-lookup ! ! spanning-tree mode rstp ! no ipv6 mld snooping ! C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 111 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG FULL no spanning-tree rstp enable ! interface port1.0.1-1.0.6 switchport switchport mode access ! interface vlan1 shutdown ! line con 0 ! end Related Commands C613-50081-01 REV A copy running-config show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 112 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG INTERFACE show running-config interface Overview Syntax This command displays the current configuration of one or more interfaces on the device. show running-config interface [<interface-list>] [dot1x|ip igmp|lacp|mstp|rstp|stp] Parameter Description <interface-list> The interfaces or ports to display information about. An interface-list can be: • an interface (e.g. vlan2), a device port (e.g. port1.0.4), a static channel group (e.g. sa2) or a dynamic (LACP) channel group (e.g. po2) • a continuous range of interfaces, ports, static channel groups or dynamic (LACP) channel groups separated by a hyphen, e.g. vlan2-8, or port1.0.1-1.0.4, or sa1-2, or po1-2 • a comma-separated list of the above, e.g. port1.0.1,port1.0.4-1.0.6. Do not mix interface types in a list The specified interfaces must exist. Mode Examples dot1x Displays running configuration for 802.1X port authentication for the specified interfaces. lacp Displays running configuration for LACP (Link Aggregation Control Protocol) for the specified interfaces. ip igmp Displays running configuration for IGMP (Internet Group Management Protocol) for the specified interfaces. ip multicast Displays running configuration for general multicast settings for the specified interfaces. mstp Displays running configuration for MSTP (Multiple Spanning Tree Protocol) for the specified interfaces. rstp Displays running configuration for RSTP (Rapid Spanning Tree Protocol) for the specified interfaces. stp Displays running configuration for STP (Spanning Tree Protocol) for the specified interfaces. Privileged Exec and Global Configuration To display the current running configuration of your device for ports 1 to 4, use the command: awplus# show running-config interface port1.0.1-port1.0.4 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 113 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG INTERFACE To display the current running configuration of a device for VLAN 1, use the command: awplus# show running-config interface vlan1 To display the current running configuration of a device for VLANs 1 and 3-5, use the command: awplus# show running-config interface vlan1,vlan3-vlan5 Output Figure 2-13: Example output from a show running-config interface port1.0.2 command awplus#sh running-config interface port1.0.2 ! interface port1.0.2 switchport switchport mode access ! Figure 2-14: Example output from the show running-config interface command awplus#sh running-config interface interface port1.0.1-1.0.6 switchport switchport mode access ! interface vlan1 ip address 192.168.1.1/24 ip rip authentication mode md5 ip rip authentication string mykey ip irdp ! interface vlan2 ip address 192.168.2.2/24 ip rip authentication mode md5 ip rip authentication key-chain cars ! Related Commands C613-50081-01 REV A copy running-config show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 114 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG IPV6 ACCESS-LIST show running-config ipv6 access-list Overview Use this command to show the running system status and configuration for IPv6 ACLs. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show running-config ipv6 access-list Privileged Exec and Global Configuration To display the running system status and configuration for IPv6 ACLs, use the command: awplus# show running-config ipv6 access-list Output Figure 2-15: Example output from the show running-config ipv6 access-list command ! ipv6 access-list abc permit any ! Related Commands C613-50081-01 REV A copy running-config show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 115 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG KEY CHAIN show running-config key chain Overview Syntax Mode Example Use this command to show the running system key-chain related configuration. show running-config key chain Privileged Exec and Global Configuration To display the running system key-chain related configuration, use the command: awplus# show running-config key chain Output Figure 2-16: Example output from the show running-config key chain command ! key chain 12 key 2 key-string 234 ! key chain 123 key 3 key-string 345 ! Related Commands C613-50081-01 REV A copy running-config show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 116 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG LLDP show running-config lldp Overview Syntax Mode Example This command shows the current running configuration of LLDP. show running-config lldp Privileged Exec and Global Configuration To display the current configuration of LLDP, use the command: awplus# show running-config lldp Output Figure 2-17: Example output from the show running-config lldp command awplus#show running-config lldp lldp notification-interval 10 lldp timer 20 ! interface port1.0.1 lldp notifications lldp tlv-select port-description lldp tlv-select system-name lldp tlv-select system-description lldp tlv-select management-address lldp transmit receive Related Commands C613-50081-01 REV A show lldp show lldp interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 117 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG POWER-INLINE show running-config power-inline Overview Use this command to show the Power over Ethernet (PoE) running system status and configuration details. The PoE usage-threshold percentage as specified by the power-inline usage-threshold command is displayed in the running-config using this command. Syntax show running-config power-inline Mode Privileged Exec and Global Configuration Example To display the PoE running system status and configuration details, use the command: awplus# show running-config power-inline Output Figure 2-18: Example output from the show running-config power-inline command ! power-inline usage-threshold 90 ! Related Commands C613-50081-01 REV A power-inline usage-threshold show power-inline Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 118 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG ROUTER-ID show running-config router-id Overview Syntax Mode Example Use this command to show the running system global router ID configuration. show running-config router-id Privileged Exec and Global Configuration To display the running system global router ID configuration, use the command: awplus# show running-config router-id Output Figure 2-19: Example output from the show running-config router-id command ! router-id 3.3.3.3 ! Related Commands C613-50081-01 REV A copy running-config show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 119 FILE MANAGEMENT COMMANDS SHOW RUNNING-CONFIG SECURITY-PASSWORD show running-config security-password Overview Syntax Mode Example This command displays the configuration settings for the various security-password rules. If a default parameter is used for a security-password rule, therefore disabling that rule, no output is displayed for that feature. show running-config security-password Privileged Exec and Global Configuration To display the current security-password rule settings in the running-config, use the command: awplus# show running-config security-password Output Figure 2-20: Example output from the show running-config security-password command security-password security-password security-password security-password security-password security-password Related Commands C613-50081-01 REV A minimum-length 8 minimum-categories 3 history 4 lifetime 30 warning 3 forced-change show security-password configuration show security-password user Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 120 FILE MANAGEMENT COMMANDS SHOW STARTUP-CONFIG show startup-config Overview This command displays the contents of the start-up configuration file, which is the file that the device runs on start-up. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show startup-config Privileged Exec To display the contents of the current start-up configuration file, use the command: awplus# show startup-config Output Figure 2-21: Example output from the show startup-config command awplus#show startup-config ! service password-encryption ! username manager privilege 15 password 8 $1$bJoVec4D$JwOJGPr7YqoExA0GVasdE0 ! no service ssh ! service telnet ! service http ! no clock timezone . . . line con 0 line vty 0 4 ! end Related Commands boot config-file backup copy running-config copy startup-config erase startup-config show boot C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 121 FILE MANAGEMENT COMMANDS SHOW VERSION show version Overview Syntax Mode Example This command displays the version number and copyright details of the current AlliedWare Plus™ OS your device is running. show version User Exec and Privileged Exec To display the version details of your currently installed software, use the command: awplus# show version Related Commands C613-50081-01 REV A boot system backup show boot Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 122 FILE MANAGEMENT COMMANDS WRITE FILE write file Overview This command copies the running-config into the file that is set as the current startup-config file. This command is a synonym of the write memory and copy running-config startup-config commands. Syntax write [file] Mode Privileged Exec Example To write configuration data to the start-up configuration file, use the command: awplus# write file Related Commands copy running-config write memory show running-config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 123 FILE MANAGEMENT COMMANDS WRITE MEMORY write memory Overview Syntax Mode Example This command copies the running-config into the file that is set as the current startup-config file. This command is a synonym of the write file and copy running-config startup-config commands. write [memory] Privileged Exec To write configuration data to the start-up configuration file, use the command: awplus# write memory Related Commands copy running-config write file show running-config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 124 FILE MANAGEMENT COMMANDS WRITE TERMINAL write terminal Overview Syntax Mode Example This command displays the current configuration of the device. This command is a synonym of the show running-config command. write terminal Privileged Exec To display the current configuration of your device, use the command: awplus# write terminal Related Commands C613-50081-01 REV A show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 125 3 User Access Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference of commands used to configure user access. • “clear line console” on page 128 • “clear line vty” on page 129 • “enable password” on page 130 • “enable secret” on page 133 • “exec-timeout” on page 136 • “flowcontrol hardware (asyn/console)” on page 138 • “length (asyn)” on page 140 • “line” on page 141 • “privilege level” on page 143 • “security-password history” on page 144 • “security-password forced-change” on page 145 • “security-password lifetime” on page 146 • “security-password minimum-categories” on page 147 • “security-password minimum-length” on page 148 • “security-password reject-expired-pwd” on page 149 • “security-password warning” on page 150 • “service advanced-vty” on page 151 • “service password-encryption” on page 152 • “service telnet” on page 153 • “service terminal-length (deleted)” on page 154 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 126 USER ACCESS COMMANDS C613-50081-01 REV A • “show privilege” on page 155 • “show security-password configuration” on page 156 • “show security-password user” on page 157 • “show telnet” on page 158 • “show users” on page 159 • “telnet” on page 160 • “telnet server” on page 161 • “terminal length” on page 162 • “terminal resize” on page 163 • “username” on page 164 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 127 USER ACCESS COMMANDS CLEAR LINE CONSOLE clear line console Overview Syntax Mode Example This command resets a console line. If a terminal session exists on the line then the terminal session is terminated. If console line settings have changed then the new settings are applied. clear line console 0 Privileged Exec To reset the console line (asyn), use the command: awplus# clear line console 0 awplus# % The new settings for console line 0 have been applied Related Commands clear line vty flowcontrol hardware (asyn/console) line show users C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 128 USER ACCESS COMMANDS CLEAR LINE VTY clear line vty Overview Syntax Mode Example This command resets a VTY line. If a session exists on the line then it is closed. clear line vty <0-32> Parameter Description <0-32> Line number Privileged Exec To reset the first vty line, use the command: awplus# clear line vty 1 Related Commands privilege level line show telnet show users C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 129 USER ACCESS COMMANDS ENABLE PASSWORD enable password Overview To set a local password to control access to various privilege levels, use the enable password Global Configuration command. Use the enable password command to modify or create a password to be used, and use the no enable password command to remove the password. Note that the enable secret command is an alias for the enable password command, and the no enable secret command is an alias for the no enable password command. Issuing a no enable password command removes a password configured with the enable secret command. The enable password command is shown in the running and startup configurations. Note that if the enable secret command is entered then enable password is shown in the configuration. Syntax enable password [<plain>|8 <hidden>|level <1-15> 8 <hidden>] no enable password [level <1-15>] Default Parameter Description <plain> Specifies the unencrypted password. 8 Specifies a hidden password will follow. <hidden> Specifies the hidden encrypted password. Use an encrypted password for better security where a password crosses the network or is stored on a TFTP server. level Privilege level <1-15>. Level for which the password applies. You can specify up to 16 privilege levels, using numbers 1 through 15. Level 1 is normal EXEC-mode user privileges for User Exec mode. If this argument is not specified in the command or the no variant of the command, the privilege level defaults to 15 (enable mode privileges) for Privileged Exec mode. A privilege level of 7 can be set for intermediate CLI security. The privilege level for enable password is level 15 by default. Previously the default was level 1. Mode Global Configuration Usage This command enables the Network Administrator to set a password for entering the Privileged Exec mode when using the enable (Privileged Exec mode) command. There are three methods to enable a password. In the examples below, for each method, note that the configuration is different and the configuration file output is different, but the password string to be used to enter the Privileged Exec mode with the enable command is the same (mypasswd). A user can now have an intermediate CLI security level set with this command for privilege level 7 to access all the show commands in Privileged Exec mode and all the commands in User Exec mode, but not any configuration commands in Privileged Exec mode. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 130 USER ACCESS COMMANDS ENABLE PASSWORD Note that the enable password command is an alias for the enable secret command and one password per privilege level is allowed using these commands. Do not assign one password to a privilege level with enable password and another password to a privilege level with enable secret. Use enable password or enable secret commands. Do not use both on the same level. Using plain passwords The plain password is a clear text string that appears in the configuration file as configured. awplus# configure terminal awplus(config)# enable password mypasswd awplus(config)# end This results in the following show output: awplus#show run Current configuration: hostname awplus enable password mypasswd ! interface lo Using encrypted passwords You can configure an encrypted password using the service password-encryption command. First, use the enable password command to specify the string that you want to use as a password (mypasswd). Then, use the service password-encryption command to encrypt the specified string (mypasswd). The advantage of using an encrypted password is that the configuration file does not show mypasswd, it will only show the encrypted string fU7zHzuutY2SA. awplus# configure terminal awplus(config)# enable password mypasswd awplus(config)# service password-encryption awplus(config)# end This results in the following show output: awplus#show run Current configuration: hostname awplus enable password 8 fU7zHzuutY2SA service password-encryption ! interface lo Using hidden passwords C613-50081-01 REV A You can configure an encrypted password using the HIDDEN parameter (8) with the enable password command. Use this method if you already know the encrypted string corresponding to the plain text string that you want to use as a password. It is not required to use the service password-encryption command for Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 131 USER ACCESS COMMANDS ENABLE PASSWORD this method. The output in the configuration file will show only the encrypted string, and not the text string. awplus# configure terminal awplus(config)# enable password 8 fU7zHzuutY2SA awplus(config)# end This results in the following show output: awplus#show run Current configuration: hostname awplus enable password 8 fU7zHzuutY2SA ! interface lo Related Commands enable (Privileged Exec mode) enable secret service password-encryption privilege level show privilege username show running-config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 132 USER ACCESS COMMANDS ENABLE SECRET enable secret Overview To set a local password to control access to various privilege levels, use the enable secret Global Configuration command. Use the enable secret command to modify or create a password to be used, and use the no enable secret command to remove the password. Note that the enable secret command is an alias for the enable password command, and the no enable secret command is an alias for the no enable password command. Issuing a no enable password command removes a password configured with the enable secret command. The enable password command is shown in the running and startup configurations. Note that if the enable secret command is entered then enable password is shown in the configuration Syntax enable secret [<plain>|8 <hidden>|level <0-15> 8 <hidden>] no enable secret [level <1-15>] Default Parameter Description <plain> Specifies the unencrypted password. 8 Specifies a hidden password will follow. <hidden> Specifies the hidden encrypted password. Use an encrypted password for better security where a password crosses the network or is stored on a TFTP server. level Privilege level <1-15>. Level for which the password applies. You can specify up to 16 privilege levels, using numbers 1 through 15. Level 1 is normal EXEC-mode user privileges for User Exec mode. If this argument is not specified in the command or the no variant of the command, the privilege level defaults to 15 (enable mode privileges) for Privileged Exec mode. A privilege level of 7 can be set for intermediate CLI security. The privilege level for enable secret is level 15 by default. Mode Global Configuration Usage This command enables the Network Administrator to set a password for entering the Privileged Exec mode when using the enable (Privileged Exec mode) command. There are three methods to enable a password. In the examples below, for each method, note that the configuration is different and the configuration file output is different, but the password string to be used to enter the Privileged Exec mode with the enable command is the same (mypasswd). A user can have an intermediate CLI security level set with this command for privilege level 7 to access all the show commands in Privileged Exec mode and all the commands in User Exec mode, but not any configuration commands in Privileged Exec mode. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 133 USER ACCESS COMMANDS ENABLE SECRET Note that the enable secret command is an alias for the enable password command and one password per privilege level is allowed using these commands. Do not assign one password to a privilege level with enable password and another password to a privilege level with enable secret. Use enable password or enable secret commands. Do not use both on the same level. Using plain passwords The plain password is a clear text string that appears in the configuration file as configured. awplus# configure terminal awplus(config)# enable secret mypasswd awplus(config)# end This results in the following show output: awplus#show run Current configuration: hostname awplus enable password mypasswd ! interface lo Using encrypted passwords Configure an encrypted password using the service password-encryption command. First, use the enable password command to specify the string that you want to use as a password (mypasswd). Then, use the service password-encryption command to encrypt the specified string (mypasswd). The advantage of using an encrypted password is that the configuration file does not show mypasswd, it will only show the encrypted string fU7zHzuutY2SA. awplus# configure terminal awplus(config)# enable secret mypasswd awplus(config)# service password-encryption awplus(config)# end This results in the following show output: awplus#show run Current configuration: hostname awplus enable password 8 fU7zHzuutY2SA service password-encryption ! interface lo Using hidden passwords C613-50081-01 REV A Configure an encrypted password using the HIDDEN parameter (8) with the enable password command. Use this method if you already know the encrypted string corresponding to the plain text string that you want to use as a password. It is not required to use the service password-encryption command for this method. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 134 USER ACCESS COMMANDS ENABLE SECRET The output in the configuration file will show only the encrypted string, and not the text string: awplus# configure terminal awplus(config)# enable secret 8 fU7zHzuutY2SA awplus(config)# end This results in the following show output: awplus#show run Current configuration: hostname awplus enable password 8 fU7zHzuutY2SA ! interface lo Related Commands enable (Privileged Exec mode) enable secret service password-encryption privilege level show privilege username show running-config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 135 USER ACCESS COMMANDS EXEC-TIMEOUT exec-timeout Overview This command sets the interval your device waits for user input from either a console or VTY connection. Once the timeout interval is reached, the connection is dropped. This command sets the time limit when the console or VTY connection automatically logs off after no activity. The no variant of this command removes a specified timeout and resets to the default timeout (10 minutes). Syntax exec-timeout {<minutes>} [<seconds>] no exec-timeout Default Parameter Description <minutes> <0-35791> Required integer timeout value in minutes <seconds> <0-2147483> Optional integer timeout value in seconds The default for the exec-timeout command is 10 minutes and 0 seconds (exec-timeout 10 0). Mode Line Configuration Usage This command is used set the time the telnet session waits for an idle VTY session, before it times out. An exec-timeout 0 0 setting will cause the telnet session to wait indefinitely. The command exec-timeout 0 0 is useful while configuring a device, but reduces device security. If no input is detected during the interval then the current connection resumes. If no connections exist then the terminal returns to an idle state and disconnects incoming sessions. Examples To set VTY connections to timeout after 2 minutes, 30 seconds if there is no response from the user, use the following commands: awplus# configure terminal awplus(config)# line vty 0 32 awplus(config-line)# exec-timeout 2 30 To reset the console connection to the default timeout of 10 minutes 0 seconds if there is no response from the user, use the following commands: awplus# configure terminal awplus(config)# line console 0 awplus(config-line)# no exec-timeout Validation Commands C613-50081-01 REV A show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 136 USER ACCESS COMMANDS EXEC-TIMEOUT Related Commands C613-50081-01 REV A line service telnet Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 137 USER ACCESS COMMANDS FLOWCONTROL HARDWARE (ASYN/CONSOLE) flowcontrol hardware (asyn/console) Overview Syntax Use this command to enable RTS/CTS (Ready To Send/Clear To Send) hardware flow control on a terminal console line (asyn port) between the DTE (Data Terminal Equipment) and the DCE (Data Communications Equipment). flowcontrol hardware no flowcontrol hardware Mode Default Usage Line Configuration Hardware flow control is disabled by default. Hardware flow control makes use of the RTS and CTS control signals between the DTE and DCE where the rate of transmitted data is faster than the rate of received data. Flow control is a technique for ensuring that a transmitting entity does not overwhelm a receiving entity with data. When the buffers on the receiving device are full, a message is sent to the sending device to suspend the transmission until the data in the buffers has been processed. Hardware flow control can be configured on terminal console lines (e.g. asyn0). For Reverse Telnet connections, hardware flow control must be configured to match on both the Access Server and the Remote Device. For terminal console sessions, hardware flow control must be configured to match on both the DTE and the DCE. Settings are saved in the running configuration. Changes are applied after reboot, clear line console, or after closing the session. Use show running-config and show startup-config commands to view hardware flow control settings that take effect after reboot for a terminal console line. See the show running-config command output: awplus#show running-config ! line con 1 speed 9600 mode out 2001 flowcontrol hardware ! Note that line configuration commands do not take effect immediately. Line configuration commands take effect after one of the following commands or events: C613-50081-01 REV A • issuing a clear line console command • issuing a reboot command • logging out of the current session Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 138 USER ACCESS COMMANDS FLOWCONTROL HARDWARE (ASYN/CONSOLE) Examples To enable hardware flow control on terminal console line asyn0, use the commands: awplus# configure terminal awplus(config)# line console 0 awplus(config-line)# flowcontrol hardware To disable hardware flow control on terminal console line asyn0, use the commands: awplus# configure terminal awplus(config)# line console 0 awplus(config-line)# no flowcontrol hardware Related Commands clear line console show running-config speed (asyn) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 139 USER ACCESS COMMANDS LENGTH (ASYN) length (asyn) Overview Use this command to specify the number of rows of output that the device will display before pausing, for the console or VTY line that you are configuring. The no variant of this command restores the length of a line (terminal session) attached to a console port or to a VTY to its default length of 22 rows. Syntax length <0-512> no length Mode Parameter Description <0-512> Number of lines on screen. Specify 0 for no pausing. Line Configuration Default The length of a terminal session is 22 rows. The no length command restores the default. Usage If the output from a command is longer than the length of the line the output will be paused and the ‘–More–’ prompt allows you to move to the next screen full of data. A length of 0 will turn off pausing and data will be displayed to the console as long as there is data to display. Examples To set the terminal session length on the console to 10 rows, use the command: awplus# configure terminal awplus(config)# line console 0 awplus(config-line)# length 10 To reset the terminal session length on the console to the default (22 rows), use the command: awplus# configure terminal awplus(config)# line console 0 awplus(config-line)# no length To display output to the console continuously, use the command: awplus# configure terminal awplus(config)# line console 0 awplus(config-line)# length 0 Related Commands C613-50081-01 REV A terminal resize terminal length Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 140 USER ACCESS COMMANDS LINE line Overview Syntax Use this command to enter line configuration mode for the specified VTYs or the console. The command prompt changes to show that the device is in Line Configuration mode. line vty <first-line> [<last-line>] Parameter Description <first-line> <0-32> Specify the first line number. <last-line> <0-32> Specify the last line number. console The console terminal line(s) for local access. vty Virtual terminal for remote console access. Mode Global Configuration Usage In Line Configuration mode, you can configure console and virtual terminal settings, including setting speed (asyn), length (asyn), privilege level, and authentication (login authentication) or accounting (accounting login) method lists. To change the console (asyn) port speed, use this line command to enter Line Configuration mode before using the speed (asyn) command. Set the console speed (Baud rate) to match the transmission rate of the device connected to the console (asyn) port on your device. Note that line configuration commands do not take effect immediately. Line configuration commands take effect after one of the following commands or events: Examples • issuing a clear line console command • issuing a reboot command • logging out of the current session To enter Line Configuration mode in order to configure all VTYs, use the commands: awplus# configure terminal awplus(config)# line vty 0 32 awplus(config-line)# To enter Line Configuration mode to configure the console (asyn 0) port terminal line, use the commands: awplus# configure terminal awplus(config)# line console 0 awplus(config-line)# C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 141 USER ACCESS COMMANDS LINE Related Commands accounting login clear line console clear line vty flowcontrol hardware (asyn/console) length (asyn) login authentication privilege level speed (asyn) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 142 USER ACCESS COMMANDS PRIVILEGE LEVEL privilege level Overview Syntax This command sets a privilege level for VTY or console connections. The configured privilege level from this command overrides a specific user’s initial privilege level at the console login. privilege level <1-15> Mode Line Configuration Usage You can set an intermediate CLI security level for a console user with this command by applying privilege level 7 to access all show commands in Privileged Exec and all User Exec commands. However, intermediate CLI security will not show configuration commands in Privileged Exec. Examples To set the console connection to have the maximum privilege level, use the following commands: awplus# configure terminal awplus(config)# line console 0 awplus(config-line)# privilege level 15 To set all vty connections to have the minimum privilege level, use the following commands: awplus# configure terminal awplus(config)# line vty 0 5 awplus(config-line)# privilege level 1 To set all vty connections to have an intermediate CLI security level, to access all show commands, use the following commands: awplus# configure terminal awplus(config)# line vty 0 5 awplus(config-line)# privilege level 7 Related Commands enable password line show privilege username C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 143 USER ACCESS COMMANDS SECURITY-PASSWORD HISTORY security-password history Overview This command specifies the number of previous passwords that are unable to be reused. A new password is invalid if it matches a password retained in the password history. The no security-password history command disables the security password history functionality. Syntax security-password history <0-15> no security-password history Default Mode Examples Parameter Description <0-15> The allowable range of previous passwords to match against. A value of 0 will disable the history functionality and is equivalent to the no security-password history command. If the history functionality is disabled, all users’ password history is reset and all password history is lost. The default history value is 0, which will disable the history functionality. Global Configuration To restrict reuse of the three most recent passwords, use the command: awplus# configure terminal awplus(config)# security-password history 3 To allow the reuse of recent passwords, use the command: awplus# configure terminal awplus(config)# no security-password history Validation Commands show running-config security-password Related Commands security-password forced-change show security-password configuration security-password lifetime security-password minimum-categories security-password minimum-length security-password reject-expired-pwd security-password warning C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 144 USER ACCESS COMMANDS SECURITY-PASSWORD FORCED-CHANGE security-password forced-change Overview This command specifies whether or not a user is forced to change an expired password at the next login. If this feature is enabled, users whose passwords have expired are forced to change to a password that must comply with the current password security rules at the next login. Note that to use this command, the lifetime feature must be enabled with the security-password lifetime command and the reject-expired-pwd feature must be disabled with the security-password reject-expired-pwd command. The no security-password forced-change command disables the forced-change feature. Syntax security-password forced-change no security-password forced-change Default Mode Example The forced-change feature is disabled by default. Global Configuration To force a user to change their expired password at the next login, use the command: awplus# configure terminal awplus(config)# security-password forced-change Validation Commands show running-config security-password Related Commands security-password history show security-password configuration security-password lifetime security-password minimum-categories security-password minimum-length security-password reject-expired-pwd security-password warning C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 145 USER ACCESS COMMANDS SECURITY-PASSWORD LIFETIME security-password lifetime Overview This command enables password expiry by specifying a password lifetime in days. Note that when the password lifetime feature is disabled, it also disables the security-password forced-change command and the security-password warning command. The no security-password lifetime command disables the password lifetime feature. Syntax security-password lifetime <0-1000> no security-password lifetime Default Mode Example Parameter Description <0-1000> Password lifetime specified in days. A value of 0 will disable lifetime functionality and the password will never expire. This is equivalent to the no security-password lifetime command. The default password lifetime is 0, which will disable the lifetime functionality. Global Configuration To configure the password lifetime to 10 days, use the command: awplus# configure terminal awplus(config)# security-password lifetime 10 Validation Commands show running-config security-password Related Commands security-password history show security-password configuration security-password forced-change security-password minimum-categories security-password minimum-length security-password reject-expired-pwd security-password warning show security-password user C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 146 USER ACCESS COMMANDS SECURITY-PASSWORD MINIMUM-CATEGORIES security-password minimum-categories Overview This command specifies the minimum number of categories that the password must contain in order to be considered valid. The password categories are: • uppercase letters: A to Z • lowercase letters: a to z • digits: 0 to 9 • special symbols: all printable ASCII characters not included in the previous three categories. The question mark (?) cannot be used as it is reserved for help functionality. Note that to ensure password security, the minimum number of categories should align with the lifetime selected, i.e. the fewer categories specified the shorter the lifetime specified. Syntax Default Mode Example security-password minimum-categories <1-4> Parameter Description <1-4> Number of categories the password must satisfy, in the range 1 to 4. The default number of categories that the password must satisfy is 1. Global Configuration To configure the required minimum number of character categories to be 3, use the command: awplus# configure terminal awplus(config)# security-password minimum-categories 3 Validation Commands show running-config security-password Related Commands security-password history show security-password configuration security-password forced-change security-password lifetime security-password minimum-length security-password reject-expired-pwd security-password warning username C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 147 USER ACCESS COMMANDS SECURITY-PASSWORD MINIMUM-LENGTH security-password minimum-length Overview Syntax Default Mode Example This command specifies the minimum allowable password length. This value is checked against when there is a password change or a user account is created. security-password minimum-length <1-23> Parameter Description <1-23> Minimum password length in the range from 1 to 23. The default minimum password length is 1. Global Configuration To configure the required minimum password length as 8, use the command: awplus# configure terminal awplus(config)# security-password minimum-length 8 Validation Commands show running-config security-password Related Commands security-password history show security-password configuration security-password forced-change security-password lifetime security-password minimum-categories security-password reject-expired-pwd security-password warning username C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 148 USER ACCESS COMMANDS SECURITY-PASSWORD REJECT-EXPIRED-PWD security-password reject-expired-pwd Overview This command specifies whether or not a user is allowed to login with an expired password. Users with expired passwords are rejected at login if this functionality is enabled. Users then have to contact the Network Administrator to change their password. CAUTION: Once all users’ passwords are expired you are unable to login to the device again if the security-password reject-expired-pwd command has been executed. You will have to reboot the device with a default configuration file, or load an earlier software version that does not have the security password feature. We recommend you never have the command line “security-password reject-expired-pwd” in a default config file. Note that when the reject-expired-pwd functionality is disabled and a user logs on with an expired password, if the forced-change feature is enabled with security-password forced-change command, a user may have to change the password during login depending on the password lifetime specified by the security-password lifetime command. The no security-password reject-expired-pwd command disables the reject-expired-pwd feature. Syntax security-password reject-expired-pwd no security-password reject-expired-pwd Default Mode Example The reject-expired-pwd feature is disabled by default. Global Configuration To configure the system to reject users with an expired password, use the command: awplus# configure terminal awplus(config)# security-password reject-expired-pwd Validation Commands show running-config security-password Related Commands security-password history show security-password configuration security-password forced-change security-password lifetime security-password minimum-categories security-password minimum-length security-password warning show security-password user C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 149 USER ACCESS COMMANDS SECURITY-PASSWORD WARNING security-password warning Overview This command specifies the number of days before the password expires that the user will receive a warning message specifying the remaining lifetime of the password. Note that the warning period cannot be set unless the lifetime feature is enabled with the security-password lifetime command. The no security-password warning command disables this feature. Syntax security-password warning <0-1000> no security-password warning Default Mode Example Parameter Description <0-1000> Warning period in the range from 0 to 1000 days. A value 0 disables the warning functionality and no warning message is displayed for expiring passwords. This is equivalent to the no security-password warning command. The warning period must be less than, or equal to, the password lifetime set with the security-password lifetime command. The default warning period is 0, which disables warning functionality. Global Configuration To configure a warning period of three days, use the command: awplus# configure terminal awplus(config)# security-password warning 3 Validation Commands show running-config security-password Related Commands security-password history show security-password configuration security-password forced-change security-password lifetime security-password minimum-categories security-password minimum-length security-password reject-expired-pwd C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 150 USER ACCESS COMMANDS SERVICE ADVANCED-VTY service advanced-vty Overview This command enables the advanced-vty help feature. This allows you to use TAB completion for commands. Where multiple options are possible, the help feature displays the possible options. The no service advanced-vty command disables the advanced-vty help feature. Syntax service advanced-vty no service advanced-vty Default Mode Examples The advanced-vty help feature is enabled by default. Global Configuration To disable the advanced-vty help feature, use the command: awplus# configure terminal awplus(config)# no service advanced-vty To re-enable the advanced-vty help feature after it has been disabled, use the following commands: awplus# configure terminal awplus(config)# service advanced-vty C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 151 USER ACCESS COMMANDS SERVICE PASSWORD-ENCRYPTION service password-encryption Overview Use this command to enable password encryption. This is enabled by default. When password encryption is enabled, the device displays passwords in the running config in encrypted form instead of in plain text. Use the no service password-encryption command to stop the device from displaying newly-entered passwords in encrypted form. This does not change the display of existing passwords. Syntax service password-encryption no service password-encryption Mode Example Global Configuration awplus# configure terminal awplus(config)# service password-encryption Validation Commands show running-config Related Commands enable password C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 152 USER ACCESS COMMANDS SERVICE TELNET service telnet Overview Use this command to enable the telnet server. The server is enabled by default. Enabling the telnet server starts the device listening for incoming telnet sessions on the configured port. The server listens on port 23, unless you have changed the port by using the privilege level command. Use the no variant of this command to disable the telnet server. Disabling the telnet server will stop the device listening for new incoming telnet sessions. However, existing telnet sessions will still be active. Syntax service telnet [ip|ipv6] no service telnet [ip|ipv6] Default The IPv4 and IPv6 telnet servers are enabled by default. The configured telnet port is TCP port 23 by default. Mode Examples Global Configuration To enable both the IPv4 and IPv6 telnet servers, use the following commands: awplus# configure terminal awplus(config)# service telnet To enable the IPv6 telnet server only, use the following commands: awplus# configure terminal awplus(config)# service telnet ipv6 To disable both the IPv4 and IPv6 telnet servers, use the following commands: awplus# configure terminal awplus(config)# no service telnet To disable the IPv6 telnet server only, use the following commands: awplus# configure terminal awplus(config)# no service telnet ipv6 Related Commands clear line vty show telnet telnet server C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 153 USER ACCESS COMMANDS SERVICE TERMINAL-LENGTH (DELETED) service terminal-length (deleted) Overview C613-50081-01 REV A This command has been deleted in Software Version 5.4.5-0.1 and later. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 154 USER ACCESS COMMANDS SHOW PRIVILEGE show privilege Overview Syntax This command displays the current user privilege level, which can be any privilege level in the range <1-15>. Privilege levels <1-6> allow limited user access (all User Exec commands), privilege levels <7-14> allow restricted user access (all User Exec commands plus Privileged Exec show commands). Privilege level 15 gives full user access to all Privileged Exec commands. show privilege Mode User Exec and Privileged Exec Usage A user can have an intermediate CLI security level set with this command for privilege levels <7-14> to access all show commands in Privileged Exec mode and all commands in User Exec mode, but no configuration commands in Privileged Exec mode. Example To show the current privilege level of the user, use the command: awplus# show privilege Output Figure 3-1: Example output from the show privilege command awplus#show privilege Current privilege level is 15 awplus#disable awplus>show privilege Current privilege level is 1 Related Commands C613-50081-01 REV A privilege level Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 155 USER ACCESS COMMANDS SHOW SECURITY-PASSWORD CONFIGURATION show security-password configuration Overview Syntax Mode Example This command displays the configuration settings for the various security password rules. show security-password configuration Privileged Exec To display the current security-password rule configuration settings, use the command: awplus# show security-password configuration Output Figure 3-2: Example output from the show security-password configuration command Security Password Configuration Minimum password length ............................ Minimum password character categories to match ..... Number of previously used passwords to restrict..... Password lifetime .................................. Warning period before password expires ........... Reject expired password at login ................... Force changing expired password at login ......... Related Commands C613-50081-01 REV A 8 3 4 30 day(s) 3 day(s) Disabled Enabled show running-config security-password show security-password user Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 156 USER ACCESS COMMANDS SHOW SECURITY-PASSWORD USER show security-password user Overview Syntax Mode Example This command displays user account and password information for all users. show security-password user Privileged Exec To display the system users’ remaining lifetime or last password change, use the command: awplus# show security-password user Output Figure 3-3: Example output from the show security-password user command User account and password information UserName Privilege Last-PWD-Change Remaining-lifetime ---------------------------------------------------------------- manager 15 4625 day(s) ago No Expiry bob15 15 0 day(s) ago 30 days ted7 7 0 day(s) ago No Expiry mike1 1 0 day(s) ago No Expiry Related Commands C613-50081-01 REV A show running-config security-password show security-password configuration Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 157 USER ACCESS COMMANDS SHOW TELNET show telnet Overview Syntax Mode Example This command shows the Telnet server settings. show telnet User Exec and Privileged Exec To show the Telnet server settings, use the command: awplus# show telnet Output Figure 3-4: Example output from the show telnet command Telnet Server Configuration ------------------------------------------------------------ Telnet server : Enabled Protocol : IPv4,IPv6 Port : 23 Related Commands clear line vty service telnet show users telnet server C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 158 USER ACCESS COMMANDS SHOW USERS show users Overview Syntax Mode Example This command shows information about the users who are currently logged into the device. show users User Exec and Privileged Exec To show the users currently connected to the device, use the command: awplus# show users Output Line con 0 vty 0 Figure 3-5: User manager bob Example output from the show users command Host(s) idle idle Idle 00:00:00 00:00:03 Location ttyS0 172.16.11.3 Priv Idletime Timeout 15 10 N/A 1 0 5 Table 1: Parameters in the output of the show users command C613-50081-01 REV A Parameter Description Line Console port user is connected to. User Login name of user. Host(s) Status of the host the user is connected to. Idle How long the host has been idle. Location URL location of user. Priv The privilege level in the range 1 to 15, with 15 being the highest. Idletime The time interval the device waits for user input from either a console or VTY connection. Timeout The time interval before a server is considered unreachable. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 159 USER ACCESS COMMANDS TELNET telnet Overview Syntax Mode Examples Use this command to open a telnet session to a remote device. telnet {<hostname>|[ip] <ipv4-addr>|[ipv6] <ipv6-addr>} [<port>] Parameter Description <hostname> The host name of the remote system. ip Keyword used to specify the IPv4 address or host name of a remote system. <ipv4-addr> An IPv4 address of the remote system. ipv6 Keyword used to specify the IPv6 address of a remote system <ipv6-addr> Placeholder for an IPv6 address in the format x:x::x:x, for example, 2001:db8::8a2e:7334 <port> Specify a TCP port number (well known ports are in the range 11023, registered ports are 1024-49151, and private ports are 4915265535). User Exec and Privileged Exec To connect to TCP port 2602 on the device at 10.2.2.2, use the command: awplus# telnet 10.2.2.2 2602 To connect to the telnet server host.example, use the command: awplus# telnet host.example To connect to the telnet server host.example on TCP port 100, use the command: awplus# telnet host.example 100 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 160 USER ACCESS COMMANDS TELNET SERVER telnet server Overview Syntax Mode Example This command enables the telnet server on the specified TCP port. If the server is already enabled then it will be restarted on the new port. Changing the port number does not affect the port used by existing sessions. telnet server {<1-65535>|default} Parameter Description <1-65535> The TCP port to listen on. default Use the default TCP port number 23. Global Configuration To enable the telnet server on TCP port 2323, use the following commands: awplus# configure terminal awplus(config)# telnet server 2323 Related Commands C613-50081-01 REV A show telnet Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 161 USER ACCESS COMMANDS TERMINAL LENGTH terminal length Overview Use the terminal length command to specify the number of rows of output that the device will display before pausing, for the currently-active terminal only. Use the terminal no length command to remove the length specified by this command. The default length will apply unless you have changed the length for some or all lines by using the length (asyn) command. Syntax terminal length <length> terminal no length [<length>] Mode Examples Parameter Description <length> <0-512> Number of rows that the device will display on the currently-active terminal before pausing. User Exec and Privileged Exec The following example sets the number of lines to 15: awplus# terminal length 15 The following example removes terminal length set previously: awplus# terminal no length Related Commands C613-50081-01 REV A terminal resize length (asyn) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 162 USER ACCESS COMMANDS TERMINAL RESIZE terminal resize Overview Syntax Use this command to automatically adjust the number of rows of output on the console, which the device will display before pausing, to the number of rows configured on the user’s terminal. terminal resize Mode User Exec and Privileged Exec Usage When the user’s terminal size is changed, then a remote session via SSH or TELNET adjusts the terminal size automatically. However, this cannot normally be done automatically for a serial or console port. This command automatically adjusts the terminal size for a serial or console port. Examples The following example automatically adjusts the number of rows shown on the console: awplus# terminal resize Related Commands C613-50081-01 REV A length (asyn) terminal length Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 163 USER ACCESS COMMANDS USERNAME username Overview This command creates or modifies a user to assign a privilege level and a password. NOTE: The default username privilege level of 1 is not shown in running-config output. Any username privilege level that has been modified from the default is shown. Syntax username <name> privilege <0-15> [password [8] <password>] username <name> password [8] <password> no username <name> Parameter Description <name> The login name for the user. Do not use punctuation marks such as single quotes (‘ ‘), double quotes (“ “), or colons ( : ) with the user login name. privilege The user’s privilege level. Use the privilege levels to set the access rights for each user. <0-15> password A privilege level: either 0 (no access), 1-14 (limited access) or 15 (full access). A user with privilege level 1-14 can only access higher privilege levels if an enable password has been configured for the level the user tries to access and the user enters that password. A user at privilege level 1 can access the majority of show commands. A user at privilege level 7 can access the majority of show commands including platform show commands. Privilege Level 15 (to access the Privileged Exec command mode) is required to access configuration commands as well as show commands in Privileged Exec. A password that the user must enter when logging in. 8 Specifies that you are entering a password as a string that has already been encrypted, instead of entering a plain-text password. The running-config displays the new password as an encrypted string even if password encryption is turned off. Note that the user enters the plain-text version of the password when logging in. <password> The user’s password. The password can be up to 23 characters in length and include characters from up to four categories. The password categories are: • uppercase letters: A to Z • lowercase letters: a to z • digits: 0 to 9 • special symbols: all printable ASCII characters not included in the previous three categories. The question mark ? cannot be used as it is reserved for help functionality. Mode Default C613-50081-01 REV A Global Configuration The privilege level is 1 by default. Note the default is not shown in running-config output. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 164 USER ACCESS COMMANDS USERNAME Usage An intermediate CLI security level (privilege level 7 to privilege level 14) allows a CLI user access to the majority of show commands, including the platform show commands that are available at privilege level 1 to privilege level 6). Note that some show commands, such as show running-configuration and show startup-configuration, are only available at privilege level 15. A privilege level of 0 can be set for port authentication purposes from a RADIUS server. Examples To create the user bob with a privilege level of 15, for all show commands including show running-configuration and show startup-configuration and to access configuration commands in Privileged Exec command mode, and the password bobs_secret, use the commands: awplus# configure terminal awplus(config)# username bob privilege 15 password bobs_secret To create a user junior_admin with a privilege level of 7, for intermediate CLI security level access for most show commands, and the password show_only, use the commands: awplus# configure terminal awplus(config)# username junior_admin privilege 7 password show_only Related Commands enable password security-password minimum-categories security-password minimum-length C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 165 4 GUI Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference of commands used to configure the GUI. For more information, see the Getting Started with Alliedware Plus • “service http” on page 167 • “show http” on page 168 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 166 GUI COMMANDS SERVICE HTTP service http Overview Use this command to enable the HTTP (Hypertext Transfer Protocol) service. This service, which is enabled by default, is required to support the AlliedWare Plus™ GUI Java applet on a Java enabled browser. Use the no variant of this command to disable the HTTP feature. Syntax service http no service http Default Enabled Mode Global Configuration Validation Commands show running-config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 167 GUI COMMANDS SHOW HTTP show http Overview Syntax Mode Example This command shows the HTTP server settings. show http User Exec and Privileged Exec To show the HTTP server settings, use the command: awplus# show http Output Figure 4-1: Example output from the show http command awplus#show http HTTP Server Configuration ------------------------------------------------------------ HTTP server : Enabled Port : 80 Web GUI Information ------------------------------------------------------------ GUI file in use : webguiGUI version: : 3.1 Related Commands C613-50081-01 REV A clear line vty service http Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 168 5 System Configuration and Monitoring Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference of commands for configuring and monitoring the system. • “banner exec” on page 171 • “banner login (system)” on page 173 • “banner motd” on page 175 • “clock set” on page 177 • “clock summer-time date” on page 178 • “clock summer-time recurring” on page 180 • “clock timezone” on page 182 • “continuous-reboot-prevention” on page 183 • “ecofriendly led” on page 185 • “findme” on page 186 • “findme trigger” on page 188 • “hostname” on page 189 • “no debug all” on page 191 • “reboot” on page 192 • “reload” on page 193 • “show clock” on page 194 • “show continuous-reboot-prevention” on page 196 • “show cpu” on page 197 • “show cpu history” on page 200 • “show debugging” on page 202 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 169 SYSTEM CONFIGURATION AND MONITORING COMMANDS C613-50081-01 REV A • “show ecofriendly” on page 203 • “show interface memory” on page 204 • “show memory” on page 206 • “show memory allocations” on page 208 • “show memory history” on page 210 • “show memory pools” on page 211 • “show memory shared” on page 212 • “show process” on page 213 • “show reboot history” on page 215 • “show router-id” on page 216 • “show system” on page 217 • “show system environment” on page 218 • “show system interrupts” on page 219 • “show system mac” on page 220 • “show system serialnumber” on page 221 • “show tech-support” on page 222 • “speed (asyn)” on page 224 • “system territory (deprecated)” on page 226 • “terminal monitor” on page 227 • “undebug all” on page 228 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 170 SYSTEM CONFIGURATION AND MONITORING COMMANDS BANNER EXEC banner exec Overview Syntax This command configures the User Exec mode banner that is displayed on the console after you login. The banner exec default command restores the User Exec banner to the default banner. Use the no banner exec command to disable the User Exec banner and remove the default User Exec banner. banner exec <banner-text> banner exec default no banner exec Default By default, the AlliedWare Plus™ version and build date is displayed at console login, such as: AlliedWare Plus (TM) 5.4.6-0 06/06/14 00:44:25 Mode Examples Global Configuration To configure a User Exec mode banner after login, enter the following commands: awplus#configure terminal awplus(config)#banner exec enable to move to Priv Exec mode awplus(config)#exit awplus#exit awplus login: manager Password: enable to move to Priv Exec mode awplus> To restore the default User Exec mode banner after login, enter the following commands: C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 171 SYSTEM CONFIGURATION AND MONITORING COMMANDS BANNER EXEC awplus#configure terminal awplus(config)#banner exec default awplus(config)#exit awplus#exit awplus login: manager Password: AlliedWare Plus (TM) 5.4.6-0 06/06/14 13:03:59 awplus> To remove the User Exec mode banner after login, enter the following commands: awplus#configure terminal awplus(config)#no banner exec awplus(config)#exit awplus#exit awplus login: manager Password: awplus> Related Commands C613-50081-01 REV A banner login (system) banner motd Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 172 SYSTEM CONFIGURATION AND MONITORING COMMANDS BANNER LOGIN (SYSTEM) banner login (system) Overview This command configures the login banner that is displayed on the console when you login. The login banner is displayed on all connected terminals. The login banner is displayed after the MOTD (Message-of-the-Day) banner and before the login username and password prompts. Use the no banner login command to disable the login banner. Syntax banner login no banner login Default Mode Examples By default, no login banner is displayed at console login. Global Configuration To configure a login banner to be displayed when you login, enter the following commands: awplus#configure terminal awplus(config)#banner login Type CNTL/D to finish. authorised users only awplus(config)#exit awplus#exit authorised users only awplus login: manager Password: AlliedWare Plus (TM) 5.4.6-0 06/06/14 13:03:59 awplus> To remove the login banner, enter the following commands: C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 173 SYSTEM CONFIGURATION AND MONITORING COMMANDS BANNER LOGIN (SYSTEM) awplus#configure terminal awplus(config)#no banner login awplus(config)#exit awplus#exit awplus login: manager Password: awplus> Related Commands C613-50081-01 REV A banner exec banner motd Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 174 SYSTEM CONFIGURATION AND MONITORING COMMANDS BANNER MOTD banner motd Overview Use this command to create or edit the text MotD (Message-of-the-Day) banner displayed before login. The MotD banner is displayed on all connected terminals. The MotD banner is useful for sending messages that affect all network users, for example, any imminent system shutdowns. Use the no variant of this command to delete the MotD banner. Syntax banner motd <motd-text> no banner motd Default Mode Examples Parameter Description <motd-text> The text to appear in the Message of the Day banner. By default, the device displays the AlliedWare Plus™ OS version and build date when you login. Global Configuration To configure a MotD banner to be displayed when you log in, enter the following commands: awplus>enable awplus#configure terminal awplus(config)#banner motd system shutdown at 6pm awplus(config)#exit awplus#exit system shutdown at 6pm awplus login: manager Password: AlliedWare Plus (TM) 5.4.6-0 06/06/14 13:03:59 To delete the login banner, enter the following commands: C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 175 SYSTEM CONFIGURATION AND MONITORING COMMANDS BANNER MOTD awplus>enable awplus#configure terminal awplus(config)#no banner motd awplus(config)#exit awplus#exit awplus login: manager Password: AlliedWare Plus (TM) 5.4.6-0 06/06/14 13:03:59 awplus> Related Commands C613-50081-01 REV A banner exec banner login (system) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 176 SYSTEM CONFIGURATION AND MONITORING COMMANDS CLOCK SET clock set Overview Syntax This command sets the time and date for the system clock. clock set <hh:mm:ss> <day> <month> <year> Parameter Description <hh:mm:ss> Local time in 24-hour format <day> Day of the current month <1-31> <month> The first three letters of the current month. <year> Current year <2000-2035> Mode Privileged Exec Usage Configure the timezone before setting the local time. Otherwise, when you change the timezone, the device applies the new offset to the local time. NOTE: If Network Time Protocol (NTP) is enabled, then you cannot change the time or date using this command. NTP maintains the clock automatically using an external time source. If you wish to manually alter the time or date, you must first disable NTP. Example To set the time and date on your system to 2pm on the 2nd of April 2007, use the command: awplus# clock set 14:00:00 2 apr 2007 Related Commands C613-50081-01 REV A clock timezone Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 177 SYSTEM CONFIGURATION AND MONITORING COMMANDS CLOCK SUMMER-TIME DATE clock summer-time date Overview This command defines the start and end of summertime for a specific year only, and specifies summertime’s offset value to Standard Time for that year. The no variant of this command removes the device’s summertime setting. This clears both specific summertime dates and recurring dates (set with the clock summer-time recurring command). By default, the device has no summertime definitions set. Syntax clock summer-time <timezone-name> date <start-day> <start-month> <start-year> <start-time> <end-day> <end-month> <end-year> <end-time> <1-180> no clock summer-time Mode Examples Parameter Description <timezone-name> A description of the summertime zone, up to 6 characters long. date Specifies that this is a date-based summertime setting for just the specified year. <start-day> Day that the summertime starts, in the range 1-31. <start-month> First three letters of the name of the month that the summertime starts. <start-year> Year that summertime starts, in the range 2000-2035. <start-time> Time of the day that summertime starts, in the 24-hour time format HH:MM. <end-day> Day that summertime ends, in the range 1-31. <end-month> First three letters of the name of the month that the summertime ends. <end-year> Year that summertime ends, in the range 2000-2035. <end-time> Time of the day that summertime ends, in the 24-hour time format HH:MM. <1-180> The offset in minutes. Global Configuration To set a summertime definition for New Zealand using NZST (UTC+12:00) as the standard time, and NZDT (UTC+13:00) as summertime, with the summertime set to begin on the 1st October 2007 and end on the 18th of March 2008: awplus(config)# clock summer-time NZDT date 1 oct 2:00 2007 18 mar 2:00 2008 60 To remove any summertime settings on the system, use the command: awplus(config)# no clock summer-time C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 178 SYSTEM CONFIGURATION AND MONITORING COMMANDS CLOCK SUMMER-TIME DATE Related Commands C613-50081-01 REV A clock summer-time recurring clock timezone Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 179 SYSTEM CONFIGURATION AND MONITORING COMMANDS CLOCK SUMMER-TIME RECURRING clock summer-time recurring Overview This command defines the start and end of summertime for every year, and specifies summertime’s offset value to Standard Time. The no variant of this command removes the device’s summertime setting. This clears both specific summertime dates (set with the clock summer-time date command) and recurring dates. By default, the device has no summertime definitions set. Syntax clock summer-time <timezone-name> recurring <start-week> <start-day> <start-month> <start-time> <end-week> <end-day> <end-month> <end-time> <1-180> no clock summer-time C613-50081-01 REV A Parameter Description <timezonename> A description of the summertime zone, up to 6 characters long. recurring Specifies that this summertime setting applies every year from now on. <start-week> Week of the month when summertime starts, in the range 1-5. The value 5 indicates the last week that has the specified day in it for the specified month. For example, to start summertime on the last Sunday of the month, enter 5 for <start-week> and sun for <start-day>. <start-day> Day of the week when summertime starts. Valid values are mon, tue, wed, thu, fri, sat or sun. <start-month> First three letters of the name of the month that summertime starts. <start-time> Time of the day that summertime starts, in the 24-hour time format HH:MM. <end-week> Week of the month when summertime ends, in the range 1-5. The value 5 indicates the last week that has the specified day in it for the specified month. For example, to end summertime on the last Sunday of the month, enter 5 for <end-week> and sun for <endday>. <end-day> Day of the week when summertime ends. Valid values are mon, tue, wed, thu, fri, sat or sun. <end-month> First three letters of the name of the month that summertime ends. <end-time> Time of the day that summertime ends, in the 24-hour time format HH:MM. <1-180> The offset in minutes. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 180 SYSTEM CONFIGURATION AND MONITORING COMMANDS CLOCK SUMMER-TIME RECURRING Mode Examples Global Configuration To set a summertime definition for New Zealand using NZST (UTC+12:00) as the standard time, and NZDT (UTC+13:00) as summertime, with summertime set to start on the 1st Sunday in October, and end on the 3rd Sunday in March, use the command: awplus(config)# clock summer-time NZDT recurring 1 sun oct 2:00 3 sun mar 2:00 60 To remove any summertime settings on the system, use the command: awplus(config)# no clock summer-time Related Commands C613-50081-01 REV A clock summer-time date clock timezone Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 181 SYSTEM CONFIGURATION AND MONITORING COMMANDS CLOCK TIMEZONE clock timezone Overview This command defines the device’s clock timezone. The timezone is set as a offset to the UTC. The no variant of this command resets the system time to UTC. By default, the system time is set to UTC. Syntax clock timezone <timezone-name> {minus|plus} [<0-13>|<0-12>:<00-59>] no clock timezone Parameter Description <timezone-name> A description of the timezone, up to 6 characters long. minus orplus The direction of offset from UTC. The minus option indicates that the timezone is behind UTC. The plus option indicates that the timezone is ahead of UTC. <0-13> The offset in hours or from UTC. <0-12>:<00-59> The offset in hours or from UTC. Mode Global Configuration Usage Configure the timezone before setting the local time. Otherwise, when you change the timezone, the device applies the new offset to the local time. Examples To set the timezone to New Zealand Standard Time with an offset from UTC of +12 hours, use the command: awplus(config)# clock timezone NZST plus 12 To set the timezone to Indian Standard Time with an offset from UTC of +5:30 hours, use the command: awplus(config)# clock timezone IST plus 5:30 To set the timezone back to UTC with no offsets, use the command: awplus(config)# no clock timezone Related Commands clock set clock summer-time date clock summer-time recurring C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 182 SYSTEM CONFIGURATION AND MONITORING COMMANDS CONTINUOUS-REBOOT-PREVENTION continuous-reboot-prevention Overview Use this command to enable and to configure the continuous reboot prevention feature. Continuous reboot prevention allows the user to configure the time period during which reboot events are counted, the maximum number of times the switch can reboot within the specified time period, referred to as the threshold, and the action to take if the threshold is exceeded. This command is available with Software Version 5.4.3A-1.x and later. Use the no variant of this command to disable the continuous reboot prevention feature or to return the period, threshold and action parameters to the defaults. Syntax continuous-reboot-prevention enable continuous-reboot-prevention [period <0-604800>] [threshold <1-10>] [action [linkdown|logonly|stopreboot]] no continuous-reboot-prevention enable no continuous-reboot-prevention [period] [threshold] [action]} Parameter Description enable Enable the continuous reboot prevention feature. period Set the period of time in which reboot events are counted. <0-604800> threshold Set the maximum number of reboot events allowed in the specified period. <1-10> action Default Period value in seconds. The default is 600. Threshold value. The default is 1. Set the action taken if the threshold is exceeded. linkdown Reboot procedure continues and all switch ports and stack ports stay link-down. The reboot event is logged. This is the default action. logonly Reboot procedure continues normally and the reboot event is logged. stopreboot Reboot procedure stops until the user enters the key ”c” via the CLI. Normal reboot procedure then continues and the reboot event is logged. Continuous reboot prevention is disabled by default. The default period value is 600, the default threshold value is 1 and the default action is linkdown. Mode Global Configuration Usage Note that user initiated reboots via the CLI, and software version auto-synchronization reboots, are not counted toward the threshold value. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 183 SYSTEM CONFIGURATION AND MONITORING COMMANDS CONTINUOUS-REBOOT-PREVENTION Examples To enable continuous reboot prevention, use the commands: awplus# configure terminal awplus(config)# continuous-reboot-prevention enable To set the period to 500 and action to stopreboot, use the commands: awplus# configure terminal awplus(config)# continuous-reboot-prevention period 500 action stopreboot To return the period and action to the defaults and keep the continuous reboot prevention feature enabled, use the commands: awplus# configure terminal awplus(config)# no continuous-reboot-prevention period action To disable continuous reboot prevention, use the commands: awplus# configure terminal awplus(config)# no continuous-reboot-prevention enable Related Commands show continuous-reboot-prevention show reboot history show tech-support C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 184 SYSTEM CONFIGURATION AND MONITORING COMMANDS ECOFRIENDLY LED ecofriendly led Overview Use this command to enable the eco-friendly LED (Light Emitting Diode) feature, which turns off power to the port LEDs. Power to the system status LED is not disabled. Use the no variant of this command to disable the eco-friendly LED feature. Syntax ecofriendly led no ecofriendly led Default The eco-friendly LED feature is disabled by default. Mode Global Configuration Usage When the eco-friendly LED feature is enabled, a change in port status will not affect the display of the associated LED. When the eco-friendly LED feature is disabled and power is returned to port LEDs, the LEDs will correctly show the current state of the ports. For an example of how to configure a trigger to turn off power to port LEDs, see the Triggers Feature Overview and Configuration Guide. Examples To enable the eco-friendly LED feature which turns off power to all port LEDs, use the following commands: awplus# configure terminal awplus(config)# ecofriendly led To disable the eco-friendly LED feature, use the following command: awplus# configure terminal awplus(config)# no ecofriendly led C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 185 SYSTEM CONFIGURATION AND MONITORING COMMANDS FINDME findme Overview Use this command to physically locate a specific device from a group of similar devices. Activating the command causes a selected number of port LEDs to alternately flash green then amber (if that device has amber LEDs) at a rate of 1 Hz. Use the no variant of this command to deactivate the Find Me feature prior to the timeout expiring. Syntax findme [interface <port-list>] [timeout <duration>] no findme Parameter Description <port-list> The ports to flash. The port list can be: • a switch port, e.g. port1.0.4 • a continuous range of ports separated by a hyphen, e.g. port1.0.1-1.0.4 • a comma-separated list of ports and port ranges, e.g. port1.0.1,port1.0.5-1.0.6. <duration> Default Specify the duration in seconds within the range of 5-3600 seconds. By default all port LEDs flash for 60 seconds. Mode Privileged Exec Usage Running the findme command causes the device’s port LEDs to flash. An optional timeout parameter specifies the flash behavior duration. Normal LED behavior is restored automatically after either the default time, or a specified time has elapsed, or a no findme command is used. You can specify which interface or interfaces are flashed with the optional interface parameter. Example To activate the Find Me feature for the default duration (60 seconds) on all ports, use the following command: awplus# findme To activate the Find Me feature for 120 seconds on all ports, use the following command: awplus# findme timeout 120 To activate the Find Me feature for the default duration (60 seconds) on switch port interfaces port1.0.2 through port1.0.4, use the following command: awplus# findme interface port1.0.2-1.0.4 In the example above, ports 2 to 4 will flash 4 times and then all ports will flash twice. Each alternate flash will be amber (if that device has amber LEDs). This pattern will repeat until timeout (default or set) or no findme commands are used. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 186 SYSTEM CONFIGURATION AND MONITORING COMMANDS FINDME To deactivate the Find Me feature, use the following command: awplus# no findme C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 187 SYSTEM CONFIGURATION AND MONITORING COMMANDS FINDME TRIGGER findme trigger Overview When this command is enabled, the LED flashing functionality of the find-me command is applied whenever any or all of the selected parameter conditions is detected. Use the no variant to remove the findme trigger function for the selected parameter. Syntax findme trigger {all|loopprot|thrash-limit|qsp} no findme trigger {all|loopprot|thrash-limit|qsp} Default Mode Example Parameter Description all Enable the find-me function whenever any of the listed parameter conditions is detected loopprot Enable the findme function whenever the loop protection condition is detected. thrash-limit Enable the findme function whenever the thrash-limiting condition is detected. qsp Enable the findme function whenever the QoS Storm Protection condition is detected. The findme trigger function is disabled. Global config To enable action LED flashing for the loop protection function: awplus# findme trigger loopprot Related Commands C613-50081-01 REV A findme loop-protection loop-detect Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 188 SYSTEM CONFIGURATION AND MONITORING COMMANDS HOSTNAME hostname Overview This command sets the name applied to the device as shown at the prompt. The hostname is: • displayed in the output of the show system command • displayed in the CLI prompt so you know which device you are configuring • stored in the MIB object sysName Use the no variant of this command to revert the hostname setting to its default (awplus). Syntax hostname <hostname> no hostname [<hostname>] Default Parameter Description <hostname> Specifies the name given to a specific device. Also referred to as the Node Name in AMF output screens. awplus Mode Global Configuration Usage The name must also follow the rules for ARPANET host names. The name must start with a letter, end with a letter or digit, and use only letters, digits, and hyphens. Refer to RFC 1035. NOTE: Within an AMF network, any device without a hostname applied will automatically be assigned a name based on its MAC address. To efficiently manage your network using AMF, we strongly advise that you devise a naming convention for your network devices and accordingly apply an appropriate hostname to each device. Example To set the system name to HQ-Sales, use the command: awplus# configure terminal awplus(config)# hostname HQ-Sales This changes the prompt to: HQ-Sales(config)# To revert to the default hostname awplus, use the command: HQ-Sales(config)# no hostname This changes the prompt to: awplus(config)# C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 189 SYSTEM CONFIGURATION AND MONITORING COMMANDS HOSTNAME NOTE: When AMF is configured, running the no hostname command will apply a hostname that is based on the MAC address of the device node, for example, node_0000_5e00_5301. Related Commands C613-50081-01 REV A show system Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 190 SYSTEM CONFIGURATION AND MONITORING COMMANDS NO DEBUG ALL no debug all Overview This command disables the debugging facility for all features on your device. This stops the device from generating any diagnostic debugging messages. The debugging facility is disabled by default. Syntax Mode Example no debug all [ipv6|dot1x|nsm] Parameter Description dot1x Turns off all debugging for IEEE 802.1X port-based network accesscontrol. ipv6 Turns off all debugging for IPv6 (Internet Protocol version 6). nsm Turns off all debugging for the NSM (Network Services Module). Global Configuration and Privileged Exec To disable debugging for all features, use the command: awplus# no debug all To disable all 802.1X debugging, use the command: awplus# no debug all dot1x To disable all IPv6 debugging, use the command: awplus# no debug all ipv6 To disable all NSM debugging, use the command: awplus# no debug all nsm Related Commands C613-50081-01 REV A undebug all Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 191 SYSTEM CONFIGURATION AND MONITORING COMMANDS REBOOT reboot Overview Syntax This command halts the device and performs a cold restart (also known as reload). It displays a confirmation request before restarting. reboot reload Mode Privileged Exec Usage The reboot and reload commands perform the same action. Examples To restart the device, use the command: awplus# reboot reboot system? (y/n): y C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 192 SYSTEM CONFIGURATION AND MONITORING COMMANDS RELOAD reload Overview C613-50081-01 REV A This command performs the same function as the reboot command. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 193 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CLOCK show clock Overview Syntax Mode Example This command displays the system’s current configured local time and date. It also displays other clock related information such as timezone and summertime configuration. show clock User Exec and Privileged Exec To display the system’s current local time, use the command: awplus# show clock Output Figure 5-1: Example output from the show clock command for a device using New Zealand time Local Time: Mon, 6 Aug 2007 13:56:06 +1200 UTC Time: Mon, 6 Aug 2007 01:56:06 +0000 Timezone: NZST Timezone Offset: +12:00 Summer time zone: NZDT Summer time starts: Last Sunday in September at 02:00:00 Summer time ends: First Sunday in April at 02:00:00 Summer time offset: 60 mins Summer time recurring: Yes Table 1: Parameters in the output of the show clock command C613-50081-01 REV A Parameter Description Local Time Current local time. UTC Time Current UTC time. Timezone The current configured timezone name. Timezone Offset Number of hours offset to UTC. Summer time zone The current configured summertime zone name. Summer time starts Date and time set as the start of summer time. Summer time ends Date and time set as the end of summer time. Summer time offset Number of minutes that summer time is offset from the system’s timezone. Summer time recurring Whether the device will apply the summer time settings every year or only once. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 194 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CLOCK Related Commands clock set clock summer-time date clock summer-time recurring clock timezone C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 195 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CONTINUOUS-REBOOT-PREVENTION show continuous-reboot-prevention Overview Syntax Mode Examples This command displays the current continuous reboot prevention configuration. show continuous-reboot-prevention User Exec and Privileged Exec To show the current continuous reboot prevention configuration, use the command: awplus# show continuous-reboot-prevention Output Figure 5-2: Example output from the show continuous-reboot-prevention command --------------------------------------------- Continuous reboot prevention --------------------------------------------- status=disabled period=600 threshold=1 action=linkdown --------------------------------------------- Related Commands C613-50081-01 REV A continuous-reboot-prevention show reboot history Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 196 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CPU show cpu Overview This command displays a list of running processes with their CPU utilization. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Examples show cpu [sort {thrds|pri|sleep|runtime}] Parameter Description sort Changes the sorting order using the following fields. If you do not specify a field, then the list is sorted by percentage CPU utilization. thrds Sort by the number of threads. pri Sort by the process priority. sleep Sort by the average time sleeping. runtime Sort by the runtime of the process. User Exec and Privileged Exec To show the CPU utilization of current processes, sorting them by the number of threads the processes are using, use the command: awplus# show cpu sort thrds C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 197 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CPU Output Figure 5-3: Example output from the show cpu command awplus#show cpu CPU averages: 1 second: 0%, 20 seconds: 0%, 60 seconds: 0% System load averages: 1 minute: 0.16, 5 minutes: 0.13, 15 minutes: 0.13 Current CPU load: userspace: 2%, kernel: 6%, interrupts: 0% iowaits: 0% user processes ============== pid name thrds cpu% pri state sleep% runtime 763 hostd 1 2.9 20 run 0 128 803 diag_monitor 1 0.4 20 sleep 0 3292 768 hsl 14 0.4 20 sleep 0 3912 1 init 1 0.0 20 sleep 0 686 478 rtccludge 1 0.0 20 sleep 0 9 504 portmap 1 0.0 20 sleep 0 2 17555 sh 1 0.0 20 sleep 0 1 17556 console_log_ale 1 0.0 20 sleep 0 1 515 syslog-ng 1 0.0 20 sleep 0 153 521 dbus-daemon 1 0.0 20 sleep 0 2 532 automount 1 0.0 20 sleep 0 453 571 appmond 1 0.0 20 sleep 0 41 587 crond 1 0.0 20 sleep 0 17 589 openhpid 9 0.0 20 sleep 0 284 609 inetd 1 0.0 20 sleep 0 2 761 nsm 1 0.0 20 sleep 0 260 765 imi 1 0.0 20 sleep 0 616 799 almond 1 0.0 20 sleep 0 52 805 cntrd 1 0.0 20 sleep 0 45 807 poehw 3 0.0 20 sleep 0 207 820 authd 1 0.0 20 sleep 0 76 ... kernel threads ============== pid name cpu% pri state sleep% runtime 144 aio 0.0 0 sleep 0 0 95 bdi-default 0.0 20 sleep 0 0 149 crypto 0.0 0 sleep 0 0 474 flush-31:4 0.0 20 sleep 0 1 143 fsnotify_mark 0.0 20 sleep 0 0 426 jffs2_gcd_mtd0 0.0 30 sleep 0 353 96 kblockd 0.0 0 sleep 0 0 12 khelper 0.0 0 sleep 0 0 105 khubd 0.0 20 sleep 0 0 3 ksoftirqd/0 0.0 20 sleep 0 0 142 kswapd0 0.0 20 sleep 0 0 2 kthreadd 0.0 20 sleep 0 0 4 kworker/0:0 0.0 20 sleep 0 29 6 linkwatch 0.0 0 sleep 0 0 466 loop0 0.0 0 sleep 0 801 7 migration/0 0.0 -100 sleep 0 0 244 mtdblock0 0.0 20 sleep 0 5 93 sync_supers 0.0 20 sleep 0 1 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 198 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CPU Table 2: Parameters in the output of the show cpu command Related Commands Parameter Description CPU averages Average CPU utilization for the periods stated. System load averages The average number of processes waiting for CPU time for the periods stated. Current CPU load Current CPU utilization specified by load types. pid Identifier number of the process. name A shortened name for the process thrds Number of threads in the process. cpu% Percentage of CPU utilization that this process is consuming. pri Process priority state. state Process state; one of “run”, “sleep”, “zombie”, and “dead”. sleep% Percentage of time that the process is in the sleep state. runtime The time that the process has been running for, measured in jiffies. A jiffy is the duration of one tick of the system timer interrupt. show memory show memory allocations show memory history show memory pools show process C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 199 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CPU HISTORY show cpu history Overview This command prints a graph showing the historical CPU utilization. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show cpu history Mode User Exec and Privileged Exec Usage This command’s output displays three graphs of the percentage CPU utilization: Examples • per second for the last minute, then • per minute for the last hour, then • per 30 minutes for the last 30 hours. To display a graph showing the historical CPU utilization of the device, use the command: awplus# show cpu history Output Figure 5-4: Example output from the show cpu history command Per second CPU load history 100 90 80 70 60 50 40 30 20 10 ************************************************************ |....|....|....|....|....|....|....|....|....|....|....|.... Oldest Newest CPU load% per second (last 60 seconds) * = average CPU load% C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 200 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CPU HISTORY Per minute CPU load history 100 *+ 90 + 80 70 60 50 40 30 20 + + 10 **************************************************** |....|....|....|....|....|....|....|....|....|....|....|.... Oldest Newest CPU load% per minute (last 60 minutes) * = average CPU load%, + = maximum Per (30) minute CPU load history 100 + 90 80 70 60 50 40 30 20 10 ** |....|....|....|....|....|....|....|....|....|....|....|.... Oldest Newest CPU load% per 30 minutes (last 60 values / 30 hours) * = average, - = minimum, + = maximum Related Commands show memory show memory allocations show memory pools show process C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 201 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW DEBUGGING show debugging Overview This command displays information for all debugging options. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show debugging Default This command runs all the show debugging commands in alphabetical order. Mode User Exec and Privileged Exec Usage This command displays all debugging information, similar to the way the show tech-support command displays all show output for use by Allied Telesis authorized service personnel only. Example To display all debugging information, use the command: awplus# show debugging Output Figure 5-5: Example output from the show debugging command awplus#show debugging AAA debugging status: Authentication debugging is off Accounting debugging is off % DHCP Snooping service is disabled 802.1X debugging status: EPSR debugging status: EPSR Info debugging is off EPSR Message debugging is off EPSR Packet debugging is off EPSR State debugging is off IGMP Debugging status: IGMP Decoder debugging is off IGMP Encoder debugging is off ... C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 202 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW ECOFRIENDLY show ecofriendly Overview Syntax Mode Example This command displays the switch’s eco-friendly configuration status. The ecofriendly led configuration status are shown in the show ecofriendly output. show ecofriendly Privileged Exec and Global Configuration To display the switch’s eco-friendly configuration status, use the following command: awplus# show ecofriendly Output Figure 5-6: Example output from the show ecofriendly command awplus#show ecofriendly Front panel port LEDs Energy efficient ethernet Port Name port1.0.1 Port 1 port1.0.2 port1.0.3 port1.0.4 Port 4 port1.0.5 ... normal Configured off off off off off Status - off - - - Table 3: Parameters in the output of the show ecofriendly command C613-50081-01 REV A Parameter Description normal The eco-friendly LED feature is disabled and port LEDs show the current state of the ports. This is the default setting. off The eco-friendly LED feature is enabled and power to the port LEDs is disabled. Port Displays the port number as assigned by the switch. Name Displays the port name if a name is configured for a port number. Configured Because LPI is not supported, this entry always shows “off” or a dash (-). Status Because LPI is not supported, this entry always shows “off” or a dash (-). Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 203 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW INTERFACE MEMORY show interface memory Overview This command displays the shared memory used by either all interfaces, or the specified interface or interfaces. The output is useful for diagnostic purposes by Allied Telesis authorized service personnel. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show interface memory show interface <port-list> memory Parameter Description <port-list> The ports to display information about. The port list can be: • a switch port (e.g. port1.0.4) a static channel group (e.g. sa2) or a dynamic (LACP) channel group (e.g. po2) • a continuous range of ports separated by a hyphen, e.g. port1.0.1-1.0.4, or sa1-2, or po1-2 • a comma-separated list of ports and port ranges, e.g. port1.0.1,port1.0.4-1.0.6. Do not mix switch ports, static channel groups, and dynamic (LACP) channel groups in the same list Mode Example User Exec and Privileged Exec To display the shared memory used by all interfaces, use the command: awplus# show interface memory To display the shared memory used by port1.0.1 and port1.0.5 to port1.0.6, use the command: awplus# show interface port1.0.1,port1.0.5-1.0.6 memory Output Figure 5-7: Example output from the show interface <port-list> memory command awplus#show interface port1.0.1,port1.0.5-1.0.6 memory Vlan blocking state shared memory usage --------------------------------------------- Interface shmid Bytes Used nattch Status port1.0.1 393228 512 1 port1.0.5 491535 512 1 port1.0.6 557073 512 1 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 204 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW INTERFACE MEMORY Figure 5-8: Example output from the show interface memory command awplus#show interface memory Vlan blocking state shared memory usage --------------------------------------------- Interface shmid Bytes Used nattch port1.0.1 393228 512 1 port1.0.2 458766 512 1 port1.0.3 360459 512 1 port1.0.4 524304 512 1 port1.0.5 491535 512 1 port1.0.6 557073 512 1 port1.0.7 327690 512 1 port1.0.8 655380 512 1 port1.0.9 622611 512 1 ... port1.0.21 950301 512 1 port1.0.22 1048608 512 1 port1.0.23 1015839 512 1 port1.0.24 1081377 512 1 lo 425997 512 1 po1 1179684 512 1 po2 1212453 512 1 sa3 1245222 512 1 Related Commands Status show interface brief show interface status show interface switchport C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 205 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW MEMORY show memory Overview This command displays the memory used by each process that is currently running For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show memory [sort {size|peak|stk}] Parameter Description sort Changes the sorting order for the list of processes. If you do not specify this, then the list is sorted by percentage memory utilization. size Sort by the amount of memory the process is currently using. peak Sort by the amount of memory the process is currently using. stk Sort by the stack size of the process. User Exec and Privileged Exec To display the memory used by the current running processes, use the command: awplus# show memory Output Figure 5-9: Example output from the show memory command awplus#show memory sort stk RAM total: 124384 kB; free: 64236 kB; buffers: 15888 kB user processes ============== pid name mem% size(kB) peak(kB) data(kB) 490 openhpid 1.5 1988 7480 1308 578 hsl 7.1 8940 29312 5148 18986 imish 1.3 1660 13668 3876 18931 imish 3.6 4548 13668 3876 576 imi 4.6 5772 14532 4428 572 nsm 4.9 6128 15092 4480 574 hostd 1.6 2048 8116 1876 586 cntrd 2.5 3168 12140 3288 606 sflowd 2.8 3564 12336 3408 610 authd 3.0 3808 12604 3472 616 mstpd 3.1 3856 12652 3480 ... C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x stk(kB) 528 312 172 172 144 140 140 140 140 140 140 virt(kB) 6704 21052 13668 13668 14532 15092 8116 12136 12336 12604 12652 206 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW MEMORY Table 4: Parameters in the output of the show memory command Related Commands Parameter Description RAM total Total amount of RAM memory free. free Available memory size. buffers Memory allocated kernel buffers. pid Identifier number for the process. name Short name used to describe the process. mem% Percentage of memory utilization the process is currently using. size Amount of memory currently used by the process. peak Greatest amount of memory ever used by the process. data Amount of memory used for data. show memory allocations show memory history show memory pools show memory shared C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 207 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW MEMORY ALLOCATIONS show memory allocations Overview This command displays the memory allocations used by processes. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show memory allocations [<process>] Parameter Description <process> Displays the memory allocation used by the specified process. User Exec and Privileged Exec To display the memory allocations used by all processes on your device, use the command: awplus# show memory allocations Output Figure 5-10: Example output from the show memory allocations command awplus#show memory allocations Memory allocations for imi ----------------------------- Current 15093760 (peak 15093760) Statically allocated memory: - binary/exe : 1675264 - libraries : 8916992 - bss/global data : 2985984 - stack : 139264 Dynamically allocated memory (heap): - total allocated : 1351680 - in use : 1282440 - non-mmapped : 1351680 - maximum total allocated : 1351680 - total free space : 69240 - releasable : 68968 - space in freed fastbins : 16 Context filename:line allocated freed + lib.c:749 484 . . . C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 208 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW MEMORY ALLOCATIONS Related Commands show memory show memory history show memory pools show memory shared show tech-support C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 209 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW MEMORY HISTORY show memory history Overview This command prints a graph showing the historical memory usage. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show memory history Mode User Exec and Privileged Exec Usage This command’s output displays three graphs of the percentage memory utilization: Examples • per second for the last minute, then • per minute for the last hour, then • per 30 minutes for the last 30 hours. To show a graph displaying the historical memory usage, use the command: awplus# show memory history Output Figure 5-11: Example output from the show memory history command Per minute memory utilization history 100 90 80 70 60 50 40************************************************************* 30 20 10 |....|....|....|....|....|....|....|....|....|....|....|.... Oldest Newest Memory utilization% per minute (last 60 minutes) * = average memory utilisation%. ... Related Commands show memory allocations show memory pools show memory shared show tech-support C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 210 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW MEMORY POOLS show memory pools Overview This command shows the memory pools used by processes. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show memory pools [<process>] Parameter Description <process> Displays the memory pools used by the specified process. User Exec and Privileged Exec To shows the memory pools used by processes, use the command: awplus# show memory pools Output Figure 5-12: Example output from the show memory pools command awplus#show memory pools Memory pools for imi ---------------------- Current 15290368 (peak 15290368) Statically allocated memory: - binary/exe : 1675264 - libraries : 8916992 - bss/global data : 2985984 - stack : 139264 Dynamically allocated memory (heap): - total allocated : 1548288 - in use : 1479816 - non-mmapped : 1548288 - maximum total allocated : 1548288 - total free space : 68472 - releasable : 68200 - space in freed fastbins : 16 . . . Related Commands show memory allocations show memory history show tech-support C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 211 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW MEMORY SHARED show memory shared Overview This command displays shared memory allocation information. The output is useful for diagnostic purposes by Allied Telesis authorized service personnel. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show memory shared User Exec and Privileged Exec To display information about the shared memory allocation used on the device, use the command: awplus# show memory shared Output Figure 5-13: Example output from the show memory shared command awplus#show memory shared Shared Memory Status -------------------------- Segment allocated = 39 Pages allocated = 39 Pages resident = 11 Shared Memory Limits -------------------------- Maximum number of segments Maximum segment size (kbytes) Maximum total shared memory (pages) Minimum segment size (bytes) Related Commands = = = = 4096 32768 2097152 1 show memory allocations show memory history show memory C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 212 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW PROCESS show process Overview This command lists a summary of the current running processes. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show process [sort {cpu|mem}] Parameter Description sort Changes the sorting order for the list of processes. cpu Sorts the list by the percentage of CPU utilization. mem Sorts the list by the percentage of memory utilization. User Exec and Privileged Exec To display a summary of the current running processes, use the command: awplus# show process Output Figure 5-14: Example output from the show process command CPU load for 1 minute: 0%; 5 minutes: 3%; 15 minutes: 0% RAM total: 514920 kB; free: 382600 kB; buffers: 16368 kB user processes ============== pid name thrds cpu% mem% pri state sleep% 962 pss 12 0 6 25 sleep 5 1 init 1 0 0 25 sleep 0 797 syslog-ng 1 0 0 16 sleep 88 kernel threads ============== pid name cpu% pri state sleep% 71 aio/0 0 20 sleep 0 3 events/0 0 10 sleep 98 ... C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 213 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW PROCESS Table 5: Parameters in the output from the show process command Related Commands C613-50081-01 REV A Parameter Description CPU load Average CPU load for the given period. RAM total Total memory size. free Available memory. buffers Memory allocated to kernel buffers. pid Identifier for the process. name Short name to describe the process. thrds Number of threads in the process. cpu% Percentage of CPU utilization that this process is consuming. mem% Percentage of memory utilization that this process is consuming. pri Process priority. state Process state; one of “run”, “sleep”, “stop”, “zombie”, or “dead”. sleep% Percentage of time the process is in the sleep state. show cpu show cpu history Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 214 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW REBOOT HISTORY show reboot history Overview Use this command to display the device’s reboot history. The history is stored in NVS memory, so it will be lost after a power cycle. Syntax Mode Example show reboot history User Exec and Privileged Exec To show the reboot history, use the command: awplus# show reboot history Output Figure 5-15: Example output from the show reboot history command awplus#show reboot history <date> <time> <type> <description> ----------------------------------------------- 2014-01-10 01:42:04 Expected User Request 2014-01-10 01:35:31 Expected User Request 2014-01-10 01:16:25 Unexpected Rebooting due to critical process (network/nsm) failure! 2014-01-10 01:11:04 Unexpected Rebooting due to critical process (network/nsm) failure! 2014-01-09 19:56:16 Expected User Request 2014-01-09 19:51:20 Expected User Request Table 6: Parameters in the output from the show reboot history command Related Commands C613-50081-01 REV A Parameter Description Unexpected Reboot is counted by the continuous reboot prevention feature if the reboot event occurs in the time period specified for continuous reboot prevention. Expected Reboot is not counted by continuous reboot prevention feature. Continuous reboot prevention A continuous reboot prevention event has occurred. The action taken is configured with the continuous-rebootprevention command. The next time period during which reboot events are counted begins from this event. User request User initiated reboot via the CLI. show continuous-reboot-prevention show tech-support Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 215 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW ROUTER-ID show router-id Overview Syntax Mode Example Use this command to show the Router ID of the current system. show router-id User Exec and Privileged Exec To display the Router ID of the current system, use the command: awplus# show router-id Output Figure 5-16: Example output from the show router-id command awplus>show router-id Router ID: 10.55.0.2 (automatic) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 216 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW SYSTEM show system Overview This command displays general system information about the device, including the hardware, installed, memory, and software versions loaded. It also displays location and contact details when these have been set. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show system User Exec and Privileged Exec To display configuration information, use the command: awplus# show system Output Figure 5-17: Example output from show system awplus#show system System Status Mon Nov 16 08:42:16 2015 Board ID Bay Board Name Rev Serial number -------------------------------------------------------------------------------- Base 410 at-IE200-6GP X1-0 NONE -------------------------------------------------------------------------------- RAM: Total: 252888 kB Free: 144744 kB Flash: 63.0MB Used: 54.8MB Available: 8.2MB -------------------------------------------------------------------------------Environment Status : Normal Uptime : 0 days 00:08:53 Bootloader version : 5.0.6 Current software : IE200-5.4.5-2.1.rel Software version : 5.4.5-2.1 Build date : Thu Nov 12 12:11:29 NZDT 2015 Current boot config: flash:/default.cfg (file exists) System Name awplus System Contact System Location Related Commands C613-50081-01 REV A show system environment Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 217 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW SYSTEM ENVIRONMENT show system environment Overview This command displays the current environmental status of your device and any attached PSU, XEM, or other expansion option. The environmental status covers information about temperatures, fans, and voltage. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show system environment Mode User Exec and Privileged Exec Example To display the system’s environmental status, use the command: awplus# show system environment Output Figure 5-18: Example output from the show system environment command awplus#show system environment Environment Monitoring Status Overall Status: Normal Resource ID: 1 Name: at-IE200-6GP ID Sensor (Units) 1 Almmon: LED output (Bit) 2 Almmon: relay output (Bit) 3 Temp: Local (Degrees C) 4 Contact Input 1 5 Relay Output 1 6 PSU Power Output 1 7 PSU Power Output 2 Related Commands C613-50081-01 REV A Reading 0 0 58 Yes Yes Yes No Low Limit High Limit Status 0 0 Ok 0 0 Ok 85(Hyst) 95 Ok Ok Ok Ok Ok show system Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 218 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW SYSTEM INTERRUPTS show system interrupts Overview Use this command to display the number of interrupts for each IRQ (Interrupt Request) used to interrupt input lines on a PIC (Programmable Interrupt Controller) on your device. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show system interrupts Mode User Exec and Privileged Exec Example To display information about the number of interrupts for each IRQ in your device, use the command: awplus# show system interrupts Related Commands C613-50081-01 REV A show system environment Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 219 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW SYSTEM MAC show system mac Overview Syntax Mode Example This command displays the physical MAC address of the device. show system mac User Exec and Privileged Exec To display the physical MAC address enter the following command: awplus# show system mac Output Figure 5-19: Example output from the show system mac command awplus#show system mac eccd.6d9d.4eed C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 220 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW SYSTEM SERIALNUMBER show system serialnumber Overview This command shows the serial number information for the device. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show system serialnumber User Exec and Privileged Exec To display the serial number information for the device, use the command: awplus# show system serialnumber Output Figure 5-20: Example output from the show system serial number command awplus#show system serialnumber 45AX5300X C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 221 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW TECH-SUPPORT show tech-support Overview This command generates system and debugging information for the device and saves it to a file. You can optionally limit the command output to display only information for a given protocol or feature. The command generates a large amount of output, which is saved to a file in compressed format. The output file name can be specified by outfile option. If the output file already exists, a new file name is generated with the current time stamp. If the output filename does not end with “.gz”, then “.gz” is appended to the filename. Since output files may be too large for Flash on the device we recommend saving files to external memory or a TFTP server whenever possible to avoid device lockup. This method is not likely to be appropriate when running the working set option of AMF across a range of physically separated devices. Syntax Default C613-50081-01 REV A show tech-support {all|[atmf|dhcpsn|epsr|igmp|ip|ipv6|mld|pim|stp|system|tacacs+ ]|[outfile <filename>]} Parameter Description all Display full information atmf Display ATMF- specific information dhcpsn Display DHCP Snooping specific information epsr Display EPSR specific information igmp Display IGMP specific information ip Display IP specific information ipv6 Display IPv6 specific information mld Display MLD specific information outfile Output file name pim Display PIM related information stp Display STP specific information system Display general system information tacacs+ Display TACACS+ information | Output modifier > Output redirection >> Output redirection (append) <filename> Specifies a name for the output file. If no name is specified, this file will be saved as: tech-support.txt.gz. Captures all information for the device. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 222 SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW TECH-SUPPORT By default the output is saved to the file ‘tech-support.txt.gz’ in the current directory. If this file already exists in the current directory then a new file is generated with the time stamp appended to the file name, for example ‘tech-support20080109.txt.gz’, so the last saved file is retained. Usage This command is useful for collecting a large amount of information about all protocols or specific protocols on your device so that it can then be analyzed for troubleshooting purposes. The output of this command can be provided to technical support staff when reporting a problem. Mode Privileged Exec Examples show tech-support awplus# show tech-support C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 223 SYSTEM CONFIGURATION AND MONITORING COMMANDS SPEED (ASYN) speed (asyn) Overview This command changes the console speed from the device. Note that a change in console speed is applied for subsequent console sessions. Exit the current session to enable the console speed change using the clear line console command. CAUTION: The bootloader on an IE200-6 Series switch always runs at 9600 Baud. If you change the baud rate, you will be unable to access to the bootloader. Syntax Default speed <console-speed-in-bps> Parameter Description <console-speed-in-bps> Console speed Baud rate in bps (bits per second). 1200 1200 Baud 2400 2400 Baud 9600 9600 Baud 19200 19200 Baud 38400 38400 Baud 57600 57600 Baud 115200 115200 Baud The default console speed baud rate is 9600 bps. Mode Line Configuration Usage This command is used to change the console (asyn) port speed. Set the console speed to match the transmission rate of the device connected to the console (asyn) port on your device. Example To set the terminal console (asyn0) port speed from the device to 57600 bps, then exit the session, use the commands: awplus# configure terminal awplus(config)# line console 0 awplus(config-line)# speed 57600 awplus(config-line)# exit awplus(config)# exit awplus# exit Then log in again to enable the change: awplus login: Password: awplus> C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 224 SYSTEM CONFIGURATION AND MONITORING COMMANDS SPEED (ASYN) Related Commands clear line console line show running-config show startup-config speed C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 225 SYSTEM CONFIGURATION AND MONITORING COMMANDS SYSTEM TERRITORY (DEPRECATED) system territory (deprecated) Overview This command has been deprecated in Software Version 5.4.4-0.1 and later. It now has no effect. It is no longer useful to specify a system territory, so there is no alternative command. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 226 SYSTEM CONFIGURATION AND MONITORING COMMANDS TERMINAL MONITOR terminal monitor Overview Use this command to display debugging output on a terminal. To display the cursor after a line of debugging output, press the Enter key. Use the command terminal no monitor to stop displaying debugging output on the terminal, or use the timeout option to stop displaying debugging output on the terminal after a set time. Syntax terminal monitor [<1-60>] terminal no monitor Default Mode Examples Parameter Description <1-60> Set a timeout between 1 and 60 seconds for terminal output. Disabled User Exec and Privileged Exec To display debugging output on a terminal, enter the command: awplus# terminal monitor To specify timeout of debugging output after 60 seconds, enter the command: awplus# terminal monitor 60 To stop displaying debugging output on the terminal, use the command: awplus# terminal no monitor Related Commands C613-50081-01 REV A All debug commands Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 227 SYSTEM CONFIGURATION AND MONITORING COMMANDS UNDEBUG ALL undebug all Overview C613-50081-01 REV A This command applies the functionality of the no debug all command. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 228 6 Pluggables and Cabling Commands Introduction Overview This chapter provides an alphabetical reference of commands used to configure and monitor Pluggables and Cabling, including: • Optical Digital Diagnostic Monitoring (DDM) to help find fiber issues when links go down For more information, see the Pluggables and Cabling Feature Overview and Configuration_Guide. Command List C613-50081-01 REV A • “show system pluggable” on page 230 • “show system pluggable detail” on page 232 • “show system pluggable diagnostics” on page 236 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 229 PLUGGABLES AND CABLING COMMANDS SHOW SYSTEM PLUGGABLE show system pluggable Overview This command displays brief pluggable transceiver information showing the pluggable type, the pluggable serial number, and the pluggable port on the device. Different types of pluggable transceivers are supported in different models of device. See your Allied Telesis dealer for more information about the models of pluggables that your device supports. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show system pluggable [<port-list>] Parameter Description <port-list> The ports to display information about. The port list can be: • a switch port (e.g. port1.0.6) • a continuous range of ports separated by a hyphen, e.g. port1.0.5-1.0.6 • a comma-separated list of ports and port ranges, e.g. port1.0.5,port1.0.6. Mode Example User Exec and Privileged Exec To display brief information about all installed pluggable transceivers, use the command: awplus# show system pluggable Output Figure 6-1: Example output from the show system pluggable command awplus#show system pluggable System Pluggable Information Port Vendor Device Serial Number Datecode Type -------------------------------------------------------------------------------- 1.0.5 ATI AT-TN-P015-A A04840R131700049 130422 BASE-BX10 1.0.6 ATI AT-SPFXBD-LC-15 A03947R074700751 07112601 BASE-BX10 -------------------------------------------------------------------------------- Example To display information about the pluggable transceiver installed in port1.0.5, use the command: awplus# show system pluggable port1.0.5 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 230 PLUGGABLES AND CABLING COMMANDS SHOW SYSTEM PLUGGABLE Output Figure 6-2: Example output from the show system pluggable port1.0.5 command System Pluggable Information Port Manufacturer Device Serial Number Datecode Type -------------------------------------------------------------------------------- 1.0.5 ATI AT-TN-P015-A A04840R131700049 130422 BASE-BX10 -------------------------------------------------------------------------------- Related Commands show system environment show system pluggable detail show system pluggable diagnostics C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 231 PLUGGABLES AND CABLING COMMANDS SHOW SYSTEM PLUGGABLE DETAIL show system pluggable detail Overview This command displays detailed pluggable transceiver information showing the pluggable type, the pluggable serial number, and the pluggable port on the device. Different types of pluggable transceivers are supported in different models of device. See your Allied Telesis dealer for more information about the models of pluggables that your device supports. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show system pluggable [<port-list>] detail Parameter Description <port-list> The ports to display information about. The port list can be: • a switch port (e.g. port1.0.6) • a continuous range of ports separated by a hyphen, e.g. port1.0.5-1.0.6 • a comma-separated list of ports and port ranges, e.g. port1.0.5,port1.0.6. Mode User Exec and Privileged Exec In addition to the information about pluggable transceivers displayed using the show system pluggable command (port, manufacturer, serial number, manufacturing datecode, and type information), the show system pluggable detail command displays the following information: C613-50081-01 REV A • SFP Laser Wavelength: Specifies the laser wavelength of the installed pluggable transceiver • Single mode Fiber: Specifies the link length supported by the pluggable transceiver using single mode fiber • OM1 (62.5μ m) Fiber: Specifies the link length, in meters (m) or kilometers (km) supported by the pluggable transceiver using 62.5 micron multi-mode fiber. • OM2 (50μ m) Fiber: Specifies the link length (in meters or kilometers) supported by the pluggable transceiver using 50 micron multi-mode fiber. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 232 PLUGGABLES AND CABLING COMMANDS SHOW SYSTEM PLUGGABLE DETAIL • • Diagnostic Calibration: Specifies whether the pluggable transceiver supports DDM or DOM Internal or External Calibration. – Internal is displayed if the pluggable transceiver supports DDM or DOM Internal Calibration. – External is displayed if the pluggable transceiver supports DDM or DOM External Calibration. – - is displayed neither Internal Calibration or External Calibration is supported. Power Monitoring: Displays the received power measurement type, which can be either OMA(Optical Module Amplitude) or Avg(Average Power) measured in μW. NOTE: For parameters that are not supported or not specified, a hyphen is displayed instead. Example To display detailed information about the pluggable transceivers installed in a particular port on the device, use a command like: awplus# show system pluggable port1.0.4 detail To display detailed information about all the pluggable transceivers installed on the device, use the command: awplus# show system pluggable detail C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 233 PLUGGABLES AND CABLING COMMANDS SHOW SYSTEM PLUGGABLE DETAIL Output Figure 6-3: Example output from the show system pluggable detail command on a device awplus#show system pluggable detail System Pluggable Information Detail Port1.0.5 ========== Vendor Name: ATI Device Name: AT-SPTX Device Revision: A Device Type: 1000BASE-T Serial Number: A123459071900003 Manufacturing Datecode: 07051101 SFP Laser Wavelength: - Link Length Supported Single Mode Fiber : - OM1 (62.5um) Fiber: - OM2 (50um) Fiber : - Diagnostic Calibration: - Power Monitoring: - FEC BER support: - Port1.0.6 ========== Vendor Name: ATI Device Name: AT-SPBD10-13 Device Revision: A Device Type: BASE-BX10 Serial Number: A03243R111300129 Manufacturing Datecode: 11032801 SFP Laser Wavelength: 1310nm Link Length Supported Single Mode Fiber : 10Km OM1 (62.5um) Fiber: - OM2 (50um) Fiber : - Diagnostic Calibration: - Power Monitoring: - FEC BER support: - Table 1: Parameters in the output from the show system pluggables detail command: C613-50081-01 REV A Parameter Description Port Specifies the port the pluggable transceiver is installed in. Vendor Name Specifies the vendor’s name for the installed pluggable transceiver. Device Name Specifies the device name for the installed pluggable transceiver. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 234 PLUGGABLES AND CABLING COMMANDS SHOW SYSTEM PLUGGABLE DETAIL Table 1: Parameters in the output from the show system pluggables detail command: (cont.) Related Commands Parameter Description Device Revision Specifies the hardware revision code for the pluggable transceiver. This may be useful for troubleshooting because different devices may support different pluggable transceiver revisions. Device Type Specifies the device type for the installed pluggable transceiver.. Serial Number Specifies the serial number for the installed pluggable transceiver. Manufacturing Datecode Specifies the manufacturing datecode for the installed pluggable transceiver. Checking the manufacturing datecode with the vendor may be useful when determining Laser Diode aging issues. For more information, see ”How To Troubleshoot Fiber and Pluggable Issues” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. SFP Laser Wavelength Specifies the laser wavelength of the installed pluggable transceiver. Single Mode Fiber Specifies the link length supported by the pluggable transceiver using single mode fiber. OM1 (62.5um) Fiber Specifies the link length (in μm - micron) supported by the pluggable transceiver using 62.5 micron multi-mode fiber. OM2 (50um) Fiber Specifies the link length (in μm - micron) supported by the pluggable transceiver using 50 micron multi-mode fiber. Diagnostic Calibration Specifies whether the pluggable transceiver supports DDM or DOM Internal or External Calibration: Internal is displayed if the pluggable transceiver supports DDM or DOM Internal Calibration. External is displayed if the pluggable transceiver supports DDM or DOM External Calibration. - is displayed if neither Internal Calibration or External Calibration is supported. Power Monitoring Displays the received power measurement type, which can be either OMA (Optical Module Amplitude) or Avg (Average Power) measured in μW. show system environment show system pluggable show system pluggable diagnostics C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 235 PLUGGABLES AND CABLING COMMANDS SHOW SYSTEM PLUGGABLE DIAGNOSTICS show system pluggable diagnostics Overview This command displays diagnostic information about SFP pluggable transceivers that support Digital Diagnostic Monitoring (DDM). Different types of pluggable transceivers are supported in different models of device. See your device’s Datasheet for more information about the models of pluggables that your device supports. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show system pluggable [<port-list>] diagnostics Parameter Description <port-list> The ports to display information about. The port list can be: • a switch port, e.g. port1.0.6 • a continuous range of ports separated by a hyphen, e.g. port1.0.5-1.0.6 • a comma-separated list of ports and port ranges, e.g. port1.0.5,port1.0.6. Mode User Exec and Privileged Exec Usage Modern optical SFP transceivers support Digital Diagnostics Monitoring (DDM) functions. Diagnostic monitoring features allow you to monitor real-time parameters of the pluggable transceiver, such as optical output power, optical input power, temperature, laser bias current, and transceiver supply voltage. Additionally, RX LOS (Loss of Signal) is shown when the received optical level is below a preset threshold. Monitor these parameters to check on the health of all transceivers, selected transceivers or a specific transceiver installed in a device. Examples To display detailed information about all pluggable transceivers installed on a standalone device, use the command: awplus# show system pluggable diagnostics C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 236 PLUGGABLES AND CABLING COMMANDS SHOW SYSTEM PLUGGABLE DIAGNOSTICS Output Figure 6-4: Example output from the show system pluggable diagnostics command on a device awplus#show system pluggable diagnostics System Pluggable Information Diagnostics Port1.0.5 Status Alarms Reading Alarm Max Min Temp: (Degrees C) 34.719 - 110.00 -45.00 Vcc: (Volts) 3.282 3.600 3.000 Tx Bias: (mA) 23.024 - 80.000 2.000 Tx Power: (mW) 0.357 0.631 0.126 Rx Power: (mW) Low 0.631 0.005 Rx LOS: Rx Down Warning Low Warnings Max Min 95.000 -42.00 3.500 3.050 70.000 3.000 0.501 0.159 0.501 0.006 Table 2: Parameters in the output from the show system pluggables diagnostics command Parameter Description Temp (Degrees C) Shows the temperature inside the transceiver. Vcc (Volts) Shows voltage supplied to the transceiver. Tx Bias (mA) Shows current to the Laser Diode in the transceiver. Tx Power (mW) Shows the amount of light transmitted from the transceiver. Rx Power (mW) Shows the amount of light received in the transceiver. Rx LOS Rx Loss of Signal. This indicates whether: • light is being received (Rx Up) and therefore the link is up, or • light is not being received (Rx Down) and therefore the link is down Related Commands show system environment show system pluggable show system pluggable detail C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 237 7 Logging Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference of commands used to configure logging. • “clear exception log” on page 240 • “clear log” on page 241 • “clear log buffered” on page 242 • “clear log permanent” on page 243 • “default log buffered” on page 244 • “default log console” on page 245 • “default log email” on page 246 • “default log host” on page 247 • “default log monitor” on page 248 • “default log permanent” on page 249 • “log buffered” on page 250 • “log buffered (filter)” on page 251 • “log buffered exclude” on page 254 • “log buffered size” on page 257 • “log console” on page 258 • “log console (filter)” on page 259 • “log console exclude” on page 262 • “log email” on page 265 • “log email (filter)” on page 266 • “log email exclude” on page 269 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 238 LOGGING COMMANDS C613-50081-01 REV A • “log email time” on page 272 • “log facility” on page 274 • “log host” on page 276 • “log host (filter)” on page 277 • “log host exclude” on page 280 • “log host source” on page 283 • “log host time” on page 284 • “log monitor (filter)” on page 286 • “log monitor exclude” on page 289 • “log permanent” on page 292 • “log permanent (filter)” on page 293 • “log permanent exclude” on page 296 • “log permanent size” on page 299 • “log-rate-limit nsm” on page 300 • “show counter log” on page 302 • “show exception log” on page 303 • “show log” on page 304 • “show log config” on page 307 • “show log permanent” on page 309 • “show running-config log” on page 310 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 239 LOGGING COMMANDS CLEAR EXCEPTION LOG clear exception log Overview This command resets the contents of the exception log, but does not remove the associated core files. NOTE: When this command is used within a stacked environment, it will remove the contents of the exception logs in all stack members. Syntax Mode Example C613-50081-01 REV A clear exception log Privileged Exec awplus# clear exception log Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 240 LOGGING COMMANDS CLEAR LOG clear log Overview This command removes the contents of the buffered and permanent logs. NOTE: When this command is used within a stacked environment, it will remove the contents of the buffered and permanent logs in all stack members. Syntax Mode Example clear log Privileged Exec To delete the contents of the buffered and permanent log use the command: awplus# clear log Validation Commands show log Related Commands clear log buffered C613-50081-01 REV A clear log permanent Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 241 LOGGING COMMANDS CLEAR LOG BUFFERED clear log buffered Overview Syntax Mode Example This command removes the contents of the buffered log. clear log buffered Privileged Exec To delete the contents of the buffered log use the following commands: awplus# clear log buffered Related Commands default log buffered log buffered log buffered (filter) log buffered size log buffered exclude show log show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 242 LOGGING COMMANDS CLEAR LOG PERMANENT clear log permanent Overview This command removes the contents of the permanent log. NOTE: When this command is used within a stacked environment, it will remove the contents of the buffered logs in all stack members. The permanent log is stored in NVS. On IE200-6 Series switches, files in NVS persist over a device restart but do not persist over a power cycle. Syntax Mode Example clear log permanent Privileged Exec To delete the contents of the permanent log use the following commands: awplus# clear log permanent Related Commands default log permanent log permanent log permanent (filter) log permanent exclude log permanent size show log config show log permanent C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 243 LOGGING COMMANDS DEFAULT LOG BUFFERED default log buffered Overview This command restores the default settings for the buffered log stored in RAM. By default the size of the buffered log is 50 kB and it accepts messages with the severity level of “warnings” and above. Syntax default log buffered Default The buffered log is enabled by default. Mode Example Global Configuration To restore the buffered log to its default settings use the following commands: awplus# configure terminal awplus(config)# default log buffered Related Commands clear log buffered log buffered log buffered (filter) log buffered size log buffered exclude show log show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 244 LOGGING COMMANDS DEFAULT LOG CONSOLE default log console Overview Syntax Mode Example This command restores the default settings for log messages sent to the terminal when a log console command is issued. By default all messages are sent to the console when a log console command is issued. default log console Global Configuration To restore the log console to its default settings use the following commands: awplus# configure terminal awplus(config)# default log console Related Commands log console log console (filter) log console exclude show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 245 LOGGING COMMANDS DEFAULT LOG EMAIL default log email Overview Syntax Mode Example This command restores the default settings for log messages sent to an email address. By default no filters are defined for email addresses. Filters must be defined before messages will be sent. This command also restores the remote syslog server time offset value to local (no offset). default log email <email-address> Parameter Description <email-address> The email address to send log messages to Global Configuration To restore the default settings for log messages sent to the email address [email protected] use the following commands: awplus# configure terminal awplus(config)# default log email [email protected] Related Commands log email log email (filter) log email exclude log email time show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 246 LOGGING COMMANDS DEFAULT LOG HOST default log host Overview Syntax Mode Example This command restores the default settings for log sent to a remote syslog server. By default no filters are defined for remote syslog servers. Filters must be defined before messages will be sent. This command also restores the remote syslog server time offset value to local (no offset). default log host <ip-addr> Parameter Description <ip-addr> The IP address of a remote syslog server Global Configuration To restore the default settings for messages sent to the remote syslog server with IP address 10.32.16.21 use the following commands: awplus# configure terminal awplus(config)# default log host 10.32.16.21 Related Commands log host log host (filter) log host exclude log host source log host time show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 247 LOGGING COMMANDS DEFAULT LOG MONITOR default log monitor Overview This command restores the default settings for log messages sent to the terminal when a terminal monitor command is used. Syntax default log monitor Default All messages are sent to the terminal when a terminal monitor command is used. Mode Example Global Configuration To restore the log monitor to its default settings use the following commands: awplus# configure terminal awplus(config)# default log monitor Related Commands log monitor (filter) log monitor exclude show log config terminal monitor C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 248 LOGGING COMMANDS DEFAULT LOG PERMANENT default log permanent Overview This command restores the default settings for the permanent log stored in NVS. By default, the size of the permanent log is 50 kB and it accepts messages with the severity level of warnings and above. The permanent log is stored in NVS. On IE200-6 Series switches, files in NVS persist over a device restart but do not persist over a power cycle. Syntax default log permanent Default The permanent log is enabled by default. Mode Example Global Configuration To restore the permanent log to its default settings use the following commands: awplus# configure terminal awplus(config)# default log permanent Related Commands clear log permanent log permanent log permanent (filter) log permanent exclude log permanent size show log config show log permanent C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 249 LOGGING COMMANDS LOG BUFFERED log buffered Overview Syntax This command configures the device to store log messages in RAM. Messages stored in RAM are not retained on the device over a restart. Once the buffered log reaches its configured maximum allowable size old messages will be deleted to make way for new ones. log buffered no log buffered Default Mode Examples The buffered log is configured by default. Global Configuration To configured the device to store log messages in RAM use the following commands: awplus# configure terminal awplus(config)# log buffered To configure the device to not store log messages in a RAM buffer use the following commands: awplus# configure terminal awplus(config)# no log buffered Related Commands clear log buffered default log buffered log buffered (filter) log buffered size log buffered exclude show log show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 250 LOGGING COMMANDS LOG BUFFERED (FILTER) log buffered (filter) Overview Use this command to create a filter to select messages to be sent to the buffered log. Selection can be based on the priority/ severity of the message, the program that generated the message, the logging facility used, a sub-string within the message or a combination of some or all of these. The no variant of this command removes the corresponding filter, so that the specified messages are no longer sent to the buffered log. Syntax log buffered [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log buffered [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Filter messages to the buffered log by severity level. <level> The minimum severity of message to send to the buffered log. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Filter messages to the buffered log by program. Include messages from a specified program in the buffered log. <programname> The name of a program to log messages from, either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output: C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) mstp Multiple Spanning Tree Protocol (MSTP) imi Integrated Management Interface (IMI) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 251 LOGGING COMMANDS LOG BUFFERED (FILTER) Parameter Description imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Filter messages to the buffered log by syslog facility. <facility> Specify one of the following syslog facilities to include messages from in the buffered log: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Select messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Examples By default the buffered log has a filter to select messages whose severity level is “notices (5)” or higher. This filter may be removed using the no variant of this command. Global Configuration To add a filter to send all messages generated by EPSR that have a severity of notices or higher to the buffered log use the following commands: awplus# configure terminal awplus(config)# log buffered level notices program epsr C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 252 LOGGING COMMANDS LOG BUFFERED (FILTER) To add a filter to send all messages containing the text Bridging initialization, to the buffered log use the following commands: awplus# configure terminal awplus(config)# log buffered msgtext Bridging initialization To remove a filter that sends all messages generated by EPSR that have a severity of notices or higher to the buffered log use the following commands: awplus# configure terminal awplus(config)# no log buffered level notices program epsr To remove a filter that sends all messages containing the text Bridging initialization, to the buffered log use the following commands: awplus# configure terminal awplus(config)# no log buffered msgtext Bridging initialization Related Commands clear log buffered default log buffered log buffered log buffered size log buffered exclude show log show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 253 LOGGING COMMANDS LOG BUFFERED EXCLUDE log buffered exclude Overview Use this command to exclude specified log messages from the buffered log. You can exclude messages on the basis of: • the priority/severity of the message • the program that generated the message • the logging facility used • a sub-string within the message, or • a combination of some or all of these. Use the no variant of this command to stop excluding the specified messages. Syntax log buffered exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log buffered exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Exclude messages of the specified severity level. <level> The severity level to exclude. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Exclude messages from a specified program. <programname> The name of a program. Either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output. C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) mstp Multiple Spanning Tree Protocol (MSTP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 254 LOGGING COMMANDS LOG BUFFERED EXCLUDE Parameter Description imi Integrated Management Interface (IMI) imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Exclude messages from a syslog facility. <facility> Specify one of the following syslog facilities to exclude messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Exclude messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Example No log messages are excluded Global configuration To remove messages that contain the string “example of irrelevant message”, use the following commands: awplus# configure terminal awplus(config)# log buffered exclude msgtext example of irrelevant message Related Commands C613-50081-01 REV A clear log buffered default log buffered Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 255 LOGGING COMMANDS LOG BUFFERED EXCLUDE log buffered log buffered (filter) log buffered size show log show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 256 LOGGING COMMANDS LOG BUFFERED SIZE log buffered size Overview Syntax Mode Example This command configures the amount of memory that the buffered log is permitted to use. Once this memory allocation has been filled old messages will be deleted to make room for new messages. log buffered size <50-250> Parameter Description <50-250> Size of the RAM log in kilobytes Global Configuration To allow the buffered log to use up to 100 kB of RAM use the following commands: awplus# configure terminal awplus(config)# log buffered size 100 Related Commands clear log buffered default log buffered log buffered log buffered (filter) log buffered exclude show log show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 257 LOGGING COMMANDS LOG CONSOLE log console Overview This command configures the device to send log messages to consoles. The console log is configured by default to send messages to the device’s main console port. Use the no variant of this command to configure the device not to send log messages to consoles. Syntax log console no log console Mode Examples Global Configuration To configure the device to send log messages use the following commands: awplus# configure terminal awplus(config)# log console To configure the device not to send log messages in all consoles use the following commands: awplus# configure terminal awplus(config)# no log console Related Commands default log console log console (filter) log console exclude show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 258 LOGGING COMMANDS LOG CONSOLE (FILTER) log console (filter) Overview Syntax This command creates a filter to select messages to be sent to all consoles when the log console command is given. Selection can be based on the priority/severity of the message, the program that generated the message, the logging facility used, a sub-string within the message or a combination of some or all of these. log console [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log console [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Filter messages by severity level. <level> The minimum severity of message to send. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Filter messages by program. Include messages from a specified program. <programname> The name of a program to log messages from, either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output: C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) mstp Multiple Spanning Tree Protocol (MSTP) imi Integrated Management Interface (IMI) imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 259 LOGGING COMMANDS LOG CONSOLE (FILTER) Parameter Description loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Filter messages by syslog facility. <facility> Specify one of the following syslog facilities to include messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Select messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Examples By default the console log has a filter to select messages whose severity level is critical or higher. This filter may be removed using the no variant of this command. This filter may be removed and replaced by filters that are more selective. Global Configuration To create a filter to send all messages generated by MSTP that have a severity of info or higher to console instances where the log console command has been given, remove the default filter that includes everything use the following commands: awplus# configure terminal awplus(config)# log console level info program mstp and then use the command: awplus(config)# log console level info program mstp C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 260 LOGGING COMMANDS LOG CONSOLE (FILTER) To create a filter to send all messages containing the text “Bridging initialization” to console instances where the log console command has been given use the following commands: awplus# configure terminal awplus(config)# log console msgtext "Bridging initialization" To remove a filter that sends all messages generated by EPSR that have a severity of notices or higher to consoles use the following commands: awplus# configure terminal awplus(config)# no log console level notices program epsr To remove a default filter that includes sending critical, alert and emergency level messages to the console use the following commands: awplus# configure terminal awplus(config)# no log console level critical Related Commands default log console log console log console exclude show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 261 LOGGING COMMANDS LOG CONSOLE EXCLUDE log console exclude Overview Use this command to prevent specified log messages from being sent to the console, when console logging is turned on. You can exclude messages on the basis of: • the priority/severity of the message • the program that generated the message • the logging facility used • a sub-string within the message, or • a combination of some or all of these. Use the no variant of this command to stop excluding the specified messages. Syntax log console exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log console exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Exclude messages of the specified severity level. <level> The severity level to exclude. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Exclude messages from a specified program. <programname> The name of a program. Either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output. C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 262 LOGGING COMMANDS LOG CONSOLE EXCLUDE Parameter Description mstp Multiple Spanning Tree Protocol (MSTP) imi Integrated Management Interface (IMI) imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Exclude messages from a syslog facility. <facility> Specify one of the following syslog facilities to exclude messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Exclude messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Example No log messages are excluded Global configuration To remove messages that contain the string “example of irrelevant message”, use the following commands: awplus# configure terminal awplus(config)# log console exclude msgtext example of irrelevant message Related Commands C613-50081-01 REV A default log console Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 263 LOGGING COMMANDS LOG CONSOLE EXCLUDE log console log console (filter) show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 264 LOGGING COMMANDS LOG EMAIL log email Overview Syntax Default Mode Example This command configures the device to send log messages to an email address. The email address is specified in this command. log email <email-address> Parameter Description <email-address> The email address to send log messages to By default no filters are defined for email log targets. Filters must be defined before messages will be sent. Global Configuration To have log messages emailed to the email address [email protected] use the following commands: awplus# configure terminal awplus(config)# log email [email protected] Related Commands default log email log email (filter) log email exclude log email time show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 265 LOGGING COMMANDS LOG EMAIL (FILTER) log email (filter) Overview This command creates a filter to select messages to be sent to an email address. Selection can be based on the priority/ severity of the message, the program that generated the message, the logging facility used, a sub-string within the message or a combination of some or all of these. The no variant of this command configures the device to no longer send log messages to a specified email address. All configuration relating to this log target will be removed. Syntax log email <email-address> [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log email <email-address> [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description <emailaddress> The email address to send logging messages to level Filter messages by severity level. <level> The minimum severity of message to send. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Filter messages by program. Include messages from a specified program. <programname> The name of a program to log messages from, either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output: C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) mstp Multiple Spanning Tree Protocol (MSTP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 266 LOGGING COMMANDS LOG EMAIL (FILTER) Parameter Description imi Integrated Management Interface (IMI) imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Filter messages by syslog facility. <facility> Specify one of the following syslog facilities to include messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Select messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Mode Examples Global Configuration To create a filter to send all messages generated by EPSR that have a severity of notices or higher to the email address [email protected] use the following commands: awplus# configure terminal awplus(config)# log email [email protected] level notices program epsr C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 267 LOGGING COMMANDS LOG EMAIL (FILTER) To create a filter to send all messages containing the text “Bridging initialization”, to the email address [email protected] use the following commands: awplus# configure terminal awplus(config)# log email [email protected] msgtext "Bridging initialization" To create a filter to send messages with a severity level of informational and above to the email address [email protected] use the following commands: awplus# configure terminal awplus(config)# log email [email protected] level informational To stop the device emailing log messages emailed to the email address [email protected] use the following commands: awplus# configure terminal awplus(config)# no log email [email protected] To remove a filter that sends all messages generated by EPSR that have a severity of notices or higher to the email address [email protected] use the following commands: awplus# configure terminal awplus(config)# no log email [email protected] level notices program epsr To remove a filter that sends messages with a severity level of informational and above to the email address [email protected] use the following commands: awplus# configure terminal awplus(config)# no log email [email protected] level informational Related Commands default log email log email log email exclude log email time show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 268 LOGGING COMMANDS LOG EMAIL EXCLUDE log email exclude Overview Use this command to prevent specified log messages from being emailed, when the device is configured to send log messages to an email address. You can exclude messages on the basis of: • the priority/severity of the message • the program that generated the message • the logging facility used • a sub-string within the message, or • a combination of some or all of these. Use the no variant of this command to stop excluding the specified messages. Syntax log email exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log email exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Exclude messages of the specified severity level. <level> The severity level to exclude. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Exclude messages from a specified program. <programname> The name of a program. Either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output. C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 269 LOGGING COMMANDS LOG EMAIL EXCLUDE Parameter Description mstp Multiple Spanning Tree Protocol (MSTP) imi Integrated Management Interface (IMI) imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Exclude messages from a syslog facility. <facility> Specify one of the following syslog facilities to exclude messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Exclude messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Example No log messages are excluded Global configuration To remove messages that contain the string “example of irrelevant message”, use the following commands: awplus# configure terminal awplus(config)# log email exclude msgtext example of irrelevant message C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 270 LOGGING COMMANDS LOG EMAIL EXCLUDE Related Commands default log email log email log email (filter) log email time show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 271 LOGGING COMMANDS LOG EMAIL TIME log email time Overview Syntax This command configures the time used in messages sent to an email address. If the syslog server is in a different time zone to your device then the time offset can be configured using either the utc-offset parameter option keyword or the local-offset parameter option keyword, where utc-offset is the time difference from UTC (Universal Time, Coordinated) and local-offset is the difference from local time. log email <email-address> time {local|local-offset|utc-offset {plus|minus}<0-24>} Parameter Description <email-address> The email address to send log messages to Default time Specify the time difference between the email recipient and the device you are configuring. local The device is in the same time zone as the email recipient local-offset The device is in a different time zone to the email recipient. Use the plus or minus keywords and specify the difference (offset) from local time of the device to the email recipient in hours. utc-offset The device is in a different time zone to the email recipient. Use the plus or minus keywords and specify the difference (offset) from UTC time of the device to the email recipient in hours. plus Negative offset (difference) from the device to the email recipient. minus Positive offset (difference) from the device to the email recipient. <0-24> World Time zone offset in hours The default is local time. Mode Global Configuration Usage Use the local option if the email recipient is in the same time zone as this device. Messages will display the time as on the local device when the message was generated. Use the offset option if the email recipient is in a different time zone to this device. Specify the time offset of the email recipient in hours. Messages will display the time they were generated on this device but converted to the time zone of the email recipient. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 272 LOGGING COMMANDS LOG EMAIL TIME Examples To send messages to the email address [email protected] in the same time zone as the device’s local time zone, use the following commands: awplus# configure terminal awplus(config)# log email [email protected] time local 0 To send messages to the email address [email protected] with the time information converted to the time zone of the email recipient, which is 3 hours ahead of the device’s local time zone, use the following commands: awplus# configure terminal awplus(config)# log email [email protected] time local-offset plus 3 To send messages to the email address [email protected] with the time information converted to the time zone of the email recipient, which is 3 hours behind the device’s UTC time zone, use the following commands: awplus# configure terminal awplus(config)# log email [email protected] time utc-offset minus 3 Related Commands default log email log email log email (filter) log email exclude show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 273 LOGGING COMMANDS LOG FACILITY log facility Overview Use this command to specify an outgoing syslog facility. This determines where the syslog server will store the log messages. Use the no variant of this command to remove the facility. Syntax log facility {kern|user|mail|daemon|auth|syslog|lpr|news|uucp|cron|authpriv |ftp|local0|local1|local2|local3|local4|local5|local6|local7} no log facility Default Mode C613-50081-01 REV A Parameter Description kern Kernel messages user User-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by the syslog daemon lpr Line printer subsystem news Network news subsystem uucp UNIX-to-UNIX Copy Program subsystem cron Clock daemon authpriv Security/authorization (private) messages ftp FTP daemon local0 Local use 0 local1 Local use 1 local2 Local use 2 local3 Local use 3 local4 Local use 4 local5 Local use 5 local6 Local use 6 local7 Local use 7 None (the outgoing syslog facility depends on the log message) Global Configuration Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 274 LOGGING COMMANDS LOG FACILITY Example To specify a facility of local0, use the following commands: awplus# configure terminal awplus(config)# log facility local0 Related Commands C613-50081-01 REV A show log config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 275 LOGGING COMMANDS LOG HOST log host Overview Syntax This command configures the device to send log messages to a remote syslog server via UDP port 514. The IP address of the remote server must be specified. By default no filters are defined for remote syslog servers. Filters must be defined before messages will be sent. log host <ip-addr> no log host <ip-addr> Mode Examples Parameter Description <ip-addr> The IP address of a remote syslog server in dotted decimal format A.B.C.D Global Configuration To configure the device to send log messages to a remote syslog server with IP address 10.32.16.99 use the following commands: awplus# configure terminal awplus(config)# log host 10.32.16.99 To stop the device from sending log messages to the remote syslog server with IP address 10.32.16.99 use the following commands: awplus# configure terminal awplus(config)# no log host 10.32.16.99 Related Commands default log host log host (filter) log host exclude log host source log host time show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 276 LOGGING COMMANDS LOG HOST (FILTER) log host (filter) Overview This command creates a filter to select messages to be sent to a remote syslog server. Selection can be based on the priority/severity of the message, the program that generated the message, the logging facility used, a substring within the message or a combination of some or all of these. The no variant of this command configures the device to no longer send log messages to a remote syslog server. The IP address of the syslog server must be specified. All configuration relating to this log target will be removed. Syntax log host <ip-addr> [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log host <ip-addr> [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description <ip-addr> The IP address of a remote syslog server. level Filter messages by severity level. <level> The minimum severity of message to send. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Filter messages by program. Include messages from a specified program. <programname> The name of a program to log messages from, either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output: C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) mstp Multiple Spanning Tree Protocol (MSTP) imi Integrated Management Interface (IMI) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 277 LOGGING COMMANDS LOG HOST (FILTER) Parameter Description imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Filter messages by syslog facility. <facility> Specify one of the following syslog facilities to include messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Select messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Mode Examples Global Configuration To create a filter to send all messages generated by EPSR that have a severity of notices or higher to a remote syslog server with IP address 10.32.16.21 use the following commands: awplus# configure terminal awplus(config)# log host 10.32.16.21 level notices program epsr To create a filter to send all messages containing the text “Bridging initialization”, to a remote syslog server with IP address 10.32.16.21 use the following commands: awplus# configure terminal awplus(config)# log host 10.32.16.21 msgtext "Bridging initialization" C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 278 LOGGING COMMANDS LOG HOST (FILTER) To create a filter to send messages with a severity level of informational and above to the syslog server with IP address 10.32.16.21 use the following commands: awplus# configure terminal awplus(config)# log host 10.32.16.21 level informational To remove a filter that sends all messages generated by EPSR that have a severity of notices or higher to a remote syslog server with IP address 10.32.16.21use the following commands: awplus# configure terminal awplus(config)# no log host 10.32.16.21 level notices program epsr To remove a filter that sends all messages containing the text “Bridging initialization”, to a remote syslog server with IP address 10.32.16.21 use the following commands: awplus# configure terminal awplus(config)# no log host 10.32.16.21 msgtext "Bridging initialization" To remove a filter that sends messages with a severity level of informational and above to the syslog server with IP address 10.32.16.21use the following commands: awplusawpluls# configure terminal awplus(config)# no log host 10.32.16.21 level informational Related Commands default log host log host log host exclude log host source log host time show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 279 LOGGING COMMANDS LOG HOST EXCLUDE log host exclude Overview Use this command to prevent specified log messages from being sent to the remote syslog server, when log host is enabled. You can exclude messages on the basis of: • the priority/severity of the message • the program that generated the message • the logging facility used • a sub-string within the message, or • a combination of some or all of these. Use the no variant of this command to stop excluding the specified messages. Syntax log host exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log host exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Exclude messages of the specified severity level. <level> The severity level to exclude. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Exclude messages from a specified program. <programname> The name of a program. Either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output. C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 280 LOGGING COMMANDS LOG HOST EXCLUDE Parameter Description mstp Multiple Spanning Tree Protocol (MSTP) imi Integrated Management Interface (IMI) imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Exclude messages from a syslog facility. <facility> Specify one of the following syslog facilities to exclude messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Exclude messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Example No log messages are excluded Global configuration To remove messages that contain the string “example of irrelevant message”, use the following commands: awplus# configure terminal awplus(config)# log host exclude msgtext example of irrelevant message Related Commands C613-50081-01 REV A default log host Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 281 LOGGING COMMANDS LOG HOST EXCLUDE log host log host (filter) log host source log host time show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 282 LOGGING COMMANDS LOG HOST SOURCE log host source Overview Use this command to specify a source interface or IP address for the device to send syslog messages from. You can specify any one of an interface name, an IPv4 address or an IPv6 address. This is useful if the device can reach the syslog server via multiple interfaces or addresses and you want to control which interface/address the device uses. Use the no variant of this command to stop specifying a source interface or address. Syntax log host source {<interface-name>|<ipv4-addr>|<ipv6-addr>} no log host source Default Mode Example Parameter Description <interface-name> Specify the source interface name. You can enter a VLAN, eth interface or loopback interface. <ipv4-add> Specify the source IPv4 address, in dotted decimal notation (A.B.C.D). <ipv6-add> Specify the source IPv6 address, in X:X::X:X notation. None (no source is configured) Global Configuration To send syslog messages from 192.168.1.1, use the commands: awplus# configure terminal awplus(config)# log host source 192.168.1.1 Related Commands default log host log host log host (filter) log host exclude log host time show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 283 LOGGING COMMANDS LOG HOST TIME log host time Overview Syntax Default This command configures the time used in messages sent to a remote syslog server. If the syslog server is in a different time zone to your device then the time offset can be configured using either the utc-offset parameter option keyword or the local-offset parameter option keyword, where utc-offset is the time difference from UTC (Universal Time, Coordinated) and local-offset is the difference from local time. log host <email-address> time {local|local-offset|utc-offset {plus|minus} <0-24>} Parameter Description <email-address> The email address to send log messages to time Specify the time difference between the email recipient and the device you are configuring. local The device is in the same time zone as the email recipient local-offset The device is in a different time zone to the email recipient. Use the plus or minus keywords and specify the difference (offset) from local time of the device to the email recipient in hours. utc-offset The device is in a different time zone to the email recipient. Use the plus or minus keywords and specify the difference (offset) from UTC time of the device to the email recipient in hours. plus Negative offset (difference) from the device to the syslog server. minus Positive offset (difference) from the device to the syslog server. <0-24> World Time zone offset in hours The default is local time. Mode Global Configuration Usage Use the local option if the remote syslog server is in the same time zone as the device. Messages will display the time as on the local device when the message was generated. Use the offset option if the email recipient is in a different time zone to this device. Specify the time offset of the remote syslog server in hours. Messages will display the time they were generated on this device but converted to the time zone of the remote syslog server. Examples To send messages to the remote syslog server with the IP address 10.32.16.21 in the same time zone as the device’s local time zone, use the following commands: awplus# configure terminal awplus(config)# log host 10.32.16.21 time local 0 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 284 LOGGING COMMANDS LOG HOST TIME To send messages to the remote syslog server with the IP address 10.32.16.12 with the time information converted to the time zone of the remote syslog server, which is 3 hours ahead of the device’s local time zone, use the following commands: awplus# configure terminal awplus(config)# log host 10.32.16.12 time local-offset plus 3 To send messages to the remote syslog server with the IP address 10.32.16.02 with the time information converted to the time zone of the email recipient, which is 3 hours behind the device’s UTC time zone, use the following commands: awplus# configure terminal awplus(config)# log host 10.32.16.02 time utc-offset minus 3 Related Commands default log host log host log host (filter) log host exclude log host source show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 285 LOGGING COMMANDS LOG MONITOR (FILTER) log monitor (filter) Overview Syntax This command creates a filter to select messages to be sent to the terminal when the terminal monitor command is given. Selection can be based on the priority/severity of the message, the program that generated the message, the logging facility used, a sub-string within the message or a combination of some or all of these. log monitor [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log monitor [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Filter messages by severity level. <level> The minimum severity of message to send. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Filter messages by program. Include messages from a specified program. <programname> The name of a program to log messages from, either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output: C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) mstp Multiple Spanning Tree Protocol (MSTP) imi Integrated Management Interface (IMI) imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 286 LOGGING COMMANDS LOG MONITOR (FILTER) Parameter Description rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Filter messages by syslog facility. <facility> Specify one of the following syslog facilities to include messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Select messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Examples By default there is a filter to select all messages. This filter may be removed and replaced by filters that are more selective. Global Configuration To create a filter to send all messages generated by MSTP that have a severity of info or higher to terminal instances where the terminal monitor command has been given use the following commands: awplus# configure terminal awplus(config)# log monitor level info program mstp To remove a filter that sends all messages generated by EPSR that have a severity of notices or higher to the terminal use the following commands: awplus# configure terminal awplus(config)# no log monitor level notices program epsr C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 287 LOGGING COMMANDS LOG MONITOR (FILTER) To remove a default filter that includes sending everything to the terminal use the following commands: awplus# configure terminal awplus(config)# no log monitor level debugging Related Commands default log monitor log monitor exclude show log config terminal monitor C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 288 LOGGING COMMANDS LOG MONITOR EXCLUDE log monitor exclude Overview Use this command to prevent specified log messages from being displayed on a terminal, when terminal monitor is enabled. You can exclude messages on the basis of: • the priority/severity of the message • the program that generated the message • the logging facility used • a sub-string within the message, or • a combination of some or all of these. Use the no variant of this command to stop excluding the specified messages. Syntax log console exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log console exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Exclude messages of the specified severity level. <level> The severity level to exclude. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Exclude messages from a specified program. <programname> The name of a program. Either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output. C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 289 LOGGING COMMANDS LOG MONITOR EXCLUDE Parameter Description mstp Multiple Spanning Tree Protocol (MSTP) imi Integrated Management Interface (IMI) imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Exclude messages from a syslog facility. <facility> Specify one of the following syslog facilities to exclude messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Exclude messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Example No log messages are excluded Global configuration To remove messages that contain the string “example of irrelevant message”, use the following commands: awplus# configure terminal awplus(config)# log monitor exclude msgtext example of irrelevant message Related Commands C613-50081-01 REV A default log monitor Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 290 LOGGING COMMANDS LOG MONITOR EXCLUDE log monitor (filter) show log config terminal monitor C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 291 LOGGING COMMANDS LOG PERMANENT log permanent Overview This command configures the device to send permanent log messages to non-volatile storage (NVS) on the device. The content of the permanent log is retained over a reboot. Once the permanent log reaches its configured maximum allowable size old messages will be deleted to make way for new messages. On IE200-6 Series switches, files in NVS persist over a device restart but do not persist over a power cycle. The no variant of this command configures the device not to send any messages to the permanent log. Log messages will not be retained over a restart. Syntax log permanent no log permanent Mode Examples Global Configuration To enable permanent logging use the following commands: awplus# configure terminal awplus(config)# log permanent To disable permanent logging use the following commands: awplus# configure terminal awplus(config)# no log permanent Related Commands clear log permanent default log permanent log permanent (filter) log permanent exclude log permanent size show log config show log permanent C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 292 LOGGING COMMANDS LOG PERMANENT (FILTER) log permanent (filter) Overview This command creates a filter to select messages to be sent to the permanent log. Selection can be based on the priority/ severity of the message, the program that generated the message, the logging facility used, a sub-string within the message or a combination of some or all of these. The permanent log is stored in NVS. On IE200-6 Series switches, files in NVS persist over a device restart but do not persist over a power cycle. The no variant of this command removes the corresponding filter, so that the specified messages are no longer sent to the permanent log. Syntax log permanent [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log permanent [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Filter messages sent to the permanent log by severity level. <level> The minimum severity of message to send. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Filter messages by program. Include messages from a specified program. <programname> The name of a program to log messages from, either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output: C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) mstp Multiple Spanning Tree Protocol (MSTP) imi Integrated Management Interface (IMI) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 293 LOGGING COMMANDS LOG PERMANENT (FILTER) Parameter Description imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Filter messages by syslog facility. <facility> Specify one of the following syslog facilities to include messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Select messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Examples By default the buffered log has a filter to select messages whose severity level is notices (5) or higher. This filter may be removed using the no variant of this command. Global Configuration To create a filter to send all messages generated by EPSR that have a severity of notices or higher to the permanent log use the following commands: awplus# configure terminal awplus(config)# log permanent level notices program epsr C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 294 LOGGING COMMANDS LOG PERMANENT (FILTER) To create a filter to send all messages containing the text “Bridging initialization”, to the permanent log use the following commands: awplus# configure terminal awplus(config)# log permanent msgtext Bridging initialization Related Commands clear log permanent default log permanent log permanent log permanent exclude log permanent size show log config show log permanent C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 295 LOGGING COMMANDS LOG PERMANENT EXCLUDE log permanent exclude Overview Use this command to prevent specified log messages from being sent to the permanent log. You can exclude messages on the basis of: • the priority/severity of the message • the program that generated the message • the logging facility used • a sub-string within the message, or • a combination of some or all of these. Use the no variant of this command to stop excluding the specified messages. Syntax log permanent exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] no log permanent exclude [level <level>] [program <program-name>] [facility <facility>] [msgtext <text-string>] Parameter Description level Exclude messages of the specified severity level. <level> The severity level to exclude. The level can be specified as one of the following numbers or level names, where 0 is the highest severity and 7 is the lowest severity: 0|emergencies System is unusable 1|alerts Action must be taken immediately 2|critical Critical conditions 3|errors Error conditions 4|warnings Warning conditions 5|notices Normal, but significant, conditions 6|informational Informational messages 7|debugging Debug-level messages program Exclude messages from a specified program. <programname> The name of a program. Either one of the following predefined program names (not case-sensitive), or another program name (case-sensitive) that you find in the log output. C613-50081-01 REV A rsvp Resource Reservation Protocol (RSVP) dot1x IEEE 802.1X Port-Based Access Control lacp Link Aggregation Control Protocol (LACP) stp Spanning Tree Protocol (STP) rstp Rapid Spanning Tree Protocol (RSTP) mstp Multiple Spanning Tree Protocol (MSTP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 296 LOGGING COMMANDS LOG PERMANENT EXCLUDE Parameter Description imi Integrated Management Interface (IMI) imish Integrated Management Interface Shell (IMISH) epsr Ethernet Protection Switched Rings (EPSR) rmon Remote Monitoring loopprot Loop Protection poe Power-inline (Power over Ethernet) dhcpsn DHCP snooping (DHCPSN) facility Exclude messages from a syslog facility. <facility> Specify one of the following syslog facilities to exclude messages from: kern Kernel messages user Random user-level messages mail Mail system daemon System daemons auth Security/authorization messages syslog Messages generated internally by syslogd lpr Line printer subsystem news Network news subsystem uucp UUCP subsystem cron Clock daemon authpriv Security/authorization messages (private) ftp FTP daemon msgtext Exclude messages containing a certain text string. <textstring> A text string to match (maximum 128 characters). This is case sensitive, and must be the last text on the command line. Default Mode Example No log messages are excluded Global configuration To remove messages that contain the string “example of irrelevant message”, use the following commands: awplus# configure terminal awplus(config)# log permanent exclude msgtext example of irrelevant message Related Commands C613-50081-01 REV A clear log permanent default log permanent Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 297 LOGGING COMMANDS LOG PERMANENT EXCLUDE log permanent log permanent (filter) log permanent size show log config show log permanent C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 298 LOGGING COMMANDS LOG PERMANENT SIZE log permanent size Overview This command configures the amount of memory that the permanent log is permitted to use. Once this memory allocation has been filled old messages will be deleted to make room for new messages. The permanent log is stored in NVS. On IE200-6 Series switches, files in NVS persist over a device restart but do not persist over a power cycle. Syntax Mode Example log permanent size <50-250> Parameter Description <50-250> Size of the permanent log in kilobytes Global Configuration To allow the permanent log to use up to 100 kB of NVS use the following commands: awplus# configure terminal awplus(config)# log permanent size 100 Related Commands clear log permanent default log permanent log permanent log permanent (filter) log permanent exclude show log config show log permanent C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 299 LOGGING COMMANDS LOG-RATE-LIMIT NSM log-rate-limit nsm Overview This command limits the number of log messages generated by the device for a given interval. Use the no variant of this command to revert to the default number of log messages generated by the device of up to 200 log messages per second. Syntax log-rate-limit nsm messages <message-limit> interval <time-interval> no log-rate-limit nsm Default Parameter Description <message-limit> <1-65535> The number of log messages generated by the device. <time-interval> <0-65535> The time period for log message generation in 1/100 seconds. If an interval of 0 is specified then no log message rate limiting is applied. By default, the device will allow 200 log messages to be generated per second. Mode Global Configuration Usage Previously, if the device received a continuous stream of IGMP packets with errors, such as when a packet storm occurs because of a network loop, then the device generates a lot of log messages using more and more memory, which may ultimately cause the device to shutdown. This log rate limiting feature constrains the rate that log messages are generated by the device. Note that if within the given time interval, the number of log messages exceeds the limit, then any excess log messages are discarded. At the end of the time interval, a single log message is generated indicating that log messages were discarded due to the log rate limit being exceeded. Thus if the expectation is that there will be a lot of discarded log messages due to log rate limiting, then it is advisable to set the time interval to no less than 100, which means that there would only be one log message, indicating log excessive log messages have been discarded. Examples To limit the device to generate up to 300 log messages per second, use the following commands: awplus# configure terminal awplus(config)# log-rate-limit nsm messages 300 interval 100 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 300 LOGGING COMMANDS LOG-RATE-LIMIT NSM To return the device the default setting, to generate up to 200 log messages per second, use the following commands: awplus# configure terminal awplus(config)# no log-rate-limit nsm C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 301 LOGGING COMMANDS SHOW COUNTER LOG show counter log Overview Syntax Mode Example This command displays log counter information. show counter log User Exec and Privileged Exec To display the log counter information, use the command: awplus# show counter log Output Figure 7-1: Example output from the show counter log command Log counters Total Received Total Received Total Received Total Received Total Received Total Received Total Received Total Received Total Received P0 P1 P2 P3 P4 P5 P6 P7 ......... ......... ......... ......... ......... ......... ......... ......... ......... 2328 0 0 1 9 32 312 1602 372 Table 1: Parameters in output of the show counter log command Related Commands C613-50081-01 REV A Parameter Description Total Received Total number of messages received by the log Total Received P0 Total number of Priority 0 (Emergency) messages received Total Received P1 Total number of Priority 1 (Alert) messages received Total Received P2 Total number of Priority 2 (Critical) messages received Total Received P3 Total number of Priority 3 (Error) messages received Total Received P4 Total number of Priority 4 (Warning) messages received Total Received P5 Total number of Priority 5 (Notice) messages received Total Received P6 Total number of Priority 6 (Info) messages received Total Received P7 Total number of Priority 7 (Debug) messages received show log config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 302 LOGGING COMMANDS SHOW EXCEPTION LOG show exception log Overview Syntax Mode Example This command displays the contents of the exception log. show exception log User Exec and Privileged Exec To display the exception log, use the command: awplus# show exception log Output Figure 7-2: Example output from the show exception log command on a device awplus#show exception log <date> <time> <facility>.<severity> <program[<pid>]>: <message> ------------------------------------------------------------------------- 2014 Jan 08 08:05:59 local7.debug awplus corehandler : Process hsl (PID:741) sig nal 11, core dumped to /flash/hsl-IE200-proj1747_ie200-20131225-1-1-1262937958-7 41.tgz 2014 Jan 08 08:17:43 local7.debug awplus corehandler : Process hsl (PID:745) sig nal 11, core dumped to /flash/hsl-IE200-proj1747_IE200-20131225-1-1-1262938662-7 45.tgz ------------------------------------------------------------------------- Output Figure 7-3: Example output from the show exception log command on a switch that has never had an exception occur awplus#show exception log <date> <time> <facility>.<severity> <program[<pid>]>: <message> ------------------------------------------------------------------------- None ------------------------------------------------------------------------- awplus# C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 303 LOGGING COMMANDS SHOW LOG show log Overview This command displays the contents of the buffered log. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Default show log [tail [<10-250>]] Parameter Description tail Display only the latest log entries. <10-250> Specify the number of log entries to display. By default the entire contents of the buffered log is displayed. Mode User Exec, Privileged Exec and Global Configuration Usage If the optional tail parameter is specified only the latest 10 messages in the buffered log are displayed. A numerical value can be specified after the tail parameter to select how many of the latest messages should be displayed. Examples To display the contents of the buffered log use the command: awplus# show log To display the 10 latest entries in the buffered log use the command: awplus# show log tail 10 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 304 LOGGING COMMANDS SHOW LOG Output Figure 7-4: Example output from the show log command awplus#show log <date> <time> <facility>.<severity> <program[<pid>]>: <message> -------------------------------------------------------------------- 2011 Aug 29 07:55:22 kern.notice awplus kernel: Linux version 2.6.32.12-at1 (mak er@awpmaker03-dl) (gcc version 4.3.3 (Gentoo 4.3.3-r3 p1.2, pie-10.1.5) ) #1 Wed Dec 8 11:53:40 NZDT 2010 2011 Aug 29 07:55:22 kern.warning awplus kernel: No pci config register base in dev tree, using default 2011 Aug 29 07:55:23 kern.notice awplus kernel: Kernel command line: console=tty S0,9600 releasefile=IE200-5.4.6I-0.1.rel ramdisk=14688 bootversion=1.1.0-rc12 loglevel=1 extraflash=00000000 2011 Aug 29 07:55:25 kern.notice awplus kernel: RAMDISK: squashfs filesystem fou nd at block 0 2011 Aug 29 07:55:28 kern.warning awplus kernel: ipifwd: module license 'Proprie tary' taints kernel. . . . C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 305 LOGGING COMMANDS SHOW LOG Figure 7-5: Example output from the show log tail command awplus#show log tail <date> <time> <facility>.<severity> <program[<pid>]>: <message> -------------------------------------------------------------------- 2006 Nov 10 13:30:01 cron.notice crond[116]: USER manager pid 469 cmd logrotate / etc/logrotate.conf 2006 Nov 10 13:30:01 cron.notice crond[116]: USER manager pid 471 cmd nbqueue -- wipe 2006 Nov 10 13:35:01 cron.notice crond[116]: USER manager pid 472 cmd nbqueue -- wipe 2006 Nov 10 13:40:01 cron.notice crond[116]: USER manager pid 477 cmd nbqueue -- wipe 2006 Nov 10 13:44:36 syslog.notice syslog-ng[67]: Log statistics; processed=\’center(queued)=70\’, processed=\’2006 Nov 10 13:45:01 cron.notice crond[116]: USER manager pid 478 cmd logrotate /etc/logrotate.conf 2006 Nov 10 13:45:01 cron.notice crond[116]: USER manager pid 480 cmd nbqueue -- wipe 2006 Nov 10 13:49:32 syslog.notice syslog-ng[67]: SIGHUP received, reloading configuration; 2006 Nov 10 13:50:01 cron.notice crond[116]: USER manager pid 482 cmd nbqueue -- wipe 2006 Nov 10 13:55:01 cron.notice crond[116]: USER manager pid 483 cmd nbqueue -- wipe . . . Related Commands clear log buffered default log buffered log buffered log buffered (filter) log buffered size log buffered exclude show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 306 LOGGING COMMANDS SHOW LOG CONFIG show log config Overview Syntax Mode Example This command displays information about the logging system. This includes the configuration of the various log destinations, buffered, permanent, syslog servers (hosts) and email addresses. This also displays the latest status information for each of these destinations. show log config User Exec, Privileged Exec and Global Configuration To display the logging configuration use the command: awplus# show log config Output Figure 7-6: Example output from the show log config command Buffered log: Status ......... enabled Maximum size ... 100kb Filters: *1 Level ........ notices Program ...... any Facility ..... any Message text . any 2 Level ........ informational Program ...... mstp Facility ..... daemon Message text . any Statistics ..... 1327 messages received, 821 accepted by filter (2015 Nov 11 10:36:16) Permanent log: Status ......... enabled Maximum size ... 60kb Filters: 1 Level ........ error Program ...... any Facility ..... any Message text . any *2 Level ........ warnings Program ...... dhcp Facility ..... any Message text . "pool exhausted" Statistics ..... 1327 messages received, 12 accepted by filter (2015 Nov 11 10:36:16) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 307 LOGGING COMMANDS SHOW LOG CONFIG Host 10.32.16.21: Time offset .... +2:00 Offset type .... UTC Filters: 1 Level ........ critical Program ...... any Facility ..... any Message text . any Statistics ..... 1327 messages received, 1 accepted by filter (2015 Nov 11 10:36:16) Email [email protected]: Time offset .... +0:00 Offset type .... Local Filters: 1 Level ........ emergencies Program ...... any Facility ..... any Message text . any Statistics ..... 1327 messages received, 0 accepted by filter (2015 Nov 11 10:36:16) ... In the above example the ’*’ next to filter 1 in the buffered log configuration indicates that this is the default filter. The permanent log has had its default filter removed, so none of the filters are marked with “*’. NOTE: Terminal log and console log cannot be set at the same time. If console logging is enabled then the terminal logging is turned off. Related Commands show counter log show log show log permanent C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 308 LOGGING COMMANDS SHOW LOG PERMANENT show log permanent Overview This command displays the contents of the permanent log. The permanent log is stored in NVS. On IE200-6 Series switches, files in NVS persist over a device restart but do not persist over a power cycle. Syntax Default Mode Example show log permanent [tail [<10-250>]] Parameter Description tail Display only the latest log entries. <10-250> Specify the number of log entries to display. If the optional tail parameter is specified only the latest 10 messages in the permanent log are displayed. A numerical value can be specified after the tail parameter to select how many of the latest messages should be displayed. User Exec, Privileged Exec and Global Configuration To display the permanent log, use the command: awplus# show log permanent Output Figure 7-7: Example output from the show log permanent command awplus#show log permanent <date> <time> <facility>.<severity> <program[<pid>]>: <message> ------------------------------------------------------------------------ 2014 Jun 10 09:30:09 syslog.notice syslog-ng[67]: syslog-ng starting up; version=\’2.0rc3\’ 2014 Jun 10 09:30:09 auth.warning portmap[106]: user rpc not found, reverting to user bin 2014 Jun 10 09:30:09 cron.notice crond[116]: crond 2.3.2 dillon, started, log level 8 2014 Jun 10 09:30:14 daemon.err snmpd[181]: /flash/.configs/snmpd.conf: line 20: Error: bad SUBTREE object 2014 Jun 10 09:30:14 user.info HSL[192]: HSL: INFO: Registering port port1.0.1 Related Commands clear log permanent default log permanent log permanent log permanent (filter) log permanent exclude log permanent size show log config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 309 LOGGING COMMANDS SHOW RUNNING-CONFIG LOG show running-config log Overview Syntax Mode Example This command displays the current running configuration of the Log utility. show running-config log Privileged Exec and Global Configuration To display the current configuration of the log utility, use the command: awplus# show running-config log Related Commands C613-50081-01 REV A show log show log config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 310 8 Scripting Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides commands used for command scripts. • “activate” on page 312 • “echo” on page 313 • “wait” on page 314 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 311 SCRIPTING COMMANDS ACTIVATE activate Overview Syntax This command activates a script file. activate [background] <script> Parameter Description background Activate a script to run in the background. A process that is running in the background will operate as a separate task, and will not interrupt foreground processing. Generally, we recommend running short, interactive scripts in the foreground and longer scripts in the background. The default is to run the script in the foreground. <script> The file name of the script to activate. The script is a command script consisting of commands documented in this software reference. Note that you must use either a . scp or a . sh filename extension for a valid script text file, as described below in the usage section for this command. Mode Privileged Exec Usage When a script is activated, the privilege level is set to 1 enabling User Exec commands to run in the script. If you need to run Privileged Exec commands in your script you need to add an enable (Privileged Exec mode) command to the start of your script. If you need to run Global Configuration commands in your script you need to add a configure terminal command after the enable command at the start of your script. The activate command executes the script in a new shell. A terminal length shell command, such as terminal length 0 may also be required to disable a delay that would pause the display. A script must be a text file with a filename extension of either . sh or . scp only for the AlliedWare Plus™ CLI to activate the script file. The . sh filename extension indicates the file is an ASH script, and the . scp filename extension indicates the file is an AlliedWare Plus™ script. Examples To activate a command script to run as a background process, use the command: awplus# activate background test.scp Related Commands configure terminal echo enable (Privileged Exec mode) wait C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 312 SCRIPTING COMMANDS ECHO echo Overview Syntax This command echoes a string to the terminal, followed by a blank line. echo <line> Parameter Description <line> The string to echo Mode User Exec and Privileged Exec Usage This command may be useful in CLI scripts, to make the script print user-visible comments. Example To echo the string Hello World to the console, use the command: awplus# echo Hello World Output Hello World Related Commands C613-50081-01 REV A activate wait Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 313 SCRIPTING COMMANDS WAIT wait Overview Syntax Default This command pauses execution of the active script for the specified period of time. wait <delay> Parameter Description <delay> <1-65335> Specify the time delay in seconds No wait delay is specified by default to pause script execution. Mode Privileged Exec (when executed from a script not directly from the command line) Usage Use this command to pause script execution in an . scp (AlliedWare Plus™ script) or an . sh (ASH script) file executed by the activate command. The script must contain an enable (Privileged Exec mode) command since the wait command is only executed in the Privileged Exec mode.When a script is activated, the privilege level is set to 1 enabling User Exec commands to run in the script. If you need to run Privileged Exec commands in your script you need to add an enable (Privileged Exec mode) command to the start of your script. Example See an example . scp script file extract below that will show port counters for interface port1.0.1 over a 10 second interval: enable show interface port1.0.1 wait 10 show interface port1.0.1 Related Commands activate echo enable (Privileged Exec mode) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 314 9 Interface Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference of commands used to configure and display interfaces. • “description (interface)” on page 316 • “interface (to configure)” on page 317 • “mru jumbo” on page 319 • “mtu” on page 320 • “show interface” on page 322 • “show interface brief” on page 326 • “show interface status” on page 327 • “shutdown” on page 329 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 315 INTERFACE COMMANDS DESCRIPTION (INTERFACE) description (interface) Overview Syntax Mode Example Use this command to add a description to a specific port or interface. description <description> Parameter Description <description> Text describing the specific interface. Interface Configuration The following example uses this command to describe the device that a switch port is connected to. awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# description Boardroom PC C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 316 INTERFACE COMMANDS INTERFACE (TO CONFIGURE) interface (to configure) Overview Syntax Use this command to select one or more interfaces to configure. interface <interface-list> interface lo Parameter Description <interface-list> The interfaces or ports to configure. An interface-list can be: • an interface such as a VLAN (e.g. vlan2), a switch port (e.g. port1.0.6), a static channel group (e.g. sa2) or a dynamic (LACP) channel group (e.g. po2) • a continuous range of interfaces, ports, static channel groups or dynamic (LACP) channel groups separated by a hyphen; e.g. vlan2-8, or port1.0.1-1.0.6, or sa1-2, or po1-2 • a comma-separated list of the above; e.g. port1.0.1,port1.0.4-1.0.6. Do not mix interface types in a list The specified interfaces must exist. lo Usage The local loopback interface. A local loopback interface is one that is always available for higher layer protocols to use and advertise to the network. Although a local loopback interface is assigned an IP address, it does not have the usual requirement of connecting to a lower layer physical entity. This lack of physical attachment creates the perception of a local loopback interface always being accessible via the network. Local loopback interfaces can be utilized by a number of protocols for various purposes. They can be used to improve access to the device and also increase its reliability, security, scalability and protection. In addition, local loopback interfaces can add flexibility and simplify management, information gathering and filtering. One example of this increased reliability is for OSPF to advertise a local loopback interface as an interface-route into the network irrespective of the physical links that may be “up” or “down” at the time. This provides a higher probability that the routing traffic will be received and subsequently forwarded. Mode Example Global Configuration The following example shows how to enter Interface mode to configure vlan1. Note how the prompt changes. awplus# configure terminal awplus(config)# interface vlan1 awplus(config-if)# C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 317 INTERFACE COMMANDS INTERFACE (TO CONFIGURE) The following example shows how to enter Interface mode to configure the local loopback interface. awplus# configure terminal awplus(config)# interface lo awplus(config-if)# Related Commands ip address (IP Addressing and Protocol) show interface show interface brief C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 318 INTERFACE COMMANDS MRU JUMBO mru jumbo Overview Use this command to enable the device to forward jumbo frames. For more information, see the Switching Feature Overview and Configuration Guide. When jumbo frame support is enabled, the maximum size of packets that the device can forward is 9710 bytes of payload. Use the no variant of this command to remove jumbo frame support, and restore the default MRU size (1500 bytes) for switch ports. NOTE: The figure of 1500 or 9710 bytes specifies the payload only. For an IEEE 802.1q frame, provision is made (internally) for the following additional components: • Source and Destination addresses • EtherType field • Priority and VLAN tag fields • FCS These additional components increase the frame size internally (to 1522 bytes in the default case). Syntax mru jumbo no mru Default By default, jumbo frame support is not enabled. Mode Interface Configuration for switch ports. Usage Note that show interface output will only show MRU size for switch ports. We recommend limiting the number of ports with jumbo frames support enabled to two. Examples To enable the device to forward jumbo frames on port1.0.2, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# mru jumbo To remove the jumbo frame support, and therefore restore the MRU size of 1500 bytes on port1.0.2, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no mru Related Commands C613-50081-01 REV A show interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 319 INTERFACE COMMANDS MTU mtu Overview Use this command to set the Maximum Transmission Unit (MTU) size for VLANs, where MTU is the maximum packet size that VLANs can transmit. The MTU size setting is applied to both IPv4 and IPv6 packet transmission. Use the no variant of this command to remove a previously specified Maximum Transmission Unit (MTU) size for VLANs, and restore the default MTU size (1500 bytes) for VLANs. Syntax mtu <68-1582> no mtu Default The default MTU size is 1500 bytes for VLAN interfaces. Mode Interface Configuration for VLAN interfaces. Usage If a device receives an IPv4 packet for Layer 3 switching to another VLAN with an MTU size smaller than the packet size, and if the packet has the ‘don’t fragment’ bit set, then the device will send an ICMP ‘destination unreachable’ (3) packet type and a ‘fragmentation needed and DF set’ (4) code back to the source. For IPv6 packets bigger than the MTU size of the transmitting VLAN interface, an ICMP ‘packet too big’ (ICMP type 2 code 0) message is sent to the source. Note that show interface output will only show MTU size for VLAN interfaces. Examples To configure an MTU size of 1500 bytes on interface vlan2, use the commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# mtu 1500 To configure an MTU size of 1500 bytes on interfaces vlan2 to vlan4, use the commands: awplus# configure terminal awplus(config)# interface vlan2-vlan4 awplus(config-if)# mtu 1500 To restore the MTU size to the default MTU size of 1500 bytes on vlan2, use the commands awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# no mtu To restore the MTU size to the default MTU size of 1500 bytes on vlan2 and vlan4, use the commands awplus# configure terminal awplus(config)# interface vlan2-vlan4 awplus(config-if)# no mtu C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 320 INTERFACE COMMANDS MTU Related Commands C613-50081-01 REV A show interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 321 INTERFACE COMMANDS SHOW INTERFACE show interface Overview Use this command to display interface configuration and status. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show interface [<interface-list>] show interface lo Parameter Description <interface-list> The interfaces or ports to configure. An interface-list can be: • an interface such as a VLAN (e.g. vlan2), a switch port (e.g. port1.0.6), a static channel group (e.g. sa2) or a dynamic (LACP) channel group (e.g. po2) • a continuous range of interfaces, ports, static channel groups or dynamic (LACP) channel groups separated by a hyphen; e.g. vlan2-8, or port1.0.1-1.0.6, or sa1-2, or po1-2 • a comma-separated list of the above; e.g. port1.0.1,port1.0.4-1.0.6. Do not mix interface types in a list The specified interfaces must exist. lo The local loopback interface. Mode User Exec and Privileged Exec Usage Note that the output displayed with this command will show MTU (Maximum Transmission Unit) size for VLAN interfaces, and MRU (Maximum Received Unit) size for switch ports. Example To display configuration and status information for all interfaces, use the command: awplus# show interface C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 322 INTERFACE COMMANDS SHOW INTERFACE Figure 9-1: Example output from the show interface command awplus#show interface Interface port1.0.1 Scope: both Link is DOWN, administrative state is UP Thrash-limiting Status Not Detected, Action learn-disable, Timeout 1(s) Hardware is Ethernet, address is 000c.2503.9a74 index 5001 metric 1 mru 1518 configured duplex auto, configured speed auto, configured polarity auto <UP,BROADCAST,MULTICAST> SNMP link-status traps: Disabled input packets 0, bytes 0, dropped 0, multicast packets 0 output packets 0, bytes 0, multicast packets 0 broadcast packets 0 Time since last state change: 0 days 00:12:18 Interface port1.0.2 Scope: both Link is UP, administrative state is UP Thrash-limiting Status Not Detected, Action learn-disable, Timeout 1(s) Hardware is Ethernet, address is 000c.2503.9a74 index 5002 metric 1 mru 1518 current duplex full, current speed 100, current polarity mdi configured duplex auto, configured speed auto, configured polarity auto <UP,BROADCAST,RUNNING,MULTICAST> SNMP link-status traps: Disabled input packets 4566, bytes 530517, dropped 0, multicast packets 753 output packets 0, bytes 0, multicast packets 0 broadcast packets 0 Time since last state change: 0 days 00:10:31 ... Interface lo Scope: both Link is UP, administrative state is UP Hardware is Loopback index 1 metric 1 <UP,LOOPBACK,RUNNING> SNMP link-status traps: Disabled input packets 0, bytes 0, dropped 0, multicast packets 0 output packets 0, bytes 0, multicast packets 0 broadcast packets 0 Time since last state change: 0 days 00:12:18 Interface vlan1 Scope: both Link is DOWN, administrative state is DOWN Hardware is VLAN, address is 000c.2503.9a74 index 301 metric 1 mtu 1500 arp ageing timeout 300 <BROADCAST,MULTICAST> SNMP link-status traps: Disabled Bandwidth 1g input packets 0, bytes 0, dropped 0, multicast packets 0 output packets 0, bytes 0, multicast packets 0 broadcast packets 0 Time since last state change: 0 days 00:12:18 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 323 INTERFACE COMMANDS SHOW INTERFACE To display configuration and status information for interface lo, use the command: awplus# show interface lo Figure 9-2: Example output from the show interface lo command awplus#show interface lo Interface lo Scope: both Link is UP, administrative state is UP Hardware is Loopback index 1 metric 1 <UP,LOOPBACK,RUNNING> SNMP link-status traps: Disabled input packets 0, bytes 0, dropped 0, multicast packets 0 output packets 0, bytes 0, multicast packets 0 broadcast packets 0 Time since last state change: 69 days 01:28:47 To display configuration and status information for interfaces vlan1 and vlan2, use the command: awplus# show interface vlan1,vlan2 Figure 9-3: Example output from the show interface vlan1,vlan2 command awplus#show interface vlan1,vlan2 Interface vlan1 Scope: both Link is UP, administrative state is UP Hardware is VLAN, address is 0015.77e9.5c50 IPv4 address 192.168.1.1/24 broadcast 192.168.1.255 index 201 metric 1 mtu 1500 arp ageing timeout 300 <UP,BROADCAST,RUNNING,MULTICAST> SNMP link-status traps: Disabled Bandwidth 1g input packets 295606, bytes 56993106, dropped 5, multicast packets 156 output packets 299172, bytes 67379392, multicast packets 0 broadcast packets 0 Time since last state change: 0 days 14:22:39 Interface vlan2 Scope: both Link is DOWN, administrative state is UP Hardware is VLAN, address is 0015.77e9.5c50 IPv4 address 192.168.2.1/24 broadcast 192.168.2.255 Description: ip_phone_vlan index 202 metric 1 mtu 1500 arp ageing timeout 300 <UP,BROADCAST,MULTICAST> SNMP link-status traps: Disabled Bandwidth 1g input packets 0, bytes 0, dropped 0, multicast packets 0 output packets 90, bytes 4244, multicast packets 0 broadcast packets 0 Time since last state change: 0 days 14:22:39 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 324 INTERFACE COMMANDS SHOW INTERFACE Related Commands mru jumbo mtu show interface brief C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 325 INTERFACE COMMANDS SHOW INTERFACE BRIEF show interface brief Overview Use this command to display brief interface, configuration, and status information, including provisioning information. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Output show interface brief User Exec and Privileged Exec Figure 9-4: Example output from the show interface brief command awplus# show interface brief Interface Status port1.0.1 admin up port1.0.2 admin up port1.0.3 admin up port1.0.4 admin up port1.0.5 admin up port1.0.6 admin up lo admin up vlan1 admin down Protocol down running down down down down running down Table 1: Parameters in the output of the show interface brief command Related Commands C613-50081-01 REV A Parameter Description Interface The name or type of interface. Status The administrative state. This can be either admin up or admin down. Protocol The link state. This can be either down, running, or provisioned. show interface show interface memory Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 326 INTERFACE COMMANDS SHOW INTERFACE STATUS show interface status Overview Syntax Use this command to display the status of the specified interface or interfaces. Note that when no interface or interfaces are specified then the status of all interfaces on the device are shown. show interface [<port-list>] status Parameter Description <port-list> The ports to display information about. The port list can be: • a switch port (e.g. port1.0.6) a static channel group (e.g. sa2) or a dynamic (LACP) channel group (e.g. po2) • a continuous range of ports separated by a hyphen, e.g. port1.0.1-1.0.6, or sa1-2, or po1-2 • a comma-separated list of ports and port ranges, e.g. port1.0.1,port1.0.4-1.0.6. Do not mix switch ports, static channel groups, and dynamic (LACP) channel groups in the same list Examples To display the status of ports 1.0.1 to 1.0.5, use the commands: awplus# show interface port1.0.1-1.0.4 status Table 2: Example output from the show interface <port-list> status command awplus#show interface port1.0.1 -1.0.5 status Port Name Status port1.0.1 notconnect port1.0.2 notconnect port1.0.3 notconnect port1.0.4 notconnect Vlan 1 1 1 1 Duplex auto auto auto auto Speed auto auto auto auto Type 1000BASE-T 1000BASE-T 1000BASE-T 1000BASE-T Speed auto a-100 auto auto auto auto Type 1000BASE-T 1000BASE-T 1000BASE-T 1000BASE-T BASE-BX10 BASE-BX10 To display the status of all ports, use the commands: awplus# show interface status Table 3: Example output from the show interface status command awplus#show interface status Port Name Status port1.0.1 notconnect port1.0.2 connected port1.0.3 notconnect port1.0.4 notconnect port1.0.5 notconnect port1.0.6 notconnect C613-50081-01 REV A Vlan 1 1 1 1 1 1 Duplex auto a-full auto auto auto auto Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 327 INTERFACE COMMANDS SHOW INTERFACE STATUS Table 4: Parameters in the output from the show interface status command Parameter Description Port Name/Type of the interface. Name Description of the interface. Status The administrative and operational status of the interface; one of: • disabled: the interface is administratively down. • connect: the interface is operationally up. • notconnect: the interface is operationally down. Vlan VLAN type or VLAN IDs associated with the port: • When the VLAN mode is trunk, it displays trunk (it does not display the VLAN IDs). • When the VLAN mode is access, it displays the VLAN ID. • When the VLAN mode is private promiscuous, it displays the primary VLAN ID if it has one, and promiscuous if it does not have a VLAN ID. • When the VLAN mode is private host, it displays the primary and secondary VLAN IDs. • When the port is an Eth port, it displays none: there is no VLAN associated with it. • When the VLAN is dynamically assigned, it displays the current dynamically assigned VLAN ID (not the access VLAN ID), or dynamic if it has multiple VLANs dynamically assigned. Related Commands C613-50081-01 REV A Duplex The actual duplex mode of the interface, preceded by a- if it has autonegotiated this duplex mode. If the port is disabled or not connected, it displays the configured duplex setting. Speed The actual link speed of the interface, preceded by a- if it has autonegotiated this speed. If the port is disabled or not connected, it displays the configured speed setting. Type The type of interface, e.g. 1000BaseTX. For SFP bays, it displays Unknown if it does not recognize the type of SFP installed, or Not present if an SFP is not installed or is faulty. show interface show interface memory Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 328 INTERFACE COMMANDS SHUTDOWN shutdown Overview This command shuts down the selected interface. This administratively disables the link and takes the link down at the physical (electrical) layer. Use the no variant of this command to disable this function and therefore to bring the link back up again. Syntax shutdown no shutdown Mode Interface Configuration Usage If you shutdown an aggregator, the device shows the admin status of the aggregator and its component ports as “admin down”. While the aggregator is down, the device accepts shutdown and no shutdown commands on component ports, but these have no effect on port status. Ports will not come up again while the aggregator is down. Example To shut down port1.0.2, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# shutdown To bring up port1.0.2, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no shutdown To shut down vlan2, use the commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# shutdown To bring up vlan2, use the commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# no shutdown C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 329 10 Interface Testing Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference of commands used for testing interfaces. • “clear test interface” on page 331 • “service test” on page 332 • “test interface” on page 333 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 330 INTERFACE TESTING COMMANDS CLEAR TEST INTERFACE clear test interface Overview Syntax This command clears test results and counters after issuing a test interface command. Test results and counters must be cleared to issue subsequent test interface commands later on. clear test interface {<port-list>|all} Parameter Description <port-list> The ports to test. A port-list can be: • a switch port (e.g. port1.0.6) • a continuous range of ports separated by a hyphen, e.g. port1.0.1-port1.0.6 • a comma-separated list of the above, e.g. port1.0.1,port1.0.5-1.0.6 The specified ports must exist. all Mode Examples All interfaces Privileged Exec To clear the counters for port1.0.1 use the command: awplus# clear test interface port1.0.1 To clear the counters for all interfaces use the command: awplus# clear test interface all Related Commands C613-50081-01 REV A test interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 331 INTERFACE TESTING COMMANDS SERVICE TEST service test Overview This command puts the device into the interface testing state, ready to begin testing. After entering this command, enter Interface Configuration mode for the desired interfaces and enter the command test interface. Do not test interfaces on a device that is part of a live network—disconnect the device first. Use the no variant of this command to stop the test service. Syntax service test no service test Mode Example Global Configuration To put the device into a test state, use the command: awplus(config)# service test Related Commands C613-50081-01 REV A test interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 332 INTERFACE TESTING COMMANDS TEST INTERFACE test interface Overview This command starts a test on a port or all ports or a selected range or list of ports. Use the no variant of this command to disable this function. The test duration can be configured by specifying the time in minutes after specifying a port or ports to test. For an example of all the commands required to test switch ports, see the Examples section in this command. To test the Eth port, set its speed to 100 by using the command speed 100. NOTE: Do not run test interface on live networks because this will degrade network performance. Syntax test interface {<port-list>|all} [time{<1-60>|cont}] no test interface {<port-list>|all} Parameter Description <port-list> The ports to test. A port-list can be: • a switch port (e.g. port1.0.6) • a continuous range of ports separated by a hyphen, e.g. port1.0.1-port1.0.6 • a comma-separated list of the above, e.g. port1.0.1,port1.0.5-1.0.6 The specified ports must exist. Mode C613-50081-01 REV A all All ports time Keyword entered prior to the value for the time duration of the interface test. <1-60> Specifies duration of time to test the interface or interfaces in minutes (from a minimum of 1 minute to a maximum of 60 minutes). The default is 4 minutes. cont Specifies continuous interface testing until canceled with command negation. Privileged Exec Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 333 INTERFACE TESTING COMMANDS TEST INTERFACE Example To test the switch ports in VLAN 1, install loopbacks in the ports, and enter the following commands: awplus(config)# service test awplus(config)# no spanning-tree rstp enable bridge-forward awplus(config)# interface vlan1 awplus(config-if)# shutdown awplus(config-if)# end awplus# test interface all To see the output, use the commands: awplus# show test awplus# show test count To start the test on all interfaces for 1 minute use the command: awplus# test interface all time 1 Related Commands C613-50081-01 REV A clear test interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 334 11 Alarm Monitoring Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference of commands used to configure alarm monitoring. For more information, see the Alarm Monitoring Feature Overview and Configuration Guide. • “alarm facility” on page 336 • “debug alarm” on page 339 • “show alarm settings” on page 340 • “show debugging alarm” on page 341 • “show facility-alarm status” on page 342 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 335 ALARM MONITORING COMMANDS ALARM FACILITY alarm facility Overview Use this command to enable alarm monitoring. Alarm monitoring is user-configured, including which alarms are enabled, and the LED and relay settings for each alarm. Use the no variant of this command to disable the alarm facility for a particular alarm. The command syntax varies depending on the type of alarm you are configuring. The section below includes the syntax for each alarm type. Syntax alarm facility epsr {led|relay} alarm facility input-alarm <input-alarm-number> {alarm-position {open|close}|led|relay} alarm facility link-down <port-list> {led|relay} alarm facility loopprot {led|relay} alarm facility main-pse {led|relay} alarm facility power-supply <power-supply-number> {led|relay} alarm facility pse-port <port-list> {led|relay} alarm facility temperature {led|relay} no alarm facility {epsr|input-alarm <number>|link-aggregation {partial-failure|total-failure}|link-down <port-list>|loopprot|main-pse|power-supply <id>|pse-port <port-list>|temperature} {led|relay} Parameter Description epsr EPSR alarm input-alarm External contact input alarm. <input-alarm-number> The external contact input number. The current models have only a single pair of input contacts, so this number must be 1. link-down Link failure alarm. A link is down on a particular switch port. <port-list> The switch ports on which the alarm will be activated or disabled. The port list can be any of the following: • An individual port. Example: 1.0.3 • A continuous range of ports. Example: 1.0.1-1.0.3 • A combination of individual ports and port ranges, separated by commas. Example: 1.0.1, 1.0.3-1.0.4 loopprot C613-50081-01 REV A Loop protection alarm. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 336 ALARM MONITORING COMMANDS ALARM FACILITY Default Parameter Description main-pse Main power source equipment failure alarm. The sum of the power consumed by all of the PoE devices plugged into the switch exceeds the maximum permitted. Note: This alarm pertains to PoE models only. power-supply Power supply failure alarm. The designated power supply is down. <power-supply-number> The power supply unit number. The switch has two power supplies, so the number must be 1 or 2. pse-port PoE failure on a switch port alarm. A PoE device plugged into a port is consuming more than the maximum power output for the port. temperature High temperature alarm. If enabled, this alarm is triggered when the temperature of the device exceeds 95 degrees Celsius. led Enable or disable the LED for the alarm. relay Enable or disable the relay output for the alarm. alarm-position The position (open or closed) of the input contact corresponding to the alarm that has occurred. open The electrical circuit for the contact input is open. close The electrical circuit for the contact input is closed. All alarms are disabled by default. Mode Global Configuration Usage Enabling alarms allows you to monitor the switch environment and respond to problems as they occur. Example To turn on the LED in case a loop occurs, use the command: awplus# configure terminal awplus(config)# alarm facility looprot led To have an alarm when the contact input is open, use the command: awplus# configure terminal awplus(config)# alarm facility input-alarm 1 alarm-position open To turn off the led from flashing when the device temperature is too high, use the command: awplus# configure terminal awplus(config)# no alarm facility temperature led C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 337 ALARM MONITORING COMMANDS ALARM FACILITY Related Commands C613-50081-01 REV A show alarm settings show facility-alarm status Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 338 ALARM MONITORING COMMANDS DEBUG ALARM debug alarm Overview Use this command to enable debugging of the Alarm Monitoring feature. When debugging is enabled, the switch displays debugging messages on the terminal monitor and in the log. Use the no variant of this command to disable debugging of the Alarm Monitoring feature. Syntax debug alarm no debug alarm Default Mode Example Disabled Global Configuration To turn on Alarm debugging, use the commands: awplus# configure terminal awplus(config)# debug alarm Related Commands C613-50081-01 REV A show debugging alarm Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 339 ALARM MONITORING COMMANDS SHOW ALARM SETTINGS show alarm settings Overview Syntax Mode Example Use this command to view all alarms configured on the switch. The output also includes the alarm position for each contact input. show alarm settings User Exec and Privileged Exec To display all of the alarm settings enabled on the switch, use the command: awplus# show alarm settings Output Figure 11-1: Example output from the show alarm settings command Alarm ---------------------External PSU External PSU EPSR External contact input Link down Link down Link down Link down Link down Link down Loop detect Main PSE failure PoE failure PoE failure PoE failure PoE failure Temperature Alarm ---------------------External contact input Related Commands C613-50081-01 REV A ID --------1 2 LED -------Enabled Enabled Relay -------- Disabled Disabled - Disabled Disabled 1 Disabled Disabled port1.0.1 port1.0.2 port1.0.3 port1.0.4 port1.0.5 port1.0.6 Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled - Disabled Enabled - Disabled Disabled port1.0.1 port1.0.2 port1.0.3 port1.0.4 Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled - Enabled Enabled ID --------1 Alarm position -------------- Open alarm facility show facility-alarm status Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 340 ALARM MONITORING COMMANDS SHOW DEBUGGING ALARM show debugging alarm Overview Use this command to show whether Alarm Monitoring debugging is enabled or disabled. Syntax show debugging alarm Mode User Exec/Privileged Exec Example To show the status of Alarm Monitoring debugging, use the command: awplus# show debugging alarm Output Figure 11-2: Example output from show debugging alarm awplus#show debugging alarm % Alarm debugging is disabled Related Commands C613-50081-01 REV A debug alarm Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 341 ALARM MONITORING COMMANDS SHOW FACILITY-ALARM STATUS show facility-alarm status Overview Syntax Mode Example Use this command to view all of the alarms that are currently active on the switch. show facility-alarm status User Exec and Privileged Exec To display all of the currently active alarms on the switch, use the command: awplus# show facility-alarm status Output Figure 11-3: Example output from the show facility-alarm status command Active alarms ---------------------External PSU EPSR Link down PoE failure Related Commands C613-50081-01 REV A ID --------- 2 port1.0.1 port1.0.1 alarm facility show alarm settings Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 342 Part 2: Layer Two Switching C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 343 12 Switching Commands Introduction Overview This chapter provides an alphabetical reference of commands used to configure switching. For more information, see the Switching Feature Overview and Configuration Guide. Command List C613-50081-01 REV A • “backpressure” on page 346 • “clear loop-protection counters” on page 348 • “clear mac address-table dynamic” on page 349 • “clear mac address-table static” on page 351 • “clear port counter” on page 352 • “debug loopprot” on page 353 • “debug platform packet” on page 354 • “duplex” on page 356 • “flowcontrol (switch port)” on page 358 • “linkflap action” on page 360 • “loop-protection loop-detect” on page 361 • “loop-protection action” on page 362 • “loop-protection action-delay-time” on page 363 • “loop-protection timeout” on page 364 • “mac address-table acquire” on page 365 • “mac address-table ageing-time” on page 366 • “mac address-table logging” on page 367 • “mac address-table static” on page 368 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 344 SWITCHING COMMANDS C613-50081-01 REV A • “mirror interface” on page 369 • “platform stop-unreg-mc-flooding” on page 371 • “platform vlan-stacking-tpid” on page 373 • “polarity” on page 374 • “show debugging loopprot” on page 375 • “show debugging platform packet” on page 376 • “show flowcontrol interface” on page 377 • “show interface err-disabled” on page 378 • “show interface switchport” on page 379 • “show loop-protection” on page 380 • “show mac address-table” on page 382 • “show mirror” on page 384 • “show mirror interface” on page 385 • “show platform” on page 386 • “show platform classifier statistics utilization brief” on page 387 • “show platform port” on page 388 • “show storm-control” on page 392 • “speed” on page 393 • “storm-control level” on page 395 • “thrash-limiting” on page 396 • “undebug loopprot” on page 397 • “undebug platform packet” on page 398 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 345 SWITCHING COMMANDS BACKPRESSURE backpressure Overview This command provides a method of applying flow control to ports running in half duplex mode. The setting will only apply when the link is in the half-duplex state. You can disable backpressure on an interface using the off parameter or the no variant of this command. Syntax backpressure {on|off} no backpressure Default Parameters Description on Enables half-duplex flow control. off Disables half-duplex flow control. Backpressure is turned off by default. You can determine whether an interface has backpressure enabled by viewing the running-config output; backpressure on is shown for interfaces if this feature is enabled. Mode Interface Configuration Usage The backpressure feature enables half duplex Ethernet ports to control traffic flow during congestion by preventing further packets arriving. Back pressure utilizes a pre-802.3x mechanism in order to apply Ethernet flow control to switch ports that are configured in the half duplex mode. The flow control applied by the flowcontrol (switch port) command operates only on full-duplex links, whereas back pressure operates only on half-duplex links. If a port has insufficient capacity to receive further frames, the device will simulate a collision by transmitting a CSMACD jamming signal from this port until the buffer empties. The jamming signal causes the sending device to stop transmitting and wait a random period of time, before retransmitting its data, thus providing time for the buffer to clear. Although this command is only valid for switch ports operating in half-duplex mode the remote device (the one sending the data) can be operating in the full duplex mode. To see the currently-negotiated duplex mode for ports whose links are up, use the command show interface. To see the configured duplex mode (when different from the default), use the command show running-config. Examples To enable back pressure flow control on interfaces port1.0.1-port1.0.2 enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.1-port1.0.2 awplus(config-if)# backpressure on C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 346 SWITCHING COMMANDS BACKPRESSURE To disable back pressure flow control on interface port1.0.2 enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# backpressure off Validation Commands show running-config Related Commands duplex C613-50081-01 REV A show interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 347 SWITCHING COMMANDS CLEAR LOOP-PROTECTION COUNTERS clear loop-protection counters Overview Syntax Mode Examples Use this command to clear the counters for the Loop Protection counters. clear loop-protection [interface <port-list>] counters Parameters Description interface The interface whose counters are to be cleared. <port-list> A port, a port range, or an aggregated link. Privileged Exec To clear the counter information for all interfaces: awplus# clear loop-protection counters To clear the counter information for a single port: awplus# clear loop-protection interface port1.0.1 counters C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 348 SWITCHING COMMANDS CLEAR MAC ADDRESS-TABLE DYNAMIC clear mac address-table dynamic Overview Syntax Use this command to clear the filtering database of all entries learned for a selected MAC address, an MSTP instance, a switch port interface or a VLAN interface. clear mac address-table dynamic [address <mac-address>|interface <port> [instance <inst>]|vlan <vid>] Parameter Description address Specify a MAC (Media Access Control) address to be cleared from the filtering database. <mac-address> Enter a MAC address to be cleared from the database in the format HHHH.HHHH.HHHH. interface Specify a switch port to be cleared from the filtering database. instance Specify an MSTP (Multiple Spanning Tree) instance to be cleared from the filtering database. <inst> Enter an MSTP instance in the range 1 to 63 to be cleared from the filtering database. vlan Specify a VLAN to be cleared from the filtering database. <vid> Enter a VID (VLAN ID) in the range 1 to 4094 to be cleared from the filtering database. Mode Privileged Exec Usage Use this command with options to clear the filtering database of all entries learned for a given MAC address, interface or VLAN. Use this command without options to clear any learned entries. Use the optional instance parameter to clear the filtering database entries associated with a specified MSTP instance Note that you must first specify a switch port interface before you can specify an MSTP instance. Compare this usage and operation with the clear mac address-table static command. Note that an MSTP instance cannot be specified with the command clear mac address-table static. Examples This example shows how to clear all dynamically learned filtering database entries for all interfaces, addresses, VLANs. awplus# clear mac address-table dynamic This example shows how to clear all dynamically learned filtering database entries when learned through device operation for the MAC address 0000.5E00.5302. awplus# clear mac address-table dynamic address 0000.5E00.5302 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 349 SWITCHING COMMANDS CLEAR MAC ADDRESS-TABLE DYNAMIC This example shows how to clear all dynamically learned filtering database entries when learned through device operation for a given MSTP instance 1 on switch port interface port1.0.2. awplus# clear mac address-table dynamic interface port1.0.2 instance 1 Related Commands C613-50081-01 REV A clear mac address-table static show mac address-table Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 350 SWITCHING COMMANDS CLEAR MAC ADDRESS-TABLE STATIC clear mac address-table static Overview Use this command to clear the filtering database of all statically configured entries for a selected MAC address, interface, or VLAN. Syntax clear mac address-table static [address <mac-address>|interface <port>|vlan <vid>] Parameter Description address The MAC address whose entries are to be cleared from the filtering database. <mac-address> Specifies the MAC (Media Access Control) address to be cleared from. Enter this address in the format HHHH.HHHH.HHHH. interface Specify the interface from which statically configured entries are to be cleared. <port> Specify the switch port from which address entries will be cleared. This can be a single switch port, (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). vlan A VLAN whose statically configured entries are to be cleared. <vid> Specifies the VLAN ID whose statically configured entries are to be cleared. Mode Privileged Exec Usage Use this command with options to clear the filtering database of all entries made from the CLI for a given MAC address, interface or VLAN. Use this command without options to clear any entries made from the CLI. Compare this usage with clear mac address-table dynamic command. Examples This example shows how to clear all filtering database entries configured through the CLI. awplus# clear mac address-table static This example shows how to clear all filtering database entries for a specific interface configured through the CLI. awplus# clear mac address-table static interface port1.0.3 This example shows how to clear filtering database entries configured through the CLI for the mac address 0000.5E00.5302. awplus# clear mac address-table static address 0000.5E00.5302 Related Commands clear mac address-table dynamic mac address-table static show mac address-table C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 351 SWITCHING COMMANDS CLEAR PORT COUNTER clear port counter Overview Syntax Mode Example Use this command to clear the packet counters of the port. clear port counter [<port>] Parameter Description <port> The port number or range Privileged Exec To clear the packet counter for port1.0.1, use the command: awplus# Related Commands C613-50081-01 REV A clear port counter port1.0.1 show platform port Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 352 SWITCHING COMMANDS DEBUG LOOPPROT debug loopprot Overview This command enables Loop Protection debugging. The no variant of this command disables Loop Protection debugging. Syntax debug loopprot {info|msg|pkt|state|nsm|all} no debug loopprot {info|msg|pkt|state|nsm|all} Mode Example Parameter Description info General Loop Protection information. msg Received and transmitted Loop Detection Frames (LDFs). pkt Echo raw ASCII display of received and transmitted LDF packets to the console. state Loop Protection states transitions. nsm Network Service Module information. all All debugging information. Privileged Exec and Global Configuration To enable debug for all state transitions, use the command: awplus# Related Commands C613-50081-01 REV A debug loopprot state show debugging loopprot undebug loopprot Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 353 SWITCHING COMMANDS DEBUG PLATFORM PACKET debug platform packet Overview This command enables platform to CPU level packet debug functionality on the device. Use the no variant of this command to disable platform to CPU level packet debug. If the result means both send and receive packet debug are disabled, then any active timeout will be canceled. Syntax debug platform packet [recv] [send] [timeout <timeout>] [vlan <vlan-id>|all] no debug platform packet [recv] [send] Default Parameter Description recv Debug packets received. send Debug packets sent. timeout Stop debug after a specified time. <timeout> <0-3600>The timeout period, specified in seconds. vlan Limit debug to a single VLAN ID specified. <vlan-id> <1-4094> The VLAN ID to limit the debug output on. all Debug all VLANs (default setting). A 5 minute timeout is configured by default if no other timeout duration is specified. Mode Privileged Exec and Global Configuration Usage This command can be used to trace packets sent and received by the CPU. If a timeout is not specified, then a default 5 minute timeout will be applied. If a timeout of 0 is specified, packet debug will be generated until the no variant of this command is used or another timeout value is specified. The timeout value applies to both send and receive debug and is updated whenever the debug platform packet command is used. Examples To enable both receive and send packet debug for the default timeout of 5 minutes, enter: awplus# debug platform packet To enable receive packet debug for 10 seconds, enter: awplus# debug platform packet recv timeout 10 To enable send packet debug with no timeout, enter: awplus# debug platform packet send timeout 0 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 354 SWITCHING COMMANDS DEBUG PLATFORM PACKET To enable VLAN packet debug for VLAN 2 with a timeout duration of 3 minutes, enter: awplus# debug platform packet vlan 2 timeout 150 To disable receive packet debug, enter: awplus# no debug platform packet recv Related Commands C613-50081-01 REV A show debugging platform packet undebug platform packet Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 355 SWITCHING COMMANDS DUPLEX duplex Overview This command changes the duplex mode for the specified port. To see the currently-negotiated duplex mode for ports whose links are up, use the command show interface. To see the configured duplex mode (when different from the default), use the command show running-config. Syntax Default duplex {auto|full|half} Parameter Description auto Auto-negotiate duplex mode. full Operate in full duplex mode only. half Operate in half duplex mode only. By default, ports auto-negotiate duplex mode (except for 100Base-FX ports which do not support auto-negotiation, so default to full duplex mode). Mode Interface Configuration Usage Switch ports in a static or dynamic (LACP) channel group must have the same port speed and be in full duplex mode. Once switch ports have been aggregated into a channel group, you can set the duplex mode of all the switch ports in the channel group by applying this command to the channel group. Examples To specify full duplex for port1.0.4, enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.4 awplus(config-if)# duplex full To specify half duplex for port1.0.4, enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.4 awplus(config-if)# duplex half To auto-negotiate duplex mode for port1.0.4, enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.4 awplus(config-if)# duplex auto C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 356 SWITCHING COMMANDS DUPLEX Related Commands backpressure polarity speed show interface C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 357 SWITCHING COMMANDS FLOWCONTROL (SWITCH PORT) flowcontrol (switch port) Overview Use this command to enable flow control, and configure the flow control mode for the switch port. Use the no variant of this command to disable flow control for the specified switch port. Syntax flowcontrol {send|receive} {off|on} no flowcontrol Default Parameter Description receive When the port receives pause frames, it temporarily stops (pauses) sending traffic. on Enable the specified flow control. off Disable the specified flow control. send When the port is congested (receiving too much traffic), it sends pause frames to request the other end to temporarily stop (pause) sending traffic. By default, flow control is disabled. Mode Interface Configuration Usage The flow control mechanism specified by 802.3x is only for full duplex links. It operates by sending PAUSE frames to the link partner to temporarily suspend transmission on the link Flow control enables connected Ethernet ports to control traffic rates during congestion by allowing congested nodes to pause link operation at the other end. If one port experiences congestion, and cannot receive any more traffic, it notifies the other port to stop sending until the condition clears. When the local device detects congestion at its end, it notifies the remote device by sending a pause frame. On receiving a pause frame, the remote device stops sending data packets, which prevents loss of data packets during the congestion period. Flow control is not recommended when running QoS or ACLs, because the complex queuing, scheduling, and filtering configured by QoS or ACLs may be slowed by applying flow control. For half-duplex links, an older form of flow control known as backpressure is supported. See the related backpressure command. For flow control on async serial (console) ports, see the flowcontrol hardware (asyn/console) command. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 358 SWITCHING COMMANDS FLOWCONTROL (SWITCH PORT) Examples awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# flowcontrol receive on awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# flowcontrol send on awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# flowcontrol receive off awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# flowcontrol send off Validation Commands show running-config Related Commands backpressure C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 359 SWITCHING COMMANDS LINKFLAP ACTION linkflap action Overview Use this command to detect flapping on all ports. If more than 15 flaps occur in less than 15 seconds the flapping port will shut down. Use the no variant of this command to disable flapping detection at this rate. Syntax linkflap action [shutdown] no linkflap action Default Mode Example Parameter Description linkflap Global setting for link flapping. action Specify the action for port. shutdown Shutdown the port. Linkflap action is disabled by default. Global Configuration To enable the linkflap action command on the device, use the following commands: awplus# configure terminal awplus(config)# linkflap action shutdown C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 360 SWITCHING COMMANDS LOOP-PROTECTION LOOP-DETECT loop-protection loop-detect Overview Use this command to enable the loop-protection loop-detect feature and configure its parameters. Use the no variant of this command to disable the loop-protection loop-detect feature. Syntax loop-protection loop-detect [ldf-interval <period>] [ldf-rx-window <frames>] [fast-block] no loop-protection loop-detect Default Parameter Description ldf-interval The time (in seconds) between successive loop-detect frames being sent. <period> Specify a period between 1 and 600 seconds. The default is 10 seconds. ldf-rx-window The number of transmitted loop detect frames whose details are held for comparing with frames arriving at the same port. <frames> Specify a value for the window size between 1 and 5 frames. The default is 3 frames. [fast-block] The fast-block blocks transmitting port to keep partial connectivity. The loop-protection loop-detect feature is disabled by default. The default interval is 10 seconds, and the default window size is 3 frames. Mode Global Configuration Usage See the “Loop Protection” section in the Switching Feature Overview and Configuration Guide for relevant conceptual, configuration, and overview information prior to applying this command. Example To enable the loop-detect mechanism on the switch, and generate loop-detect frames once every 5 seconds, use the following commands: awplus# configure terminal awplus(config)# loop-protection loop-detect ldf-interval 5 Related Commands loop-protection action loop-protection timeout show loop-protection thrash-limiting C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 361 SWITCHING COMMANDS LOOP-PROTECTION ACTION loop-protection action Overview Use this command to specify the protective action to apply when a network loop is detected on an interface. Use the no variant of this command to reset the loop protection actions to the default action, vlan-disable, on an interface. Syntax loop-protection action {link-down|log-only|port-disable|vlan-disable|none} no loop-protection action Default Parameter Description link-down Block all traffic on a port (or aggregated link) that detected the loop, and take down the link. log-only Details of loop conditions are logged. No action is applied to the port (or aggregated link). port-disable Block all traffic on interface for which the loop occurred, but keep the link in the up state. vlan-disable Block all traffic for the VLAN on which the loop traffic was detected. Note that setting this parameter will also enable ingress filtering. This is the default action. none Applies no protective action. loop-protection action vlan-disable Mode Interface Configuration Usage See the “Loop Protection” section in the Switching Feature Overview and Configuration Guide for relevant conceptual, configuration, and overview information prior to applying this command. Example To disable the interface port1.0.4 and bring the link down when a network loop is detected, use the commands: awplus# configure terminal awplus(config)# interface port1.0.4 awplus(config-if)# loop-protection action link-down Related Commands loop-protection loop-detect loop-protection timeout show loop-protection thrash-limiting C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 362 SWITCHING COMMANDS LOOP-PROTECTION ACTION-DELAY-TIME loop-protection action-delay-time Overview Use this command to sets the loop protection action delay time for an interface to specified values in seconds. The action delay time specifies the waiting period for the action. Use the no variant of this command to reset the loop protection action delay time for an interface to default. Syntax loop-protection action-delay-time <0-86400> no loop-protection action Default Mode Example Parameter Description <0-86400> Time in seconds; 0 means action delay timer is disabled. Action delay timer is disabled by default. Interface Configuration To configure a loop protection action delay time of 10 seconds on port 1.0.4, use the commands: awplus# configure terminal awplus(config)# interface port1.0.4 awplus(config-if)# loop-protection action-delay-time 10 Related Commands C613-50081-01 REV A show loop-protection Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 363 SWITCHING COMMANDS LOOP-PROTECTION TIMEOUT loop-protection timeout Overview Use this command to specify the Loop Protection recovery action duration on an interface. Use the no variant of this command to set the loop protection timeout to the default. Syntax loop-protection timeout <duration> no loop-protection timeout Default Parameter Description <duration> The time (in seconds) for which the configured action will apply before being disabled. This duration can be set between 0 and 86400 seconds (24 hours). The set of 0 means infinity so timeout does not expire. The default is 7 seconds. Mode Interface Configuration Usage See the “Loop Protection” section in the Switching Feature Overview and Configuration Guide for relevant conceptual, configuration, and overview information prior to applying this command. Example To configure a loop protection action timeout of 10 seconds for port1.0.4, use the command: awplus# configure terminal awplus(config)# interface port1.0.4 awplus(config-if)# loop-protection timeout 10 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 364 SWITCHING COMMANDS MAC ADDRESS-TABLE ACQUIRE mac address-table acquire Overview Use this command to enable MAC address learning on the device. Use the no variant of this command to disable learning. Syntax mac address-table acquire no mac address-table acquire Default Mode Example Learning is enabled by default for all instances. Global Configuration awplus# configure terminal awplus(config)# mac address-table acquire C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 365 SWITCHING COMMANDS MAC ADDRESS-TABLE AGEING-TIME mac address-table ageing-time Overview Use this command to specify an ageing-out time for a learned MAC address. The learned MAC address will persist for at least the specified time. The no variant of this command will reset the ageing-out time back to the default of 300 seconds (5 minutes). Syntax mac address-table ageing-time <ageing-timer> none no mac address-table ageing-time Default Mode Examples Parameter Description <ageing-timer> <10-1000000> The number of seconds of persistence. none Disable learned MAC address timeout. The default ageing time is 300 seconds. Global Configuration The following commands specify various ageing timeouts on the device: awplus# configure terminal awplus(config)# mac address-table ageing-time 1000 awplus# configure terminal awplus(config)# mac address-table ageing-time none awplus# configure terminal awplus(config)# no mac address-table ageing-time C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 366 SWITCHING COMMANDS MAC ADDRESS-TABLE LOGGING mac address-table logging Overview Use this command to create log entries when the content of the FDB (forwarding database) changes. Log messages are produced when a MAC address is added to or removed from the FDB. CAUTION: MAC address table logging may impact the performance of the switch. Only enable it when necessary as a debug tool. Use the no variant of this command to stop creating log entries when the content of the FDB changes. Syntax mac address-table logging no mac address-table logging Default MAC address table logging is disabled by default. Mode User Exec/Privileged Exec Usage When MAC address table logging is enabled, the switch produces the following messages: Change Message format Example MAC added MAC add <mac> <port> <vlan> MAC add eccd.6db5.68a7 port1.0.1 vlan2 MAC removed MAC remove <mac> <port> <vlan> MAC remove eccd.6db5.68a7 port1.0.1 vlan2 Note that rapid changes may not be logged. For example, if an entry is added and then removed within a few seconds, those actions may not be logged. To see whether MAC address table logging is enabled, use the command show running-config. Example To create log messages when the content of the FDB changes, use the command: awplus# mac address-table logging Related Commands C613-50081-01 REV A show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 367 SWITCHING COMMANDS MAC ADDRESS-TABLE STATIC mac address-table static Overview Syntax Use this command to statically configure the MAC address-table to forward or discard frames with a matching destination MAC address. mac address-table static <mac-addr> {forward|discard} interface <port> [vlan <vid>] no mac address-table static <mac-addr> {forward|discard} interface <port> [vlan <vid>] Parameter Description <mac-addr> The destination MAC address in HHHH.HHHH.HHHH format. <port> The port to display information about. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). <vid> The VLAN ID. If you do not specify a VLAN, its value defaults to vlan 1. Mode Global Configuration Usage The mac address-table static command is only applicable to Layer 2 switched traffic within a single VLAN. Do not apply the mac address-table static command to Layer 3 switched traffic passing from one VLAN to another VLAN. Frames will not be discarded across VLANs because packets are routed across VLANs. This command only works on Layer 2 traffic. Example awplus# configure terminal awplus(config)# mac address-table static 2222.2222.2222 forward interface port1.0.4 vlan 3 Related Commands C613-50081-01 REV A clear mac address-table static show mac address-table Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 368 SWITCHING COMMANDS MIRROR INTERFACE mirror interface Overview Use this command to define a mirror port and mirrored (monitored) ports and direction of traffic to be mirrored. The port for which you enter interface mode will be the mirror port. The destination port is removed from all VLANs, and no longer participates in other switching. Use the no variant of this command to disable port mirroring by the destination port on the specified source port. Syntax mirror interface <source-port-list> direction {both|receive|transmit} no mirror interface <source-port-list> Parameter Description <source-port-list> The source switch ports to mirror. A port-list can be: • a port (e.g. port1.0.2) • a continuous range of ports separated by a hyphen, e.g. port1.0.1-1.0.2 • a comma-separated list of ports and port ranges, e.g. port1.0.1,port1.0.4-1.0.6 The source port list cannot include dynamic or static channel groups (link aggregators). direction Specifies whether to mirror traffic that the source port receives, transmits, or both. both Mirroring traffic both received and transmitted by the source port. receive Mirroring traffic received by the source port. transmit Mirroring traffic transmitted by the source port. Mode Interface Configuration Usage Use this command to send traffic to another device connected to the mirror port for monitoring. See the “Port Mirroring” section in the Switching Feature Overview and Configuration Guide for more information. A mirror port cannot be associated with a VLAN. If a switch port is configured to be a mirror port, it is automatically removed from any VLAN it was associated with. This command can only be applied to a single mirror (destination) port, not to a range of ports, nor to a static or dynamic channel group. Do not apply multiple interfaces with an interface command before issuing the mirror interface command. One interface may have multiple mirror interfaces. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 369 SWITCHING COMMANDS MIRROR INTERFACE Example To mirror traffic received and transmitted on port1.0.4 and port1.0.5 to destination port1.0.3, use the commands: awplus# configure terminal awplus(config)# interface port1.0.3 awplus(config-if)# mirror interface port1.0.4,port1.0.5 direction both Related Commands access-list (hardware IP numbered) access-list (hardware MAC numbered) default-action C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 370 SWITCHING COMMANDS PLATFORM STOP-UNREG-MC-FLOODING platform stop-unreg-mc-flooding Overview This command stops multicast packets flooding out of all the ports in the VLAN until these packets are registered. This command does this by dropping unknown multicast packets. Unregistered traffic will not flow until the switch has registered it, regardless of attempts to subscribe to it. Once the traffic is registered, it flows to registered subscribers and ports. Use the no variant of this command to revert to default behavior and disable this feature. NOTE: This command should not be used within any IPv6 networks. IPv6 neighbor discovery operation is inhibited by this feature. This command does not stop Local Network Control Block IPv4 multicast packets in the address range 224.0.0.1 to 224.0.0.255 (224.0.0/24). See www.iana.org/assignments/multicast-addresses/multicast-addresses.xml#multicast -addresses-1 Syntax platform stop-unreg-mc-flooding no platform stop-unreg-mc-flooding Default This feature is disabled by default. Mode Global Configuration Usage This command stops the periodic flooding of unknown or unregistered multicast packets when the Group Membership interval timer expires and there are no subscribers to a multicast group. If there is multicast traffic in a VLAN without subscribers, multicast traffic temporarily floods out of the VLAN when the Group Membership interval timer expires, which happens when the switch does not get replies from Group Membership queries. This command also stops the initial flood of multicast packets that happens when a new multicast source starts to send traffic. This flooding lasts until snooping recognizes the multicast group. For example, in sites where IP cameras have multicast groups, traffic is flooded to the VLAN and causes large bursts of traffic. Use this command when there is limited processing available for large bursts of traffic, such as in sites with IP cameras. Output See the console message warning about IPv6 operation after entering this command: % WARNING: IPv6 will not work with this setting enabled % Please consult the documentation for more information See these sample console messages when the Group Membership interval timer expires, which happens when the switch does not get replies from Group Membership queries: C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 371 SWITCHING COMMANDS PLATFORM STOP-UNREG-MC-FLOODING awplus: [MLD-EVENTS] Grp - Rec Liveness Timer: Expiry for Grp ff0e::1 on port1.2.7 awplus: [IGMP-EVENTS] : Expiry (Unreg MC Timer) for Grp 224.2.2.2 on vlan4 Examples To enable this feature and stop multicast packet flooding, use the following commands: awplus# configure terminal awplus(config)# platform stop-unreg-mc-flooding To disable this feature and allow multicast packet flooding, use the following commands: awplus# configure terminal awplus(config)# no platform stop-unreg-mc-flooding Related Commands C613-50081-01 REV A show platform show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 372 SWITCHING COMMANDS PLATFORM VLAN-STACKING-TPID platform vlan-stacking-tpid Overview This command specifies the Tag Protocol Identifier (TPID) value that applies to all frames that are carrying double tagged VLANs. All nested VLANs must use the same TPID value. (This feature is sometimes referred to as VLAN stacking or VLAN double-tagging.) Use the no variant of this command to revert to the default TPID value (0x8100). Syntax platform vlan-stacking-tpid <tpid> no platform vlan-stacking-tpid Default Mode Examples Parameter Description <tpid> The Ethernet type of the tagged packet, as a two byte hexadecimal number. The default TPID value is 0x8100. Global Configuration To set the VLAN stacking TPID value to 0x9100, use the following commands: awplus# configure terminal awplus(config)# platform vlan-stacking-tpid 9100 To reset the VLAN stacking TPID value to the default (0x8100), use the following commands: awplus# configure terminal awplus(config)# no platform vlan-stacking-tpid Related Commands switchport vlan-stacking (double tagging) show platform show running-config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 373 SWITCHING COMMANDS POLARITY polarity Overview Syntax Default This command sets the MDI/MDIX polarity on a copper-based switch port. polarity {auto|mdi|mdix} Parameter Description mdi Sets the polarity to MDI (medium dependent interface). mdix Sets the polarity to MDI-X (medium dependent interface crossover). auto The switch port sets the polarity automatically. This is the default option. By default, switch ports set the polarity automatically (auto). Mode Interface Configuration Usage We recommend the default auto setting for MDI/MDIX polarity. Polarity applies to copper 10BASE-T, 100BASE-T, and 1000BASE-T switch ports; It does not apply to fiber ports. See the “MDI/MDIX Connection Modes” section in the Switching Feature Overview and Configuration Guide for more information. Example To set the polarity for port1.0.6 to fixed MDI mode, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.6 awplus(config-if)# polarity mdi C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 374 SWITCHING COMMANDS SHOW DEBUGGING LOOPPROT show debugging loopprot Overview This command shows Loop Protection debugging information. Syntax show debugging loopprot Mode User Exec and Privileged Exec Example To display the enabled Loop Protection debugging modes, use the command: awplus# show debugging loopprot Related Commands C613-50081-01 REV A debug loopprot Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 375 SWITCHING COMMANDS SHOW DEBUGGING PLATFORM PACKET show debugging platform packet Overview Syntax Mode Example This command shows platform to CPU level packet debugging information. show debugging platform packet User Exec and Privileged Exec To display the platform packet debugging information, use the command: awplus# show debugging platform packet Related Commands C613-50081-01 REV A debug platform packet undebug platform packet Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 376 SWITCHING COMMANDS SHOW FLOWCONTROL INTERFACE show flowcontrol interface Overview Syntax Mode Example Use this command to display flow control information. show flowcontrol interface <port> Parameter Description <port> Specifies the name of the port to be displayed. User Exec and Privileged Exec To display the flow control for the port1.0.5, use the command: awplus# show flowcontrol interface port1.0.5 Output Port Figure 12-1: Send FlowControl admin oper ----------- -------port1.0.5 on on C613-50081-01 REV A Example output from the show flowcontrol interface command for a specific interface Receive FlowControl admin oper ------- -------on on RxPause TxPause ------- ------- 0 0 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 377 SWITCHING COMMANDS SHOW INTERFACE ERR-DISABLED show interface err-disabled Overview Syntax Mode Example Use this command to show the ports which have been dynamically shut down by protocols running on the device and the protocols responsible for the shutdown. show interface [<IFRANGE> err-disabled] Parameter Description <IFRANGE> Interface range err-disabled Brief summary of interfaces shut down by protocols User Exec and Privileged Exec Show the protocols that have shut down port2.0.21 and port2.0.23, use the commands: awplus# show interface err-disabled Output Figure 12-2: Example output from the show interface err-disabled command awplus#show interface err-disabled Interface Reason port2.0.21 loop protection port2.0.23 loop protection C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 378 SWITCHING COMMANDS SHOW INTERFACE SWITCHPORT show interface switchport Overview Syntax Mode Example Use this command to show VLAN information about each switch port. show interface switchport User Exec and Privileged Exec To display VLAN information about each switch port, enter the command: awplus# show interface switchport Output Figure 12-3: Example output from the show interface switchport command Interface name : port1.0.1 Switchport mode : access Ingress filter : enable Acceptable frame types : all Default Vlan : 2 Configured Vlans : 2 Interface name : port1.0.2 Switchport mode : trunk Ingress filter : enable Acceptable frame types : all Default Vlan : 1 Configured Vlans : 1 4 5 6 7 8 ... Related Commands C613-50081-01 REV A show interface memory Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 379 SWITCHING COMMANDS SHOW LOOP-PROTECTION show loop-protection Overview Syntax Use this command to display the current loop protection setup for the device. show loop-protection [interface <port-list>] [counters] Parameter Description interface The interface selected for display. <port-list> A port, a port range, or an aggregated link. counters Displays counter information for loop protection. Mode User Exec and Privileged Exec Usage This command is used to display the current configuration and operation of the Loop Protection feature Examples To display the current configuration status for port1.0.1, use the command: awplus# show loop-protection interface port1.0.1 Figure 12-4: Example output from the show loop-protection command Loop-Detection: LDF Interval: Interface: Action: Timeout: Vlan: Status: Timeout Remaining: Vlan: Status: Timeout Remaining: Enabled 10 [sec] port1.0.1 port-disable 300 [sec] 1 Blocking 115 [sec] 2 Normal 0 [sec] To display the counter information for port1.0.1, use the command: awplus# show loop-protection interface port1.0.1 counters C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 380 SWITCHING COMMANDS SHOW LOOP-PROTECTION Figure 12-5: Example output from the show loop-protection interface counters command for port1.0.1 Interface: Vlan: LDF Tx: LDF Rx: Invalid LDF Rx: Action: Vlan: LDF Tx: LDF Rx: Invalid LDF Rx: Action: C613-50081-01 REV A port1.0.1 1 3 1 1 1 2 3 0 0 0 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 381 SWITCHING COMMANDS SHOW MAC ADDRESS-TABLE show mac address-table Overview Use this command to display the mac address-table for all configured VLANs. Syntax show mac address-table Mode User Exec and Privileged Exec Usage The show mac address-table command is only applicable to view a mac address-table for Layer 2 switched traffic within VLANs. Example To display the mac address-table, use the following command: awplus# show mac address-table Output See the below sample output captured when there was no traffic being switched: awplus#show mac address-table VLAN Port MAC 1 unknown 0000.cd28.0752 ARP 0000.cd00.0000 State static static See the sample output captured when packets were switched and mac addresses were learned: awplus#show mac address-table VLAN Port MAC 1 unknown 0000.cd28.0752 1 port1.0.6 0030.846e.9bf4 1 port1.0.4 0030.846e.bac7 ARP 0000.cd00.0000 State static dynamic dynamic static Note the new mac addresses learned for port1.0.4 and port1.0.6 added as dynamic entries. Note the first column of the output below shows VLAN IDs if multiple VLANs are configured: awplus#show mac address-table VLAN Port MAC 1 unknown 0000.cd28.0752 1 port1.0.4 0030.846e.bac7 2 unknown 0000.cd28.0752 2 port1.0.6 0030.846e.9bf4 ARP 0000.cd00.0000 C613-50081-01 REV A State static dynamic static dynamic static Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 382 SWITCHING COMMANDS SHOW MAC ADDRESS-TABLE Also note manually configured static mac-addresses are shown to the right of the type column: awplus(config)#mac address-table static 0000.1111.2222 for int port1.0.3 vlan 2 awplus(config)#end awplus# awplus#show mac address-table VLAN Port MAC State 1 unknown 0000.cd28.0752 static 1 port1.0.2 0030.846e.bac7 dynamic 2 port1.0.3 0000.1111.2222 static 2 unknown 0000.cd28.0752 static 2 port1.0.5 0030.846e.9bf4 dynamic ARP 0000.cd00.0000 statics Related Commands clear mac address-table dynamic clear mac address-table static mac address-table static C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 383 SWITCHING COMMANDS SHOW MIRROR show mirror Overview Syntax Mode Example Use this command to display the status of all mirrored ports. show mirror User Exec and Privileged Exec To display the status of all mirrored ports, use the following command: awplus# show mirror Output Figure 12-6: Example output from the show mirror command Mirror Test Port Name: port1.0.1 Mirror option: Enabled Mirror direction: both Monitored Port Name: port1.0.2 Mirror Test Port Name: port1.0.3 Mirror option: Enabled Mirror direction: receive Monitored Port Name: port1.0.4 Mirror Test Port Name: port1.0.3 Mirror option: Enabled Mirror direction: receive Monitored Port Name: port1.0.1 Mirror Test Port Name: port1.0.1 Mirror option: Enabled Mirror direction: receive Monitored Port Name: port1.0.3 Mirror Test Port Name: port1.0.1 Mirror option: Enabled Mirror direction: transmit Monitored Port Name: port1.0.4 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 384 SWITCHING COMMANDS SHOW MIRROR INTERFACE show mirror interface Overview Syntax Mode Example Use this command to display port mirroring configuration for a mirrored (monitored) switch port. show mirror interface <port> Parameter Description <port> The monitored switch port to display information about. User Exec, Privileged Exec and Interface Configuration To display port mirroring configuration for the port1.0.4, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.4 awplus(config-if)# show mirror interface port1.0.4 Output Figure 12-7: Example output from the show mirror interface command Mirror Test Port Name: port1.0.3 Mirror option: Enabled Mirror direction: both Monitored Port Name: port1.0.4 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 385 SWITCHING COMMANDS SHOW PLATFORM show platform Overview Syntax This command displays the settings configured by using the platform commands. show platform Mode Privileged Exec Usage This command displays the settings in the running config. For changes in some of these settings to take effect, the device must be rebooted with the new settings in the startup config. Example To check the settings configured with platform commands on the device, use the following command: awplus# show platform Output Figure 12-8: Example output from the show platform command awplus#show platform MAC vlan hashing algorithm stop-unreg-mc-flooding Jumboframe support Vlan-stacking TPID Hardware Filter Size unknown off off 0x8100 ipv4-limited-ipv6 Table 1: Parameters in the output of the show platform command Parameter Description Jumboframe support Whether the jumbo frames setting is enabled or disabled. Vlan-stacking TPID The value of the TPID set in the Ethernet type field when a frame has a double VLAN tag (platform vlan-stacking-tpid command). MAC vlan hashing algorithm MAC based VLAN hash control. Related Commands C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 386 SWITCHING COMMANDS SHOW PLATFORM CLASSIFIER STATISTICS UTILIZATION BRIEF show platform classifier statistics utilization brief Overview Syntax Mode Example This command displays the number of used entries available for various platform functions, and the percentage that number of entries represents of the total available. show platform classifier statistics utilization brief Privileged Exec To display the platform classifier utilization statistics, use the following command: awplus# show platform classifier statistics utilization brief Output Figure 12-9: Output from the show platform classifier statistics utilization brief command awplus#show platform classifier statistics utilization brief [Instance 0] Number of Entries: Policy Type Group ID Used / Total ---------------------------------------------- ACL 1476395009 0 / 118 ( 0%) Web Auth Inactive 0 / 0 ( 0%) QoS 0 / 128 ( 0%) Related Commands C613-50081-01 REV A show platform Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 387 SWITCHING COMMANDS SHOW PLATFORM PORT show platform port Overview Syntax This command displays the various port registers or platform counters for specified switchports. show platform port [<port-list>|counters] Parameter Description <port-list> The ports to display information about. A port-list can be: • a continuous range of ports separated by a hyphen, e.g. port1.0.1-1.0.6 • a comma-separated list of ports and port ranges, e.g. port1.0.1,port1.0.4-1.0.6. counters Mode Examples Show the platform counters. Privileged Exec To display port registers for port1.0.1 and port1.0.2 use the following command: awplus# show platform port port1.0.1-port1.0.2 To display platform counters for port1.0.1 and port1.0.2 use the following command: awplus# show platform port port1.0.1-port1.0.2 counters C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 388 SWITCHING COMMANDS SHOW PLATFORM PORT Output Figure 12-10: Example output from the show platform port command awplus#show platform port port1.0.1 Phy register value for port1.0.1 (ifindex: 5001) 00:1140 01:7949 02:0020 03:60B1 04:01E1 05:0000 08:0000 09:0600 10:0000 11:0000 12:0000 13:0000 16:0000 17:0000 18:0000 19:0000 20:0000 21:0000 24:0000 25:0000 26:0000 27:0000 28:0000 29:0000 Port configuration for lport 0x08001000: enabled: 1 loopback: 0 link: 0 speed: 0 max speed: duplex: 0 linkscan: 2 autonegotiate: 1 master: 2 tx pause: 1 rx pause: untagged vlan: 1 vlan filter: 3 stp state: 1 learn: 5 discard: 0 max frame size: 1522 MC Disable SA: no MC Disable TTL: no MC egress untag: 0 MC egress vid: 0 MC TTL threshold: -1 06:0004 14:0000 22:0000 30:0000 07:2001 15:0000 23:0000 31:0000 1000 1 Table 2: Parameters in the output from the show platform port command Parameter Description Ethernet MAC counters C613-50081-01 REV A Combined receive/ transmit packets by size (octets) counters Number of packets in each size range received and transmitted. 64 Number of 64 octet packets received and transmitted. 65 - 127 Number of 65 - 127 octet packets received and transmitted. 128 - 255 Number of 128 - 255 octet packets received and transmitted. 256 - 511 Number of 256 - 511 octet packets received and transmitted. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 389 SWITCHING COMMANDS SHOW PLATFORM PORT Table 2: Parameters in the output from the show platform port command Parameter Description 512 - 1023 Number of 512 - 1023 octet packets received and transmitted. 1024 - MaxPktSz Number of packets received and transmitted with size 1024 octets to the maximum packet length. 1519 - 1522 Number of 1519 - 1522 octet packets received and transmitted. 1519 - 2047 Number of 1519 - 2047 octet packets received and transmitted. 2048 - 4095 Number of 2048 - 4095 octet packets received and transmitted. 4096 - 9216 Number of 4096 - 9216 octet packets received and transmitted. General Counters C613-50081-01 REV A Receive Counters for traffic received. Octets Number of octets received. Pkts Number of packets received. FCSErrors Number of FCS (Frame Check Sequence) error events received. UnicastPkts Number of unicast packets received. MulticastPkts Number of multicast packets received. BroadcastPkts Number of broadcast packets received. PauseMACCtlFrms Number of Pause MAC Control Frames received. OversizePkts Number of oversize packets received. Fragments Number of fragments received. Jabbers Number of jabber frames received. UnsupportOpcode Number of MAC Control frames with unsupported opcode received. AlignmentErrors Receive Alignment Error Frame Counter. SysErDurCarrier Receive Code Error Counter. CarrierSenseErr Receive False Carrier Counter. UndersizePkts Number of undersized packets received. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 390 SWITCHING COMMANDS SHOW PLATFORM PORT Table 2: Parameters in the output from the show platform port command Parameter Description Transmit Counters for traffic transmitted. Octets Number of octets transmitted. Pkts Number of packets transmitted. UnicastPkts Number of unicast packets transmitted. MulticastPkts Number of multicast packets transmitted. BroadcastPkts Number of broadcast packets transmitted. PauseMACCtlFrms Number of Pause MAC Control Frames transmitted. OversizePkts Number of oversize packets transmitted. FrameWDeferrdTx Transmit Single Deferral Frame counter. FrmWExcesDefer Transmit Multiple Deferral Frame counter. SingleCollsnFrm Transmit Single Collision Frame counter. MultCollsnFrm Transmit Multiple Collision Frame counter. LateCollisions Transmit Late Collision Frame counter. ExcessivCollsns Transmit Excessive Collision Frame counter. Collisions Transmit Total Collision counter Layer 3 Counters ifInUcastPkts Inbound interface Unicast counter. ifInDiscards Inbound interface Discarded Packets counter. ipInHdrErrors Inbound interface Header Errors counter. ifOutUcastPkts Outbound interface Unicast counter. ifOutErrors Outbound interface Error counter. Miscellaneous Counters C613-50081-01 REV A DropEvents Drop Event counter ifOutDiscards Outbound interface Discarded Packets counter. MTUExcdDiscard Receive MTU Check Error Frame Counter Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 391 SWITCHING COMMANDS SHOW STORM-CONTROL show storm-control Overview Syntax Use this command to display storm-control information for all interfaces or a particular interface. show storm-control [<port>] Parameter Mode Description User Exec and Privileged Exec Example Related Commands C613-50081-01 REV A storm-control level Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 392 SWITCHING COMMANDS SPEED speed Overview This command changes the speed of the specified port. You can optionally specify the speed or speeds that get autonegotiated, so autonegotiation is only attempted at the specified speeds. To see the currently-negotiated speed for ports whose links are up, use the show interface command. To see the configured speed (when different from the default), use the show running-config command. Syntax speed {10|100|1000|auto [10][100][1000]} The following table shows the speed options for each type of port. Port type Speed Options (units are Mbps) RJ-45 and RJ.5copper ports auto (default) 10 100 1000 tri-speed copper SFPs auto (default) 10 100 1000 100Mbps fiber SFPs 100 1000Mbps copper or fiber SFPs auto (default) 1000 Mode Interface Configuration Default By default, ports autonegotiate speed (except for 100Base-FX ports which do not support auto-negotiation, so default to 100Mbps). Usage Switch ports in a static or dynamic (LACP) channel group must have the same port speed and be in full duplex mode. Once switch ports have been aggregated into a channel group, you can set the speed of all the switch ports in the channel group by applying this command to the channel group. NOTE: If multiple speeds are specified after the auto option to autonegotiate speeds, then the device only attempts autonegotiation at those specified speeds. Examples To set the speed of a tri-speed port to 100Mbps, enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# speed 100 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 393 SWITCHING COMMANDS SPEED To return the port to auto-negotiating its speed, enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# speed auto To set the port to auto-negotiate its speed at 100Mbps and 1000Mbps, enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# speed auto 100 1000 To set the port to auto-negotiate its speed at 1000Mbps only, enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# speed auto 1000 Related Commands duplex polarity show interface speed (asyn) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 394 SWITCHING COMMANDS STORM-CONTROL LEVEL storm-control level Overview Use this command to specify the speed limiting level for broadcasting, multicast, or destination lookup failure (DLF) traffic for the port. Storm-control limits the selected traffic type to the specified percentage of the maximum port speed. Use the no variant of this command to disable storm-control for broadcast, multicast or DLF traffic. Syntax storm-control {broadcast|multicast|dlf} level <level> no storm-control {broadcast|multicast|dlf} level Default Parameter Description <level> <0-100> Specifies the percentage of the maximum port speed allowed for broadcast, multicast or destination lookup failure traffic. broadcast Applies the storm-control to broadcast frames. multicast Applies the storm-control to multicast frames. multicast Applies the storm-control to multicast frames. This only limits known multicast frames. dlf Applies the storm-control to destination lookup failure traffic. dlf Applies the storm-control to destination lookup failure traffic. This limits unknown multicast frames and other traffic types. By default, storm-control is disabled. Mode Interface Configuration Usage Flooding techniques are used to block the forwarding of unnecessary flooded traffic. A packet storm occurs when a large number of broadcast packets are received on a port. Forwarding these packets can cause the network to slow down or time out. Example C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 395 SWITCHING COMMANDS THRASH-LIMITING thrash-limiting Overview To block all traffic on a vlan, use the following command: awplus# configure terminal awplus(config)# thrash-limiting action vlan-disable To set the thrash limiting timeout to 5 seconds, use the following command: awplus(config-if)# thrash-limiting timeout 5 To set the thrash limiting action to its default, use the following command: awplus(config-if)# no thrash-limiting action To set the thrash limiting timeout to its default, use the following command: awplus(config-if)# no thrash-limiting timeout Related Commands loop-protection loop-detect loop-protection action loop-protection timeout show loop-protection C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 396 SWITCHING COMMANDS UNDEBUG LOOPPROT undebug loopprot Overview C613-50081-01 REV A This command applies the functionality of the no debug loopprot command. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 397 SWITCHING COMMANDS UNDEBUG PLATFORM PACKET undebug platform packet Overview C613-50081-01 REV A This command applies the functionality of the no debug platform packet command. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 398 13 VLAN Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference of commands used to configure VLANs. For more information see the VLAN Feature Overview and Configuration Guide. • “port-vlan-forwarding-priority” on page 401 • “private-vlan” on page 404 • “private-vlan association” on page 405 • “show port-vlan-forwarding-priority” on page 406 • “show vlan” on page 407 • “show vlan classifier group” on page 408 • “show vlan classifier group interface” on page 409 • “show vlan classifier interface group” on page 410 • “show vlan classifier rule” on page 411 • “show vlan private-vlan” on page 412 • “switchport access vlan” on page 413 • “switchport enable vlan” on page 414 • “switchport mode access” on page 415 • “switchport mode private-vlan” on page 416 • “switchport mode private-vlan trunk promiscuous” on page 417 • “switchport mode private-vlan trunk secondary” on page 419 • “switchport mode trunk” on page 421 • “switchport private-vlan host-association” on page 422 • “switchport private-vlan mapping” on page 423 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 399 VLAN COMMANDS C613-50081-01 REV A • “switchport trunk allowed vlan” on page 424 • “switchport trunk native vlan” on page 427 • “switchport vlan-stacking (double tagging)” on page 429 • “switchport voice dscp” on page 430 • “switchport voice vlan” on page 431 • “switchport voice vlan priority” on page 433 • “vlan” on page 434 • “vlan classifier activate” on page 435 • “vlan classifier group” on page 436 • “vlan classifier rule ipv4” on page 437 • “vlan classifier rule proto” on page 438 • “vlan database” on page 441 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 400 VLAN COMMANDS PORT-VLAN-FORWARDING-PRIORITY port-vlan-forwarding-priority Overview Use this command to set the highest priority protocol to control transitions from blocking to forwarding traffic. This command prioritizes switch port forwarding mode control, when more than one of EPSR, Loop Protection, and MAC thrashing protection protocols are used on the switch. EPSR, Loop Protection and MAC Thrashing use the same mechanism to block or forward traffic. This command sets the highest priority protocol to control transitions from blocking to forwarding traffic. Setting the priority stops contention between protocols. For example, If EPSR is set to the highest priority protocol to block traffic on vlan10 on port1.0.2 then this stops MAC Thrashing from forwarding traffic on vlan10 on port1.0.2. Use the no variant of this command to restore the default highest priority protocol back to the default of EPSR. For more information about EPSR, see the EPSR Feature Overview and Configuration Guide. Syntax port-vlan-forwarding-priority {epsr|loop-protection|none} no port-vlan-forwarding-priority Default Parameter Description epsr Sets EPSR as the highest priority protocol. Use this parameter on an EPSR master node to avoid unexpected broadcast storms. loopprotection Sets Loop Protection as the highest priority protocol. Note that this option must not be set on an EPSR master node. Use the epsr parameter option on an EPSR master node to avoid unexpected broadcast storms. none Sets the protocols to have equal priority. This was the previous behavior before this command was added, and allows protocols to override each other to set a port to forwarding a VLAN. Note that this option must not be set on a EPSR master node. Use the epsr parameter option on an EPSR master node to avoid unexpected broadcast storms. By default, the highest priority protocol is EPSR Mode Global Configuration Usage EPSR, Loop Protection and MAC Thrashing protection do not usually need to be configured on a switch, because they perform similar functions—each prevents network loops by blocking a selected port for each (loop containing) VLAN. However, if more than one of these three features is configured on a switch, you can use this command to prioritize either EPSR or Loop Protection when their effects on a port would conflict and override each other. Previously, each protocol C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 401 VLAN COMMANDS PORT-VLAN-FORWARDING-PRIORITY could set a port to forwarding for a VLAN, sometimes overriding the previous setting by another protocol to block the port. This could sometimes lead to unexpected broadcast storms. Now, when a protocol is set to have the highest priority over a data VLAN on a port, it will not allow other protocols to put that port-vlan into a forwarding state if the highest priority protocol blocked it. The priority mechanism is only used for blocking-to-forwarding transitions; protocols remain independent on the forwarding-to-blocking transitions. For example, with an EPSR master node in a two-node ESPR ring with the below settings: • The EPSR master node primary port is configured to switchport interface port1.0.1 • The EPSR master node secondary port is configured to switchport interface port1.0.2 • The EPSR master node control VLAN is configured to VLAN interface vlan10 • The EPSR master node has a first data VLAN configured to VLAN interface vlan20 • The EPSR master node has a second data VLAN configured to VLAN interface vlan30. Initially, the EPSR ring is complete, with port1.0.2 blocking data VLANs vlan20 and vlan30 and some broadcast traffic flowing through. If the user removes vlan30 from EPSR, a storm is created on vlan30. MAC thrashing protection detects it and blocks vlan30. Then after the storm has stopped, MAC thrashing protection sets it to forwarding again and it keeps oscillating between forwarding and blocking. In the meantime, the user adds back vlan30 to EPSR as a data VLAN and EPSR blocks it on port1.0.2. If the priority is set to none (port-vlan-forwarding-priority none), MAC thrashing protection notices that the storm has stopped again and decides to put vlan30 on port1.0.2 into forwarding state. This overrides what EPSR requires for this port-VLAN and creates a storm. This matches the old behavior before this feature was implemented. If the priority is set to EPSR or default (port-vlan-forwarding-priority epsr), MAC thrashing protection notices that the storm has stopped again and attempts to put vlan30 on port1.0.2 into forwarding state. The higher priority protocol (EPSR) is blocking the VLAN on this port, so it stays blocking and no storm occurs. Example To prioritize EPSR over Loop Protection or MAC Thrashing protection settings, so that Loop Protection or MAC Thrashing protection cannot set a port to the forwarding state a VLAN if EPSR has set it to the blocking state, use the commands: awplus# configure terminal awplus(config)# port-vlan-forwarding-priority epsr C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 402 VLAN COMMANDS PORT-VLAN-FORWARDING-PRIORITY To prioritize Loop Protection over EPSR or MAC Thrashing protection settings, so that EPSR or MAC Thrashing protection cannot set a port to the forwarding state a VLAN if Loop Protection has set it to the blocking state, use the commands: awplus# configure terminal awplus(config)# port-vlan-forwarding-priority loop-protection To set EPSR, Loop Protection, and MAC Thrashing protection protocols to have equal priority for port forwarding and blocking, which allows the protocols to override each other to set a port to the forwarding or blocking states, use the commands: awplus# configure terminal awplus(config)# port-vlan-forwarding-priority none To restore the default highest priority protocol back to the default of EPSR, use the commands: awplus# configure terminal awplus(config)# no port-vlan-forwarding-priority Related Commands C613-50081-01 REV A show port-vlan-forwarding-priority Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 403 VLAN COMMANDS PRIVATE-VLAN private-vlan Overview Use this command to a create a private VLAN. Private VLANs can be either primary or secondary. Secondary VLANs can be ether community or isolated. Use the no variant of this command to remove the specified private VLAN. For more information, see the VLAN Feature Overview and Configuration Guide. Syntax private-vlan <vlan-id> {community|isolated|primary} no private-vlan <vlan-id> {community|isolated|primary} Mode Examples Parameter Description <vlan-id> VLAN ID in the range <2-4094> for the VLAN which is to be made a private VLAN. community Community VLAN. isolated Isolated VLAN. primary Primary VLAN. VLAN Configuration awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# vlan 2 name vlan2 state enable awplus(config-vlan)# vlan 3 name vlan3 state enable awplus(config-vlan)# vlan 4 name vlan4 state enable awplus(config-vlan)# private-vlan 2 primary awplus(config-vlan)# private-vlan 3 isolated awplus(config-vlan)# private-vlan 4 community awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# no private-vlan 2 primary awplus(config-vlan)# no private-vlan 3 isolated awplus(config-vlan)# no private-vlan 4 community C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 404 VLAN COMMANDS PRIVATE-VLAN ASSOCIATION private-vlan association Overview Use this command to associate a secondary VLAN to a primary VLAN. Only one isolated VLAN can be associated to a primary VLAN. Multiple community VLANs can be associated to a primary VLAN. Use the no variant of this command to remove association of all the secondary VLANs to a primary VLAN. For more information, see the VLAN Feature Overview and Configuration Guide. Syntax private-vlan <primary-vlan-id> association {add <secondary-vlan-id>|remove <secondary-vlan-id>} no private-vlan <primary-vlan-id> association Mode Examples Parameter Description <primary-vlan-id> VLAN ID of the primary VLAN. <secondary-vlan-id> VLAN ID of the secondary VLAN (either isolated or community). VLAN Configuration The following commands associate primary VLAN 2 with secondary VLAN 3: awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# private-vlan 2 association add 3 The following commands remove the association of primary VLAN 2 with secondary VLAN 3: awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# private-vlan 2 association remove 3 The following commands remove all secondary VLAN associations of primary VLAN 2: awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# no private-vlan 2 association C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 405 VLAN COMMANDS SHOW PORT-VLAN-FORWARDING-PRIORITY show port-vlan-forwarding-priority Overview Use this command to display the highest priority protocol that controls port-vlan forwarding or blocking traffic. This command displays whether EPSR or Loop Protection is set as the highest priority for determining whether a port forwards a VLAN, as set by the port-vlan-forwarding-priority command. For more information about EPSR, see the EPSR Feature Overview and Configuration Guide. Syntax Mode Example show port-vlan-forwarding-priority Privileged Exec To display the highest priority protocol, use the command: awplus# show port-vlan-forwarding-priority Output Figure 13-1: Example output from the show port-vlan-forwarding-priority command Port-vlan Forwarding Priority: EPSR Related Commands C613-50081-01 REV A port-vlan-forwarding-priority Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 406 VLAN COMMANDS SHOW VLAN show vlan Overview Syntax Use this command to display information about a particular VLAN by specifying its VLAN ID. Selecting all will display information for all the VLANs configured. show vlan {all|brief|dynamic|static|auto|static-ports<1-} Parameter Description <1-2048> Display information about the VLAN specified by the VLAN ID. all Display information about all VLANs on the device. brief Display information about all VLANs on the device. dynamic Display information about all VLANs learned dynamically. static Display information about all statically configured VLANs. auto Display information about all auto-configured VLANs. static- ports Display static egress/forbidden ports. Mode Example User Exec and Privileged Exec To display information about VLAN 2, use the command: awplus# show vlan 2 Output VLAN ID Figure 13-2: Name Example output from the show vlan command Member ports (u)-Untagged, (t)-Tagged ======= ================ ======= ======= ==================================== 2 VLAN0002 STATIC ACTIVE port1.0.3(u) port1.0.4(u) port1.0.5(u) port1.0.6(u) ... Related Commands C613-50081-01 REV A Type State vlan Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 407 VLAN COMMANDS SHOW VLAN CLASSIFIER GROUP show vlan classifier group Overview Syntax Use this command to display information about all configured VLAN classifier groups or a specific group. show vlan classifier group [<1-16>] Parameter Description <1-16> VLAN classifier group identifier Mode User Exec and Privileged Exec Usage If a group ID is not specified, all configured VLAN classifier groups are shown. If a group ID is specified, a specific configured VLAN classifier group is shown. Example To display information about VLAN classifier group 1, enter the command: awplus# show vlan classifier group 1 Related Commands C613-50081-01 REV A vlan classifier group Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 408 VLAN COMMANDS SHOW VLAN CLASSIFIER GROUP INTERFACE show vlan classifier group interface Overview Syntax Use this command to display information about a single switch port interface for all configured VLAN classifier groups. show vlan classifier group interface <switch-port> Parameter Description <switch-port> Specify the switch port interface classifier group identifier Mode User Exec and Privileged Exec Usage All configured VLAN classifier groups are shown for a single interface. Example To display VLAN classifier group information for switch port interface port1.0.2, enter the command: awplus# show vlan classifier group interface port1.0.2 Output Figure 13-3: Example output from the show vlan classifier group interface port1.0.1 command: vlan classifier group 1 interface port1.0.1 Related Commands C613-50081-01 REV A vlan classifier group show vlan classifier interface group Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 409 VLAN COMMANDS SHOW VLAN CLASSIFIER INTERFACE GROUP show vlan classifier interface group Overview Syntax Use this command to display information about all interfaces configured for a VLAN group or all the groups. show vlan classifier interface group [<1-16>] Parameter Description <1-16> VLAN classifier interface group identifier Mode User Exec and Privileged Exec Usage If a group ID is not specified, all interfaces configured for all VLAN classifier groups are shown. If a group ID is specified, the interfaces configured for this VLAN classifier group are shown. Example To display information about all interfaces configured for all VLAN groups, enter the command: awplus# show vlan classifier interface group To display information about all interfaces configured for VLAN group 1, enter the command: awplus# show vlan classifier interface group 1 Output Figure 13-4: vlan vlan vlan vlan Output Example output from the show vlan classifier interface group command classifier classifier classifier classifier Figure 13-5: group group group group 1 1 2 2 interface interface interface interface port1.0.1 port1.0.2 port1.0.3 port1.0.4 Example output from the show vlan classifier interface group 1 command vlan classifier group 1 interface port1.0.1 vlan classifier group 1 interface port1.0.2 Related Commands C613-50081-01 REV A vlan classifier group show vlan classifier group interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 410 VLAN COMMANDS SHOW VLAN CLASSIFIER RULE show vlan classifier rule Overview Syntax Use this command to display information about all configured VLAN classifier rules or a specific rule. show vlan classifier rule [<1-256>] Parameter Description <1-256> VLAN classifier rule identifier Mode User Exec and Privileged Exec Usage If a rule ID is not specified, all configured VLAN classifier rules are shown. If a rule ID is specified, a specific configured VLAN classifier rule is shown. Example To display information about VLAN classifier rule 1, enter the command: awplus# show vlan classifier rule 1 Output Figure 13-6: Example output from the show vlan classifier rule1 command vlan classifier group 1 add rule 1 Related Commands vlan classifier activate vlan classifier rule ipv4 vlan classifier rule proto C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 411 VLAN COMMANDS SHOW VLAN PRIVATE-VLAN show vlan private-vlan Overview Use this command to display the private VLAN configuration and associations. Syntax show vlan private-vlan Mode User Exec and Privileged Exec Example To display the private VLAN configuration and associations, enter the command: awplus# show vlan private-vlan Output Figure 13-7: Example output from the show vlan private-vlan command awplus#show vlan private-vlan PRIMARY SECONDARY --------------2 3 2 4 8 Related Commands C613-50081-01 REV A TYPE ---------isolated community isolated INTERFACES ---------- private-vlan private-vlan association Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 412 VLAN COMMANDS SWITCHPORT ACCESS VLAN switchport access vlan Overview Use this command to change the port-based VLAN of the current port. Use the no variant of this command to change the port-based VLAN of this port to the default VLAN, vlan1. Syntax switchport access vlan <vlan-id> no switchport access vlan Default Parameter Description <vlan-id> <1-2048> The port-based VLAN ID for the port. Reset the default VLAN 1 to specified switchports using the negated form of this command. Mode Interface Configuration Usage Any untagged frame received on this port will be associated with the specified VLAN. Examples To change the port-based VLAN to VLAN 3 for port1.0.2, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport access vlan 3 To reset the port-based VLAN to the default VLAN 1 for port1.0.2, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no switchport access vlan Validation Command Related Commands C613-50081-01 REV A show interface switchport show vlan Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 413 VLAN COMMANDS SWITCHPORT ENABLE VLAN switchport enable vlan Overview This command enables the VLAN on the port manually once disabled by certain actions, such as QSP (QoS Storm Protection) or EPSR (Ethernet Protection Switching Ring). Note that if the VID is not given, all disabled VLANs are re-enabled. This command enables the VLAN on the port manually once disabled by certain actions, such as EPSR (Ethernet Protection Switching Ring). Note that if the VID is not given, all disabled VLANs are re-enabled. Syntax Mode Example switchport enable vlan [<1-] Parameter Description vlan Re-enables the VLAN on the port. <1-2048> VLAN ID. Interface Configuration To re-enable the port1.0.1 from VLAN 1: awplus# configure terminal awplus(config)# interface port1.0.1 awplus(config-if)# switchport enable vlan 1 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 414 VLAN COMMANDS SWITCHPORT MODE ACCESS switchport mode access Overview Syntax Default Use this command to set the switching characteristics of the port to access mode. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria. switchport mode access [ingress-filter {enable|disable}] Parameter Description ingress-filter Set the ingress filtering for the received frames. enable Turn on ingress filtering for received frames. This is the default. disable Turn off ingress filtering to accept frames that do not meet the classification criteria. By default, ports are in access mode with ingress filtering on. Usage Use access mode to send untagged frames only. Mode Interface Configuration Example awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport mode access ingress-filter enable Validation Command C613-50081-01 REV A show interface switchport Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 415 VLAN COMMANDS SWITCHPORT MODE PRIVATE-VLAN switchport mode private-vlan Overview Use this command to make a Layer 2 port a private VLAN host port or a promiscuous port. Use the no variant of this command to remove the configuration. Syntax switchport mode private-vlan {host|promiscuous} no switchport mode private-vlan {host|promiscuous} Mode Examples Parameter Description host This port type can communicate with all other host ports assigned to the same community VLAN, but it cannot communicate with the ports in the same isolated VLAN. All communications outside of this VLAN must pass through a promiscuous port in the associated primary VLAN. promiscuous A promiscuous port can communicate with all interfaces, including the community and isolated ports within a private VLAN. Interface Configuration awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport mode private-vlan host awplus(config)# interface port1.0.3 awplus(config-if)# switchport mode private-vlan promiscuous awplus(config)# interface port1.0.4 awplus(config-if)# no switchport mode private-vlan promiscuous Related Commands C613-50081-01 REV A switchport private-vlan mapping Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 416 VLAN COMMANDS SWITCHPORT MODE PRIVATE-VLAN TRUNK PROMISCUOUS switchport mode private-vlan trunk promiscuous Overview Use this command to enable a port in trunk mode to be promiscuous port for isolated VLANs. NOTE: Private VLAN trunk ports are not supported by the current AlliedWare Plus GVRP implementation. Private VLAN trunk ports and GVRP are mutually exclusive. Use the no variant of this command to remove a port in trunk mode as a promiscuous port for isolated VLANs. You must first remove the secondary port, or ports, in trunk mode associated with the promiscuous port with the no switchport mode private-vlan trunk secondary command. Syntax switchport mode private-vlan trunk promiscuous group <group-id> no switchport mode private-vlan trunk promiscuous Default Parameter Description <group-id> The group ID is a numeric value in the range 1 to 32 that is used to associate the promiscuous port with secondary ports. By default, a port in trunk mode is disabled as a promiscuous port. Mode Interface Configuration Usage A port must be put in trunk mode with switchport mode trunk command before it can be enabled as a promiscuous port. To add VLANs to be trunked over the promiscuous port, use the switchport trunk allowed vlan command. These VLANs can be isolated VLANs, or non-private VLANs. To configure the native VLAN for the promiscuous port, use the switchport trunk native vlan command. The native VLAN can be an isolated VLAN, or a non-private VLAN. When you enable a promiscuous port, all of the secondary port VLANs associated with the promiscuous port via the group ID number must be added to the promiscuous port. In other words, the set of VLANs on the promiscuous port must be a superset of all the VLANs on the secondary ports within the group. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 417 VLAN COMMANDS SWITCHPORT MODE PRIVATE-VLAN TRUNK PROMISCUOUS Examples To create the isolated VLANs 2, 3 and 4 and then enable port1.0.2 in trunk mode as a promiscuous port for these VLANs with the group ID of 3, use the following commands: awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# vlan 2-4 awplus(config-vlan)# private-vlan 2 isolated awplus(config-vlan)# private-vlan 3 isolated awplus(config-vlan)# private-vlan 4 isolated awplus(config-vlan)# exit awplus(config)# interface port1.0.2 awplus(config-if)# switchport mode trunk awplus(config-if)# switchport trunk allowed vlan add 2-4 awplus(config-if)# switchport mode private-vlan trunk promiscuous group 3 To remove port1.0.2 in trunk mode as a promiscuous port for a private VLAN, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no switchport mode private-vlan trunk promiscuous Note that you must remove the secondary port or ports enabled as trunk ports that are associated with the promiscuous port before removing the promiscuous port. Related Commands switchport mode private-vlan trunk secondary switchport mode trunk switchport trunk allowed vlan switchport trunk native vlan show vlan private-vlan C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 418 VLAN COMMANDS SWITCHPORT MODE PRIVATE-VLAN TRUNK SECONDARY switchport mode private-vlan trunk secondary Overview Use this command to enable a port in trunk mode to be a secondary port for isolated VLANs. NOTE: Private VLAN trunk ports are not supported by the current AlliedWare Plus GVRP implementation. Private VLAN trunk ports and GVRP are mutually exclusive. Use the no variant of this command to remove a port in trunk mode as a secondary port for isolated VLANs. Syntax switchport mode private-vlan trunk secondary group <group-id> no switchport mode private-vlan trunk secondary Default Parameter Description <group-id> The group ID is a numeric value in the range 1 to 32 that is used to associate a secondary port with its promiscuous port. By default, a port in trunk mode is disabled as a secondary port. When a port in trunk mode is enabled to be a secondary port for isolated VLANs, by default it will have a native VLAN of none(no native VLAN specified). Mode Interface Configuration Usage A port must be put in trunk mode with switchport mode trunk command before the port is enabled as a secondary port in trunk mode. To add VLANs to be trunked over the secondary port use the switchport trunk allowed vlan command. These must be isolated VLANs and must exist on the associated promiscuous port. To configure the native VLAN for the secondary port, use the switchport trunk native vlan command. The native VLAN must be an isolated VLAN and must exist on the associated promiscuous port. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 419 VLAN COMMANDS SWITCHPORT MODE PRIVATE-VLAN TRUNK SECONDARY Examples To create isolated private VLAN 2 and then enable port1.0.3 in trunk mode as a secondary port for the this VLAN with the group ID of 3, use the following commands: awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# vlan 2 awplus(config-vlan)# private-vlan 2 isolated awplus(config-vlan)# exit awplus(config)# interface port1.0.3 awplus(config-if)# switchport mode trunk awplus(config-if)# switchport trunk allowed vlan add 2 awplus(config-if)# switchport mode private-vlan trunk secondary group 3 To remove port1.0.3 in trunk mode as a secondary port, use the commands: awplus# configure terminal awplus(config)# interface port1.0.3 awplus(config-if)# no switchport mode private-vlan trunk secondary Related Commands switchport mode private-vlan trunk promiscuous switchport mode trunk switchport trunk allowed vlan switchport trunk native vlan show vlan private-vlan C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 420 VLAN COMMANDS SWITCHPORT MODE TRUNK switchport mode trunk Overview Syntax Default Use this command to set the switching characteristics of the port to trunk. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria. switchport mode trunk [ingress-filter {enable|disable}] Parameter Description ingress-filter Set the ingress filtering for the frames received. enable Turn on ingress filtering for received frames. This is the default. disable Turn off ingress filtering to accept frames that do not meet the classification criteria. By default, ports are in access mode, are untagged members of the default VLAN (vlan1), and have ingress filtering on. Mode Interface Configuration Usage A port in trunk mode can be a tagged member of multiple VLANs, and an untagged member of one native VLAN. To configure which VLANs this port will trunk for, use the switchport trunk allowed vlan command. Example awplus# configure terminal awplus(config)# interface port1.0.3 awplus(config-if)# switchport mode trunk ingress-filter enable Validation Command C613-50081-01 REV A show interface switchport Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 421 VLAN COMMANDS SWITCHPORT PRIVATE-VLAN HOST-ASSOCIATION switchport private-vlan host-association Overview Use this command to associate a primary VLAN and a secondary VLAN to a host port. Only one primary and secondary VLAN can be associated to a host port. Use the no variant of this command to remove the association. Syntax switchport private-vlan host-association <primary-vlan-id> add <secondary-vlan-id> no switchport private-vlan host-association Mode Examples Parameter Description <primary-vlan-id> VLAN ID of the primary VLAN. <secondary-vlan-id> VLAN ID of the secondary VLAN (either isolated or com­ munity). Interface Configuration awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport private-vlan host-association 2 add 3 awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no switchport private-vlan host-association C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 422 VLAN COMMANDS SWITCHPORT PRIVATE-VLAN MAPPING switchport private-vlan mapping Overview Use this command to associate a primary VLAN and a set of secondary VLANs to a promiscuous port. Use the no variant of this to remove all the association of secondary VLANs to primary VLANs for a promiscuous port. Syntax switchport private-vlan mapping <primary-vlan-id> add <secondary-vid-list> switchport private-vlan mapping <primary-vlan-id> remove <secondary-vid-list> no switchport private-vlan mapping Parameter Description <primary-vlan-id> VLAN ID of the primary VLAN. <secondary-vid-list> VLAN ID of the secondary VLAN (either isolated or community), or a range of VLANs, or a comma-separated list of VLANs and ranges. Mode Interface Configuration Usage This command can be applied to a switch port or a static channel group, but not a dynamic (LACP) channel group. LACP channel groups (dynamic/LACP aggregators) cannot be promiscuous ports in private VLANs. Examples awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport private-vlan mapping 2 add 3-4 awplus(config-if)# switchport private-vlan mapping 2 remove 3-4 awplus(config-if)# no switchport private-vlan mapping Related Commands C613-50081-01 REV A switchport mode private-vlan Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 423 VLAN COMMANDS SWITCHPORT TRUNK ALLOWED VLAN switchport trunk allowed vlan Overview Use this command to add VLANs to be trunked over this switch port. Traffic for these VLANs can be sent and received on the port. Use the no variant of this command to reset switching characteristics of a specified interface to negate a trunked configuration specified with switchport trunk allowed vlan command. Syntax switchport trunk allowed vlan all switchport trunk allowed vlan none switchport trunk allowed vlan add <vid-list> switchport trunk allowed vlan remove <vid-list> switchport trunk allowed vlan except <vid-list> no switchport trunk Default Parameter Description all Allow all VLANs to transmit and receive through the port. none Allow no VLANs to transmit and receive through the port. add Add a VLAN to transmit and receive through the port. Only use this parameter if a list of VLANs are already configured on a port. remove Remove a VLAN from transmit and receive through the port. Only use this parameter if a list of VLANs are already configured on a port. except All VLANs, except the VLAN for which the VID is specified, are part of its port member set. Only use this parameter to remove VLANs after either this parameter or the all parameter have added VLANs to a port. <vid-list> For a VLAN range, specify two VLAN numbers: lowest, then highest number in the range, separated by a hyphen. For a VLAN list, specify the VLAN numbers separated by commas. Do not enter spaces between hyphens or commas when setting parameters for VLAN ranges or lists. By default, ports are untagged members of the default VLAN (vlan1). Mode Interface Configuration Usage The all parameter sets the port to be a tagged member of all the VLANs configured on the device. The none parameter removes all VLANs from the port’s tagged member set. The add and remove parameters will add and remove VLANs to and from the port’s member set. See the note below about restrictions when using the add, remove, except, and all parameters. NOTE: Only use the add or the remove parameters with this command if a list of VLANs are configured on a port. Only use the except parameter to remove VLANs after C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 424 VLAN COMMANDS SWITCHPORT TRUNK ALLOWED VLAN either the except or the all parameters have first been used to add a list of VLANs to a port. To remove a VLAN, where the configuration for port1.0.6 shows the below output: awplus#show running-config ! interface port1.0.6 switchport switchport mode trunk switchport trunk allowed vlan except 4 Remove VLAN 3 by re-entering the except parameter with the list of VLANs to remove, instead of using the remove parameter, as shown in the command example below: awplus# configure terminal awplus(config)# interface port1.0.6 awplus(config-if)# switchport trunk allowed vlan except 3,4 Then the configuration is changed after entering the above commands to remove VLAN 3: awplus#show running-config ! interface port1.0.6 switchport switchport mode trunk switchport trunk allowed vlan except 3-4 To add a VLAN, where the configuration for port1.0.6 shows the below output: awplus#show running-config ! interface port1.0.6 switchport switchport mode trunk switchport trunk allowed vlan except 3-5 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 425 VLAN COMMANDS SWITCHPORT TRUNK ALLOWED VLAN Add VLAN 4 by re-entering the except parameter with a list of VLANs to exclude, instead of using the add parameter to include VLAN 4, as shown in the command example below: awplus# configure terminal awplus(config)# interface port1.0.5 awplus(config-if)# switchport trunk allowed vlan except 3,5 The configuration is changed after entering the above commands to add VLAN 4: awplus#show running-config ! interface port1.0.5 switchport switchport mode trunk switchport trunk allowed vlan except 3,5 Examples The following shows adding a single VLAN to the port’s member set. awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport trunk allowed vlan add 2 The following shows adding a range of VLANs to the port’s member set. awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport trunk allowed vlan add 2-4 The following shows adding a list of VLANs to the port’s member set. awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport trunk allowed vlan add 2,3,4 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 426 VLAN COMMANDS SWITCHPORT TRUNK NATIVE VLAN switchport trunk native vlan Overview Use this command to configure the native VLAN for this port. The native VLAN is used for classifying the incoming untagged packets. Use the none parameter with this command to remove the native VLAN from the port and set the acceptable frame types to vlan-tagged only. Use the no variant of this command to revert the native VLAN to the default VLAN ID 1. Command negation removes tagged VLANs, and sets the native VLAN to the default VLAN. Syntax switchport trunk native vlan {<vid>|none} no switchport trunk native vlan Default Mode Examples Parameter Description <vid> <2-2048> The ID of the VLAN that will be used to classify the incoming untagged packets. The VLAN ID must be a part of the VLAN member set of the port. none No native VLAN specified. This option removes the native VLAN from the port and sets the acceptable frame types to vlan-tagged only. Note: Use the no variant of this command to revert to the default VLAN 1 as the native VLAN for the specified interface switchport - not none. VLAN 1 (the default VLAN), which is reverted to using the no form of this command. Interface Configuration The following commands show configuration of VLAN 2 as the native VLAN for interface port1.0.2: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport trunk native vlan 2 The following commands show the removal of the native VLAN for interface port1.0.2: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport trunk native vlan none C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 427 VLAN COMMANDS SWITCHPORT TRUNK NATIVE VLAN The following commands revert the native VLAN to the default VLAN 1 for interface port1.0.2: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no switchport trunk native vlan C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 428 VLAN COMMANDS SWITCHPORT VLAN-STACKING (DOUBLE TAGGING) switchport vlan-stacking (double tagging) Overview Use this command to enable VLAN stacking on a port and set it to be a customer-edge-port or provider-port. This is sometimes referred to as VLAN double-tagging, nested VLANs, or Q in Q. Use no parameter with this command to disable VLAN stacking on an interface. Syntax switchport vlan-stacking {customer-edge-port|provider-port} no switchport vlan-stacking Default Parameter Description customer-edge-port Set the port to be a customer edge port. This port must already be in access mode. provider-port Set the port to be a provider port. This port must already be in trunk mode. By default, ports are not VLAN stacking ports. Mode Interface Configuration Usage Use VLAN stacking to separate traffic from different customers to that they can be managed over a provider network. Note that you must also enable jumbo frame support on the customer edge port, by using the mru jumbo command. Traffic with an extra VLAN header added by VLAN stacking cannot be routed. Example To apply vlan-stacking to the selected port, configure it to be a customer edge port, and turn on jumbo frames, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# switchport vlan-stacking customer-edge-port awplus(config-if)# mru jumbo C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 429 VLAN COMMANDS SWITCHPORT VOICE DSCP switchport voice dscp Overview Use this command for a specific port to configure the Layer 3 DSCP value advertised when the transmission of LLDP-MED Network Policy TLVs for voice devices is enabled. When LLDP-MED capable IP phones receive this network policy information, they transmit voice data with the specified DSCP value. Use the no variant of this command to reset the DSCP value to the default, 0. Syntax switchport voice dscp <0-63> no switchport voice dscp Default Parameter Description dscp Specify a DSCP value for voice data. <0-63> DSCP value. A DSCP value of 0 will be advertised. Mode Interface Configuration Usage LLDP-MED advertisements including Network Policy TLVs are transmitted via a port if: Example • LLDP is enabled (lldp run command) • Voice VLAN is configured for the port (switchport voice vlan command) • The port is configured to transmit LLDP advertisements—enabled by default (lldp transmit receive command) • The port is configured to transmit Network Policy TLVs—enabled by default (lldp med-tlv-select command) • There is an LLDP-MED device connected to the port To tell IP phones connected to port1.0.5 to send voice data with DSCP value 27, use the commands: awplus# configure terminal awplus(config)# interface port1.0.5 awplus(config-if)# switchport voice dscp 27 Related Commands lldp med-tlv-select show lldp switchport voice vlan C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 430 VLAN COMMANDS SWITCHPORT VOICE VLAN switchport voice vlan Overview Use this command to configure the Voice VLAN tagging advertised when the transmission of LLDP-MED Network Policy TLVs for voice endpoint devices is enabled. When LLDP-MED capable IP phones receive this network policy information, they transmit voice data with the specified tagging. This command also sets the ports to be spanning tree edge ports, that is, it enables spanning tree portfast on the ports. Use the no variant of this command to remove LLDP-MED network policy configuration for voice devices connected to these ports. This does not change the spanning tree edge port status. Syntax switchport voice vlan [<vid>|dot1p|dynamic|untagged] no switchport voice vlan Default Parameter Description dot1p The IP phone should send User Priority tagged packets, that is, packets in which the tag contains a User Priority value, and a VID of 0. (The User Priority tag is also known as the 802.1p priority tag, or the Class of Service (CoS) tag.) dynamic The VLAN ID with which the IP phone should send tagged packets will be assigned by RADIUS authentication. untagged The IP phone should send untagged packets. By default, no Voice VLAN is configured, and therefore no network policy is advertised for voice devices. Mode Interface Configuration Usage LLDP-MED advertisements including Network Policy TLVs are transmitted via a port if: • LLDP is enabled (lldp run command) • Voice VLAN is configured for the port using this command (switchport voice vlan) • The port is configured to transmit LLDP advertisements—enabled by default (lldp transmit receive command) • The port is configured to transmit Network Policy TLVs—enabled by default (lldp med-tlv-select command) • There is an LLDP-MED device connected to the port. To set the priority value to be advertised for tagged frames, use the switchport voice vlan priority command. If the Voice VLAN details are to be assigned by RADIUS, then the RADIUS server must be configured to send the attribute “Egress-VLANID (56)” or C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 431 VLAN COMMANDS SWITCHPORT VOICE VLAN “Egress-VLAN-Name (58)” in the RADIUS Accept message when authenticating a phone attached to this port. For more information about configuring authentication for Voice VLAN, see the LLDP Feature Overview and Configuration Guide. If the ports have been set to be edge ports by the switchport voice vlan command, the no variant of this command will leave them unchanged as edge ports. To set them back to their default non-edge port configuration, use the spanning-tree edgeport (RSTP and MSTP) command. Examples To tell IP phones connected to port1.0.5 to send voice data tagged for VLAN 10, use the commands: awplus# configure terminal awplus(config)# interface port1.0.5 awplus(config-if)# switchport voice vlan 10 To tell IP phones connected to ports 1.0.2-1.0.6 to send priority tagged packets (802.1p priority tagged with VID 0, so that they will be assigned to the port VLAN) use the following commands. The priority value is 5 by default, but can be configured with the switchport voice vlan priority command. awplus# configure terminal awplus(config)# interface port1.0.2-port1.0.6 awplus(config-if)# switchport voice vlan dot1p To dynamically configure the VLAN ID advertised to IP phones connected to port1.0.1 based on the VLAN assigned by RADIUS authentication (with RADIUS attribute “Egress- VLANID” or “Egress-VLAN-Name” in the RADIUS accept packet), use the commands: awplus# configure terminal awplus(config)# interface port1.0.1 awplus(config-if)# switchport voice vlan dynamic To remove the Voice VLAN, and therefore disable the transmission of LLDP-MED network policy information for voice devices on port1.0.6, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.6 awplus(config-if)# no switchport voice vlan C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 432 VLAN COMMANDS SWITCHPORT VOICE VLAN PRIORITY switchport voice vlan priority Overview Syntax Use this command to configure the Layer 2 user priority advertised when the transmission of LLDP-MED Network Policy TLVs for voice devices is enabled. This is the priority in the User Priority field of the IEEE 802.1Q VLAN tag, also known as the Class of Service (CoS), or 802.1p priority. When LLDP-MED capable IP phones receive this network policy information, they transmit voice data with the specified priority. switchport voice vlan priority <0-7> no switchport voice vlan priority Default Parameter Description priority Specify a user priority value for voice data. <0-7> Priority value. By default, the Voice VLAN user priority value is 5. Mode Interface Configuration Usage LLDP-MED advertisements including Network Policy TLVs are transmitted via a port if: • LLDP is enabled (lldp run command) • Voice VLAN is configured for the port (switchport voice vlan command) • The port is configured to transmit LLDP advertisements—enabled by default (lldp transmit receive command) • The port is configured to transmit Network Policy TLVs—enabled by default (lldp med-tlv-select command) • There is an LLDP-MED device connected to the port. To set the Voice VLAN tagging to be advertised, use the switchport voice vlan command. Example To remove the Voice VLAN, and therefore disable the transmission of LLDP-MED network policy information for voice devices on port1.0.6, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.6 awplus(config-if)# no switchport voice vlan Related Commands lldp med-tlv-select show lldp switchport voice vlan C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 433 VLAN COMMANDS VLAN vlan Overview This command creates VLANs, assigns names to them, and enables or disables them. Specifying the disable state causes all forwarding over the specified VLAN ID to cease. Specifying the enable state allows forwarding of frames on the specified VLAN. Note that the maximum number of VLAN the device supports is 2048. You can create a vlan 4000, for example, but you cannot have more than 2048 different VLANs as a total number of VLAN ID. The no variant of this command destroys the specified VLANs. Syntax vlan <vid> [name <vlan-name>] [state {enable|disable}] vlan <vid-range> [state {enable|disable}] vlan {<vid>|<vlan-name>} [mtu <mtu-value>] no vlan {<vid>|<vid-range>} [mtu] Default Mode Examples Parameter Description <vlan-name> The ASCII name of the VLAN. Maximum length: 32 characters. <vid-range> Specifies a range of VLAN identifiers. <mtu-value> Specifies the Maximum Transmission Unit (MTU) size in bytes, in the range 68 to1500 bytes, for the VLAN. enable Sets VLAN into an enable state. disable Sets VLAN into a disable state. By default, VLANs are enabled when they are created. VLAN Configuration awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# vlan 45 name accounts state enable awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# no vlan 45 Related Commands mtu vlan database show vlan C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 434 VLAN COMMANDS VLAN CLASSIFIER ACTIVATE vlan classifier activate Overview Use this command in Interface Configuration mode to associate a VLAN classifier group with the switch port. Use the no variant of this command to remove the VLAN classifier group from the switch port. Syntax vlan classifier activate <vlan-class-group-id> no vlan classifier activate <vlan-class-group-id> Parameter Description <vlan-class-group-id> Specify a VLAN classifier group identifier in the range <1-16>. Mode Interface Configuration mode for a switch port. Usage See the protocol-based VLAN configuration example in the VLAN Feature Overview and Configuration Guide for configuration details. You cannot enter this command on a link aggregator. Enter it on the aggregator's switch ports instead. Example To associate VLAN classifier group 3 with switch port1.0.3, enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.3 awplus(config-if)# vlan classifier activate 3 To remove VLAN classifier group 3 from switch port1.0.3, enter the following commands: awplus# configure terminal awplus(config)# interface port1.0.3 awplus(config-if)# no vlan classifier activate 3 Related Commands show vlan classifier rule vlan classifier group vlan classifier rule ipv4 vlan classifier rule proto C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 435 VLAN COMMANDS VLAN CLASSIFIER GROUP vlan classifier group Overview Use this command to create a group of VLAN classifier rules. The rules must already have been created. Use the no variant of this command to delete a group of VLAN classifier rules. Syntax vlan classifier group <1-16> {add|delete} rule <vlan-class-rule-id> no vlan classifier group <1-16> Mode Example Parameter Description <1-16> VLAN classifier group identifier add Add the rule to the group. delete Delete the rule from the group. <vlan-class-rule-id> The VLAN classifier rule identifier. Global Configuration awplus# configure terminal awplus(config)# vlan classifier group 3 add rule 5 Related Commands show vlan classifier rule vlan classifier activate vlan classifier rule ipv4 vlan classifier rule proto C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 436 VLAN COMMANDS VLAN CLASSIFIER RULE IPV4 vlan classifier rule ipv4 Overview Use this command to create an IPv4 subnet-based VLAN classifier rule and map it to a specific VLAN. Use the no variant of this command to delete the VLAN classifier rule. Syntax vlan classifier rule <1-256> ipv4 <ip-addr/prefix-length> vlan <1-2048> no vlan classifier rule <1-256> Parameter Description <1-256> Specify the VLAN Classifier Rule identifier. <ip-addr/prefix-length> Specify the IP address and prefix length. Mode Global Configuration Usage If the source IP address matches the IP subnet specified in the VLAN classifier rule, the received packets are mapped to the specified VLAN. Example awplus# configure terminal awplus(config)# vlan classifier rule 3 ipv4 3.3.3.3/8 vlan 5 Related Commands show vlan classifier rule vlan classifier activate vlan classifier rule proto C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 437 VLAN COMMANDS VLAN CLASSIFIER RULE PROTO vlan classifier rule proto Overview Use this command to create a protocol type-based VLAN classifier rule, and map it to a specific VLAN. See the published IANA EtherType IEEE 802 numbers here: www.iana.org/assignments/ieee-802-numbers/ieee-802-numbers.txt. Instead of a protocol name the decimal value of the protocol's EtherType can be entered. The EtherType field is a two-octet field in an Ethernet frame. It is used to show which protocol is encapsulated in the payload of the Ethernet frame. Note that EtherTypes in the IANA 802 numbers are given as hexadecimal values. The no variant of this command removes a previously set rule. Syntax no vlan classifier rule <1-256> Parameter Description <1-256> VLAN Classifier identifier proto Protocol type <protocol> Specify a protocol either by its decimal number (0-65535) or by one of the following protocol names: [arp|2054] Address Resolution protocol [atalkaarp|33011] Appletalk AARP protocol [atalkddp|32923] Appletalk DDP protocol [atmmulti|34892] MultiProtocol Over ATM protocol [atmtransport|34948] Frame-based ATM Transport protocol [dec|24576] DEC Assigned protocol [deccustom|24582] DEC Customer use protocol [decdiagnostics|24581] DEC Systems Comms Arch protocol [decdnadumpload|24577] DEC DNA Dump/Load protocol [decdnaremoteconsole|24578] DEC DNA Remote Console protocol C613-50081-01 REV A [decdnarouting|24579] DEC DNA Routing protocol [declat|24580] DEC LAT protocol [decsyscomm|24583] DEC Systems Comms Arch protocol Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 438 VLAN COMMANDS VLAN CLASSIFIER RULE PROTO Parameter Description [g8bpqx25|2303] G8BPQ AX.25 protocol [ieeeaddrtrans|2561] Xerox IEEE802.3 PUP Address [ieeepup|2560] Xerox IEEE802.3 PUP protocol [ip|2048] IP protocol [ipv6|34525] IPv6 protocol [ipx|33079] IPX protocol [netbeui|61680] IBM NETBIOS/NETBEUI protocol [netbeui|61681] IBM NETBIOS/NETBEUI protocol [pppdiscovery|34915] PPPoE discovery protocol [pppsession|34916] PPPoE session protocol [rarp|32821] Reverse Address Resolution protocol [x25|2056] CCITT.25 protocol [xeroxaddrtrans|513] Xerox PUP Address Translation protocol [xeroxpup|512] Xerox PUP protocol ethv2 Ethernet Version 2 encapsulation <1-4094> Specify a VLAN ID to which an untagged packet is mapped in the range <1-4094> <1-2048> Specify a VLAN ID to which an untagged packet is mapped in the range <1-2048> Mode Global Configuration Usage If the protocol type matches the protocol specified in the VLAN classifier rule, the received packets are mapped to the specified VLAN. Ethernet Frame Numbers may be entered in place of the protocol names listed. For a full list please refer to the IANA list online:www.iana.org/assignments/ieee-802-numbers/ieee-802-numbers.txt C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 439 VLAN COMMANDS VLAN CLASSIFIER RULE PROTO Examples awplus# configure terminal awplus(config)# vlan classifier rule 1 proto x25 encap ethv2 vlan 2 awplus(config)# vlan classifier rule 2 proto 512 encap ethv2 vlan 2 awplus(config)# vlan classifier rule 3 proto 2056 encap ethv2 vlan 2 awplus(config)# vlan classifier rule 4 proto 2054 encap ethv2 vlan 2 Validation Output awplus(config)# vlan classifier rule 5 proto 234525 encap ethv2 vlan awplus(config)# vlan classifier rule 6 proto 2ipv6 encap ethv2 vlan awplus(config)# vlan classifier rule 7 proto 22048 encap ethv2 vlan awplus(config)# vlan classifier rule 8 proto 2ip encap ethv2 vlan awplus# show vlan classifier rule vlan vlan vlan vlan vlan vlan Related Commands classifier rule 16 proto rarp encap ethv2 vlan 2 classifier rule 8 proto encap ethv2 vlan 2 classifier rule 4 proto arp encap ethv2 vlan 2 classifier rule 3 proto xeroxpup encap ethv2 vlan 2 classifier rule 2 proto ip encap ethv2 vlan 2 classifier rule 1 proto ipv6 encap ethv2 vlan 2 show vlan classifier rule vlan classifier activate vlan classifier group C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 440 VLAN COMMANDS VLAN DATABASE vlan database Overview Syntax Use this command to enter the VLAN Configuration mode. vlan database Mode Global Configuration Usage Use this command to enter the VLAN configuration mode. You can then add or delete a VLAN, or modify its values. Example In the following example, note the change to VLAN configuration mode from Configure mode: awplus# configure terminal awplus(config)# vlan database awplus(config-vlan)# Related Commands C613-50081-01 REV A vlan Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 441 14 Spanning Tree Commands Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference for commands used to configure RSTP, STP or MSTP. For information about spanning trees, including configuration procedures, see the STP Feature Overview and Configuration Guide. • “clear spanning-tree statistics” on page 444 • “clear spanning-tree detected protocols (RSTP and MSTP)” on page 445 • “debug mstp (RSTP and STP)” on page 446 • “instance priority (MSTP)” on page 450 • “instance vlan (MSTP)” on page 452 • “region (MSTP)” on page 454 • “revision (MSTP)” on page 455 • “show debugging mstp” on page 456 • “show spanning-tree” on page 457 • “show spanning-tree brief” on page 460 • “show spanning-tree mst” on page 461 • “show spanning-tree mst config” on page 462 • “show spanning-tree mst detail” on page 463 • “show spanning-tree mst detail interface” on page 465 • “show spanning-tree mst instance” on page 467 • “show spanning-tree mst instance interface” on page 468 • “show spanning-tree mst interface” on page 469 • “show spanning-tree mst detail interface” on page 470 • “show spanning-tree statistics” on page 472 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 442 SPANNING TREE COMMANDS C613-50081-01 REV A • “show spanning-tree statistics instance” on page 474 • “show spanning-tree statistics instance interface” on page 475 • “show spanning-tree statistics interface” on page 477 • “show spanning-tree vlan range-index” on page 479 • “spanning-tree autoedge (RSTP and MSTP)” on page 480 • “spanning-tree bpdu” on page 481 • “spanning-tree cisco-interoperability (MSTP)” on page 483 • “spanning-tree edgeport (RSTP and MSTP)” on page 484 • “spanning-tree enable” on page 485 • “spanning-tree errdisable-timeout enable” on page 487 • “spanning-tree errdisable-timeout interval” on page 488 • “spanning-tree force-version” on page 489 • “spanning-tree forward-time” on page 490 • “spanning-tree guard root” on page 491 • “spanning-tree hello-time” on page 492 • “spanning-tree link-type” on page 493 • “spanning-tree max-age” on page 494 • “spanning-tree max-hops (MSTP)” on page 495 • “spanning-tree mode” on page 496 • “spanning-tree mst configuration” on page 497 • “spanning-tree mst instance” on page 498 • “spanning-tree mst instance path-cost” on page 499 • “spanning-tree mst instance priority” on page 501 • “spanning-tree mst instance restricted-role” on page 502 • “spanning-tree mst instance restricted-tcn” on page 504 • “spanning-tree path-cost” on page 505 • “spanning-tree portfast (STP)” on page 506 • “spanning-tree portfast bpdu-filter” on page 508 • “spanning-tree portfast bpdu-guard” on page 510 • “spanning-tree priority (bridge priority)” on page 512 • “spanning-tree priority (port priority)” on page 513 • “spanning-tree restricted-role” on page 514 • “spanning-tree restricted-tcn” on page 515 • “spanning-tree transmit-holdcount” on page 516 • “undebug mstp” on page 517 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 443 SPANNING TREE COMMANDS CLEAR SPANNING-TREE STATISTICS clear spanning-tree statistics Overview Syntax Use this command to clear all the STP BPDU (Bridge Protocol Data Unit) statistics. clear spanning-tree statistics clear spanning-tree statistics [instance <mstp-instance>] clear spanning-tree statistics [interface <port> [instance <mstp-instance>]] Parameter Description <port> The port to clear STP BPDU statistics for. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). <mstpinstance> The MSTP instance (MSTI - Multiple Spanning Tree Instance) to clear MSTP BPDU statistics. Mode User Exec and Privileged Exec Usage Use this command with the instance parameter in MSTP mode. Specifying this command with the interface parameter only not the instance parameter will work in STP and RSTP mode. Examples awplus# clear spanning-tree statistics awplus# clear spanning-tree statistics instance 1 awplus# clear spanning-tree statistics interface port1.0.2 awplus# clear spanning-tree statistics interface port1.0.2 instance 1 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 444 SPANNING TREE COMMANDS CLEAR SPANNING-TREE DETECTED PROTOCOLS (RSTP AND MSTP) clear spanning-tree detected protocols (RSTP and MSTP) Overview Use this command to clear the detected protocols for a specific port, or all ports. Use this command in RSTP or MSTP mode only. Syntax Mode Example C613-50081-01 REV A clear spanning-tree detected protocols [interface <port>] Parameter Description <port> The port to clear detected protocols for. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). Privileged Exec awplus# clear spanning-tree detected protocols Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 445 SPANNING TREE COMMANDS DEBUG MSTP (RSTP AND STP) debug mstp (RSTP and STP) Overview Use this command to enable debugging for the configured spanning tree mode, and echo data to the console, at various levels. Note that although this command uses the keyword mstp it displays debugging output for RSTP and STP protocols as well the MSTP protocol. Use the no variant of this command to disable spanning tree debugging. Syntax debug mstp {all|cli|protocol [detail]|timer [detail]} debug mstp {packet {rx|tx} [decode] [interface <interface>]} debug mstp {topology-change [interface <interface>]} no debug mstp {all|cli|protocol [detail]|timer [detail]} no debug mstp {packet {rx|tx} [decode] [interface <interface>]} no debug mstp {topology-change [interface <interface>]} Mode Usage 1 Parameter Description all Echoes all spanning tree debugging levels to the console. cli Echoes spanning tree commands to the console. packet Echoes spanning tree packets to the console. rx Received packets. tx Transmitted packets. protocol Echoes protocol changes to the console. timer Echoes timer information to the console. detail Detailed output. decode Interprets packet contents topology-change Interprets topology change messages interface Keyword before <interface> placeholder to specify an interface to debug <interface> Placeholder used to specify the name of the interface to debug. Privileged Exec and Global Configuration mode Use the debug mstp topology-change interface command to generate debugging messages when the device receives an indication of a topology change in a BPDU from another device. The debugging can be activated on a per-port basis. Although this command uses the keyword mstp, it displays debugging output for RSTP and STP protocols as well as the MSTP protocol. Due to the likely volume of output, these debug messages are best viewed using the terminal monitor command before issuing the relevant debug mstp C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 446 SPANNING TREE COMMANDS DEBUG MSTP (RSTP AND STP) command. The default terminal monitor filter will select and display these messages. Alternatively, the messages can be directed to any of the other log outputs by adding a filter for the MSTP application using log buffered (filter) command: awplus# configure terminal awplus(config)# log buffered program mstp Output 1 awplus#terminal monitor awplus#debug mstp topology-change interface port1.0.4 10:09:09 awplus MSTP[1409]: Topology change rcvd on port1.0.4 (internal) 10:09:09 awplus MSTP[1409]: Topology change rcvd on MSTI 1 port1.0.4 aawplus#debug mstp topology-change interface port1.0.6 10:09:29 awplus MSTP[1409]: Topology change rcvd on port1.0.6 (external) 10:09:29 awplus MSTP[1409]: Topology change rcvd on MSTI 1 port1.0.6 Usage 2 Use the debug mstp packet rx|tx decode interface command to generate debugging messages containing the entire contents of a BPDU displayed in readable text for transmitted and received xSTP BPDUs. The debugging can be activated on a per-port basis and transmit and receive debugging is controlled independently. Although this command uses the keyword mstp, it displays debugging output for RSTP and STP protocols as well as the MSTP protocol. Due to the likely volume of output, these debug messages are best viewed using the terminal monitor command before issuing the relevant debug mstp command. The default terminal monitor filter will select and display these messages. Alternatively, the messages can be directed to any of the other log outputs by adding a filter for the MSTP application using the log buffered (filter) command: awplus(config)# log buffered program mstp Output 2 C613-50081-01 REV A In MSTP mode - an MSTP BPDU with 1 MSTI: Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 447 SPANNING TREE COMMANDS DEBUG MSTP (RSTP AND STP) awplus#terminal monitor awplus#debug mstp packet rx 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: 17:23:42 awplus MSTP[1417]: decode interface port1.0.4 port1.0.4 xSTP BPDU rx - start Protocol version: MSTP, BPDU type: RST CIST Flags: Agree Forward Learn role=Desig CIST root id : 0000:0000cd1000fe CIST ext pathcost : 0 CIST reg root id : 0000:0000cd1000fe CIST port id : 8001 (128:1) msg age: 0 max age: 20 hellotime: 2 fwd delay: 15 Version 3 length : 80 Format id : 0 Config name : test Revision level : 0 Config digest : 3ab68794d602fdf43b21c0b37ac3bca8 CIST int pathcost : 0 CIST bridge id : 0000:0000cd1000fe CIST hops remaining : 20 MSTI flags : Agree Forward Learn role=Desig MSTI reg root id : 8001:0000cd1000fe MSTI pathcost : 0 MSTI bridge priority : 32768 port priority : 128 MSTI hops remaining : 20 port1.0.4 xSTP BPDU rx - finish In STP mode transmitting a TCN BPDU: awplus#terminal monitor awplus#debug mstp packet tx 17:28:09 awplus MSTP[1417]: 17:28:09 awplus MSTP[1417]: 17:28:09 awplus MSTP[1417]: decode interface port1.0.4 port1.0.4 xSTP BPDU tx - start Protocol version: STP, BPDU type: TCN port1.0.4 xSTP BPDU tx - finish In STP mode receiving an STP BPDU: awplus#terminal monitor awplus#debug mstp packet rx 17:31:36 awplus MSTP[1417]: 17:31:36 awplus MSTP[1417]: 17:31:36 awplus MSTP[1417]: 17:31:36 awplus MSTP[1417]: 17:31:36 awplus MSTP[1417]: 17:31:36 awplus MSTP[1417]: 17:31:36 awplus MSTP[1417]: 17:31:36 awplus MSTP[1417]: 17:31:36 awplus MSTP[1417]: decode interface port1.0.4 port1.0.4 xSTP BPDU rx - start Protocol version: STP, BPDU type: Config Flags: role=none Root id : 8000:0000cd1000fe Root pathcost : 0 Bridge id : 8000:0000cd1000fe Port id : 8001 (128:1) msg age: 0 max age: 20 hellotime: 2 fwd delay: 15 ort1.0.4 xSTP BPDU rx - finish In RSTP mode receiving an RSTP BPDU: C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 448 SPANNING TREE COMMANDS DEBUG MSTP (RSTP AND STP) awplus#terminal monitor awplus#debug mstp packet rx decode interface port1.0.4 awplus#17:30:17 awplus MSTP[1417]: port1.0.4 xSTP BPDU rx - start 17:30:17 awplus MSTP[1417]: Protocol version: RSTP, BPDU type: RST 17:30:17 awplus MSTP[1417]: CIST Flags: Forward Learn role=Desig 17:30:17 awplus MSTP[1417]: CIST root id : 8000:0000cd1000fe 17:30:17 awplus MSTP[1417]: CIST ext pathcost : 0 17:30:17 awplus MSTP[1417]: CIST reg root id : 8000:0000cd1000fe 17:30:17 awplus MSTP[1417]: CIST port id : 8001 (128:1) 17:30:17 awplus MSTP[1417]: msg age: 0 max age: 20 hellotime: 2 fwd delay: 15 17:30:17 awplus MSTP[1417]: port1.0.4 xSTP BPDU rx - finish Examples awplus# debug mstp all awplus# debug mstp cli awplus# debug mstp packet rx awplus# debug mstp protocol detail awplus# debug mstp timer awplus# debug mstp packet rx decode interface port1.0.2 awplus# debug mstp packet tx decode interface port1.0.6 Related Commands log buffered (filter) show debugging mstp terminal monitor undebug mstp C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 449 SPANNING TREE COMMANDS INSTANCE PRIORITY (MSTP) instance priority (MSTP) Overview Use this command to set the priority for this device to become the root bridge for the specified MSTI (Multiple Spanning Tree Instance). Use this command for MSTP only. Use the no variant of this command to restore the root bridge priority of the device for the instance to the default. Syntax instance <instance-id> priority <priority> no instance <instance-id> priority Default Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. <priority> Specify the root bridge priority for the device for the MSTI in the range <0-61440>. Note that a lower priority number indicates a greater likelihood of the device becoming the root bridge. The priority values can be set only in increments of 4096. If you specify a number that is not a multiple of 4096, it will be rounded down. The default priority is 32768. The default priority value for all instances is 32768. Mode MST Configuration Usage MSTP lets you distribute traffic more efficiently across a network by blocking different links for different VLANs. You do this by making different devices into the root bridge for each MSTP instance, so that each instance blocks a different link. If all devices have the same root bridge priority for the instance, MSTP selects the device with the lowest MAC address to be the root bridge. Give the device a higher priority for becoming the root bridge for a particular instance by assigning it a lower priority number, or vice versa. Examples To set the root bridge priority for MSTP instance 2 to be the highest (0), so that it will be the root bridge for this instance when available, use the commands: awplus# configure terminal awplus(config)# spanning-tree mst configuration awplus(config-mst)# instance 2 priority 0 To reset the root bridge priority for instance 2 to the default (32768), use the commands: awplus# configure terminal awplus(config)# spanning-tree mst configuration awplus(config-mst)# no instance 2 priority C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 450 SPANNING TREE COMMANDS INSTANCE PRIORITY (MSTP) Related Commands region (MSTP) revision (MSTP) show spanning-tree mst config spanning-tree mst instance spanning-tree mst instance priority C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 451 SPANNING TREE COMMANDS INSTANCE VLAN (MSTP) instance vlan (MSTP) Overview Use this command to create an MST Instance (MSTI), and associate the specified VLANs with it. An MSTI is a spanning tree instance that exists within an MST region (MSTR). When a VLAN is associated with an MSTI the member ports of the VLAN are automatically configured to send and receive spanning-tree information for the associated MSTI. You can disable this automatic configuration of member ports of the VLAN to the associated MSTI by using a no spanning-tree mst instance command to remove the member port from the MSTI. Use the instance vlan command for MSTP only. Use the no variant of this command to remove the specified VLANs from the MSTI. Syntax instance <instance-id> vlan <vid-list> no instance <instance-id> vlan <vid-list> Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. <vid-list> Specify one or more VLAN identifiers (VID) to be associated with the MSTI specified. This can be a single VID in the range 1-4094, or a hyphen-separated range or a comma-separated list of VLAN IDs. Mode MST Configuration Usage The VLANs must be created before being associated with an MST instance (MSTI). If the VLAN range is not specified, the MSTI will not be created. This command removes the specified VLANs from the CIST and adds them to the specified MSTI. If you use the no variant of this command to remove the VLAN from the MSTI, it returns it to the CIST. To move a VLAN from one MSTI to another, you must first use the no variant of this command to return it to the CIST. Ports in these VLANs will remain in the control of the CIST until you associate the ports with the MSTI using the spanning-tree mst instance command. Example To associate VLAN 30 with MSTI 2, use the commands: awplus# configure terminal awplus(config)# spanning-tree mode mstp awplus(config)# spanning-tree mst configuration awplus(config-mst)# instance 2 vlan 30 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 452 SPANNING TREE COMMANDS INSTANCE VLAN (MSTP) Related Commands region (MSTP) revision (MSTP) show spanning-tree mst config spanning-tree mst instance vlan C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 453 SPANNING TREE COMMANDS REGION (MSTP) region (MSTP) Overview Use this command to assign a name to the device’s MST Region. MST Instances (MSTI) of a region form different spanning trees for different VLANs. Use this command for MSTP only. Use the no variant of this command to remove this region name and reset it to the default. Syntax region <region-name> no region Default Parameter Description <region-name> Specify the name of the region, up to 32 characters. Valid characters are upper-case, lower-case, digits, underscore. By default, the region name is My Name. Mode MST Configuration Usage The region name, the revision number, and the digest of the VLAN to MSTI configuration table must be the same on all devices that are intended to be in the same MST region. Example awplus# configure terminal awplus(config)# spanning-tree mst configuration awplus(config-mst)# region ATL Related Commands C613-50081-01 REV A revision (MSTP) show spanning-tree mst config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 454 SPANNING TREE COMMANDS REVISION (MSTP) revision (MSTP) Overview Use this command to specify the MST revision number to be used in the configuration identifier. Use this command for MSTP only. Syntax Default revision <revision-number> Parameter Description <revision-number> <0-65535> Revision number. The default of revision number is 0. Mode MST Configuration Usage The region name, the revision number, and the digest of the VLAN to MSTI configuration table must be the same on all devices that are intended to be in the same MST region. Example awplus# configure terminal awplus(config)# spanning-tree mst configuration awplus(config-mst)# revision 25 Related Commands region (MSTP) show spanning-tree mst config instance vlan (MSTP) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 455 SPANNING TREE COMMANDS SHOW DEBUGGING MSTP show debugging mstp Overview Use this command to show the MSTP debugging options set. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show debugging mstp User Exec and Privileged Exec mode To display the MSTP debugging options set, enter the command: awplus# show debugging mstp Output Figure 14-1: Example output from show debugging mstp MSTP debugging status: MSTP receiving packet debugging is on Related Commands C613-50081-01 REV A debug mstp (RSTP and STP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 456 SPANNING TREE COMMANDS SHOW SPANNING-TREE show spanning-tree Overview Use this command to display detailed spanning tree information on the specified port or on all ports. Use this command for RSTP, MSTP or STP. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show spanning-tree [interface <port-list>] Parameter Description interface Display information about the following port only. <port-list> The ports to display information about. A port-list can be: • a switch port (e.g. port1.0.6) a static channel group (e.g. sa2) or a dynamic (LACP) channel group (e.g. po2) • a continuous range of ports separated by a hyphen, e.g. port1.0.1-1.0.4, or sa1-2, or po1-2 • a comma-separated list of ports and port ranges, e.g. port1.0.1,port1.0.4-1.0.6. Do not mix switch ports, static channel groups, and dynamic (LACP) channel groups in the same list Mode User Exec and Privileged Exec Usage Note that any list of interfaces specified must not span any interfaces that are not installed. A topology change counter has been included for RSTP and MSTP. You can see the topology change counter for RSTP by using the show spanning-tree command. You can see the topology change counter for MSTP by using the show spanning-tree mst instance command. Example To display spanning tree information about port1.0.3, use the command: awplus# show spanning-tree interface port1.0.3 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 457 SPANNING TREE COMMANDS SHOW SPANNING-TREE Output Figure 14-2: Example output from show spanning-tree in RSTP mode awplus#show spanning-tree % 1: Bridge up - Spanning Tree Enabled % 1: Root Path Cost 0 - Root Port 0 - Bridge Priority 32768 % 1: Forward Delay 15 - Hello Time 2 - Max Age 20 % 1: Root Id 80000000cd24ff2d % 1: Bridge Id 80000000cd24ff2d % 1: last topology change Thu Jul 26 02:06:26 2007 % 1: portfast bpdu-filter disabled % 1: portfast bpdu-guard disabled % 1: portfast errdisable timeout disabled % 1: portfast errdisable timeout interval 300 sec % port1.0.1: Port 5001 - Id 8389 - Role Disabled - State Discarding % port1.0.1: Designated Path Cost 0 % port1.0.1: Configured Path Cost 20000000 - Add type Explicit ref count 1 % port1.0.1: Designated Port Id 8389 - Priority 128 - % port1.0.1: Root 80000000cd24ff2d % port1.0.1: Designated Bridge 80000000cd24ff2d % port1.0.1: Message Age 0 - Max Age 20 % port1.0.1: Hello Time 2 - Forward Delay 15 % port1.0.1: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0 % port1.0.1: forward-transitions 0 % port1.0.1: Version Rapid Spanning Tree Protocol - Received None - Send STP % port1.0.1: No portfast configured - Current portfast off % port1.0.1: portfast bpdu-guard default - Current portfast bpdu-guard off % port1.0.1: portfast bpdu-filter default - Current portfast bpdu-filter off % port1.0.1: no root guard configured - Current root guard off % port1.0.1: Configured Link Type point-to-point - Current shared % % port1.0.2: Port 5002 - Id 838a - Role Disabled - State Discarding % port1.0.2: Designated Path Cost 0 % port1.0.2: Configured Path Cost 20000000 - Add type Explicit ref count 1 % port1.0.2: Designated Port Id 838a - Priority 128 - % port1.0.2: Root 80000000cd24ff2d % port1.0.2: Designated Bridge 80000000cd24ff2d % port1.0.2: Message Age 0 - Max Age 20 % port1.0.2: Hello Time 2 - Forward Delay 15 % port1.0.2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0 % port1.0.2: forward-transitions 0 % port1.0.2: Version Rapid Spanning Tree Protocol - Received None - Send STP % port1.0.2: No portfast configured - Current portfast off % port1.0.2: portfast bpdu-guard default - Current portfast bpdu-guard off % port1.0.2: portfast bpdu-filter default - Current portfast bpdu-filter off % port1.0.2: no root guard configured - Current root guard off % port1.0.2: Configured Link Type point-to-point - Current shared Output C613-50081-01 REV A Figure 14-3: Example output from show spanning-tree Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 458 SPANNING TREE COMMANDS SHOW SPANNING-TREE % 1: Bridge up - Spanning Tree Enabled % 1: Root Path Cost 0 - Root Port 0 - Bridge Priority 32768 % 1: Forward Delay 15 - Hello Time 2 - Max Age 20 % 1: Root Id 80000000cd20f093 % 1: Bridge Id 80000000cd20f093 % 1: last topology change Sun Nov 20 12:24:24 1977 % 1: portfast bpdu-filter disabled % 1: portfast bpdu-guard disabled % 1: portfast errdisable timeout disabled % 1: portfast errdisable timeout interval 300 sec % port1.0.3: Port 5023 - Id 839f - Role Designated - State Forwarding % port1.0.3: Designated Path Cost 0 % port1.0.3: Configured Path Cost 200000 - Add type Explicit ref count 1 % port1.0.3: Designated Port Id 839f - Priority 128 - % port1.0.3: Root 80000000cd20f093 % port1.0.3: Designated Bridge 80000000cd20f093 % port1.0.3: Message Age 0 - Max Age 20 % port1.0.3: Hello Time 2 - Forward Delay 15 % port1.0.3: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 1 - topo change timer 0 % port1.0.3: forward-transitions 32 % port1.0.3: Version Rapid Spanning Tree Protocol - Received None - Send RSTP % port1.0.3: No portfast configured - Current portfast off % port1.0.3: portfast bpdu-guard default - Current portfast bpdu-guard off % port1.0.3: portfast bpdu-filter default - Current portfast bpdu-filter off % port1.0.3: no root guard configured - Current root guard off % port1.0.3: Configured Link Type point-to-point - Current point-to-point ... C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 459 SPANNING TREE COMMANDS SHOW SPANNING-TREE BRIEF show spanning-tree brief Overview Syntax Use this command to display a summary of spanning tree status information on all ports. Use this command for RSTP, MSTP or STP. show spanning-tree brief Parameter Description brief A brief summary of spanning tree information. Mode User Exec and Privileged Exec Usage Note that any list of interfaces specified must not span any interfaces that are not installed. A topology change counter has been included for RSTP and MSTP. You can see the topology change counter for RSTP by using the show spanning-tree command. You can see the topology change counter for MSTP by using the show spanning-tree mst instance command. Example To display a summary of spanning tree status information, use the command: awplus# show spanning-tree brief Output Figure 14-4: Example output from show spanning-tree brief Default: Bridge up - Spanning Tree Enabled Default: Root Path Cost 40000 - Root Port 4501 - Bridge Priority 32768 Default: Root Id 8000:0000cd250001 Default: Bridge Id 8000:0000cd296eb1 Port Designated Bridge Port Id Role State sa1 8000:001577c9744b 8195 Rootport Forwarding po1 8000:0000cd296eb1 81f9 Designated Forwarding port1.0.1 8000:0000cd296eb1 8389 Disabled Discarding port1.0.2 8000:0000cd296eb1 838a Disabled Discarding port1.0.3 8000:0000cd296eb1 838b Disabled Discarding ... Related Commands C613-50081-01 REV A show spanning-tree Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 460 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST show spanning-tree mst Overview This command displays bridge-level information about the CIST and VLAN to MSTI mappings. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show spanning-tree mst User Exec, Privileged Exec and Interface Configuration To display bridge-level information about the CIST and VLAN to MSTI mappings, enter the command: awplus# show spanning-tree mst Output Figure 14-5: Example output from show spanning-tree mst % 1: Bridge up - Spanning Tree Enabled % 1: CIST Root Path Cost 0 - CIST Root Port 0 - CIST Bridge Priority 32768 % 1: Forward Delay 15 - Hello Time 2 - Max Age 20 - Max-hops 20 % 1: CIST Root Id 8000000475e93ffe % 1: CIST Reg Root Id 8000000475e93ffe % 1: CST Bridge Id 8000000475e93ffe % 1: portfast bpdu-filter disabled % 1: portfast bpdu-guard disabled % 1: portfast errdisable timeout disabled % 1: portfast errdisable timeout interval 300 sec % % Instance VLAN % 0: 1 % 2: 4 Related Commands C613-50081-01 REV A show spanning-tree mst interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 461 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST CONFIG show spanning-tree mst config Overview Syntax Use this command to display MSTP configuration identifier for the device. show spanning-tree mst config Mode User Exec, Privileged Exec and Interface Configuration Usage The region name, the revision number, and the digest of the VLAN to MSTI configuration table must be the same on all devices that are intended to be in the same MST region. Example To display MSTP configuration identifier information, enter the command: awplus# show spanning-tree mst config Output Figure 14-6: Example output from show spanning-tree mst config awplus#show spanning-tree mst config % % MSTP Configuration Information: %------------------------------------------------------ % Format Id : 0 % Name : My Name % Revision Level : 0 % Digest : 0x80DEE46DA92A98CF21C603291B22880A %------------------------------------------------------ Related Commands instance vlan (MSTP) region (MSTP) revision (MSTP) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 462 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST DETAIL show spanning-tree mst detail Overview This command displays detailed information about each instance, and all interfaces associated with that particular instance. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show spanning-tree mst detail User Exec, Privileged Exec and Interface Configuration To display detailed information about each instance, and all interfaces associated with them, enter the command: awplus# show spanning-tree mst detail Output Figure 14-7: Example output from show spanning-tree mst detail % 1: Bridge up - Spanning Tree Enabled % 1: CIST Root Path Cost 0 - CIST Root Port 0 - CIST Bridge Priority 32768 % 1: Forward Delay 15 - Hello Time 2 - Max Age 20 - Max-hops 20 % 1: CIST Root Id 80000000cd24ff2d % 1: CIST Reg Root Id 80000000cd24ff2d % 1: CIST Bridge Id 80000000cd24ff2d % 1: portfast bpdu-filter disabled % 1: portfast bpdu-guard disabled % 1: portfast errdisable timeout disabled % 1: portfast errdisable timeout interval 300 sec % port1.0.1: Port 5001 - Id 8389 - Role Disabled - State Discarding % port1.0.1: Designated External Path Cost 0 -Internal Path Cost 0 % port1.0.1: Configured Path Cost 20000000 - Add type Explicit ref count 1 % port1.0.1: Designated Port Id 8389 - CIST Priority 128 - % port1.0.1: CIST Root 80000000cd24ff2d % port1.0.1: Regional Root 80000000cd24ff2d % port1.0.1: Designated Bridge 80000000cd24ff2d % port1.0.1: Message Age 0 - Max Age 20 % port1.0.1: CIST Hello Time 2 - Forward Delay 15 % port1.0.1: CIST Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0 ... % port1.0.2: forward-transitions 0 % port1.0.2: Version Multiple Spanning Tree Protocol - Received None - Send STP % port1.0.2: No portfast configured - Current portfast off % port1.0.2: portfast bpdu-guard default - Current portfast bpdu-guard off % port1.0.2: portfast bpdu-filter default - Current portfast bpdu-filter off % port1.0.2: no root guard configured - Current root guard off % port1.0.2: Configured Link Type point-to-point - Current shared % C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 463 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST DETAIL % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: change timer 0 % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: % port1.0.3: C613-50081-01 REV A Port 5003 - Id 838b - Role Disabled - State Discarding Designated External Path Cost 0 -Internal Path Cost 0 Configured Path Cost 20000000 - Add type Explicit ref count 1 Designated Port Id 838b - CIST Priority 128 - CIST Root 80000000cd24ff2d Regional Root 80000000cd24ff2d Designated Bridge 80000000cd24ff2d Message Age 0 - Max Age 20 CIST Hello Time 2 - Forward Delay 15 CIST Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo forward-transitions 0 Version Multiple Spanning Tree Protocol - Received None - Send STP No portfast configured - Current portfast off portfast bpdu-guard default - Current portfast bpdu-guard off portfast bpdu-filter default - Current portfast bpdu-filter off no root guard configured - Current root guard off Configured Link Type point-to-point - Current shared Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 464 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST DETAIL INTERFACE show spanning-tree mst detail interface Overview This command displays detailed information about the specified switch port, and the MST instances associated with it. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show spanning-tree mst detail interface <port> Parameter Description <port> The port to display information about. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). User Exec, Privileged Exec and Interface Configuration To display detailed information about port1.0.3 and the instances associated with it, enter the command: awplus# show spanning-tree mst detail interface port1.0.3 Output Figure 14-8: Example output from show spanning-tree mst detail interface % 1: Bridge up - Spanning Tree Enabled % 1: CIST Root Path Cost 0 - CIST Root Port 0 - CIST Bridge Priority 32768 % 1: Forward Delay 15 - Hello Time 2 - Max Age 20 - Max-hops 20 % 1: CIST Root Id 80000000cd24ff2d % 1: CIST Reg Root Id 80000000cd24ff2d % 1: CIST Bridge Id 80000000cd24ff2d % 1: portfast bpdu-filter disabled % 1: portfast bpdu-guard disabled % 1: portfast errdisable timeout disabled % 1: portfast errdisable timeout interval 300 sec % port1.0.2: Port 5002 - Id 838a - Role Disabled - State Discarding % port1.0.2: Designated External Path Cost 0 -Internal Path Cost 0 % port1.0.2: Configured Path Cost 20000000 - Add type Explicit ref count 2 % port1.0.2: Designated Port Id 838a - CIST Priority 128 - % port1.0.2: CIST Root 80000000cd24ff2d % port1.0.2: Regional Root 80000000cd24ff2d % port1.0.2: Designated Bridge 80000000cd24ff2d % port1.0.2: Message Age 0 - Max Age 20 % port1.0.2: CIST Hello Time 2 - Forward Delay 15 % port1.0.2: CIST Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0 % port1.0.2: forward-transitions 0 % port1.0.2: Version Multiple Spanning Tree Protocol - Received None - Send STP C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 465 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST DETAIL INTERFACE % % % % % % % % % % % % % % % % % % % % port1.0.2: port1.0.2: port1.0.2: port1.0.2: port1.0.2: No portfast configured - Current portfast off portfast bpdu-guard default - Current portfast bpdu-guard off portfast bpdu-filter default - Current portfast bpdu-filter off no root guard configured - Current root guard off Configured Link Type point-to-point - Current shared Instance 2: Vlans: 2 1: MSTI Root Path Cost 0 -MSTI Root Port 0 - MSTI Bridge Priority 32768 1: MSTI Root Id 80020000cd24ff2d 1: MSTI Bridge Id 80020000cd24ff2d port1.0.2: Port 5002 - Id 838a - Role Disabled - State Discarding port1.0.2: Designated Internal Path Cost 0 - Designated Port Id 838a port1.0.2: Configured Internal Path Cost 20000000 port1.0.2: Configured CST External Path cost 20000000 port1.0.2: CST Priority 128 - MSTI Priority 128 port1.0.2: Designated Root 80020000cd24ff2d port1.0.2: Designated Bridge 80020000cd24ff2d port1.0.2: Message Age 0 - Max Age 0 port1.0.2: Hello Time 2 - Forward Delay 15 port1.0.2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 466 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST INSTANCE show spanning-tree mst instance Overview This command displays detailed information for the specified instance, and all switch ports associated with that instance. A topology change counter has been included for RSTP and MSTP. You can see the topology change counter for RSTP by using the show spanning-tree command. You can see the topology change counter for MSTP by using the show spanning-tree mst instance command. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show spanning-tree mst instance <instance-id> Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. Mode User Exec, Privileged Exec, and Interface Configuration Usage To display detailed information for instance 2, and all switch ports associated with that instance, use the command: awplus# show spanning-tree mst instance 2 Output Figure 14-9: Example output from show spanning-tree mst instance % 1: MSTI Root Path Cost 0 - MSTI Root Port 0 - MSTI Bridge Priority 32768 % 1: MSTI Root Id 80020000cd24ff2d % 1: MSTI Bridge Id 80020000cd24ff2d % port1.0.2: Port 5002 - Id 838a - Role Disabled - State Discarding % port1.0.2: Designated Internal Path Cost 0 - Designated Port Id 838a % port1.0.2: Configured Internal Path Cost 20000000 % port1.0.2: Configured CST External Path cost 20000000 % port1.0.2: CST Priority 128 - MSTI Priority 128 % port1.0.2: Designated Root 80020000cd24ff2d % port1.0.2: Designated Bridge 80020000cd24ff2d % port1.0.2: Message Age 0 - Max Age 0 % port1.0.2: Hello Time 2 - Forward Delay 15 % port1.0.2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 % C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 467 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST INSTANCE INTERFACE show spanning-tree mst instance interface Overview This command displays detailed information for the specified MST (Multiple Spanning Tree) instance, and the specified switch port associated with that MST instance. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show spanning-tree mst instance <instance-id> interface <port> Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. <port> The port to display information about. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). User Exec, Privileged Exec, and Interface Configuration To display detailed information for instance 2, interface port1.0.2, use the command: awplus# show spanning-tree mst instance 2 interface port1.0.2 Output Figure 14-10: Example output from show spanning-tree mst instance % 1: MSTI Root Path Cost 0 - MSTI Root Port 0 - MSTI Bridge Priority 32768 % 1: MSTI Root Id 80020000cd24ff2d % 1: MSTI Bridge Id 80020000cd24ff2d % port1.0.2: Port 5002 - Id 838a - Role Disabled - State Discarding % port1.0.2: Designated Internal Path Cost 0 - Designated Port Id 838a % port1.0.2: Configured Internal Path Cost 20000000 % port1.0.2: Configured CST External Path cost 20000000 % port1.0.2: CST Priority 128 - MSTI Priority 128 % port1.0.2: Designated Root 80020000cd24ff2d % port1.0.2: Designated Bridge 80020000cd24ff2d % port1.0.2: Message Age 0 - Max Age 0 % port1.0.2: Hello Time 2 - Forward Delay 15 % port1.0.2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 % C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 468 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST INTERFACE show spanning-tree mst interface Overview This command displays the number of instances created, and VLANs associated with it for the specified switch port. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show spanning-tree mst interface <port> Parameter Description <port> The port to display information about. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). User Exec, Privileged Exec, and Interface Configuration To display detailed information about each instance, and all interfaces associated with them, for port1.0.4, use the command: awplus# show spanning-tree mst interface port1.0.4 Output % % % % % % % % % % % % % % % 1: 1: 1: 1: 1: 1: 1: 1: 1: 1: Figure 14-11: Example output from show spanning-tree mst interface Bridge up - Spanning Tree Enabled CIST Root Path Cost 0 - CIST Root Port 0 - CIST Bridge Priority 32768 Forward Delay 15 - Hello Time 2 - Max Age 20 - Max-hops 20 CIST Root Id 80000008c73a2b22 CIST Reg Root Id 80000008c73a2b22 CST Bridge Id 80000008c73a2b22 portfast bpdu-filter disabled portfast bpdu-guard disabled portfast errdisable timeout disabled portfast errdisable timeout interval 1 sec Instance 0: 1: 2: C613-50081-01 REV A VLAN 1 2-3 4-5 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 469 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST DETAIL INTERFACE show spanning-tree mst detail interface Overview This command displays detailed information about the specified switch port, and the MST instances associated with it. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show spanning-tree mst detail interface <port> Parameter Description <port> The port to display information about. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). User Exec, Privileged Exec and Interface Configuration To display detailed information about port1.0.3 and the instances associated with it, enter the command: awplus# show spanning-tree mst detail interface port1.0.3 Output Figure 14-12: Example output from show spanning-tree mst detail interface % 1: Bridge up - Spanning Tree Enabled % 1: CIST Root Path Cost 0 - CIST Root Port 0 - CIST Bridge Priority 32768 % 1: Forward Delay 15 - Hello Time 2 - Max Age 20 - Max-hops 20 % 1: CIST Root Id 80000000cd24ff2d % 1: CIST Reg Root Id 80000000cd24ff2d % 1: CIST Bridge Id 80000000cd24ff2d % 1: portfast bpdu-filter disabled % 1: portfast bpdu-guard disabled % 1: portfast errdisable timeout disabled % 1: portfast errdisable timeout interval 300 sec % port1.0.2: Port 5002 - Id 838a - Role Disabled - State Discarding % port1.0.2: Designated External Path Cost 0 -Internal Path Cost 0 % port1.0.2: Configured Path Cost 20000000 - Add type Explicit ref count 2 % port1.0.2: Designated Port Id 838a - CIST Priority 128 - % port1.0.2: CIST Root 80000000cd24ff2d % port1.0.2: Regional Root 80000000cd24ff2d % port1.0.2: Designated Bridge 80000000cd24ff2d % port1.0.2: Message Age 0 - Max Age 20 % port1.0.2: CIST Hello Time 2 - Forward Delay 15 % port1.0.2: CIST Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0 % port1.0.2: forward-transitions 0 % port1.0.2: Version Multiple Spanning Tree Protocol - Received None - Send STP C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 470 SPANNING TREE COMMANDS SHOW SPANNING-TREE MST DETAIL INTERFACE % % % % % % % % % % % % % % % % % % % % port1.0.2: port1.0.2: port1.0.2: port1.0.2: port1.0.2: No portfast configured - Current portfast off portfast bpdu-guard default - Current portfast bpdu-guard off portfast bpdu-filter default - Current portfast bpdu-filter off no root guard configured - Current root guard off Configured Link Type point-to-point - Current shared Instance 2: Vlans: 2 1: MSTI Root Path Cost 0 -MSTI Root Port 0 - MSTI Bridge Priority 32768 1: MSTI Root Id 80020000cd24ff2d 1: MSTI Bridge Id 80020000cd24ff2d port1.0.2: Port 5002 - Id 838a - Role Disabled - State Discarding port1.0.2: Designated Internal Path Cost 0 - Designated Port Id 838a port1.0.2: Configured Internal Path Cost 20000000 port1.0.2: Configured CST External Path cost 20000000 port1.0.2: CST Priority 128 - MSTI Priority 128 port1.0.2: Designated Root 80020000cd24ff2d port1.0.2: Designated Bridge 80020000cd24ff2d port1.0.2: Message Age 0 - Max Age 0 port1.0.2: Hello Time 2 - Forward Delay 15 port1.0.2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 471 SPANNING TREE COMMANDS SHOW SPANNING-TREE STATISTICS show spanning-tree statistics Overview This command displays BPDU (Bridge Protocol Data Unit) statistics for all spanning-tree instances, and all switch ports associated with all spanning-tree instances. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show spanning-tree statistics Mode Privileged Exec Usage To display BPDU statistics for all spanning-tree instances, and all switch ports associated with all spanning-tree instances, use the command: awplus# show spanning-tree statistics Output Figure 14-13: Example output from show spanning-tree statistics Port number = 915 Interface = port1.0.6 ================================ % BPDU Related Parameters % ----------------------- % Port Spanning Tree : Disable % Spanning Tree Type : Rapid Spanning Tree Protocol % Current Port State : Discarding % Port ID : 8393 % Port Number : 393 % Path Cost : 20000000 % Message Age : 0 % Designated Root : ec:cd:6d:20:c0:ed % Designated Cost : 0 % Designated Bridge : ec:cd:6d:20:c0:ed % Designated Port Id : 8393 % Top Change Ack : FALSE % Config Pending : FALSE % PORT Based Information & Statistics % ----------------------------------- % Config Bpdu's xmitted : 0 % Config Bpdu's received : 0 % TCN Bpdu's xmitted : 0 % TCN Bpdu's received : 0 % Forward Trans Count : 0 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 472 SPANNING TREE COMMANDS SHOW SPANNING-TREE STATISTICS % % % % % % % % % % % % % % % % % % % % % STATUS of Port Timers --------------------- Hello Time Configured Hello timer Hello Time Value Forward Delay Timer Forward Delay Timer Value Message Age Timer Message Age Timer Value Topology Change Timer Topology Change Timer Value Hold Timer Hold Timer Value Other Port-Specific Info ------------------------ Max Age Transitions Msg Age Expiry Similar BPDUS Rcvd Src Mac Count Total Src Mac Rcvd Next State Topology Change Time C613-50081-01 REV A : : : : : : : : : : : 2 INACTIVE 0 INACTIVE 0 INACTIVE 0 INACTIVE 0 INACTIVE 0 : : : : : : : 1 0 0 0 0 Learning 0 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 473 SPANNING TREE COMMANDS SHOW SPANNING-TREE STATISTICS INSTANCE show spanning-tree statistics instance Overview This command displays BPDU (Bridge Protocol Data Unit) statistics for the specified MST (Multiple Spanning Tree) instance, and all switch ports associated with that MST instance. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show spanning-tree statistics instance <instance-id> Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. Mode Privileged Exec Usage To display BPDU statistics information for MST instance 2, and all switch ports associated with that MST instance, use the command: awplus# show spanning-tree statistics instance 2 Output Figure 14-14: Example output from show spanning-tree statistics instance % % INST_PORT port1.0.3 Information & Statistics % ---------------------------------------- % Config Bpdu's xmitted (port/inst) : (0/0) % Config Bpdu's received (port/inst) : (0/0) % TCN Bpdu's xmitted (port/inst) : (0/0) % TCN Bpdu's received (port/inst) : (0/0) % Message Age(port/Inst) : (0/0) % port1.0.3: Forward Transitions : 0 % Next State : Learning % Topology Change Time : 0 ... Related Commands C613-50081-01 REV A show spanning-tree statistics Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 474 SPANNING TREE COMMANDS SHOW SPANNING-TREE STATISTICS INSTANCE INTERFACE show spanning-tree statistics instance interface Overview This command displays BPDU (Bridge Protocol Data Unit) statistics for the specified MST (Multiple Spanning Tree) instance and the specified switch port associated with that MST instance. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show spanning-tree statistics instance <instance-id> interface <port> Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. <port> The port to display information about. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). Privileged Exec To display BPDU statistics for MST instance 2, interface port1.0.2, use the command: awplus# show spanning-tree statistics instance 2 interface port1.0.2 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 475 SPANNING TREE COMMANDS SHOW SPANNING-TREE STATISTICS INSTANCE INTERFACE Output Figure 14-15: Example output from show spanning-tree statistics instance interface awplus#sh spanning-tree statistics interface port1.0.2 instance 1 Spanning Tree Enabled for Instance : 1 ================================== % INST_PORT port1.0.2 Information & Statistics % ---------------------------------------- % Config Bpdu's xmitted (port/inst) : (0/0) % Config Bpdu's received (port/inst) : (0/0) % TCN Bpdu's xmitted (port/inst) : (0/0) % TCN Bpdu's received (port/inst) : (0/0) % Message Age(port/Inst) : (0/0) % port1.0.2: Forward Transitions : 0 % Next State : Learning % Topology Change Time : 0 % Other Inst/Vlan Information & Statistics % ---------------------------------------- % Bridge Priority : 0 % Bridge Mac Address : ec:cd:6d:20:c0:ed % Topology Change Initiator : 5023 % Last Topology Change Occured : Mon Aug 22 05:42:06 2011 % Topology Change : FALSE % Topology Change Detected : FALSE % Topology Change Count : 1 % Topology Change Last Recvd from : 00:00:00:00:00:00 Related Commands C613-50081-01 REV A show spanning-tree statistics Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 476 SPANNING TREE COMMANDS SHOW SPANNING-TREE STATISTICS INTERFACE show spanning-tree statistics interface Overview This command displays BPDU (Bridge Protocol Data Unit) statistics for the specified switch port, and all MST instances associated with that switch port. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show spanning-tree statistics interface <port> Parameter Description <port> The port to display information about. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). Privileged Exec To display BPDU statistics about each MST instance for port1.0.4, use the command: awplus# show spanning-tree statistics interface port1.0.4 Output Figure 14-16: Example output from show spanning-tree statistics interface awplus#show spanning-tree statistics interface port1.0.2 Port number = 906 Interface = port1.0.2 ================================ % BPDU Related Parameters % ----------------------- % Port Spanning Tree : Disable % Spanning Tree Type : Multiple Spanning Tree Protocol % Current Port State : Discarding % Port ID : 838a % Port Number : 38a % Path Cost : 20000000 % Message Age : 0 % Designated Root : ec:cd:6d:20:c0:ed % Designated Cost : 0 % Designated Bridge : ec:cd:6d:20:c0:ed % Designated Port Id : 838a % Top Change Ack : FALSE % Config Pending : FALSE C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 477 SPANNING TREE COMMANDS SHOW SPANNING-TREE STATISTICS INTERFACE % % % % % % % PORT Based Information & Statistics ----------------------------------- Config Bpdu's xmitted : Config Bpdu's received : TCN Bpdu's xmitted : TCN Bpdu's received : Forward Trans Count : 0 0 0 0 0 % % % % % % % % % % % % % STATUS of Port Timers --------------------- Hello Time Configured Hello timer Hello Time Value Forward Delay Timer Forward Delay Timer Value Message Age Timer Message Age Timer Value Topology Change Timer Topology Change Timer Value Hold Timer Hold Timer Value 2 INACTIVE 0 INACTIVE 0 INACTIVE 0 INACTIVE 0 INACTIVE 0 : : : : : : : : : : : % Other Port-Specific Info ------------------------ % Max Age Transitions : 1 % Msg Age Expiry : 0 % Similar BPDUS Rcvd : 0 % Src Mac Count : 0 % Total Src Mac Rcvd : 0 % Next State : Learning % Topology Change Time : 0 % Other Bridge information & Statistics -------------------------------------- % STP Multicast Address : 01:80:c2:00:00:00 % Bridge Priority : 32768 % Bridge Mac Address : ec:cd:6d:20:c0:ed % Bridge Hello Time : 2 % Bridge Forward Delay : 15 % Topology Change Initiator : 5023 % Last Topology Change Occured : Mon Aug 22 05:41:20 2011 % Topology Change : FALSE % Topology Change Detected : TRUE % Topology Change Count : 1 % Topology Change Last Recvd from : 00:00:00:00:00:00 Related Commands C613-50081-01 REV A show spanning-tree statistics Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 478 SPANNING TREE COMMANDS SHOW SPANNING-TREE VLAN RANGE-INDEX show spanning-tree vlan range-index Overview Syntax Mode Example Use this command to display information about MST (Multiple Spanning Tree) instances and the VLANs associated with them including the VLAN range-index value for the device. show spanning-tree vlan range-index Privileged Exec To display information about MST instances and the VLANs associated with them for the device, including the VLAN range-index value, use the following command: awplus# show spanning-tree vlan range-index Output Figure 14-17: Example output from show spanning-tree vlan range-index awplus#show spanning-tree vlan range-index % MST Instance VLAN RangeIdx % 1 1 1% Related Commands C613-50081-01 REV A show spanning-tree statistics Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 479 SPANNING TREE COMMANDS SPANNING-TREE AUTOEDGE (RSTP AND MSTP) spanning-tree autoedge (RSTP and MSTP) Overview Use this command to enable the autoedge feature on the port. The autoedge feature allows the port to automatically detect that it is an edge port. If it does not receive any BPDUs in the first three seconds after linkup, enabling, or entering RSTP or MSTP mode, it sets itself to be an edgeport and enters the forwarding state. Use this command for RSTP or MSTP. Use the no variant of this command to disable this feature. Syntax spanning-tree autoedge no spanning-tree autoedge Default Mode Example Disabled Interface Configuration awplus# configure terminal awplus(config)# interface port1.0.3 awplus(config-if)# spanning-tree autoedge Related Commands C613-50081-01 REV A spanning-tree edgeport (RSTP and MSTP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 480 SPANNING TREE COMMANDS SPANNING-TREE BPDU spanning-tree bpdu Overview Use this command in Global Configuration mode to configure BPDU (Bridge Protocol Data Unit) discarding or forwarding, with STP (Spanning Tree Protocol) disabled on the switch. See the Usage note about disabling Spanning Tree before using this command, and using this command to forward unsupported BPDUs unchanged for unsupported STP Protocols. There is not a no variant for this command. Instead, apply the discard parameter to reset it back to the default then re-enable STP with spanning-tree enable command. Syntax Default spanning-tree bpdu {discard|forward|forward-untagged-vlan|forward-vlan} Parameter Description bpdu A port that has BPDU filtering enabled will not transmit any BPDUs and will ignore any BPDUs received. This port type has one of the following parameters (in Global Configuration mode): discard Discards all ingress STP BPDU frames. forward Forwards any ingress STP BPDU packets to all ports, regardless of any VLAN membership. forwarduntaggedvlan Forwards any ingress STP BPDU frames to all ports that are untagged members of the ingress port’s native VLAN. forwardvlan Forwards any ingress STP BPDU frames to all ports that are tagged members of the ingress port’s native VLAN. The discard parameter is enabled by default. Mode Global Configuration Usage You must first disable Spanning Tree with the spanning-tree enable command before you can use this command to then configure BPDU discarding or forwarding. This command enables the switch to forward unsupported BPDUs with an unsupported Spanning Tree Protocol, such as proprietary STP protocols with unsupported BPDUs, by forwarding BDPU (Bridge Protocol Data Unit) frames unchanged through the switch. When you want to revert to default behavior on the switch, issue a spanning-tree bdpu discard command and re-enable Spanning Tree with a s panning-tree enable command. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 481 SPANNING TREE COMMANDS SPANNING-TREE BPDU Examples To enable STP BPDU discard in Global Configuration mode with STP disabled, which discards all ingress STP BPDU frames, enter the commands: awplus# configure terminal awplus(config)# no spanning-tree stp enable awplus(config)# spanning-tree bpdu discard To enable STP BPDU forward in Global Configuration mode with STP disabled, which forwards any ingress STP BPDU frames to all ports regardless of any VLAN membership, enter the commands: awplus# configure terminal awplus(config)# no spanning-tree stp enable awplus(config)# spanning-tree bpdu forward To enable STP BPDU forwarding for untagged frames in Global Configuration mode with STP disabled, which forwards any ingress STP BPDU frames to all ports that are untagged members of the ingress port’s native VLAN, enter the commands: awplus# configure terminal awplus(config)# no spanning-tree stp enable awplus(config)# spanning-tree bpdu forward-untagged-vlan To enable STP BPDU forwarding for tagged frames in Global Configuration mode with STP disabled, which forwards any ingress STP BPDU frames to all ports that are tagged members of the ingress port’s native VLAN, enter the commands: awplus# configure terminal awplus(config)# no spanning-tree stp enable awplus(config)# spanning-tree bpdu forward-vlan To reset STP BPDU back to the default discard parameter and re-enable STP on the switch, enter the commands: awplus# configure terminal awplus(config)# spanning-tree bpdu discard awplus(config)# spanning-tree stp enable Related Commands C613-50081-01 REV A show spanning-tree spanning-tree enable Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 482 SPANNING TREE COMMANDS SPANNING-TREE CISCO-INTEROPERABILITY (MSTP) spanning-tree cisco-interoperability (MSTP) Overview Use this command to enable/disable Cisco-interoperability for MSTP. Use this command for MSTP only. Syntax Default spanning-tree cisco-interoperability {enable|disable} Parameter Description enable Enable Cisco interoperability for MSTP. disable Disable Cisco interoperability for MSTP. If this command is not used, Cisco interoperability is disabled. Mode Global Configuration Usage For compatibility with certain Cisco devices, all devices in the switched LAN running the AlliedWare Plus™ Operating System must have Cisco-interoperability enabled. When the AlliedWare Plus Operating System is interoperating with Cisco, the only criteria used to classify a region are the region name and revision level. VLAN to instance mapping is not used to classify regions when interoperating with Cisco. Examples To enable Cisco interoperability on a Layer 2 device: awplus# configure terminal awplus(config)# spanning-tree cisco-interoperability enable To disable Cisco interoperability on a Layer 2 device: awplus# configure terminal awplus(config)# spanning-tree cisco-interoperability disable C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 483 SPANNING TREE COMMANDS SPANNING-TREE EDGEPORT (RSTP AND MSTP) spanning-tree edgeport (RSTP and MSTP) Overview Use this command to set a port as an edge-port. Use this command for RSTP or MSTP. This command has the same effect as the spanning-tree portfast (STP) command, but the configuration displays differently in the output of some show commands. Use the no variant of this command to set a port to its default state (not an edge-port). Syntax spanning-tree edgeport no spanning-tree edgeport Default Not an edge port. Mode Interface Configuration Usage Use this command on a switch port connected to a LAN that has no other bridges attached. If a BPDU is received on the port that indicates that another bridge is connected to the LAN, then the port is no longer treated as an edge port. Example awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree edgeport Related Commands C613-50081-01 REV A spanning-tree autoedge (RSTP and MSTP) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 484 SPANNING TREE COMMANDS SPANNING-TREE ENABLE spanning-tree enable Overview Use this command in Global Configuration mode to enable the specified spanning tree protocol for all switch ports. Note that this must be the spanning tree protocol that is configured on the device by the spanning-tree mode command. Use the no variant of this command to disable the configured spanning tree protocol. This places all switch ports in the forwarding state. Syntax spanning-tree {mstp|rstp|stp} enable no spanning-tree {mstp|rstp|stp} enable Default Parameter Description mstp Enables or disables MSTP (Multiple Spanning Tree Protocol). rstp Enables or disables RSTP (Rapid Spanning Tree Protocol). stp Enables or disables STP (Spanning Tree Protocol). RSTP is enabled by default for all switch ports. Mode Global Configuration Usage With no configuration, spanning tree is enabled, and the spanning tree mode is set to RSTP. To change the mode, see spanning-tree mode command. Examples To enable STP in Global Configuration mode, enter the below commands: awplus# configure terminal awplus(config)# spanning-tree stp enable To disable STP in Global Configuration mode, enter the below commands: awplus# configure terminal awplus(config)# no spanning-tree stp enable To enable MSTP in Global Configuration mode, enter the below commands: awplus# configure terminal awplus(config)# spanning-tree mstp enable To disable MSTP in Global Configuration mode, enter the below commands: awplus# configure terminal awplus(config)# no spanning-tree mstp enable To enable RSTP in Global Configuration mode, enter the below commands: awplus# configure terminal awplus(config)# spanning-tree rstp enable C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 485 SPANNING TREE COMMANDS SPANNING-TREE ENABLE To disable RSTP in Global Configuration mode, enter the below commands: awplus# configure terminal awplus(config)# no spanning-tree rstp enable Related Commands C613-50081-01 REV A spanning-tree bpdu spanning-tree mode Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 486 SPANNING TREE COMMANDS SPANNING-TREE ERRDISABLE-TIMEOUT ENABLE spanning-tree errdisable-timeout enable Overview Use this command to enable the errdisable-timeout facility, which sets a timeout for ports that are disabled due to the BPDU guard feature. Use this command for RSTP or MSTP. Use the no variant of this command to disable the errdisable-timeout facility. Syntax spanning-tree errdisable-timeout enable no spanning-tree errdisable-timeout enable Default By default, the errdisable-timeout is disabled. Mode Global Configuration Usage The BPDU guard feature shuts down the port on receiving a BPDU on a BPDU-guard enabled port. This command associates a timer with the feature such that the port is re- enabled without manual intervention after a set interval. This interval can be configured by the user using the spanning-tree errdisable-timeout interval command. Example awplus# configure terminal awplus(config)# spanning-tree errdisable-timeout enable Related Commands show spanning-tree spanning-tree errdisable-timeout interval spanning-tree portfast bpdu-guard C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 487 SPANNING TREE COMMANDS SPANNING-TREE ERRDISABLE-TIMEOUT INTERVAL spanning-tree errdisable-timeout interval Overview Use this command to specify the time interval after which a port is brought back up when it has been disabled by the BPDU guard feature. Use this command for RSTP or MSTP. Syntax spanning-tree errdisable-timeout interval <10-1000000> no spanning-tree errdisable-timeout interval Default Mode Example Parameter Description <10-1000000> Specify the errdisable-timeout interval in seconds. By default, the port is re-enabled after 300 seconds. Global Configuration awplus# configure terminal awplus(config)# spanning-tree errdisable-timeout interval 34 Related Commands show spanning-tree spanning-tree errdisable-timeout enable spanning-tree portfast bpdu-guard C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 488 SPANNING TREE COMMANDS SPANNING-TREE FORCE-VERSION spanning-tree force-version Overview Syntax Use this command in Interface Configuration mode for a switch port interface only to force the protocol version for the switch port. Use this command for RSTP or MSTP only. spanning-tree force-version <version> no spanning-tree force-version Default Mode Examples Parameter Description <version> <0-3> Version identifier. 0 Forces the port to operate in STP mode. 1 Not supported. 2 Forces the port to operate in RSTP mode. If it receives STP BPDUs, it can automatically revert to STP mode. 3 Forces the port to operate in MSTP mode (this option is only available if MSTP mode is configured). If it receives RSTP or STP BPDUs, it can automatically revert to RSTP or STP mode. By default, no version is forced for the port. The port is in the spanning tree mode configured for the device, or a lower version if it automatically detects one. Interface Configuration mode for a switch port interface only. Set the value to enforce the spanning tree protocol (STP): awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree force-version 0 Set the default protocol version: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no spanning-tree force-version Related Commands C613-50081-01 REV A show spanning-tree Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 489 SPANNING TREE COMMANDS SPANNING-TREE FORWARD-TIME spanning-tree forward-time Overview Use this command to set the forward delay value. Use the no variant of this command to reset the forward delay value to the default setting of 15 seconds. The forward delay sets the time (in seconds) to control how fast a port changes its spanning tree state when moving towards the forwarding state. If the mode is set to STP, the value determines how long the port stays in each of the listening and learning states which precede the forwarding state. If the mode is set to RSTP or MSTP, this value determines the maximum time taken to transition from discarding to learning and from learning to forwarding. This value is used only when the device is acting as the root bridge. Devices not acting as the Root Bridge use a dynamic value for the forward delay set by the root bridge. The forward delay, max-age, and hello time parameters are interrelated. Syntax spanning-tree forward-time <forward-delay> no spanning-tree forward-time Default Parameter Description <forward-delay> <4-30> The forwarding time delay in seconds. The default is 15 seconds. Mode Global Configuration Usage The allowable range for forward-time is 4-30 seconds. The forward delay, max-age, and hello time parameters should be set according to the following formula, as specified in IEEE Standard 802.1d: 2 x (forward delay - 1.0 seconds) >= max-age max-age >= 2 x (hello time + 1.0 seconds) Example awplus# configure terminal awplus(config)# spanning-tree forward-time 6 Related Commands show spanning-tree spanning-tree forward-time spanning-tree hello-time spanning-tree mode C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 490 SPANNING TREE COMMANDS SPANNING-TREE GUARD ROOT spanning-tree guard root Overview Use this command in Interface Configuration mode for a switch port only to enable the Root Guard feature for the switch port. The root guard feature disables reception of superior BPDUs. You can use this command for RSTP, STP or MSTP. Use the no variant of this command to disable the root guard feature for the port. Syntax spanning-tree guard root no spanning-tree guard root Mode Interface Configuration mode for a switch port interface only. Usage The Root Guard feature makes sure that the port on which it is enabled is a designated port. If the Root Guard enabled port receives a superior BPDU, it goes to a Listening state (for STP) or discarding state (for RSTP and MSTP). Example awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree guard root C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 491 SPANNING TREE COMMANDS SPANNING-TREE HELLO-TIME spanning-tree hello-time Overview Use this command to set the hello-time. This sets the time in seconds between the transmission of device spanning tree configuration information when the device is the Root Bridge of the spanning tree or is trying to become the Root Bridge. Use this command for RSTP, STP or MSTP. Use the no variant of this command to restore the default of the hello time. Syntax spanning-tree hello-time <hello-time> no spanning-tree hello-time Default Parameter Description <hello-time> <1-10> The hello BPDU interval in seconds. Default is 2 seconds. Mode Global Configuration and Interface Configuration for switch ports. Usage The allowable range of values is 1-10 seconds. The forward delay, max-age, and hello time parameters should be set according to the following formula, as specified in IEEE Standard 802.1d: 2 x (forward delay - 1.0 seconds) >= max-age max-age>= 2 x (hello time + 1.0 seconds) Example awplus# configure terminal awplus(config)# spanning-tree hello-time 3 Related Commands spanning-tree forward-time spanning-tree max-age show spanning-tree C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 492 SPANNING TREE COMMANDS SPANNING-TREE LINK-TYPE spanning-tree link-type Overview Use this command in Interface Configuration mode for a switch port interface only to enable or disable point-to-point or shared link types on the switch port. Use this command for RSTP or MSTP only. Use the no variant of this command to return the port to the default link type. Syntax spanning-tree link-type {point-to-point|shared} no spanning-tree link-type Default Parameter Description shared Disable rapid transition. point-to-point Enable rapid transition. The default link type is point-to-point. Mode Interface Configuration mode for a switch port interface only. Usage You may want to set link type to shared if the port is connected to a hub with multiple devices connected to it. Examples awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree link-type point-to-point C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 493 SPANNING TREE COMMANDS SPANNING-TREE MAX-AGE spanning-tree max-age Overview Use this command to set the max-age. This sets the maximum age, in seconds, that dynamic spanning tree configuration information is stored in the device before it is discarded. Use this command for RSTP, STP or MSTP. Use the no variant of this command to restore the default of max-age. Syntax spanning-tree max-age <max-age> no spanning-tree max-age Default Parameter Description <max-age> <6-40> The maximum time, in seconds. The default of spanning-tree max-age is 20 seconds. Mode Global Configuration Usage Max-age is the maximum time in seconds for which a message is considered valid. Configure this value sufficiently high, so that a frame generated by the root bridge can be propagated to the leaf nodes without exceeding the max-age. The forward delay, max-age, and hello time parameters should be set according to the following formula, as specified in IEEE Standard 802.1d: 2 x (forward delay - 1.0 seconds) >= max-age max-age >= 2 x (hello time + 1.0 seconds) Example awplus# configure terminal awplus(config)# spanning-tree max-age 12 Related Commands show spanning-tree spanning-tree forward-time spanning-tree hello-time C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 494 SPANNING TREE COMMANDS SPANNING-TREE MAX-HOPS (MSTP) spanning-tree max-hops (MSTP) Overview Use this command to specify the maximum allowed hops for a BPDU in an MST region. This parameter is used by all the instances of the MST region. Use the no variant of this command to restore the default. Use this command for MSTP only. Syntax spanning-tree max-hops <hop-count> no spanning-tree max-hops <hop-count> Default Parameter Description <hop-count> Specify the maximum hops the BPDU will be valid for in the range <1-40>. The default max-hops in a MST region is 20. Mode Global Configuration Usage Specifying the max hops for a BPDU prevents the messages from looping indefinitely in the network. The hop count is decremented by each receiving port. When a device receives an MST BPDU that has a hop count of zero, it discards the BPDU. Examples awplus# configure terminal awplus(config)# spanning-tree max-hops 25 awplus# configure terminal awplus(config)# no spanning-tree max-hops C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 495 SPANNING TREE COMMANDS SPANNING-TREE MODE spanning-tree mode Overview Use this command to change the spanning tree protocol mode on the device. The spanning tree protocol mode on the device can be configured to either STP, RSTP or MSTP. Syntax spanning-tree mode {stp|rstp|mstp} Default The default spanning tree protocol mode on the device is RSTP. Mode Global Configuration Usage With no configuration, the device will have spanning tree enabled, and the spanning tree mode will be set to RSTP. Use this command to change the spanning tree protocol mode on the device. MSTP is VLAN aware, but RSTP and STP are not VLAN aware. To enable or disable spanning tree operation, see the spanning-tree enable command. Examples To change the spanning tree mode from the default of RSTP to MSTP, use the following commands: awplus# configure terminal awplus(config)# spanning-tree mode mstp Related Commands C613-50081-01 REV A spanning-tree enable Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 496 SPANNING TREE COMMANDS SPANNING-TREE MST CONFIGURATION spanning-tree mst configuration Overview Syntax Mode Examples Use this command to enter the MST Configuration mode to configure the Multiple Spanning-Tree Protocol. spanning-tree mst configuration Global Configuration The following example uses this command to enter MST Configuration mode. Note the change in the command prompt. awplus# configure terminal awplus(config)# spanning-tree mst configuration awplus(config-mst)# C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 497 SPANNING TREE COMMANDS SPANNING-TREE MST INSTANCE spanning-tree mst instance Overview Use this command to assign a Multiple Spanning Tree instance (MSTI) to a switch port or channel group. Note that ports are automatically configured to send and receive spanning-tree information for the associated MSTI when VLANs are assigned to MSTIs using the instance vlan (MSTP) command. Use the no variant of this command in Interface Configuration mode to remove the MSTI from the specified switch port or channel group. Syntax spanning-tree mst instance <instance-id> no spanning-tree mst instance <instance-id> Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. The MST instance must have already been created using the instance vlan (MSTP) command. Default A port automatically becomes a member of an MSTI when it is assigned to a VLAN. Mode Interface Configuration mode for a switch port or channel group. Usage You can disable automatic configuration of member ports of a VLAN to an associated MSTI by using a no spanning-tree mst instance command to remove the member port from the MSTI. Use the spanning-tree mst instance command to add a VLAN member port back to the MSTI. Examples To assign instance 3 to a switch port, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree mst instance 3 To remove instance 3 from a switch port, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no spanning-tree mst instance 3 Related Commands instance vlan (MSTP) spanning-tree mst instance path-cost spanning-tree mst instance priority spanning-tree mst instance restricted-role spanning-tree mst instance restricted-tcn C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 498 SPANNING TREE COMMANDS SPANNING-TREE MST INSTANCE PATH-COST spanning-tree mst instance path-cost Overview Use this command to set the cost of a path associated with a switch port, for the specified MSTI. This specifies the switch port’s contribution to the cost of a path to the MSTI regional root via that port. This applies when the port is the root port for the MSTI. Use the no variant of this command to restore the default cost value of the path. Syntax spanning-tree mst instance <instance-id> path-cost <path-cost> no spanning-tree mst instance <instance-id> path-cost Default Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. <path-cost> Specify the cost of path in the range of <1-200000000>, where a lower path-cost indicates a greater likelihood of the specific interface becoming a root. The default path cost values and the range of recommended path cost values depend on the port speed, as shown in the following table from the IEEE 802.1q-2003 standard. Port speed Default path cost Recommended path cost range Less than 100 Kb/s 1Mbps 10Mbps 100 Mbps 1 Gbps 10 Gbps 100 Gbps 1Tbps 10 Tbps 200,000,000 20,000,000 2,000,000 200,000 20,000 2,000 200 20 2 20,000,000-200,000,000 2,000,000-20,000,000 200,000-2,000,000 20,000-200,000 2,000-20,000 200-2, 000 20-200 2-200 2-20 Mode Interface Configuration mode for a switch port interface only. Usage Before you can use this command to set a path-cost in a VLAN configuration, you must explicitly add an MST instance to a port using the spanning-tree mst instance command. Examples To set a path cost of 1000 on instance 3, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree mst instance 3 path-cost 1000 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 499 SPANNING TREE COMMANDS SPANNING-TREE MST INSTANCE PATH-COST To return the path cost to its default value on instance 3, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no spanning-tree mst instance 3 path-cost Related Commands instance vlan (MSTP) spanning-tree mst instance spanning-tree mst instance priority spanning-tree mst instance restricted-role spanning-tree mst instance restricted-tcn C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 500 SPANNING TREE COMMANDS SPANNING-TREE MST INSTANCE PRIORITY spanning-tree mst instance priority Overview Use this command in Interface Configuration mode for a switch port interface only to set the port priority for an MST instance (MSTI). Use the no variant of this command to restore the default priority value (128). Syntax spanning-tree mst instance <instance-id> priority <priority> no spanning-tree mst instance <instance-id> [priority] Default Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. <priority> This must be a multiple of 16 and within the range <0-240>. A lower priority indicates greater likelihood of the port becoming the root port. The default is 128. Mode Interface Configuration mode for a switch port interface. Usage This command sets the value of the priority field contained in the port identifier. The MST algorithm uses the port priority when determining the root port for the switch in the MSTI. The port with the lowest value has the highest priority, so it will be chosen as root port over a port that is equivalent in all other aspects but with a higher priority value. Examples To set the priority to 112 on instance 3, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree mst instance 3 priority 112 To return the priority to its default value of 128 on instance 3, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no spanning-tree mst instance 3 priority Related Commands instance vlan (MSTP) spanning-tree priority (port priority) spanning-tree mst instance spanning-tree mst instance path-cost spanning-tree mst instance restricted-role spanning-tree mst instance restricted-tcn C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 501 SPANNING TREE COMMANDS SPANNING-TREE MST INSTANCE RESTRICTED-ROLE spanning-tree mst instance restricted-role Overview Use this command in Interface Configuration mode for a switch port interface only to enable the restricted role for an MSTI (Multiple Spanning Tree Instance) on a switch port. Configuring the restricted role for an MSTI on a switch port prevents the switch port from becoming the root port in a spanning tree topology. Use the no variant of this command to disable the restricted role for an MSTI on a switch port. Removing the restricted role for an MSTI on a switch port allows the switch port to become the root port in a spanning tree topology. Syntax spanning-tree mst instance <instance-id> restricted-role no spanning-tree mst instance <instance-id> restricted-role Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. The MST instance must have already been created using the instance vlan (MSTP) command. Default The restricted role for an MSTI instance on a switch port is disabled by default. Mode Interface Configuration mode for a switch port interface only. Usage The root port is the port providing the best path from the bridge to the root bridge. Use this command to disable a port from becoming a root port. Use the no variant of this command to enable a port to become a root port. See the STP Feature Overview and Configuration Guide for root port information. Examples To prevent a switch port from becoming the root port, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree mst instance 3 restricted-role To stop preventing the switch port from becoming the root port, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no spanning-tree mst instance 3 restricted-role C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 502 SPANNING TREE COMMANDS SPANNING-TREE MST INSTANCE RESTRICTED-ROLE Related Commands instance vlan (MSTP) spanning-tree priority (port priority) spanning-tree mst instance spanning-tree mst instance path-cost spanning-tree mst instance restricted-tcn C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 503 SPANNING TREE COMMANDS SPANNING-TREE MST INSTANCE RESTRICTED-TCN spanning-tree mst instance restricted-tcn Overview Use this command to prevent a switch port from propagating received topology change notifications and topology changes to other switch ports. This is named restricted TCN (Topology Change Notification). A TCN is a simple Bridge Protocol Data Unit (BPDU) that a bridge sends out to its root port to signal a topology change. Use the no variant of this command to stop preventing the switch port from propagating received topology change notifications and topology changes to other switch ports for the specified MSTI (Multiple Spanning Tree Instance). The restricted TCN setting applies only to the specified MSTI (Multiple Spanning Tree Instance). Syntax spanning-tree mst instance <instance-id> restricted-tcn no spanning-tree mst instance <instance-id> restricted-tcn Parameter Description <instance-id> Specify an MSTP instance in the range 1-6. The MST instance must have already been created using the instance vlan (MSTP) command. Default Mode Examples Disabled. By default, switch ports propagate TCNs. Interface Configuration mode for a switch port interface only. To prevent a switch port from propagating received topology change notifications and topology changes to other switch ports, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree mst instance 3 restricted-tcn To stop preventing a switch port from propagating received topology change notifications and topology changes to other switch ports, use the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no spanning-tree mst instance 3 restricted-tcn Related Commands instance vlan (MSTP) spanning-tree priority (port priority) spanning-tree mst instance spanning-tree mst instance path-cost spanning-tree mst instance restricted-role C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 504 SPANNING TREE COMMANDS SPANNING-TREE PATH-COST spanning-tree path-cost Overview Use this command in Interface Configuration mode for a switch port interface only to set the cost of a path for the specified port. This value then combines with others along the path to the root bridge in order to determine the total cost path value from the particular port, to the root bridge. The lower the numeric value, the higher the priority of the path. This applies when the port is the root port. Use this command for RSTP, STP or MSTP. When MSTP mode is configured, this will apply to the port’s path cost for the CIST. Syntax spanning-tree path-cost <pathcost> no spanning-tree path-cost Default Mode Example Parameter Description <pathcost> <1-200000000> The cost to be assigned to the port. The default path cost values and the range of recommended path cost values depend on the port speed, as shown in the following table from the IEEE 802.1q-2003 and IEEE 802.1d-2004 standards. Port speed Default path cost Recommended path cost range Less than 100 Kb/s 1Mbps 10Mbps 100 Mbps 1 Gbps 10 Gbps 100 Gbps 1Tbps 10 Tbps 200,000,000 20,000,000 2,000,000 200,000 20,000 2,000 200 20 2 20,000,000-200,000,000 2,000,000-20,000,000 200,000-2,000,000 20,000-200,000 2,000-20,000 200-2, 000 20-200 2-200 2-20 Interface Configuration mode for switch port interface only. awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree path-cost 123 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 505 SPANNING TREE COMMANDS SPANNING-TREE PORTFAST (STP) spanning-tree portfast (STP) Overview Use this command in Interface Configuration mode for a switch port interface only to set a port as an edge-port. The portfast feature enables a port to rapidly move to the forwarding state, without having first to pass through the intermediate spanning tree states. This command has the same effect as the spanning-tree edgeport (RSTP and MSTP) command, but the configuration displays differently in the output of some show commands. NOTE: You can run either of two additional parameters with this command. To simplify the syntax these are documented as separate commands. See the following additional portfast commands: • spanning-tree portfast bpdu-filter command • spanning-tree portfast bpdu-guard command. You can obtain the same effect by running the spanning-tree edgeport (RSTP and MSTP) command. However, the configuration output may display differently in some show commands. Use the no variant of this command to set a port to its default state (not an edge-port). Syntax spanning-tree portfast no spanning-tree portfast Default Not an edge port. Mode Interface Configuration mode for a switch port interface only. Usage Portfast makes a port move from a blocking state to a forwarding state, bypassing both listening and learning states. The portfast feature is meant to be used for ports connected to end-user devices. Enabling portfast on ports that are connected to a workstation or server allows devices to connect to the network without waiting for spanning-tree to converge. For example, you may need hosts to receive a DHCP address quickly and waiting for STP to converge would cause the DHCP request to time out. Ensure you do not use portfast on any ports connected to another device to avoid creating a spanning-tree loop on the network. Use this command on a switch port that connects to a LAN with no other bridges attached. An edge port should never receive BPDUs. Therefore if an edge port receives a BPDU, the portfast feature takes one of three actions. C613-50081-01 REV A • Cease to act as an edge port and pass BPDUs as a member of a spanning tree network (spanning-tree portfast (STP) command disabled). • Filter out the BPDUs and pass only the data and continue to act as a edge port (spanning-tree portfast bpdu-filter command enabled). • Block the port to all BPDUs and data (spanning-tree portfast bpdu-guard command enabled). Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 506 SPANNING TREE COMMANDS SPANNING-TREE PORTFAST (STP) Example awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree portfast Related Commands spanning-tree edgeport (RSTP and MSTP) show spanning-tree spanning-tree portfast bpdu-filter spanning-tree portfast bpdu-guard C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 507 SPANNING TREE COMMANDS SPANNING-TREE PORTFAST BPDU-FILTER spanning-tree portfast bpdu-filter Overview This command sets the bpdu-filter feature and applies a filter to any BPDUs (Bridge Protocol Data Units) received. Enabling this feature ensures that configured ports will not transmit any BPDUs and will ignore (filter out) any BPDUs received. BPDU Filter is not enabled on a port by default. Using the no variant of this command to turn off the bpdu-filter, but retain the port’s status as an enabled port. If the port then receives a BPDU it will change its role from an edge-port to a non edge-port. Syntax (Global Configuration) Syntax (Interface Configuration) spanning-tree portfast bpdu-filter no spanning-tree portfast bpdu-filter spanning-tree portfast bpdu-filter {default|disable|enable} no spanning-tree portfast bpdu-filter Parameter Description bpdu-filter A port that has bpdu-filter enabled will not transmit any BPDUs and will ignore any BPDUs received. This port type has one of the following parameters (in Interface Configuration mode): default Takes the setting that has been configured for the whole device, i.e. the setting made from the Global configuration mode. disable Turns off BPDU filter. enable Default Turns on BPDU filter. BPDU Filter is not enabled on any ports by default. Mode Global Configuration and Interface Configuration Usage This command filters the BPDUs and passes only data to continue to act as an edge port. Using this command in Global Configuration mode applies the portfast bpdu-filter feature to all ports on the device. Using it in Interface mode applies the feature to a specific port, or range of ports.The command will operate in both RSTP and MSTP networks. Use the show spanning-tree command to display status of the bpdu-filter parameter for the switch ports. Example To enable STP BPDU filtering in Global Configuration mode, enter the commands: awplus# configure terminal awplus(config)# spanning-tree portfast bpdu-filter C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 508 SPANNING TREE COMMANDS SPANNING-TREE PORTFAST BPDU-FILTER To enable STP BPDU filtering in Interface Configuration mode, enter the commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree portfast bpdu-filter enable Related Commands spanning-tree edgeport (RSTP and MSTP) show spanning-tree spanning-tree portfast (STP) spanning-tree portfast bpdu-guard C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 509 SPANNING TREE COMMANDS SPANNING-TREE PORTFAST BPDU-GUARD spanning-tree portfast bpdu-guard Overview This command applies a BPDU (Bridge Protocol Data Unit) guard to the port. A port with the bpdu-guard feature enabled will block all traffic (BPDUs and user data), if it starts receiving BPDUs. Use this command in Global Configuration mode to apply BPDU guard to all ports on the device. Use this command in Interface mode for an individual interface or a range of interfaces specified. BPDU Guard is not enabled on a port by default. Use the no variant of this command to disable the BPDU Guard feature on a device in Global Configuration mode or to disable the BPDU Guard feature on a port in Interface mode. Syntax (Global Configuration) Syntax (Interface Configuration) spanning-tree portfast bpdu-guard no spanning-tree portfast bpdu-guard spanning-tree portfast bpdu-guard {default|disable|enable} no spanning-tree portfast bpdu-guard Parameter Description bpdu-guard A port that has bpdu-guard turned on will enter the STP blocking state if it receives a BPDU. This port type has one of the following parameters (in Interface Configuration mode): default Takes the setting that has been configured for the whole device, i.e. the setting made from the Global configuration mode. disable Turns off BPDU guard. enable Default Turns on BPDU guard and will also set the port as an edge port. BPDU Guard is not enabled on any ports by default. Mode Global Configuration or Interface Configuration Usage This command blocks the port(s) to all devices and data when enabled. BPDU Guard is a port-security feature that changes how a portfast-enabled port behaves if it receives a BPDU. When bpdu-guard is set, then the port shuts down if it receives a BPDU. It does not process the BPDU as it is considered suspicious. When bpdu-guard is not set, then the port will negotiate spanning-tree with the device sending the BPDUs. By default, bpdu- guard is not enabled on a port. You can configure a port disabled by the bpdu-guard to re-enable itself after a specific time interval. This interval is set with the spanning-tree errdisable-timeout interval command. If you do not use the errdisable-timeout feature, then you will need to manually re-enable the port by using the no shutdown command. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 510 SPANNING TREE COMMANDS SPANNING-TREE PORTFAST BPDU-GUARD Use the show spanning-tree command to display the device and port configurations for the BPDU Guard feature. It shows both the administratively configured and currently running values of bpdu-guard. Example To enable STP BPDU guard in Global Configuration mode, enter the below commands: awplus# configure terminal awplus(config)# spanning-tree portfast bpdu-guard To enable STP BPDU guard in Interface Configuration mode, enter the below commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree portfast bpdu-guard enable Related Commands spanning-tree edgeport (RSTP and MSTP) show spanning-tree spanning-tree portfast (STP) spanning-tree portfast bpdu-filter C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 511 SPANNING TREE COMMANDS SPANNING-TREE PRIORITY (BRIDGE PRIORITY) spanning-tree priority (bridge priority) Overview Use this command to set the bridge priority for the device. A lower priority value indicates a greater likelihood of the device becoming the root bridge. Use this command for RSTP, STP or MSTP. When MSTP mode is configured, this will apply to the CIST. Use the no variant of this command to reset it to the default. Syntax spanning-tree priority <priority> no spanning-tree priority Default Parameter Description <priority> <0-61440> The bridge priority, which will be rounded to a multiple of 4096. The default priority is 32678. Mode Global Configuration Usage To force a particular device to become the root bridge use a lower value than other devices in the spanning tree. Example awplus# configure terminal awplus(config)# spanning-tree priority 4096 Related Commands C613-50081-01 REV A spanning-tree mst instance priority show spanning-tree Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 512 SPANNING TREE COMMANDS SPANNING-TREE PRIORITY (PORT PRIORITY) spanning-tree priority (port priority) Overview Use this command in Interface Configuration mode for a switch port interface only to set the port priority for port. A lower priority value indicates a greater likelihood of the port becoming part of the active topology. Use this command for RSTP, STP, or MSTP. When the device is in MSTP mode, this will apply to the CIST. Use the no variant of this command to reset it to the default. Syntax spanning-tree priority <priority> no spanning-tree priority Default Parameter Description <priority> <0-240>, in increments of 16. The port priority, which will be rounded down to a multiple of 16. The default priority is 128. Mode Interface Configuration mode for a switch port interface only. Usage To force a port to be part of the active topology (for instance, become the root port or a designated port) use a lower value than other ports on the device. (This behavior is subject to network topology, and more significant factors, such as bridge ID.) Example awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree priority 16 Related Commands spanning-tree mst instance priority spanning-tree priority (bridge priority) show spanning-tree C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 513 SPANNING TREE COMMANDS SPANNING-TREE RESTRICTED-ROLE spanning-tree restricted-role Overview Use this command in Interface Configuration mode for a switch port interface only to restrict the port from becoming a root port. Use the no variant of this command to disable the restricted role functionality. Syntax spanning-tree restricted-role no spanning-tree restricted-role Default Mode Example The restricted role is disabled. Interface Configuration mode for a switch port interface only. awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree restricted-role C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 514 SPANNING TREE COMMANDS SPANNING-TREE RESTRICTED-TCN spanning-tree restricted-tcn Overview Use this command in Interface Configuration mode for a switch port interface only to prevent TCN (Topology Change Notification) BPDUs (Bridge Protocol Data Units) from being sent on a port. If this command is enabled, after a topology change a bridge is prevented from sending a TCN to its designated bridge. Use the no variant of this command to disable the restricted TCN functionality. Syntax spanning-tree restricted-tcn no spanning-tree restricted-tcn Default Mode Example The restricted TCN is disabled. Interface Configuration mode for a switch port interface only. awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# spanning-tree restricted-tcn C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 515 SPANNING TREE COMMANDS SPANNING-TREE TRANSMIT-HOLDCOUNT spanning-tree transmit-holdcount Overview Use this command to set the maximum number of BPDU transmissions that are held back. Use the no variant of this command to restore the default transmit hold-count value. Syntax spanning-tree transmit-holdcount no spanning-tree transmit-holdcount Default Mode Example Transmit hold-count default is 3. Global Configuration awplus# configure terminal awplus(config)# spanning-tree transmit-holdcount C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 516 SPANNING TREE COMMANDS UNDEBUG MSTP undebug mstp Overview C613-50081-01 REV A This command applies the functionality of the no debug mstp (RSTP and STP) command. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 517 15 Link Aggregation Commands Introduction Overview This chapter provides an alphabetical reference of commands used to configure a static channel group (static aggregator) and dynamic channel group (LACP channel group, etherchannel or LACP aggregator). Link aggregation is also sometimes referred to as channeling. NOTE: AlliedWare Plus™ supports IEEE 802.3ad link aggregation and uses the Link Aggregation Control Protocol (LACP). LACP does not interoperate with devices that use Port Aggregation Protocol (PAgP). Link aggregation does not necessarily achieve exact load balancing across the links. The load sharing algorithm is designed to ensure that any given data flow always goes down the same link. It also aims to spread data flows across the links as evenly as possible. For example, for a 2 Gbps LAG that is a combination of two 1 Gbps ports, any one flow of traffic can only ever reach a maximum throughput of 1 Gbps. However, the hashing algorithm should spread the flows across the links so that when many flows are operating, the full 2 Gbps can be utilized. For a description of static and dynamic link aggregation (LACP), and configuration examples, see the Link Aggregation Feature Overview and Configuration Guide. Command List C613-50081-01 REV A • “channel-group” on page 520 • “clear lacp counters” on page 522 • “debug lacp” on page 523 • “lacp global-passive-mode enable” on page 524 • “lacp port-priority” on page 525 • “lacp system-priority” on page 526 • “lacp timeout” on page 527 • “show debugging lacp” on page 529 • “show diagnostic channel-group” on page 530 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 518 LINK AGGREGATION COMMANDS C613-50081-01 REV A • “show etherchannel” on page 531 • “show etherchannel detail” on page 532 • “show etherchannel summary” on page 533 • “show lacp sys-id” on page 534 • “show lacp-counter” on page 535 • “show port etherchannel” on page 536 • “show static-channel-group” on page 537 • “static-channel-group” on page 538 • “undebug lacp” on page 540 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 519 LINK AGGREGATION COMMANDS CHANNEL-GROUP channel-group Overview Use this command to either create a new dynamic channel group while at the same time adding a port to it, or to add a port to an existing dynamic channel group. Note that you must also set the LACP mode to be either active or passive. You can create up to 2 dynamic (LACP) channel groups (or up to 2 static channel groups). Use the no variant of this command to turn off link aggregation on the device port. You will be returned to Global Configuration mode from Interface Configuration mode. Syntax channel-group <dynamic-channel-group-number> mode {active|passive} no channel-group Parameter Description <dynamic-channelgroup-number> <1-2> Specify a dynamic channel group number for an LACP link. active Enables initiation of LACP negotiation on a port. The port will transmit LACP dialogue messages whether or not it receives them from the partner device. passive Disables initiation of LACP negotiation on a port. The port will only transmit LACP dialogue messages if the partner device is transmitting them, i.e., the partner is in the active mode. Mode Interface Configuration Usage All the device ports in a channel-group must belong to the same VLANs, have the same tagging status, and can only be operated on as a group. All device ports within a channel group must have the same port speed and be in full duplex mode. Once the LACP channel group has been created, it is treated as a device port, and can be referred to in most other commands that apply to device ports. To refer to an LACP channel group in other LACP commands, use the channel group number. To specify an LACP channel group (LACP aggregator) in other commands, prefix the channel group number with po. For example, ‘po2’ refers to the LACP channel group with channel group number 2. Link aggregation hashes the source and destination MAC address to select a link on which to send a packet. So packet flow between a pair of hosts always takes the same link inside the Link Aggregation Group (LAG). The net effect is that the bandwidth for a given packet stream is restricted to the speed of one link in the LAG. This hashing mechanism cannot be changed. For more information about LACP, see the Link Aggregation Feature Overview and Configuration Guide which is available on our website at alliedtelesis.com. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 520 LINK AGGREGATION COMMANDS CHANNEL-GROUP Examples To add device port1.0.6 to a newly created LACP channel group 2 use the commands below: awplus# configure terminal awplus(config)# interface port1.0.6 awplus(config-if)# channel-group 2 mode active To remove device port1.0.6 from any created LACP channel groups use the command below: awplus# configure terminal awplus(config)# interface port1.0.6 awplus(config-if)# no channel-group To reference channel group 2 as an interface, use the following commands: awplus# configure terminal awplus(config)# interface po2 awplus(config-if)# Related Commands show etherchannel show etherchannel detail show etherchannel summary show port etherchannel C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 521 LINK AGGREGATION COMMANDS CLEAR LACP COUNTERS clear lacp counters Overview Syntax Mode Example C613-50081-01 REV A Use this command to clear all counters of all present LACP aggregators (channel groups) or a given LACP aggregator. clear lacp [<1-2>] counters Parameter Description <1-2> Channel-group number. Privileged Exec awplus# clear lacp 2 counters Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 522 LINK AGGREGATION COMMANDS DEBUG LACP debug lacp Overview Use this command to enable all LACP troubleshooting functions. Use the no variant of this command to disable this function. Syntax debug lacp {all|cli|event|ha|packet|sync|timer[detail]} no debug lacp {all|cli|event|ha|packet|sync|timer[detail]} Parameter Description all Turn on all debugging for LACP. cli Specifies debugging for CLI messages. Echoes commands to the console. event Specifies debugging for LACP events. Echoes events to the console. ha Specifies debugging for HA (High Availability) events. Echoes High Availability events to the console. packet Specifies debugging for LACP packets. Echoes packet contents to the console. sync Specified debugging for LACP synchronization. Echoes synchronization to the console. timer Specifies debugging for LACP timer. Echoes timer expiry to the console. detail Optional parameter for LACP timer-detail. Echoes timer start/stop details to the console. Mode Privileged Exec and Global Configuration Examples awplus# debug lacp timer detail awplus# debug lacp all Related Commands C613-50081-01 REV A show debugging lacp undebug lacp Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 523 LINK AGGREGATION COMMANDS LACP GLOBAL-PASSIVE-MODE ENABLE lacp global-passive-mode enable Overview Syntax Use this command to enable LACP channel-groups to dynamically self-configure when they are connected to another device that has LACP channel-groups configured with Active Mode. lacp global-passive-mode enable no lacp global-passive-mode enable Default Enabled Mode Global Configuration Usage Do not mix LACP configurations (manual & dynamic). When LACP global passive mode is turned on (by using the lacp global-passive-mode enable command), we do not recommend using a mixed configuration in a LACP channel-group; i.e. some links are manually configured (by the channel-group command) and others are dynamically learned in the same channel-group. Example To enable global passive mode for LACP channel groups, use the command: awplus(config)# lacp global-passive-mode enable To disable global passive mode for LACP channel groups, use the command: awplus(config)# no lacp global-passive-mode enable Related Commands C613-50081-01 REV A show etherchannel show etherchannel detail Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 524 LINK AGGREGATION COMMANDS LACP PORT-PRIORITY lacp port-priority Overview Use this command to set the priority of a device port. Ports are selected for aggregation based on their priority, with the higher priority (numerically lower) ports selected first. Use the no variant of this command to reset the priority of port to the default. Syntax lacp port-priority <1-65535> no lacp port-priority Default Mode Example Parameter Description <1-65535> Specify the LACP port priority. The default is 32768. Interface Configuration awplus# configure terminal awplus(config)# interface port1.0.5 awplus(config-if)# lacp port-priority 34 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 525 LINK AGGREGATION COMMANDS LACP SYSTEM-PRIORITY lacp system-priority Overview Use this command to set the system priority of a local system. This is used in determining the system responsible for resolving conflicts in the choice of aggregation groups. Use the no variant of this command to reset the system priority of the local system to the default. Syntax lacp system-priority <1-65535> no lacp system-priority Parameter Description <1-65535> LACP system priority. Lower numerical values have higher priorities. Default The default is 32768. Mode Global Configuration Example awplus# configure terminal awplus(config)# lacp system-priority 6700 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 526 LINK AGGREGATION COMMANDS LACP TIMEOUT lacp timeout Overview Syntax Default Use this command to set the short or long timeout on a port. Ports will time out of the aggregation if three consecutive updates are lost. lacp timeout {short|long} Parameter Description timeout Number of seconds before invalidating a received LACP data unit (DU). short LACP short timeout. The short timeout value is 1 second. long LACP long timeout. The long timeout value is 30 seconds. The default is long timeout (30 seconds). Mode Interface Configuration Usage This command enables the device to indicate the rate at which it expects to receive LACPDUs from its neighbor. If the timeout is set to long, then the device expects to receive an update every 30 seconds, and this will time a port out of the aggregation if no updates are seen for 90 seconds (i.e. 3 consecutive updates are lost). If the timeout is set to short, then the device expects to receive an update every second, and this will time a port a port out of the aggregation if no updates are seen for 3 seconds (i.e. 3 consecutive updates are lost). The device indicates its preference by means of the Timeout field in the Actor section of its LACPDUs. If the Timeout field is set to 1, then the device has set the short timeout. If the Timeout field is set to 0, then the device has set the long timeout. Setting the short timeout enables the device to be more responsive to communication failure on a link, and does not add too much processing overhead to the device (1 packet per second). NOTE: It is not possible to configure the rate that the device sends LACPDUs; the device must send at the rate which the neighbor indicates it expects to receive LACPDUs. Examples The following commands set the LACP long timeout period for 30 seconds on port1.0.2. awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# lacp timeout long C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 527 LINK AGGREGATION COMMANDS LACP TIMEOUT The following commands set the LACP short timeout for 1 second on port1.0.2. awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# lacp timeout short C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 528 LINK AGGREGATION COMMANDS SHOW DEBUGGING LACP show debugging lacp Overview Use this command to display the LACP debugging option set. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example Output show debugging lacp User Exec and Privileged Exec awplus# show debugging lacp Figure 15-1: Example output from the show debugging lacp command LACP debugging status: LACP timer debugging is on LACP timer-detail debugging is on LACP cli debugging is on LACP packet debugging is on LACP event debugging is on LACP sync debugging is on Related Commands C613-50081-01 REV A debug lacp Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 529 LINK AGGREGATION COMMANDS SHOW DIAGNOSTIC CHANNEL-GROUP show diagnostic channel-group Overview This command displays dynamic and static channel group interface status information. The output of this command is useful for Allied Telesis authorized service personnel for diagnostic purposes. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example Output show diagnostic channel-group User Exec and Privileged Exec awplus# show diagnostic channel-group Figure 15-2: Example output from the show diagnostic channel-group command awplus# show diagnostic channel-group Channel Group Info based on NSM: Note: Pos - position in hardware table ------------------------------------------------------------- Dev Interface IfIndex Member port IfIndex Active Pos ------------------------------------------------------------- po1 4601 port1.0.4 5004 No po1 4601 port1.0.5 5005 No Channel Group Info based on HSL: Note: Pos - position in hardware table ------------------------------------------------------------- Dev Interface IfIndex Member port IfIndex Active Pos ------------------------------------------------------------- po1 4601 N/a Channel Group Info based on IPIFWD: Note: Pos - position in hardware table ------------------------------------------------------------- Dev Interface IfIndex Member port IfIndex Active Pos ------------------------------------------------------------- po1 4601 N/a No error found Related Commands C613-50081-01 REV A show tech-support Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 530 LINK AGGREGATION COMMANDS SHOW ETHERCHANNEL show etherchannel Overview Use this command to display information about a LACP channel specified by the channel group number. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide, which is available on our website at alliedtelesis.com. Syntax Mode Example Output show etherchannel [<1-2>] Parameter Description <1-2> Channel-group number. User Exec and Privileged Exec awplus# show etherchannel 2 Example output from show etherchannel awplus#show etherchannel % LAG Maximum : 4 % LAG Static Maximum: 2 % LAG Dynamic Maximum: 2 % LAG Static Count : 0 % LAG Dynamic Count : 1 % LAG Total Count : 1 % Lacp Aggregator: po1 % Member: port1.0.5 port1.0.6 Example output from show etherchannel for a particular channel awplus#show etherchannel 1 Aggregator po1 (4601) Mac address: 00:00:00:00:00:00 Admin Key: 0001 - Oper Key 0000 Receive link count: 0 - Transmit link count: 0 Individual: 0 - Ready: 0 Partner LAG: 0x0000,00-00-00-00-00-00 Link: port1.0.5 (5005) disabled Link: port1.0.6 (5006) disabled C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 531 LINK AGGREGATION COMMANDS SHOW ETHERCHANNEL DETAIL show etherchannel detail Overview Use this command to display detailed information about all LACP channels. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide, which is available on our website at alliedtelesis.com. Syntax Mode Example Output show etherchannel detail User Exec and Privileged Exec awplus# show etherchannel detail Example output from show etherchannel detail awplus#show etherchannel detail Aggregator po1 (IfIndex: 4601) Mac address: 00:00:cd:37:05:17 Admin Key: 0001 - Oper Key 0001 Receive link count: 2 - Transmit link count: 2 Individual: 0 - Ready: 1 Partner LAG: 0x8000,00-00-cd-37-02-9a,0x0001 Link: port1.0.1 (IfIndex: 8002) synchronized Link: port1.0.2 (IfIndex: 20002) synchronized Aggregator po2 (IfIndex: 4602) Mac address: 00:00:cd:37:05:17 Admin Key: 0002 - Oper Key 0002 Receive link count: 2 - Transmit link count: 2 Individual: 0 - Ready: 1 Partner LAG: 0x8000,ec-cd-6d-aa-c8-56,0x0002 Link: port1.0.3 (IfIndex: 8001) synchronized Link: port1.0.4 (IfIndex: 20001) synchronized C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 532 LINK AGGREGATION COMMANDS SHOW ETHERCHANNEL SUMMARY show etherchannel summary Overview Use this command to display a summary of all LACP channels. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide, which is available on our website at alliedtelesis.com. Syntax Mode Example Output show etherchannel summary User Exec and Privileged Exec awplus# show etherchannel summary Example output from show etherchannel summary awplus#show etherchannel summary Aggregator po10 (IfIndex: 4610) Admin Key: 0010 - Oper Key 0010 Link: port1.0.1 (IfIndex: 7007) synchronized Link: port1.0.2 (IfIndex: 8007) synchronized Link: port1.0.3 (IfIndex: 11007) synchronized C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 533 LINK AGGREGATION COMMANDS SHOW LACP SYS-ID show lacp sys-id Overview Use this command to display the LACP system ID and priority. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide, which is available on our website at alliedtelesis.com. Syntax Mode Example Output show lacp sys-id User Exec and Privileged Exec awplus# show lacp sys-id Example output from show lacp sys-id System Priority: 0x8000 (32768) MAC Address: 0200.0034.5684 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 534 LINK AGGREGATION COMMANDS SHOW LACP-COUNTER show lacp-counter Overview Use this command to display the packet traffic on all ports of all present LACP aggregators, or a given LACP aggregator. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide, which is available on our website at alliedtelesis.com. Syntax Mode Example Output show lacp-counter [<1-2>] Parameter Description <1-2> Channel-group number. User Exec and Privileged Exec awplus# show lacp-counter 2 Example output from show lacp-counter % Traffic statistics Port LACPDUs Marker Sent Recv Sent Recv % Aggregator po2 (IfIndex: 4604) port1.0.2 0 0 0 0 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x Pckt err Sent Recv 0 0 535 LINK AGGREGATION COMMANDS SHOW PORT ETHERCHANNEL show port etherchannel Overview Use this command to show LACP details of the device port specified. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide, which is available on our website at alliedtelesis.com. Syntax Mode Example Output show port etherchannel <port> Parameter Description <port> Name of the device port to display LACP information about. User Exec and Privileged Exec awplus# show port etherchannel port1.0.2 Example output from show port etherchannel awplus#show port etherchannel port1.0.2 LACP link info: port1.0.2 - 7007 Link: port1.0.2 (IfIndex: 7007) Aggregator: po10 (IfIndex: 4610) Receive machine state: Current Periodic Transmission machine state: Slow periodic Mux machine state: Collecting/Distributing Actor Information: Partner Information: Selected ................. Selected Partner Sys Priority ....... 0x8000 Physical Admin Key .............. 2 Partner System .. ec-cd-6d-d1-64-d0 Port Key ....................... 10 Port Key ....................... 10 Port Priority ............... 32768 Port Priority ............... 32768 Port Number .................. 7007 Port Number .................. 5001 Mode ....................... Active Mode ....................... Active Timeout ...................... Long Timeout ...................... Long Individual .................... Yes Individual .................... Yes Synchronised .................. Yes Synchronised .................. Yes Collecting .................... Yes Collecting .................... Yes Distributing .................. Yes Distributing .................. Yes Defaulted ...................... No Defaulted ...................... No Expired ........................ No Expired ........................ No C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 536 LINK AGGREGATION COMMANDS SHOW STATIC-CHANNEL-GROUP show static-channel-group Overview Use this command to display all configured static channel groups and their corresponding member ports. Note that a static channel group is the same as a static aggregator. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide, which is available on our website at alliedtelesis.com. Syntax Mode Example Output show static-channel-group User Exec and Privileged Exec awplus# show static-channel-group Example output from show static-channel-group awplus#show static-channel-group % LAG Maximum : 2 % LAG Static Maximum: 2 % LAG Dynamic Maximum: 2 % LAG Static Count : 0 % LAG Dynamic Count : 1 % LAG Total Count : 1 Related Commands C613-50081-01 REV A static-channel-group Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 537 LINK AGGREGATION COMMANDS STATIC-CHANNEL-GROUP static-channel-group Overview Use this command to create a static channel group, or add a member port to an existing static channel group. Static channel groups are also known as static aggregators. You can create up to 2 static channel groups (or up to 2 dynamic channel groups). Use the no variant of this command to remove the device port from the static channel group. Syntax static-channel-group <static-channel-group-number> [member-filters] no static-channel-group Parameter Description <static-channel- <1-2> Static channel group number. group-number> member-filters Allow QoS and ACL settings to be configured on the aggregator’s individual member ports, instead of the aggregator itself. This configuration is required when using QoS Storm Protection on a static aggregator. Mode Interface Configuration Usage This command adds the device port to the static channel group with the specified channel group number. If the channel group does not exist, it is created, and the port is added to it. The no prefix detaches the port from the static channel group. If the port is the last member to be removed, the static channel group is deleted. All the ports in a channel group must have the same VLAN configuration: they must belong to the same VLANs and have the same tagging status, and can only be operated on as a group. Once the static channel group has been created, it is treated as a device port, and can be referred to in other commands that apply to device ports. To refer to a static channel group in other static channel group commands, use the channel group number. To specify a static channel group in other commands, prefix the channel group number with sa. For example, ‘sa2’ refers to the static channel group with channel group number 2. Examples To define static channel group 2 on a device port, use the commands: awplus# configure terminal awplus(config)# interface port1.0.4 awplus(config-if)# static-channel-group 2 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 538 LINK AGGREGATION COMMANDS STATIC-CHANNEL-GROUP To reference static channel group 2 as an interface, use the commands: awplus# configure terminal awplus(config)# interface sa2 awplus(config-if)# To make it possible to use QoS Storm Protection on static channel group 2 on port1.0.6, with an ACL named “test-acl”, use the commands: awplus# configure terminal awplus(config)# interface port1.0.6 awplus(config-if)# static-channel-group 2 member-filters awplus(config-if)# access-group test-acl Related Commands C613-50081-01 REV A show static-channel-group Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 539 LINK AGGREGATION COMMANDS UNDEBUG LACP undebug lacp Overview C613-50081-01 REV A This command applies the functionality of the no debug lacp command. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 540 16 Power over Ethernet Commands Introduction Overview This chapter contains an alphabetical list of commands used to configure Power over Ethernet (PoE). Each command contains a functional description and shows examples of configuration and output screens for show commands. These commands are only supported on PoE capable ports. An error message will display on the console if you enter a PoE command on a port that does not support PoE. The following documents offer further information for configuring PoE on AlliedWare Plus switches. • the PoE Feature Overview and Configuration_Guide. • the Support for Allied Telesis Enterprise_MIBs in AlliedWare Plus, for information about which PoE MIB objects are supported. • the SNMP Feature Overview and Configuration_Guide, for information about SNMP traps. Power over Ethernet (PoE) is a technology allowing devices such as IP phones to receive power over existing LAN cabling. PoE is configured using the commands in this chapter. Note the Power Sourcing Equipment (PSE) referred to throughout this chapter is an Allied Telesis PoE switch running the AlliedWare Plus™ Operating System, supporting the IEEE 802.3af and IEEE 802.3at Power Ethernet standards. The Powered Device (PD) referred to throughout this chapter is a PoE or PoE+ powered device, such as an IP phone or a Wireless Access Point (WAP). NOTE: Command List C613-50081-01 REV A • “clear power-inline counters interface” on page 543 • “debug power-inline” on page 544 • “power-inline allow-legacy” on page 546 • “power-inline description” on page 547 • “power-inline enable” on page 548 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 541 POWER OVER ETHERNET COMMANDS C613-50081-01 REV A • “power-inline max” on page 549 • “power-inline priority” on page 551 • “power-inline usage-threshold” on page 553 • “service power-inline” on page 554 • “show debugging power-inline” on page 555 • “show power-inline” on page 556 • “show power-inline counters” on page 558 • “show power-inline interface” on page 560 • “show power-inline interface detail” on page 562 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 542 POWER OVER ETHERNET COMMANDS CLEAR POWER-INLINE COUNTERS INTERFACE clear power-inline counters interface Overview Syntax This command will clear the counters from a specified port, a range of ports, or all ports on the Power Sourcing Equipment (PSE). If no ports are entered then PoE counters for all ports are cleared. It will also clear all Power over Ethernet (PoE) counters supported by the Power Ethernet MIB (RFC 3621). clear power-inline counters interface [<port-list>] Parameter Description <port-list> Selects the port or ports whose counters are to be cleared. Mode Privileged Exec Usage The PoE counters are displayed with the show power-inline counters command. Examples To clear the PoE counters for port1.0.2only, use the following command: awplus# clear power-inline counters interface port1.0.2 To clear the PoE counters for all ports, use the following command: awplus# clear power-inline counters interface Validation Commands C613-50081-01 REV A show power-inline counters Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 543 POWER OVER ETHERNET COMMANDS DEBUG POWER-INLINE debug power-inline Overview This command enables debugging display for messages that are specific to Power over Ethernet (PoE). Use the no variant of this command to disable the specified PoE debugging messages. Syntax debug power-inline [all|event|info|power] no debug power-inline [all|event|info|power] Default Parameter Description all Displays all (event, info, nsm, power) debug messages. event Displays event debug information, showing any error conditions that may occur during PoE operation. info Displays informational level debug information, showing high-level essential debugging, such as information about message types. power Displays power management debug information. No debug messages are enabled by default. Mode Privileged Exec Usage Use the terminal monitor command to display PoE debug messages on the console. Use the show debugging power-inline command to show the PoE debug configuration. Examples To enable PoE debugging and start the display of PoE event and info debug messages on the console, use the following commands: awplus# terminal monitor awplus# debug power-inline event info To enable PoE debugging and start the display of all PoE debugging messages on the console, use the following commands: awplus# terminal monitor awplus# debug power-inline all To disable PoE debugging and stop the display of PoE event and info debug messages on the console, use the following command: awplus# no debug power-inline event info To disable all PoE debugging and stop the display of any PoE debugging messages on the console, use the following command: awplus# no debug power-inline all C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 544 POWER OVER ETHERNET COMMANDS DEBUG POWER-INLINE Validation Commands show debugging power-inline Related Commands terminal monitor C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 545 POWER OVER ETHERNET COMMANDS POWER-INLINE ALLOW-LEGACY power-inline allow-legacy Overview This command enables detection of pre-IEEE 802.3af Power Ethernet standard legacy Powered Devices (PDs). The no variant of this command disables detection of pre-IEEE 802.3af Power Ethernet standard legacy Powered Devices (PDs). Syntax power-inline allow-legacy no power-inline allow-legacy Default Mode Examples Detection of legacy PDs is enabled on all ports on the Power Sourcing Equipment (PSE). Global Configuration To disable detection of legacy PDs, use the following commands: awplus# configure terminal awplus(config)# no power-inline allow-legacy To enable detection of legacy PDs, use the following commands: awplus# configure terminal awplus(config)# power-inline allow-legacy Validation Commands C613-50081-01 REV A show power-inline show running-config power-inline Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 546 POWER OVER ETHERNET COMMANDS POWER-INLINE DESCRIPTION power-inline description Overview This command adds a description for a Powered Device (PD) connected to a PoE port. The no variant of this command clears a previously entered description for a connected PD, resetting the PD description to the default (null). Syntax power-inline description <pd-description> no power-inline description Default Parameter Description <pd-description> Description of the PD connected to the PoE capable port (with a maximum 256 character string limit per PD description). No description for a connected PD is set by default. Mode Interface Configuration Usage Select a PoE port, a list of PoE ports, or a range of PoE ports with the preceding interface (to configure) command. If you specify a range or list of ports they must all be PoE capable ports. Examples To add the description Desk Phone for a connected PD on port1.0.2, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# power-inline description Desk Phone To clear the description as added above for the connected PD on port1.0.2, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no power-inline description Validation Commands C613-50081-01 REV A show power-inline interface show running-config power-inline Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 547 POWER OVER ETHERNET COMMANDS POWER-INLINE ENABLE power-inline enable Overview This command enables Power over Ethernet (PoE) to detect a connected Powered Device (PD) and supply power from the Power Sourcing Equipment (PSE). The no variant of this command disables PoE functionality on the selected PoE port(s). No power is supplied to a connected PD after PoE is disabled on the selected PoE port(s). Syntax power-inline enable no power-inline enable Default PoE is enabled by default on all ports on the PSE. Mode Interface Configuration Usage Select a PoE port, a list of PoE ports, or a range of PoE ports from the preceding interface (to configure) command. If you specify a range or list of ports they must all be PoE capable ports. No PoE log messages are generated for specified PoE port(s) after PoE is disabled. The disabled PoE port(s) still provide Ethernet connectivity after PoE is disabled. Examples To disable PoE on ports port1.0.1 to port1.0.4, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.1-port1.0.4 awplus(config-if)# no power-inline enable To enable PoE on ports port1.0.1 to port1.0.4, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.1-port1.0.4 awplus(config-if)# power-inline enable Validation Commands show power-inline show power-inline interface show power-inline interface detail show running-config power-inline C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 548 POWER OVER ETHERNET COMMANDS POWER-INLINE MAX power-inline max Overview This command sets the “maximum” power allocated to a Power over an Ethernet (PoE and PoE+) port. The amount of power actually supplied to the port depends on the power requirements of the connected PD. It is also a function of the total PoE power loading on the switch and the PoE priority set for the port by the power-inline priority command. However this command (power-inline max) does apply a “maximum” value to the power that the port is able to supply. The IE200-6 Series switches are able to supply 802.3at (PoE+) power levels to all their PoE-capable ports. This command controls the power output for each port, however this should not be necessary on an IE200-6 Series switch. Note that the value set by this command will be the figure the switch will use when apportioning the power budget for its ports. For example, if 15.4 W is assigned to a port whose PD only consumes 5 W, the switch will reserve the full 15.4 W for this port when determining its total power PoE power requirement. The no variant of this command sets the maximum power supplied to a PoE port to the default, which is set to the maximum power limit for the class of the connected Powered Device (PD). Syntax power-inline max <4000-30000> no power-inline max Default Parameter Description <4000-30000> The maximum power allocated to a PoE port in milliwatts (mW). The Power Sourcing Equipment (PSE) supplies the maximum power limit for the class of the PD connected to the port by default. NOTE: See the PoE Feature Overview and Configuration Guide for further information about power classes. Mode Interface Configuration Usage Select a PoE port, a list of PoE ports, or a range of PoE ports with the preceding interface (to configure) command. If you specify a range or list of ports they must all be PoE capable ports. If you select a range of PoE ports in Interface Configuration mode before issuing this command, then each port in the range selected will have the same maximum power value configured. If the PoE port attempts to draw more than the maximum power, this is logged and all power is removed. Note that the value entered is rounded up to the next value supported by the hardware. See the actual value used, as shown after command entry, in the sample console output below: C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 549 POWER OVER ETHERNET COMMANDS POWER-INLINE MAX awplus#configure terminal awplus(config)#interface port1.0.1 awplus(config-if)#power-line max 5300 % The maximum power has been rounded to 5450mW in hardware. See the LLDP Feature Overview and Configuration Guide for information about power monitoring at the PD. Note the difference in power supplied from the PSE to the power available at the PD due to line loss. See the PoE Feature Overview and Configuration Guide for further information about the difference between the power supplied from the PSE and the power available at the PD. Examples To set the maximum power supplied to ports in the range1.0.2 to 1.0.4 to 6450mW per port, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2-port1.0.4 awplus(config-if)# power-inline max 6450 To set the maximum power supplied to port1.0.2, to 6450 mW, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# power-inline max 6450 To clear the user-configured maximum power supplied to port1.0.2, and revert to using the default maximum power of 30000 mW, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no power-inline max Validation Commands C613-50081-01 REV A show power-inline interface show running-config power-inline Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 550 POWER OVER ETHERNET COMMANDS POWER-INLINE PRIORITY power-inline priority Overview This command sets the Power over Ethernet (PoE) priority level of a PoE port to one of three available priority levels: • low • high • critical The IE200-6 Series switches are able to supply 802.3at (PoE+) power levels to all their PoE-capable ports. This command prioritizes ports if necessary, however this should not be necessary on an IE200-6 Series switch. The no variant of this command restores the PoE port priority to the default (low). Syntax power-inline priority {low|high|critical} no power-inline priority Default Parameter Description low The lowest priority for a PoE enabled port (default). PoE ports set to low only receive power if all the PoE ports assigned to the other two levels are already receiving power. high The second highest priority for a PoE enabled port. PoE ports set to high receive power only if all the ports set to critical are already receiving power. critical The highest priority for a PoE enabled port. PoE ports set to critical are guaranteed power before any ports assigned to the other two priority levels. Ports assigned to the other priority levels receive power only if all Critical ports are receiving power. The default priority is low for all PoE ports on the Power Sourcing Equipment (PSE). Mode Interface Configuration Usage Select a PoE port, a list of PoE ports, or a range of PoE ports with the preceding interface (to configure) command. If you specify a range or list of ports they must all be PoE capable ports. PoE ports with higher priorities are given power before PoE ports with lower priorities. If the priorities for two PoE ports are the same then the lower numbered PoE port is given power before the higher numbered PoE port. See the PoE Feature Overview and Configuration Guide for further information about PoE priority. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 551 POWER OVER ETHERNET COMMANDS POWER-INLINE PRIORITY Examples To set the priority level to high for port1.0.2, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# power-inline priority high To reset the priority level to the default for port1.0.2, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2 awplus(config-if)# no power-inline priority Validation Commands show power-inline show power-inline interface show running-config power-inline Related Commands C613-50081-01 REV A power-inline usage-threshold Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 552 POWER OVER ETHERNET COMMANDS POWER-INLINE USAGE-THRESHOLD power-inline usage-threshold Overview This command sets the level at which the Power Sourcing Equipment (PSE) will issue a message that the power supplied to all Powered Devices (PDs) has reached a critical level of the nominal power rating for the PSE. The level is set as a percentage of total available power. The no variant of this command resets the notification usage-threshold to the default (80% of the nominal power rating of the PSE). Syntax power-inline usage-threshold <1-99> no power-inline usage-threshold Default Parameter Description <1-99> The usage-threshold percentage configured with this command. The default power usage threshold is 80% of the nominal power rating of the PSE. Mode Global Configuration Usage Use the snmp-server enable trap command to configure SNMP notification. An SNMP notification is sent when the usage-threshold, as configured in the example, is exceeded. Examples To generate SNMP notifications when power supplied exceeds 70% of the nominal PSE power, use the following commands: awplus# configure terminal awplus(config)# snmp-server enable trap power-inline awplus(config)# power-inline usage-threshold 70 To reset the notification threshold to the default (80% of the nominal PSE power rating), use the following commands: awplus# configure terminal awplus(config)# no power-inline usage-threshold Validation Commands show power-inline interface Related Commands snmp-server enable trap C613-50081-01 REV A show running-config power-inline Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 553 POWER OVER ETHERNET COMMANDS SERVICE POWER-INLINE service power-inline Overview Syntax This command enables Power over Ethernet (PoE) globally on the Power Sourcing Equipment (PSE) for all PoE ports. service power-inline no service power-inline Default Mode Examples PoE functionality is enabled by default on the PSE. Global Configuration To disable PoE on the PSE, use the following commands: awplus# configure terminal awplus(config)# no service power-inline To re-enable PoE on the PSE, if PoE has been disabled, use the following commands: awplus# configure terminal awplus(config)# service power-inline Validation Commands C613-50081-01 REV A show power-inline show running-config power-inline Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 554 POWER OVER ETHERNET COMMANDS SHOW DEBUGGING POWER-INLINE show debugging power-inline Overview This command displays Power over Ethernet (PoE) debug settings. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show debugging power-inline User Exec and Privileged Exec To display PoE debug settings, use the following command: awplus# show debugging power-inline Output Figure 16-1: Example output from the show debugging power-inline command awplus#show debugging power-inline PoE Debugging status: PoE Informational debugging is disabled PoE Event debugging is disabled PoE Power Management debugging is disabled PoE NSM debugging is enabled Related Commands C613-50081-01 REV A debug power-inline terminal monitor Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 555 POWER OVER ETHERNET COMMANDS SHOW POWER-INLINE show power-inline Overview This command displays the Power over Ethernet (PoE) status for all ports on the Power Sourcing Equipment (PSE). For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show power-inline User Exec and Privileged Exec To display the PoE status for all ports on the PSE, use the following command: awplus# show power-inline Table 1: Parameters in the show power-inline command output Parameter Description Nominal Power The nominal power available on the switch in watts (W). Power Allocated The current power allocated in watts (W) that is available to be drawn by any connected Powered Devices (PDs). This is updated every 5 seconds. Actual Power Consumption The current power consumption in watts (W) drawn by all connected Powered Devices (PDs). This is updated every 5 seconds. Operational Status The operational status of the PSU hardware on the PSE when this command was issued: • On if the PSU as installed inside the PSE is switched on. • Off when the PSU in the PSE is switched off (an RPS may be connected to the PSE to power PoE instead of the PSU). • Fault when there is an issue with the PSE PSU hardware. C613-50081-01 REV A Power Usage Threshold (%) The configured SNMP trap / log threshold for the PSE, as configured from a power-inline usage-threshold command. Interface The PoE port(s) in the format portx.y.z, where x is the device number, y is the module number within the device, and z is the PoE port number within the module. Admin The administrative state of PoE on a PoE port, either Enabled or Disabled. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 556 POWER OVER ETHERNET COMMANDS SHOW POWER-INLINE Table 1: Parameters in the show power-inline command output (cont.) Parameter Description Pri The current PoE priorities for PoE ports on the PSE, as configured from a power-inline priority command: • Low displays when the low parameter is issued. The lowest priority for a PoE enabled port (default). • High displays when the high parameter is issued. The second highest priority for a PoE enabled port. • Crit displays when the critical parameter is issued. The highest priority for a PoE enabled port. Oper The current PSE PoE port state when this command was issued: • Powered displays when there is a PD connected and power is being supplied from the PSE. • Disabled displays when supplying power would make the PSE go over the power budget. • Off displays when PoE has been disabled for the PoE port. • F ault displays when a PSE goes over its power allocation. Power The power consumption in milliwatts (mW) for the PoE port when this command was entered. Device The description of the connected PD device if a description has been added with the power-inline description command. No description is shown for PDs not configured with the power-inline description command. Class The class of the connected PD, if power is being supplied to the PD from the PSE. See the Power over Ethernet Introduction chapter for further information about PD classes and the power levels assigned per class. Max (mW) The power in milliwatts (mW) allocated for the PoE port. Additionally, note the following as displayed per PoE port: • [U] if the power limit for a port was user configured (with the power-inline max command). • [L] if the power limit for a port was supplied by LLDP. • [C] if the power limit for a port was supplied by the PD class. Related Commands C613-50081-01 REV A show power-inline counters show power-inline interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 557 POWER OVER ETHERNET COMMANDS SHOW POWER-INLINE COUNTERS show power-inline counters Overview This command displays Power over Ethernet (PoE) event counters for ports on the Power Sourcing Equipment (PSE). The PoE event counters displayed can also be accessed by objects in the PoE MIB (RFC 3621). See the MIB Objects Feature Overview and Configuration Guide for information about which PoE MIB objects are supported. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show power-inline counters [<port-list>] Parameter Description <port-list> Enter the PoE port(s) to display all PoE event counters for them. Mode User Exec and Privileged Exec Usage To display all PoE event counters for all PoE ports on the PSE, do not enter the optional interface parameter. Examples To display all PoE event counters for all PoE ports on the PSE, use the command: awplus# show power-inline counters To display the PoE event counters for the port range 1.0.1 to 1.0.3, use the command: awplus# show power-inline counters interface port1.0.1-1.0.3 Output Figure 16-2: Example output from the show power-inline counters command awplus#show power-inline counters interface port1.0.1-port1.0.3 PoE Counters: Interface MPSAbsent Overload Short Invalid Denied port1.0.1 0 0 0 0 0 port1.0.2 0 0 0 0 0 port1.0.3 0 0 0 0 0 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 558 POWER OVER ETHERNET COMMANDS SHOW POWER-INLINE COUNTERS Table 2: Parameters in the show power-inline counters command output Related Commands Parameter Description Interface The PoE port(s) in the format portx.y.z, where x is the device number, y is the module number within the device, and z is the PoE port number within the module. MPSAbsent The number of instances when the PoE MPS (Maintain Power Signature) signal has been lost. The PoE MPS signal is lost when a PD is disconnected from the PSE. Also increments pethPsePortMPSAbsentCounter in the PoE MIB. Overload The number of instances when a PD exceeds its configured power limit (as configured by the power-inline max command). Also increments pethPsePortOverLoadCounter in the PoE MIB. Short The number of short circuits that have happened with a PD. Also increments pethPsePortShortCounter in the PoE MIB. Invalid The number of times a PD with an Invalid Signature (where the PD has an open or short circuit, or is a legacy PD) is detected. Also increments pethPseInvalidSignatureCounter in the PoE MIB. Denied The number of times a PD has been refused power due to power budget limitations for the PSE. Also increments pethPsePortPowerDeniedCounter in the PoE MIB. clear power-inline counters interface show power-inline show power-inline interface C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 559 POWER OVER ETHERNET COMMANDS SHOW POWER-INLINE INTERFACE show power-inline interface Overview This command displays a summary of Power over Ethernet (PoE) information for specified ports. If no ports are specified then PoE information is displayed for all ports on the Power Sourcing Equipment (PSE). For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show power-inline interface [<port-list>] Parameter Description <port-list> Enter the PoE port(s) to display PoE specific information in the show output. Mode User Exec and Privileged Exec Usage To display PoE information for all PoE ports on the PSE, do not specify any ports. Example To display the PoE port specific information for all PoE ports on the switch, use the following command: awplus# show power-inline interface To display the PoE port specific information for the port range1.0.1 to 1.0.4, use the following command: awplus# show power-inline interface port1.0.1-port1.0.4 Output Figure 16-3: awplus#show power-inline Interface Admin Pri port1.0.1 Disabled Low port1.0.2 Enabled High port1.0.3 Enabled Crit port1.0.4 Disabled Low Example output from the show power-inline interface command interface port1.0.1-port1.0.4 Oper Power Device Class Disabled 0 n/a n/a Powered 3840 Desk Phone 1 Powered 6720 AccessPoint 2 Disabled 0 n/a n/a Max(mW) n/a 5000 [U] 7000 [C] n/a Table 3: Parameters in the show power-inline interface command output C613-50081-01 REV A Parameter Description Interface The PoE port(s) in the format portx.y.z, where x is the device number, y is the module number within the device, and z is the PoE port number within the module. Admin The administrative state of PoE on a PoE port, either Enabled or Disabled. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 560 POWER OVER ETHERNET COMMANDS SHOW POWER-INLINE INTERFACE Table 3: Parameters in the show power-inline interface command output Parameter Description Pri The current PoE priorities for PoE ports on the PSE, as configured from a power-inline priority command: • Low displays when the low parameter is issued. The lowest priority for a PoE enabled port (default). • High displays when the high parameter is issued. The second highest priority for a PoE enabled port. • Crit displays when the critical parameter is issued. The highest priority for a PoE enabled port. Oper The current PSE PoE port state when this command was issued: • Powered displays when there is a PD connected and power is being supplied from the PSE. • Denied displays when supplying power would make the PSE go over the power budget. • Disabled displays when the PoE port is administratively disabled. • Off displays when PoE has been disabled for the port. • Fault displays when a PSE goes over its power allocation. Power The power consumption in milliwatts (mW) for the PoE port when this command was entered. Device The description of the connected PD device if a description has been added with the power-inline description command. No description is shown for PDs not configured with the power-inline description command. Class The class of the connected PD, if power is being supplied to the PD from the PSE. See the PoE Feature Overview and Configuration Guide for further information about power classes. Max (mW) The power in milliwatts (mW) allocated for the PoE port. Additionally, note the following as displayed per PoE port: • [U] if the power limit for a port was user configured (with the power-inline max command). • [L] if the power limit for a port was supplied by LLDP. • [C] if the power limit for a port was supplied by the PD class. Related Commands C613-50081-01 REV A show power-inline show power-inline interface detail Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 561 POWER OVER ETHERNET COMMANDS SHOW POWER-INLINE INTERFACE DETAIL show power-inline interface detail Overview This command displays detailed information for specified Power over Ethernet (PoE) port(s) on the Power Sourcing Equipment (PSE). For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show power-inline interface [<port-list>] detail Parameter Description <port-list> Enter the PoE port(s) to display the PoE port specific information. Mode User Exec and Privileged Exec Usage To show detailed PoE information for all ports on the PSE, do not specify any ports. The power allocated to each port is listed in the Power allocated row, and is limited by the maximum power per Powered Device (PD) class, or a user configured power limit. Example To display detailed PoE port specific information for the port range 1.0.1 to 1.0.2, use the following command: awplus# show power-inline interface port1.0.1-port1.0.2 detail C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 562 POWER OVER ETHERNET COMMANDS SHOW POWER-INLINE INTERFACE DETAIL Output Figure 16-4: Example output from the show power-inline interface detail command awplus#show power-inline interface port1.0.1-1.0.2 detail Interface port1.0.1 Powered device type: Desk Phone #1 PoE admin enabled Priority Low Detection status: Powered Current power consumption: 4800 mW Powered device class: 1 Power allocated: 5000 mW (from configuration) Detection of legacy devices is disabled Powered pairs: Data Interface port1.0.2 Powered device type: Access Point #3 PoE admin enabled Priority High Detection status: Powered Current power consumption: 6720 mW Powered device class: 2 Power allocated: 7000 mW (from powered device class) Detection of legacy devices is enabled Powered pairs: Data Table 4: Parameters in show power-inline interface detail command output C613-50081-01 REV A Parameter Description Interface The PoE port(s) in the format portx.y.z, where x is the device number, y is the module number within the device, and z is the PoE port number within the module. Powered device type: The name of the PD, if connected and if power is being supplied to the PD from the PSE, configured with the power-inline description command. n/a displays if a description has not been configured for the PD. PoE admin The administrative state of PoE on a PoE capable port, either Enabled or Disabled as configured from the power-inline enable command or the no power-inline enable command respectively. Priority The PoE priority of a port, which is either Low, or High, or Critical, as configured by the power-inline priority command. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 563 POWER OVER ETHERNET COMMANDS SHOW POWER-INLINE INTERFACE DETAIL Table 4: Parameters in show power-inline interface detail command output Parameter Description Detection status: The current PSE PoE port state when this command was issued: • Powered displays when there is a PD connected and power is being supplied from the PSE. • Denied displays when supplying power would make the PSE go over the power budget. • Disabled displays when the PoE port is administratively disabled. • Off displays when PoE has been disabled for the port. • Fault displays when a PSE goes over its power allocation. Current power consumption: The power consumption for the PoE port when this command was entered. Note that the power consumption may have changed since the command was entered and the power is displayed. Powered device class: The class of the connected PD if connected, and if power is being supplied to the PD from the PSE. See the PoE Feature Overview and Configuration Guide for further information about power classes. Power allocated: The power in milliwatts (mW) allocated for the PoE port. Additionally, note the following as displayed per PoE port: • [U] if the power limit for a port was user configured (with the power-inline max command). • [L] if the power limit for a port was supplied by LLDP. • [C] if the power limit for a port was supplied by the PD class. Related Commands C613-50081-01 REV A Detection of legacy devices is [Enabled|Disabled] The status of legacy PoE detection on the PoE port, as configured for the PoE port with the power-inline allow-legacy command. Powered pairs: [Data|Spare] The IEEE 802.3af and IEEE 802.3at standards allow for either data or spare twisted pairs to be used to transfer power to a PD. The powered pairs status for each port. AlliedWare Plus™ PoE switches implement IEEE 802.3af and IEEE 802.3at Endpoint PSE Alternative A (Data). show power-inline show power-inline interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 564 17 GVRP Commands Introduction Overview With GVRP enabled the switch can exchange VLAN configuration information with other GVRP enabled switches. VLANs can be dynamically created and managed through trunk ports. GVRP is supported in Software Version 5.4.3A-1.x and later. • There is limit of 400 VLANs supported by the AlliedWare Plus GVRP implementation. VLANs may be numbered 1-4094, but a limit of 400 of these VLANs are supported. • MSTP is not supported by the AlliedWare Plus GVRP implementation. GVRP and MSTP are mutually exclusive. STP and RSTP are supported by GVRP. This chapter provides an alphabetical reference for commands used to configure GVRP. For information about GVRP, including configuration, see the GVRP Feature Overview and Configuration Guide. Command List C613-50081-01 REV A • “clear gvrp statistics” on page 566 • “debug gvrp” on page 567 • “gvrp (interface)” on page 569 • “gvrp dynamic-vlan-creation” on page 570 • “gvrp enable (global)” on page 571 • “gvrp registration” on page 572 • “gvrp timer” on page 573 • “show debugging gvrp” on page 574 • “show gvrp configuration” on page 575 • “show gvrp machine” on page 576 • “show gvrp statistics” on page 577 • “show gvrp timer” on page 578 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 565 GVRP COMMANDS CLEAR GVRP STATISTICS clear gvrp statistics Overview Syntax Use this command to clear the GVRP statistics for all switchports, or for a specific switchport. clear gvrp statistics {all|<interface>} Parameter Description all Specify all switchports to clear GVRP statistics. <interface> Specify the switchport to clear GVRP statistics. Mode Privileged Exec Usage Use this command together with the show gvrp statistics command to troubleshoot GVRP. Examples To clear all GVRP statistics for all switchport on the switch, enter the command: awplus# clear gvrp statistics all Related Commands C613-50081-01 REV A show gvrp statistics Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 566 GVRP COMMANDS DEBUG GVRP debug gvrp Overview Use this command to debug GVRP packets and commands, sending output to the console. Use the no variant of this command to turn off debugging for GVRP packets and commands. Syntax debug gvrp {all|cli|event|packet} no debug gvrp {all|cli|event|packet} Mode Examples Parameter Description all Specifies debugging for all levels. cli Specifies debugging for commands. event Specified debugging for events. packet Specifies debugging for packets. Privileged Exec and Global Configuration To send debug output to the console for GVRP packets and GVRP commands, and to enable the display of debug output on the console first, enter the commands: awplus# terminal monitor awplus# configure terminal awplus(config)# debug gvrp all To send debug output for GVRP packets to the console, enter the commands: awplus# terminal monitor awplus# configure terminal awplus(config)# debug gvrp packets To send debug output for GVRP commands to the console, enter the commands: awplus# terminal monitor awplus# configure terminal awplus(config)# debug gvrp cli To stop sending debug output for GVRP packets and GVRP commands to the console, and to stop the display of any debug output on the console, enter the commands: awplus# terminal no monitor awplus# configure terminal awplus(config)# no debug gvrp all C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 567 GVRP COMMANDS DEBUG GVRP Related Commands C613-50081-01 REV A show debugging gvrp terminal monitor Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 568 GVRP COMMANDS GVRP (INTERFACE) gvrp (interface) Overview Use this command to enable GVRP for switchport interfaces. Use the no variant of this command to disable GVRP for switchport interfaces. Syntax gvrp no gvrp Mode Default Usage Interface Configuration (for switchport interfaces). Disabled by default. Use this command to enable GVRP on switchport interfaces. Note this command does not enable GVRP for the switch. To enable GVRP on switchports use this command in Interface Configuration mode. You must issue a gvrp enable (global) command before issuing a gvrp (interface) command. You must enable GVRP on both ends of a link for GVRP to propagate VLANs between links. NOTE: MSTP is not supported by the current AlliedWare Plus GVRP implementation. GVRP and MSTP are mutually exclusive. STP and RSTP are supported by GVRP. Private VLAN trunk ports are not supported by the current AlliedWare Plus GVRP implementation. GVRP and private VLAN trunk ports are mutually exclusive. Validation Commands show gvrp configuration Related Commands gvrp dynamic-vlan-creation C613-50081-01 REV A gvrp enable (global) Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 569 GVRP COMMANDS GVRP DYNAMIC-VLAN-CREATION gvrp dynamic-vlan-creation Overview Use this command to enable dynamic VLAN creation globally for the switch. Use the no variant of this command to disable dynamic VLAN creation globally for the switch. Syntax gvrp dynamic-vlan-creation no gvrp dynamic-vlan-creation Mode Default Usage Global Configuration Disabled by default. You must enable GVRP on both ends of a link for GVRP to propagate VLANs between links. You must also enable GVRP globally in Global Configuration mode before enabling GVRP on an interface in Interface Configuration mode. Both of these tasks must occur to create VLANs. NOTE: There is limit of 400 VLANs supported by the AlliedWare Plus GVRP implementation. VLANs may be numbered 1-4094, but a limit of 400 of these VLANs are supported. Examples Enter the following commands for switches with hostnames switch1 and switch2 respectively, so switch1 propagates VLANs to switch2 and switch2 propagates VLANs to switch1: Switch1: switch1# configure terminal switch1(config)# gvrp enable switch1(config)# gvrp dynamic-vlan-creation Switch2: switch2# configure terminal switch2(config)# gvrp enable switch2(config)# gvrp dynamic-vlan-creation To disable GVRP dynamic VLAN creation on the switch, enter the commands: awplus# configure terminal awplus(config)# no gvrp dynamic-vlan-creation Validation Commands show gvrp configuration Related Commands gvrp enable (global) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 570 GVRP COMMANDS GVRP ENABLE (GLOBAL) gvrp enable (global) Overview Use this command to enable GVRP globally for the switch. GVRP is supported in Software Version 5.4.3A-1.x and later. Use the no variant of this command to disable GVRP globally for the switch. Syntax gvrp enable no gvrp enable Mode Default Usage Global Configuration Disabled by default. Use this command to enable GVRP on the switch. Note that this command does not enable GVRP on switchports. To enable GVRP on switchports use the gvrp (interface) command in Interface Configuration mode. You must issue a gvrp enable (global) command before issuing a gvrp (interface) command. You must enable GVRP on both ends of a link for GVRP to propagate VLANs between links. NOTE: MSTP is not supported by the current AlliedWare Plus GVRP implementation. GVRP and MSTP are mutually exclusive. STP and RSTP are supported by GVRP. Private VLAN trunk ports are not supported by the current AlliedWare Plus GVRP implementation. GVRP and private VLAN trunk ports are mutually exclusive. Examples To enable GVRP for the switch, before enabling GVRP on switchports, enter the commands: awplus# configure terminal awplus(config)# gvrp enable To disable GVRP on the switch, which will also disable GVRP enabled on switchports, enter the commands: awplus# configure terminal awplus(config)# no gvrp enable Validation Commands show gvrp configuration Related Commands gvrp (interface) C613-50081-01 REV A gvrp dynamic-vlan-creation Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 571 GVRP COMMANDS GVRP REGISTRATION gvrp registration Overview Use this command to set GVRP registration to normal, fixed, and forbidden registration modes. Use the no variant of this command to disable GVRP registration. Syntax gvrp registration {normal|fixed|forbidden} no gvrp registration {normal|fixed|forbidden} Mode Default Usage Parameter Description normal Specify dynamic GVRP registration and deregistration of VLANs. fixed Specify fixed GVRP registration and deregistration of VLANs. forbidden Specify no GVRP registration of VLANs. VLANs are deregistered. Interface Configuration Normal registration is the default. Configuring a trunk port in normal registration mode allows dynamic creation of VLANs. Normal mode is the default mode. Validate using the show gvrp configuration command. Configuring a trunk port in fixed registration mode allows manual creation of VLANs. Configuring a trunk port in forbidden registration mode prevents VLAN creation on the port. Validation Commands C613-50081-01 REV A show gvrp configuration Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 572 GVRP COMMANDS GVRP TIMER gvrp timer Overview Use this command to set GVRP timers in Interface Configuration mode for a given interface. Use the no variant of this command to reset the GVRP timers to the defaults specified in the table below. Syntax gvrp timer {join <timer-value>|leave <timer-value>|leaveall <timer-value>} no gvrp timer {join|leave|leaveall} Mode Parameter Description join Specifies the timer for joining the group (default is 20 centiseconds / hundredths of a second, or 200 milliseconds). leave Specifies the timer for leaving a group (default is 60 centiseconds / hundredths of a second, or 600 milliseconds). leaveall Specifies the timer for leaving all groups (default is 1000 centiseconds / hundredths of a second, or 10,000 milliseconds). <timer-value> <1-65535> The timer value in hundredths of a second (centiseconds). Interface Configuration Defaults The default join time value is 20 centiseconds (200 milliseconds), the default leave timer value is 60 centiseconds (600 milliseconds), and the default leaveall timer value is 1000 centiseconds (10,000 milliseconds). Usage When configuring the leave timer, set it to more than or equal to three times the join timer value. The settings for the leave and join timers must be the same for all GVRP enabled switches. See also the section “Setting the GVRP Timers” in the GVRP Feature Overview and Configuration Guide. Use the show gvrp timer command to confirm GVRP timers set with this command. Related Commands C613-50081-01 REV A show gvrp timer Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 573 GVRP COMMANDS SHOW DEBUGGING GVRP show debugging gvrp Overview Use this command to display the GVRP debugging option set. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show debugging gvrp User Exec and Privileged Exec Enter the following commands to display GVRP debugging output on the console: awplus# configure terminal awplus(config)# debug gvrp all awplus(config)# exit awplus# show debugging gvrp Output See sample output from the show debugging gvrp command after entering debug gvrp all: GVRP debugging status: GVRP Event debugging is on GVRP CLI debugging is on GVRP Timer debugging is on GVRP Packet debugging is on Related Commands C613-50081-01 REV A debug gvrp Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 574 GVRP COMMANDS SHOW GVRP CONFIGURATION show gvrp configuration Overview Use this command to display GVRP configuration data for a switch. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show gvrp configuration Mode User Exec and Privileged Exec Example To show GVRP configuration for the switch, enter the command: awplus# show gvrp configuration Output C613-50081-01 REV A The following is an output of this command displaying the GVRP configuration for a switch: Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 575 GVRP COMMANDS SHOW GVRP MACHINE show gvrp machine Overview Use this command to display the state machine for GVRP. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show gvrp machine User Exec and Privileged Exec To show the GVRP state machine for the switch, enter the command: awplus# show gvrp machine Output C613-50081-01 REV A See the following output of this command displaying the GVRP state machine. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 576 GVRP COMMANDS SHOW GVRP STATISTICS show gvrp statistics Overview Use this command to display a statistical summary of GVRP information for the switch. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show gvrp statistics [<interface>] Parameter Description <interface> The name of the switchport interface. Mode User Exec and Privileged Exec Usage Use this command together with the clear gvrp statistics command to troubleshoot GVRP. Examples To show the GVRP statistics for all switchport interfaces, enter the command: awplus# show gvrp statistics Related Commands C613-50081-01 REV A clear gvrp statistics Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 577 GVRP COMMANDS SHOW GVRP TIMER show gvrp timer Overview Use this command to display data for the GVRP timers set with the gvrp timer command. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Examples show gvrp timer <interface> Parameter Description <interface> The name of the switchport interface. User Exec and Privileged Exec To show the GVRP timers for all switchport interfaces, enter the command: awplus# show gvrp timer Related Commands C613-50081-01 REV A gvrp timer Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 578 Part 3: Layer Three, Switching and Routing C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 579 18 IP Addressing and Protocol Commands Introduction Overview This chapter provides an alphabetical reference of commands used to configure various IP features, including the following protocols: • Address Resolution Protocol (ARP) For more information, see the IP Feature Overview and Configuration Guide. Command List C613-50081-01 REV A • “arp-aging-timeout” on page 582 • “arp (IP address MAC)” on page 583 • “arp log” on page 584 • “arp-reply-bc-dmac” on page 587 • “clear arp-cache” on page 588 • “debug ip packet interface” on page 589 • “ip address (IP Addressing and Protocol)” on page 591 • “ip domain-list” on page 593 • “ip domain-lookup” on page 594 • “ip domain-name” on page 595 • “ip gratuitous-arp-link” on page 596 • “ip name-server” on page 598 • “ip unreachables” on page 600 • “ping” on page 602 • “show arp” on page 603 • “show debugging ip packet” on page 605 • “show hosts” on page 607 • “show ip domain-list” on page 608 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 580 IP ADDRESSING AND PROTOCOL COMMANDS C613-50081-01 REV A • “show ip domain-name” on page 609 • “show ip interface” on page 610 • “show ip name-server” on page 611 • “show ip sockets” on page 612 • “show ip traffic” on page 615 • “tcpdump” on page 621 • “traceroute” on page 622 • “undebug ip packet interface” on page 623 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 581 IP ADDRESSING AND PROTOCOL COMMANDS ARP-AGING-TIMEOUT arp-aging-timeout Overview This command sets a timeout period on dynamic ARP entries associated with a specific interface. If your device stops receiving traffic for the host specified in a dynamic ARP entry, it deletes the ARP entry from the ARP cache after this timeout is reached. Your device times out dynamic ARP entries to ensure that the cache does not fill with entries for hosts that are no longer active. Static ARP entries are not aged or automatically deleted. By default the time limit for dynamic ARP entries is 300 seconds on all interfaces. The no variant of this command sets the time limit to the default of 300 seconds. Syntax arp-aging-timeout <0-432000> no arp-aging timeout Default Mode Example Parameter Description <0-432000> The timeout period in seconds. 300 seconds (5 minutes) Interface Configuration for a VLAN interface. To set the ARP entries on interface vlan30 to time out after two minutes, use the commands: awplus# configure terminal awplus(config)# interface vlan30 awplus(config-if)# arp-aging-timeout 120 Related Commands C613-50081-01 REV A clear arp-cache show arp Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 582 IP ADDRESSING AND PROTOCOL COMMANDS ARP (IP ADDRESS MAC) arp (IP address MAC) Overview This command adds a static ARP entry to the ARP cache. This is typically used to add entries for hosts that do not support ARP or to speed up the address resolution function for a host. The ARP entry must not already exist. Use the alias parameter to allow your device to respond to ARP requests for this IP address. The no variant of this command removes the static ARP entry. Use the clear arp-cache command to remove the dynamic ARP entries in the ARP cache. Syntax arp <ip-addr> <mac-address> [<port-number>] [alias] no arp <ip-addr> Mode Examples Parameter Description <ip-addr> The IPv4 address of the device you are adding as a static ARP entry. <mac-address> The MAC address of the device you are adding as a static ARP entry, in hexadecimal notation with the format HHHH.HHHH.HHHH. <port-number> The port number associated with the IP address. Specify this when the IP address is part of a VLAN. alias Allows your device to respond to ARP requests for the IP address. Proxy ARP must be enabled on the interface before using this parameter. Global Configuration To add the IP address 10.10.10.9 with the MAC address 0010.2533.4655 into the ARP cache, and have your device respond to ARP requests for this address, use the commands: awplus# configure terminal awplus(config)# arp 10.10.10.9 0010.2355.4566 alias Related Commands C613-50081-01 REV A clear arp-cache show arp Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 583 IP ADDRESSING AND PROTOCOL COMMANDS ARP LOG arp log Overview This command enables the logging of dynamic and static ARP entries in the ARP cache. The ARP cache contains mappings of device ports, VLAN IDs, and IP addresses to physical MAC addresses for hosts. This command can display the MAC addresses in the ARP log either using the default hexadecimal notation (HHHH.HHHH.HHHH), or using the IEEE standard hexadecimal notation (HH-HH-HH-HH-HH-HH). Use the no variant of this command to disable the logging of dynamic and static ARP entries in the ARP cache. Syntax arp log [mac-address-format ieee] no arp log [mac-address-format ieee] Parameter Description mac-address-format ieee Display the MAC address in hexadecimal notation with the standard IEEE format (HH-HH-HH-HH-HHHH), instead of displaying the MAC address with the default hexadecimal format (HHHH.HHHH.HHHH). Default The ARP logging feature is disabled by default. Mode Global Configuration Usage You have the option to change how the MAC address is displayed in the ARP log message, to use the default hexadecimal notation (HHHH.HHHH.HHHH), or the IEEE format hexadecimal notation (HH-HH-HH-HH-HH-HH) when you apply the mac-address-format ieee parameter. Enter the arp log command without the optional mac-address-format ieee parameter specified for MAC addresses in the ARP log output to use the default hexadecimal notation (HHHH.HHHH.HHHH). Enter the arp log mac-address-format ieee command for MAC addresses in the ARP log output to use the IEEE standard format hexadecimal notation (HH-HH-HH-HH-HH-HH). Use the no variant of this command (no arp log) without the optional mac-address- format ieee parameter specified to disable ARP logging on the device Use the no variant of this command with the optional mac-address-format ieee parameter specified (no arp log mac-address-format ieee) to disable IEEE standard format hexadecimal notation (HH-HH-HH-HH-HH-HH) and revert to the default hexadecimal notation (HHHH.HHHH.HHHH) for MAC addresses in the ARP log output. To display ARP log messages use the show log | include ARP_LOG command. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 584 IP ADDRESSING AND PROTOCOL COMMANDS ARP LOG Examples To enable ARP logging and use the default hexadecimal notation (HHHH.HHHH.HHHH), use the following commands: awplus# configure terminal awplus(config)# arp log To disable ARP logging on the device of MAC addresses displayed using the default hexadecimal notation (HHHH.HHHH.HHHH), use the following commands: awplus# configure terminal awplus(config)# no arp log To enable ARP logging and to specify that the MAC address in the log message is displayed in the standard IEEE format hexadecimal notation (HH-HH-HH-HH-HH-HH), use the following commands: awplus# configure terminal awplus(config)# arp log mac-address-format ieee To disable ARP logging on the device of MAC addresses displayed using the standard IEEE format hexadecimal notation (HH-HH-HH-HH-HH-HH), and revert to the use of the default hexadecimal notation (HHHH.HHHH.HHHH) instead, use the following commands: awplus# configure terminal awplus(config)# no arp log mac-address-format ieee To display ARP log messages, use following command: awplus# show log | include ARP_LOG Output Below is example output from the show log | include ARP_LOG command after enabling ARP logging displaying default hexadecimal notation MAC addresses (HHHH.HHHH.HHHH) using the arp log command. awplus#configure terminal awplus(config)#arp log awplus(config)#exit awplus#show log | include ARP_LOG 2010 Apr 6 06:21:01 user.notice awplus 0013.4078.3b98 (192.168.2.4) 2010 Apr 6 06:22:30 user.notice awplus 0013.4078.3b98 (192.168.2.4) 2010 Apr 6 06:23:26 user.notice awplus 0030.940e.136b (192.168.2.20) 2010 Apr 6 06:23:30 user.notice awplus HSL[1007]: ARP_LOG port1.0.6 vlan1 add HSL[1007]: ARP_LOG port1.0.6 vlan1 del HSL[1007]: ARP_LOG port1.0.6 vlan1 add IMISH[1830]: show log | include ARP_LOG Below is example output from the show log | include ARP_LOG command after enabling ARP logging displaying IEEE standard format hexadecimal notation MAC addresses (HH- HH-HH-HH-HH-HH) using the arp log mac-address format ieee command. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 585 IP ADDRESSING AND PROTOCOL COMMANDS ARP LOG Table 1: Example output from the show log | include ARP_LOG command awplus#configure terminal awplus(config)#arp log mac-address-format ieee awplus(config)#exit awplus#show log | include ARP_LOG 2010 Apr 6 06:25:28 user.notice awplus HSL[1007]: ARP_LOG port1.0.6 vlan1 add 00- 17-9a-b6-03-69 (192.168.2.12) 2010 Apr 6 06:25:30 user.notice awplus HSL[1007]: ARP_LOG port1.0.6 vlan1 add 00- 03-37-6b-a6-a5 (192.168.2.10) 2010 Apr 6 06:26:53 user.notice awplus HSL[1007]: ARP_LOG port1.0.6 vlan1 del 00- 30-94-0e-13-6b (192.168.2.20) 2010 Apr 6 06:27:31 user.notice awplus HSL[1007]: ARP_LOG port1.0.6 vlan1 del 00- 17-9a-b6-03-69 (192.168.2.12) 2010 Apr 6 06:28:09 user.notice awplus HSL[1007]: ARP_LOG port1.0.6 vlan1 del 00- 03-37-6b-a6-a5 (192.168.2.10) 2010 Apr 6 06:28:14 user.notice awplus IMISH[1830]: show log | include ARP_LOG Below are the parameters in output of the show log | include ARP_LOG command with an ARP log message format of <ARP_LOG> <port number> <VLAN ID> <Operation> <MAC> <IP> after <date> <time> <severity> <hostname> <program-name> information. Table 2: Parameters in output of the show log | include ARP_LOG command Parameter Description <ARP_LOG> Indicates ARP log entry information follows <date> <time> <severity> <hostname> <program name> log information. <port number> Indicates device port number for the ARP log entry. <VLAN ID> Indicates the VLAN ID for the ARP log entry. <Operation> Indicates ‘add’ if the ARP log entry displays an ARP addition. Indicates ‘del’ if the ARP log entry displays an ARP deletion. <MAC> Indicates the MAC address for the ARP log entry, either in the default hexadecimal notation (HHHH.HHHH.HHHH) or in the IEEE standard format hexadecimal notation (HH-HH-HH-HH-HH-HH) as specified with the arp log or the arp log mac-address-format ieee command. <IP> Indicates the IP address for the ARP log entry. Validation Commands show running-config Related Commands show log C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 586 IP ADDRESSING AND PROTOCOL COMMANDS ARP-REPLY-BC-DMAC arp-reply-bc-dmac Overview Use this command to allow processing of ARP replies that arrive with a broadcast destination MAC (ffff.ffff.ffff). This makes neighbors reachable if they send ARP responses that contain a broadcast destination MAC. Use the no variant of this command to turn off processing of ARP replies that arrive with a broadcast destination MAC. Syntax arp-reply-bc-dmac no arp-reply-bc-dmac Default Mode Example By default, this functionality is disabled. Interface Configuration for VLAN interfaces To allow processing of ARP replies that arrive on VLAN2 with a broadcast destination MAC, use the commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# arp-reply-bc-dmac Related Commands C613-50081-01 REV A clear arp-cache show arp Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 587 IP ADDRESSING AND PROTOCOL COMMANDS CLEAR ARP-CACHE clear arp-cache Overview Syntax This command deletes dynamic ARP entries from the ARP cache. You can optionally specify the IPv4 address of an ARP entry to be cleared from the ARP cache. clear arp-cache [<ip-address>] Parameter Description <ip-address> The IPv4 address of an ARP entry that is to be cleared from the ARP cache. Mode Privileged Exec Usage To display the entries in the ARP cache, use the show arp command. To remove static ARP entries, use the no variant of the arp (IP address MAC) command. Example To clear all dynamic ARP entries, use the command: awplus# clear arp-cache To clear all dynamic ARP entries associated with the IPv4 address 192.168.1.1, use the command: awplus# clear arp-cache 192.168.1.1 Related Commands C613-50081-01 REV A arp (IP address MAC) show arp Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 588 IP ADDRESSING AND PROTOCOL COMMANDS DEBUG IP PACKET INTERFACE debug ip packet interface Overview The debug ip packet interface command enables IP packet debug and is controlled by the terminal monitor command. If the optional icmp keyword is specified then ICMP packets are shown in the output. The no variant of this command disables the debug ip interface command. Syntax debug ip packet interface {<interface-name>|all} [address <ip-address>|verbose|hex|arp|udp|tcp|icmp] no debug ip packet interface [<interface-name>] Mode C613-50081-01 REV A Parameter Description <interface> Specify a single Layer 3 interface name (not a range of interfaces) This keyword can be specified as either all or as a single Layer 3 interface to show debugging for either all interfaces or a single interface. all Specify all Layer 3 interfaces on the device. <ip-address> Specify an IPv4 address. If this keyword is specified, then only packets with the specified IP address as specified in the ip-address placeholder are shown in the output. verbose Specify verbose to output more of the IP packet. If this keyword is specified then more of the packet is shown in the output. hex Specify hex to output the IP packet in hexadecimal. If this keyword is specified, then the output for the packet is shown in hex. arp Specify arp to output ARP protocol packets. If this keyword is specified, then ARP packets are shown in the output. udp Specify udp to output UDP protocol packets. If this keyword is specified then UDP packets are shown in the output. tcp Specify tcp to output TCP protocol packets. If this keyword is specified, then TCP packets are shown in the output. icmp Specify icmp to output ICMP protocol packets. If this keyword is specified, then ICMP packets are shown in the output. Privileged Exec and Global Configuration Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 589 IP ADDRESSING AND PROTOCOL COMMANDS DEBUG IP PACKET INTERFACE Examples To turn on ARP packet debugging on vlan1, use the command: awplus# debug ip packet interface vlan1 arp To turn on all packet debugging on all interfaces on the device, use the command: awplus# debug ip packet interface all To turn on TCP packet debugging on vlan1 and IP address 192.168.2.4, use the command: awplus# debug ip packet interface vlan1 address 192.168.2.4 tcp To turn off IP packet interface debugging on all interfaces, use the command: awplus# no debug ip packet interface To turn off IP packet interface debugging on interface vlan2, use the command: awplus# no debug ip packet interface vlan2 Related Commands no debug all tcpdump terminal monitor undebug ip packet interface C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 590 IP ADDRESSING AND PROTOCOL COMMANDS IP ADDRESS (IP ADDRESSING AND PROTOCOL) ip address (IP Addressing and Protocol) Overview This command sets a static IP address on an interface. The no variant of this command removes the IP address from the interface. You cannot remove the primary address when a secondary address is present. Syntax ip address <ip-addr/prefix-length> [secondary] [label <label>] no ip address [<ip-addr/prefix-length>] [secondary] Parameter Description <ip-addr/prefixlength> The IPv4 address and prefix length you are assigning to the interface. secondary Secondary IP address. label Adds a user-defined description of the secondary IP address. <label> A user-defined description of the secondary IP address. Valid characters are any printable character and spaces. Mode Interface Configuration for a VLAN interface or a local loopback interface. Usage To set the primary IP address on the interface, specify only ip address <ip-address/m>. This overwrites any configured primary IP address. To add additional IP addresses on this interface, use the secondary parameter. You must configure a primary address on the interface before configuring a secondary address. NOTE: Use show running-config interface not show ip interface brief when you need to view a secondary address configured on an interface. show ip interface brief will only show the primary address not a secondary address for an interface. Examples To add the primary IP address 10.10.10.50/24 to the interface vlan3, use the following commands: awplus# configure terminal awplus(config)# interface vlan3 awplus(config-if)# ip address 10.10.10.50/24 To add the secondary IP address 10.10.11.50/24 to the same interface, use the following commands: awplus# configure terminal awplus(config)# interface vlan3 awplus(config-if)# ip address 10.10.11.50/24 secondary C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 591 IP ADDRESSING AND PROTOCOL COMMANDS IP ADDRESS (IP ADDRESSING AND PROTOCOL) To add the IP address 10.10.11.50/24 to the local loopback interface lo, use the following commands: awplus# configure terminal awplus(config)# interface lo awplus(config-if)# ip address 10.10.11.50/24 Related Commands interface (to configure) show ip interface show running-config interface C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 592 IP ADDRESSING AND PROTOCOL COMMANDS IP DOMAIN-LIST ip domain-list Overview This command adds a domain to the DNS list. Domains are appended to incomplete host names in DNS requests. Each domain in this list is tried in turn in DNS lookups. This list is ordered so that the first entry you create is checked first. The no variant of this command deletes a domain from the list. Syntax ip domain-list <domain-name> no ip domain-list <domain-name> Parameter Description <domain-name> Domain string, for example “company.com”. Mode Global Configuration Usage If there are no domains in the DNS list, then your device uses the domain specified with the ip domain-name command. If any domain exists in the DNS list, then the device does not use the domain set using the ip domain-name command. Example To add the domain example.net to the DNS list, use the following commands: awplus# configure terminal awplus(config)# ip domain-list example.net Related Commands ip domain-lookup ip domain-name show ip domain-list C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 593 IP ADDRESSING AND PROTOCOL COMMANDS IP DOMAIN-LOOKUP ip domain-lookup Overview This command enables the DNS client on your device. This allows you to use domain names instead of IP addresses in commands. The DNS client resolves the domain name into an IP address by sending a DNS inquiry to a DNS server, specified with the ip name-server command. The no variant of this command disables the DNS client. The client will not attempt to resolve domain names. You must use IP addresses to specify hosts in commands. Syntax ip domain-lookup no ip domain-lookup Mode Global Configuration Usage The client is enabled by default. However, it does not attempt DNS inquiries unless there is a DNS server configured. For more information about DNS clients, see the IP Feature Overview and Configuration Guide. Examples To enable the DNS client on your device, use the following commands: awplus# configure terminal awplus(config)# ip domain-lookup To disable the DNS client on your device, use the following commands: awplus# configure terminal awplus(config)# no ip domain-lookup Related Commands ip domain-list ip domain-name ip name-server show hosts show ip name-server C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 594 IP ADDRESSING AND PROTOCOL COMMANDS IP DOMAIN-NAME ip domain-name Overview This command sets a default domain for the DNS. The DNS client appends this domain to incomplete host-names in DNS requests. The no variant of this command removes the domain-name previously set by this command. Syntax ip domain-name <domain-name> no ip domain-name <domain-name> Parameter Description <domain-name> Domain string, for example “company.com”. Mode Global Configuration Usage If there are no domains in the DNS list (created using the ip domain-list command) then your device uses the domain specified with this command. If any domain exists in the DNS list, then the device does not use the domain configured with this command. When your device is using its DHCP client for an interface, it can receive Option 15 from the DHCP server. This option replaces the domain name set with this command. Example To configure the domain name, enter the following commands: awplus# configure terminal awplus(config)# ip domain-name company.com Related Commands ip domain-list show ip domain-list show ip domain-name C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 595 IP ADDRESSING AND PROTOCOL COMMANDS IP GRATUITOUS-ARP-LINK ip gratuitous-arp-link Overview This command sets the Gratuitous ARP time limit for all switchports. The time limit restricts the sending of Gratuitous ARP packets to one Gratuitous ARP packet within the time in seconds. NOTE: This command specifies time between sequences of Gratuitous ARP packets, and time between individual Gratuitous ARP packets occurring in a sequence, to allow legacy support for older devices and interoperation between other devices that are not ready to receive and forward data until several seconds after linkup. Additionally, jitter has been applied to the delay following linkup, so Gratuitous ARP packets applicable to a given port are spread over a period of 1 second so are not all sent at once. Remaining Gratuitous ARP packets in the sequence occur after a fixed delay from the first one. Syntax ip gratuitous-arp-link <0-300> no ip gratuitous-arp-link Default Parameter Description <0-300> Specify the minimum time between sequences of Gratuitous ARPs and the fixed time between Gratuitous ARPs occurring in a sequence, in seconds. 0 disables the sending of Gratuitous ARP packets. The default is 8 seconds. The default Gratuitous ARP time limit for all switchports is 8 seconds. Mode Global Configuration Usage Every switchport will send a sequence of 3 Gratuitous ARP packets to each VLAN that the switchport is a member of, whenever the switchport moves to the forwarding state. The first Gratuitous ARP packet is sent 1 second after the switchport becomes a forwarding switchport. The second and third Gratuitous ARP packets are each sent after the time period specified by the Gratuitous ARP time limit. Additionally, the Gratuitous ARP time limit specifies the minimum time between the end of one Gratuitous ARP sequence and the start of another Gratuitous ARP sequence. When a link is flapping, the switchport’s state is set to forwarding several times. The Gratuitous ARP time limit is imposed to prevent Gratuitous ARP packets from being sent undesirably often. Examples To disable the sending of Gratuitous ARP packets, use the commands : awplus# configure terminal awplus(config)# ip gratuitous-arp-link 0 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 596 IP ADDRESSING AND PROTOCOL COMMANDS IP GRATUITOUS-ARP-LINK To restrict the sending of Gratuitous ARP packets to one every 20 seconds, use the commands: awplus# configure terminal awplus(config)# ip gratuitous-arp-link 20 Validation Commands C613-50081-01 REV A show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 597 IP ADDRESSING AND PROTOCOL COMMANDS IP NAME-SERVER ip name-server Overview This command adds IPv4 or IPv6 DNS server addresses. The DNS client on your device sends DNS queries to IP addresses in this list when trying to resolve a host name. Host names cannot be resolved until you have added at least one server to this list. A maximum of three name servers can be added to this list. The no variant of this command removes the specified DNS name-server address. Syntax ip name-server <ip-addr> no ip name-server <ip-addr> Parameter Description <ip-addr> The IP address of the DNS server that is being added to the name server list. The address is entered in the form A.B.C.D for an IPv4 address, or in the form X:X::X:X for an IPv6 address. Mode Global Configuration Usage To allow the device to operate as a DNS proxy, your device must have learned about a DNS name-server to forward requests to. Name-servers can be learned through the following means: • Manual configuration, using the ip name-server command • Learned from DHCP server with Option 6 • Learned over a PPP tunnel if the neighbor advertises the DNS server This command is used to statically configure a DNS name-server for the device to use. For more information about DHCP and DNS, see the IP Feature Overview and Configuration Guide. For more information about PPP and DNS, see the PPP Feature Overview and Configuration Guide. Examples To allow a device to send DNS queries to a DNS server with the IPv4 address 10.10.10.5, use the commands: awplus# configure terminal awplus(config)# ip name-server 10.10.10.5 To enable your device to send DNS queries to a DNS server with the IPv6 address 2001:0db8:010d::1, use the commands: awplus# configure terminal awplus(config)# ip name-server 2001:0db8:010d::1 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 598 IP ADDRESSING AND PROTOCOL COMMANDS IP NAME-SERVER Related Commands ip domain-list ip domain-lookup ip domain-name show ip name-server C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 599 IP ADDRESSING AND PROTOCOL COMMANDS IP UNREACHABLES ip unreachables Overview Use this command to enable ICMP (Internet Control Message Protocol) type 3, destination unreachable, messages. Use the no variant of this command to disable destination unreachable messages. This prevents an attacker from using these messages to discover the topology of a network. Syntax ip unreachables no ip unreachables Default Destination unreachable messages are enabled by default. Mode Global Configuration Usage When a device receives a packet for a destination that is unreachable it returns an ICMP type 3 message, this message includes a reason code, as per the table below. An attacker can use these messages to obtain information regarding the topology of a network. Disabling destination unreachable messages, using the no ip unreachables command, secures your network against this type of probing. NOTE: Disabling ICMP destination unreachable messages breaks applications such as traceroute and Path MTU Discovery (PMTUD), which depend on these messages to operate correctly. Table 18-1: ICMP type 3 reason codes and description C613-50081-01 REV A Code Description [RFC] 0 Network unreachable [RFC792] 1 Host unreachable [RFC792] 2 Protocol unreachable [RFC792] 3 Port unreachable [RFC792] 4 Fragmentation required, and DF flag set [RFC792] 5 Source route failed [RFC792] 6 Destination network unknown [RFC1122] 7 Destination host unknown [RFC1122] 8 Source host isolated [RFC1122] 9 Network administratively prohibited [RFC768] 10 Host administratively prohibited [RFC869] 11 Network unreachable for Type of Service [RFC908] 12 Host unreachable for Type of Service [RFC938] 13 Communication administratively prohibited [RFC905] Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 600 IP ADDRESSING AND PROTOCOL COMMANDS IP UNREACHABLES Table 18-1: ICMP type 3 reason codes and description (cont.) Example Code Description [RFC] 14 Host Precedence Violation [RFC1812] 15 Precedence cutoff in effect [RFC1812] To disable destination unreachable messages, use the commands awplus# configure terminal awplus(config)# no ip unreachables To enable destination unreachable messages, use the commands awplus# configure terminal awplus(config)# ip unreachables C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 601 IP ADDRESSING AND PROTOCOL COMMANDS PING ping Overview Syntax Mode Example This command sends a query to another IPv4 host (send Echo Request messages). ping [ip] <host> [broadcast] [df-bit {yes|no}] [interval <0-128>] [pattern <hex-data-pattern>] [repeat {<1-2147483647>|continuous}] [size <36-18024>] [source <ip-addr>] [timeout <1-65535>] [tos <0-255>] Parameter Description <host> The destination IP address or hostname. broadcast Allow pinging of a broadcast address. df-bit Enable or disable the do-not-fragment bit in the IP header. interval <0-128> Specify the time interval in seconds between sending ping packets. The default is 1. You can use decimal places to specify fractions of a second. For example, to ping every millisecond, set the interval to 0.001. pattern <hexdata-pattern> Specify the hex data pattern. repeat Specify the number of ping packets to send. <1-2147483647> Specify repeat count. The default is 5. continuous Continuous ping size <36-18024> The number of data bytes to send, excluding the 8 byte ICMP header. The default is 56 (64 ICMP data bytes). source <ip-addr> The IP address of a configured IP interface to use as the source in the IP header of the ping packet. timeout <1-65535> The time in seconds to wait for echo replies if the ARP entry is present, before reporting that no reply was received. If no ARP entry is present, it does not wait. tos <0-255> The value of the type of service in the IP header. User Exec and Privileged Exec To ping the IP address 10.10.0.5 use the following command: awplus# ping 10.10.0.5 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 602 IP ADDRESSING AND PROTOCOL COMMANDS SHOW ARP show arp Overview Use this command to display entries in the ARP routing and forwarding table—the ARP cache contains mappings of IP addresses to physical addresses for hosts. To have a dynamic entry in the ARP cache, a host must have used the ARP protocol to access another host. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show arp [security [interface [<interface-list>]] show arp [statistics [detail][interface [<interface-list>]] Mode User Exec and Privileged Exec Usage Running this command with no additional parameters will display all entries in the ARP routing and forwarding table. Example To display all ARP entries in the ARP cache, use the following command: awplus# show arp Output awplus#show arp IP Address 192.168.10.2 192.168.20.2 192.168.1.100 Figure 18-1: Example output from the show arp command MAC Address 0015.77ad.fad8 0015.77ad.fa48 00d0.6b04.2a42 Interface vlan1 vlan2 vlan2 Port port1.0.1 port1.0.2 port1.0.6 Type dynamic dynamic static Table 19: Parameters in the output of the show arp command C613-50081-01 REV A Parameter Meaning IP Address IP address of the network device this entry maps to. MAC Address Hardware address of the network device. Interface Interface over which the network device is accessed. Port Physical port that the network device is attached to. Type Whether the entry is a static or dynamic entry. Static entries are added using the arp (IP address MAC) command. Dynamic entries are learned from ARP request/reply message exchanges. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 603 IP ADDRESSING AND PROTOCOL COMMANDS SHOW ARP Related Commands C613-50081-01 REV A arp (IP address MAC) clear arp-cache Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 604 IP ADDRESSING AND PROTOCOL COMMANDS SHOW DEBUGGING IP PACKET show debugging ip packet Overview Use this command to show the IP interface debugging status. IP interface debugging is set using the debug ip packet interface command. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show debugging ip packet User Exec and Privileged Exec To display the IP interface debugging status when the terminal monitor off, use the command: awplus# terminal no monitor awplus# show debug ip packet Output Figure 18-2: Example output from the show debugging ip packet command with terminal monitor off awplus#terminal no monitor awplus#show debug ip packet IP debugging status: interface all tcp (stopped) interface vlan1 arp verbose (stopped) Example To display the IP interface debugging status when the terminal monitor is on, use the command: awplus# terminal monitor awplus# show debug ip packet Output Figure 18-3: Example output from the show debugging ip packet command with terminal monitor on awplus#terminal monitor awplus#show debug ip packet IP debugging status: interface all tcp (running) interface vlan1 arp verbose (running) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 605 IP ADDRESSING AND PROTOCOL COMMANDS SHOW DEBUGGING IP PACKET Related Commands C613-50081-01 REV A debug ip packet interface terminal monitor Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 606 IP ADDRESSING AND PROTOCOL COMMANDS SHOW HOSTS show hosts Overview This command shows the default domain, domain list, and name servers configured on your device. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show hosts User Exec and Privileged Exec To display the default domain, use the command: awplus# show hosts Output Figure 18-4: Example output from the show hosts command awplus#show hosts Default domain is mycompany.com Domain list: company.com Name/address lookup uses domain service Name servers are 10.10.0.2 10.10.0.88 Related Commands ip domain-list ip domain-lookup ip domain-name ip name-server C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 607 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP DOMAIN-LIST show ip domain-list Overview This command shows the domains configured in the domain list. The DNS client uses the domains in this list to append incomplete hostnames when sending a DNS inquiry to a DNS server. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show ip domain-list User Exec and Privileged Exec To display the list of domains in the domain list, use the command: awplus# show ip domain-list Output Figure 18-5: Example output from the show ip domain-list command awplus#show ip domain-list alliedtelesis.com mycompany.com Related Commands C613-50081-01 REV A ip domain-list ip domain-lookup Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 608 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP DOMAIN-NAME show ip domain-name Overview This command shows the default domain configured on your device. When there are no entries in the DNS list, the DNS client appends this domain to incomplete hostnames when sending a DNS inquiry to a DNS server. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show ip domain-name User Exec and Privileged Exec To display the default domain configured on your device, use the command: awplus# show ip domain-name Output Figure 18-6: Example output from the show ip domain-name command awplus#show ip domain-name alliedtelesis.com Related Commands C613-50081-01 REV A ip domain-name ip domain-lookup Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 609 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP INTERFACE show ip interface Overview Use this command to display information about interfaces and the IP addresses assigned to them. To display information about a specific interface, specify the interface name with the command. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show ip interface [<interface-list>] [brief] Parameter Description <interface-list> The interfaces to display information about. An interface-list can be: • an interface, e.g. vlan2 • a continuous range of interfaces separated by a hyphen, e.g. vlan2-8 or vlan2-vlan5 • a comma-separated list of interfaces or interface ranges, e.g. vlan2,vlan5,vlan8-10 The specified interfaces must exist. Mode Examples User Exec and Privileged Exec To show brief information for the assigned IP address for interface port1.0.2 use the command: awplus# show ip interface port1.0.2 brief To show the IP addresses assigned to vlan2 and vlan3, use the command: awplus# show ip interface vlan2-3 brief Output Figure 18-7: Interface port1.0.2 vlan1 vlan2 vlan3 vlan8 C613-50081-01 REV A Example output from the show ip interface brief command IP-Address unassigned 192.168.1.1 192.168.2.1 192.168.3.1 unassigned Status admin up admin up admin up admin up admin up Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x Protocol down running running running down 610 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP NAME-SERVER show ip name-server Overview This command displays a list of IPv4 and IPv6 DNS server addresses that your device will send DNS requests to. This is a static list configured using the ip name-server command. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show ip name-server User Exec and Privileged Exec To display the list of DNS servers that your device sends DNS requests to, use the command: awplus# show ip name-server Output Figure 18-8: Example output from the show ip name-server command awplus# show ip name-server 10.10.0.123 10.10.0.124 2001:0db8:010d::1 Related Commands C613-50081-01 REV A ip domain-lookup ip name-server Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 611 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP SOCKETS show ip sockets Overview Use this command to display information about the IP or TCP sockets that are present on the device. It includes TCP, UDP listen sockets, displaying associated IP address and port. The information displayed for established TCP sessions includes the remote IP address, port, and session state. Raw IP protocol listen socket information is also displayed for protocols such as ICMP6, which are configured to receive IP packets with the associated protocol number. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show ip sockets Mode Privileged Exec Usage Use this command to verify that the socket being used is opening correctly. If there is a local and remote endpoint, a connection is established with the ports indicated. Note that this command does not display sockets that are used internally for exchanging data between the various processes that exist on the device and are involved in its operation and management. It only displays sockets that are present for the purposes of communicating with other external devices. Example To display IP sockets currently present on the device, use the command: awplus# show ip sockets Output Figure 18-9: Example output from the show ip sockets command Socket information Not showing 40 local connections Not showing 7 local listening ports Typ Local Address Remote Address tcp 0.0.0.0:111 0.0.0.0:* tcp 0.0.0.0:80 0.0.0.0:* tcp 0.0.0.0:23 0.0.0.0:* tcp 0.0.0.0:443 0.0.0.0:* tcp 0.0.0.0:4743 0.0.0.0:* tcp 0.0.0.0:873 0.0.0.0:* C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x State LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN 612 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP SOCKETS tcp udp udp udp udp raw raw raw :::23 0.0.0.0:111 226.94.1.1:5405 0.0.0.0:161 :::161 0.0.0.0:112 :::58 :::112 :::* 0.0.0.0:* 0.0.0.0:* 0.0.0.0:* :::* 0.0.0.0:* :::* :::* LISTEN 112 58 112 Table 20: Parameters in the output of the show ip sockets command C613-50081-01 REV A Parameter Description Not showing <number> local connections This field refers to established sessions between processes internal to the device, that are used in its operation and management. These sessions are not displayed as they are not useful to the user. <number> is some positive integer. Not showing <number> local listening ports This field refers to listening sockets belonging to processes internal to the device, that are used in its operation and management. They are not available to receive data from other devices. These sessions are not displayed as they are not useful to the user. <number> is some positive integer. Typ This column displays the type of the socket. Possible values for this column are: tcp : IP Protocol 6 udp : IP Protocol 17 raw : Indicates that socket is for a non port-orientated protocol (i.e. a protocol other than TCP or UDP) where all packets of a specified IP protocol type are accepted. For raw socket entries the protocol type is indicated in subsequent columns. Local Address For TCP and UDP listening sockets this shows the destination IP address and destination TCP or UDP port number for which the socket will receive packets. The address and port are separated by ’:’. If the socket will accept packets addressed to any of the device’s IP addresses, the IP address will be 0.0.0.0 for IPv4 or :: for IPv6. For active TCP sessions the IP address will display which of the devices addresses the session was established with. For raw sockets this displays the IP address and IP protocol for which the socket will accept IP packets. The address and protocol are separated by ’:’. If the socket will accept packets addressed to any of the device’s IP addresses, the IP address will be 0.0.0.0 for IPv4 and :: for IPv6. IP Protocol assignments are described at:www.iana.org/assignments/protocol-numbers Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 613 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP SOCKETS Table 20: Parameters in the output of the show ip sockets command (cont.) C613-50081-01 REV A Parameter Description Remote Address For TCP and UDP listening sockets this shows the source IP address (either IPv4 or IPv6) and source TCP or UDP port number for which the socket will accept packets. The address and port are separated by ’:’. If the socket will accept packets addressed from any IP address, the IP address will be 0.0.0.0 for IPv4 . This is the usual case for a listening socket. Normally for a listen socket any source port will be accepted. This is indicated by “. For active TCP sessions the IP address will display the remote address and port the session was established with. For raw sockets the entry in this column will be 0.0.0.0: for IPv4 . State This column shows the state of the socket. For TCP sockets this shows the state of the TCP state machine. For UDP sockets this column is blank. For raw sockets it contains the IP protocol number. The possible TCP states are: LISTEN SYN-SENT SYN-RECEIVED ESTABLISHED FIN-WAIT-1 FIN-WAIT-2 CLOSE-WAIT CLOSING LAST-ACK TIME-WAIT CLOSED RFC793 contains the TCP state machine diagram with Section 3.2 describing each of the states. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 614 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP TRAFFIC show ip traffic Overview Use this command to display statistics regarding IP traffic sent and received by all interfaces on the device, showing totals for IP and IPv6 and then broken down into sub-categories such as TCP, UDP, ICMP and their IPv6 equivalents when appropriate. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show ip traffic Privileged Exec To display IP traffic statistics, use the command: awplus# show ip traffic Output Figure 18-10: Example output from the show ip traffic command IP: 261998 packets received 261998 delivered 261998 sent 69721 multicast packets received 69721 multicast packets sent 23202841 bytes received 23202841 bytes sent 7669296 multicast bytes received 7669296 multicast bytes sent IPv6: 28 packets discarded on transmit due to no route ICMP6: UDP6: UDPLite6: TCP: 0 remote connections established 40 local connections established 7 remote listening ports 7 local listening ports 261 active connection openings 247 passive connection openings 14 connection attempts failed 122535 segments received 122535 segments transmitted 14 resets transmitted 227 TCP sockets finished time wait in fast timer C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 615 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP TRAFFIC 155 delayed acks sent 21187 headers predicted 736 pure ACKs 80497 pure ACKs predicted UDP: 139468 datagrams received 139468 datagrams sent UDPLite: Table 21: Parameters in the output of the show ip traffic command Parameter Description IPv4 IPv4 counters IPv6 IPv6 counters received packets with no route Received packets with no route truncated packets received Truncated packets received multicast packets received Multicast packets received multicast packets sent Multicast packets sent broadcast packets received Broadcast packets received broadcast packets sent Broadcast packets sent bytes received Bytes received bytes sent Bytes sent multicast bytes received Multicast bytes received multicast bytes sent Multicast bytes sent broadcast bytes received Broadcast bytes received broadcast bytes sent Broadcast bytes sent packets received Packets received packets received with invalid headers Packets received with invalid headers oversize packets received Oversize packets received packets received with no route Packets received with no route C613-50081-01 REV A packets received with invalid address Packets received with invalid address packets received with unknown protocol Packets received with unknown protocol truncated packets received Truncated packets received received packets discarded Received packets discarded received packets delivered Received packets delivered forwarded packets transmitted Forwarded packets transmitted Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 616 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP TRAFFIC Table 21: Parameters in the output of the show ip traffic command (cont.) C613-50081-01 REV A Parameter Description packets transmitted Packets transmitted packets discarded on transmit Packets discarded on transmit packets discarded on transmit due to no route Packets discarded on transmit due to no route fragment reassembly timeouts Fragment reassembly timeouts fragment reassembly required Fragment reassembly required fragment reassembly OK Fragment reassembly OK fragment reassembly failures Fragment reassembly failures fragmentations succeeded Fragmentations succeeded fragmentations failed Fragmentations failed fragments created Fragments created ICMP6 ICMPv6 counters messages received Messages received errors received Errors received messages sent Messages sent TCP TCP counters remote connections established Remote connections established local connections established Local connections established remote listening ports Remote listening ports local listening ports Local listening ports active connection openings Active connection openings passive connection openings Passive connection openings connection attempts failed Connection attempts failed connection resets received Connection resets received segments received Segments received segments transmitted Segments transmitted retransmits Retransmits bad segments received Bad segments received resets transmitted Resets transmitted datagrams received Datagrams received received for unknown port Received for unknown port datagrams sent Datagrams sent syncookies sent Syncookies sent Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 617 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP TRAFFIC Table 21: Parameters in the output of the show ip traffic command (cont.) C613-50081-01 REV A Parameter Description syncookies received Syncookies received syncookies failed Syncookies failed embryonic resets Embryonic resets sockets pruned Sockets pruned ICMPs out of window ICMPs out of window ICMPs dropped due to lock ICMPs dropped due to lock ARPs filtered ARPs filtered TCP sockets finished time wait in fast timer TCP sockets finished time wait in fast timer time wait sockets recycled by time stamp Time wait sockets recycled by time stamp time wait sockets killed Time wait sockets killed delayed acks sent Delayed acks sent delayed acks further delayed because of locked socket delayed acks lost Delayed acks lost listening socket overflows Listening socket overflows listening socket drops Listening socket drops headers predicted Headers predicted pure ACKs Pure ACKs pure ACKs predicted Pure ACKs predicted losses recovered by TCP Reno Losses recovered by TCP Reno losses recovered by SACK Losses recovered by SACK SACKs renegged SACKs renegged detected reordering by FACK Detected reordering by FACK detected reordering by SACK Detected reordering by SACK detected reordering by TCP Reno Detected reordering by TCP Reno detected reordering by sequence Detected reordering by sequence full undos Full undos partial undos Partial undos SACK undos SACK undos loss undos Loss undos segments lost Segments lost lost retransmits Lost retransmits Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 618 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP TRAFFIC Table 21: Parameters in the output of the show ip traffic command (cont.) C613-50081-01 REV A Parameter Description TCP Reno failures TCP Reno failures SACK failures SACK failures loss failures Loss failures fast retransmits Fast retransmits forward retransmits Forward retransmits retransmits in slow start Retransmits in slow start timeouts Timeouts TCP Reno recovery failures TCP Reno recovery failures SACK recovery failures SACK recovery failures collapsed segments received Collapsed segments received DSACKs sent for old packets DSACKs sent for old packets DSACKs sent for out of order segments DSACKs sent for out of order segments DSACKs received DSACKs received DSACKs received for out of order segments DSACKs received for out of order segments connections reset due to unexpected SYN Connections reset due to unexpected SYN connections reset due to unexpected data Connections reset due to unexpected data connections reset due to early user close Connections reset due to early user close connections aborted due to lack of memory Connections aborted due to lack of memory connections aborted due to timeout Connections aborted due to timeout connections aborted due to lingering Connections aborted due to lingering connection aborts due to connection failure Connection aborts due to connection failure TCP memory pressure events TCP memory pressure events SACKs discarded SACKs discarded Old DSACKs ignored Old DSACKs ignored DSACKs ignored without undo DSACKs ignored without undo Spurious RTOs Spurious RTOs TCP MD5 Not Found TCP MD5 Not Found Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 619 IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP TRAFFIC Table 21: Parameters in the output of the show ip traffic command (cont.) C613-50081-01 REV A Parameter Description TCP MD5 Unexpected TCP MD5 Unexpected TCP SACKs shifted TCP SACKs shifted TCP SACKs merged TCP SACKs merged TCP SACK shift fallback TCP SACK shift fallback UDP UDP Counters UDPLite UDPLite Counters UDP6 UDPv6 Counters UDPLite6 UDPLitev6 Counters datagrams received Datagrams received datagrams received for unknown port Datagrams received for unknown port datagram receive errors Datagram receive errors datagrams transmitted Datagrams transmitted datagrams received Datagrams received datagrams received for unknown port Datagrams received for unknown port datagram receive errors Datagram receive errors datagrams transmitted Datagrams transmitted Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 620 IP ADDRESSING AND PROTOCOL COMMANDS TCPDUMP tcpdump Overview Syntax Mode Example Use this command to start a tcpdump, which gives the same output as the Unix-like tcpdump command to display TCP/IP traffic. Press <ctrl> + c to stop a running tcpdump. tcpdump <line> Parameter Description <line> Specify the dump options. For more information on the options for this placeholder see http://www.tcpdump.org/tcpdump_man.html Privileged Exec To start a tcpdump running to capture IP packets, enter the command: awplus# tcpdump ip Output Figure 18-11: Example output from the tcpdump command 03:40:33.221337 IP 192.168.1.1 > 224.0.0.13: PIMv2, Hello, length: 34 1 packets captured 2 packets received by filter 0 packets dropped by kernel Related Commands C613-50081-01 REV A debug ip packet interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 621 IP ADDRESSING AND PROTOCOL COMMANDS TRACEROUTE traceroute Overview Syntax Mode Example C613-50081-01 REV A Use this command to trace the route to the specified IPv4 host. traceroute {<ip-addr>|<hostname>} Parameter Description <ip-addr> The destination IPv4 address. The IPv4 address uses the format A.B.C.D. <hostname> The destination hostname. User Exec and Privileged Exec awplus# traceroute 10.10.0.5 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 622 IP ADDRESSING AND PROTOCOL COMMANDS UNDEBUG IP PACKET INTERFACE undebug ip packet interface Overview C613-50081-01 REV A This command applies the functionality of the no debug ip packet interface command. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 623 19 IPv6 Commands Introduction Overview This chapter provides an alphabetical reference of commands used to configure IPv6. For more information, see the IPv6 Feature Overview and Configuration Guide. IPv6 is supported in Software Version 5.4.3A-1.x and later. Command List C613-50081-01 REV A • “clear ipv6 neighbors” on page 625 • “ipv6 address” on page 626 • “ipv6 enable” on page 627 • “ipv6 nd raguard” on page 628 • “ipv6 neighbor” on page 630 • “ipv6 route” on page 631 • “ipv6 unreachables” on page 632 • “ping ipv6” on page 633 • “show ipv6 interface brief” on page 634 • “show ipv6 neighbors” on page 635 • “show ipv6 route” on page 636 • “show ipv6 route summary” on page 638 • “traceroute ipv6” on page 639 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 624 IPV6 COMMANDS CLEAR IPV6 NEIGHBORS clear ipv6 neighbors Overview Syntax Mode Example C613-50081-01 REV A Use this command to clear all dynamic IPv6 neighbor entries. clear ipv6 neighbors Privileged Exec awplus# clear ipv6 neighbors Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 625 IPV6 COMMANDS IPV6 ADDRESS ipv6 address Overview Use this command to set the IPv6 address of a VLAN interface and enable IPv6. IPv6 is supported in Software Version 5.4.3A-1.x and later. Use the no variant of this command to remove the IPv6 address assigned and disable IPv6. Note that if no global addresses are left after removing the IPv6 address then IPv6 is disabled. Syntax ipv6 address <ipv6-addr/prefix-length> [eui64] no ipv6 address <ipv6-addr/prefix-length> Mode Examples Parameter Description <ipv6-addr/prefixlength> Specifies the IPv6 address to be set. The IPv6 address uses the format X:X::X:X/Prefix-Length. The prefix-length is usually set between 0 and 64. Interface Configuration for a VLAN interface. To assign the IPv6 address 2001:0db8::a2/64 to the VLAN interface vlan2, use the following commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 address 2001:0db8::a2/64 To remove the IPv6 address 2001:0db8::a2/64 from the VLAN interface vlan2, use the following commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# no ipv6 address 2001:0db8::a2/64 Related Commands show running-config show ipv6 interface brief show ipv6 route C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 626 IPV6 COMMANDS IPV6 ENABLE ipv6 enable Overview Use this command to enable IPv6 on an interface without an IPv6 global address for the interface. This enables IPv6 with a IPv6 link-local address, not an IPv6 global address. Use the no variant of this command to disable IPv6 on an interface without a global address. Note the no variant of this command does not operate on an interface with an IPv6 global address or an interface configured for IPv6 stateless address autoconfiguration (SLAAC). Syntax ipv6 enable no ipv6 enable Mode Interface Configuration for a VLAN interface. Usage The ipv6 enable command automatically configures an IPv6 link-local address on the interface and enables the interface for IPv6 processing. A link-local address is an IP (Internet Protocol) address that is only used for communications in the local network, or for a point-to-point connection. Routing does not forward packets with link-local addresses. IPv6 requires that a link-local address is assigned to each interface that has the IPv6 protocol enabled, and when addresses are assigned to interfaces for routing IPv6 packets. Note that link-local addresses are retained in the system until they are negated by using the no variant of the command that established them. Also note that the link-local address is retained in the system if the global address is removed using another command that was not used to establish the link-local address. For example, if a link local address is established with the ipv6 enable command then it will not be removed using a no ipv6 address command. Examples To enable IPv6 with only a link-local IPv6 address on the VLAN interface vlan2, use the following commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 enable To disable IPv6 with only a link-local IPv6 address on the VLAN interface vlan2, use the following commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# no ipv6 enable Related Commands ipv6 address show ipv6 interface brief show ipv6 route show running-config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 627 IPV6 COMMANDS IPV6 ND RAGUARD ipv6 nd raguard Overview Use this command to apply the Router Advertisements (RA) Guard feature from the Interface Configuration mode for a device port. This blocks all RA messages received on a device port. For more information about RA Guard, see the IPv6 Feature Overview and Configuration Guide. Use the no parameter with this command to disable RA Guard for a specified device port. Syntax ipv6 nd raguard no ipv6 nd raguard Default RA Guard is not enabled by default. Mode Interface Configuration for a device port interface. Usage Router Advertisements (RAs) are used by Routers to announce themselves on the link. Applying RA Guard to a device port disallows Router Advertisements and redirect messages. RA Guard blocks RAs from untrusted hosts. Blocking RAs stops untrusted hosts from flooding malicious RAs and stops any misconfigured hosts from disrupting traffic on the local network. Enabling RA Guard on a port blocks RAs from a connected host and indicates the port and host are untrusted. Disabling RA Guard on a port allows RAs from a connected host and indicates the port and host are trusted. Ports and hosts are trusted by default to allow RAs. Example To enable RA Guard on device ports port1.0.2-1.0.12, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2-1.0.12 awplus(config-if)# ipv6 nd raguard To verify RA Guard is enabled on device port interface port1.0.2, use the command: awplus# show running-config interface port1.0.2 To disable RA Guard on device ports port1.0.2-1.0.12, use the following commands: awplus# configure terminal awplus(config)# interface port1.0.2-port1.0.12 awplus(config-if)# no ipv6 nd raguard When RA Guard is disabled on a device port it is not displayed in show running-config output. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 628 IPV6 COMMANDS IPV6 ND RAGUARD Output Example output from a show running-config interface port1.0.2 to verify RA Guard: ! interface port1.0.2 switchport mode access ipv6 nd raguard ! Related Commands C613-50081-01 REV A show running-config interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 629 IPV6 COMMANDS IPV6 NEIGHBOR ipv6 neighbor Overview Use this command to add a static IPv6 neighbor entry. Use the no variant of this command to remove a specific IPv6 neighbor entry. Syntax ipv6 neighbor <ipv6-address> <vlan-name> <mac-address> <port-list> no ipv6 neighbor <ipv6-address> <vlan-name> <port-list> Parameter Description <ipv6-address> Specify the neighbor’s IPv6 address in the format X:X::X:X. <vlan-name> Specify the neighbor’s VLAN name. <mac-address> Specify the MAC hardware address in hexadecimal notation in the format HHHH.HHHH.HHHH. <port-list> Specify the port number, or port range. Mode Global Configuration Usage Use this command to clear a specific IPv6 neighbor entry. To clear all dynamic address entries, use the clear ipv6 neighbors command. Example To create a static neighbor entry for IPv6 address 2001:0db8::a2, on vlan 4, MAC address 0000.cd28.0880, on port1.0.6, use the command: awplus# configure terminal awplus(config)# ipv6 neighbor 2001:0db8::a2 vlan4 0000.cd28.0880 port1.0.6 Related Commands C613-50081-01 REV A clear ipv6 neighbors Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 630 IPV6 COMMANDS IPV6 ROUTE ipv6 route Overview Use this command to establish the distance for static routes of a network prefix. Use the no variant of this command to disable the distance for static routes of the network prefix. Syntax ipv6 route <dest-prefix> <dest-prefix/length> {<gateway-ip>|<gateway-name>} [<distvalue>] no ipv6 route <dest-prefix> <dest-prefix/length> {<gateway-ip>|<gateway-name>} [<distvalue>] Mode Example Parameter Description <dest-prefix/ length> Specifies the IP destination prefix. The IPv6 address prefix uses the format X:X::/prefix-length. The prefix-length is usually set between 0 and 64. <gateway-ip> Specifies the IP gateway (or next hop) address. The IPv6 address uses the format X:X::X:X/Prefix-Length. The prefix-length is usually set between 0 and 64. <distvalue> Specifies the administrative distance for the route. Valid values are from 1 to 255. <gateway-name> Specifies the name of the gateway (or next hop) interface. Global Configuration awplus# configure terminal awplus(config)# ipv6 route Validation Commands C613-50081-01 REV A myintname 322001:0db8::1/128 show running-config show ipv6 route Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 631 IPV6 COMMANDS IPV6 UNREACHABLES ipv6 unreachables Overview Use this command to enable ICMPv6 (Internet Control Message Protocol version 6) type 1, destination unreachable, messages. Use the no variant of this command to disable destination unreachable messages. This prevents an attacker from using these messages to discover the topology of a network. Syntax ipv6 unreachables no ipv6 unreachables Default Destination unreachable messages are enabled by default. Mode Global Configuration Usage When a device receives a packet for a destination that is unreachable it returns an ICMPv6 type 1 message. This message includes a reason code, as per the table below. An attacker can use these messages to obtain information regarding the topology of a network. Disabling destination unreachable messages, using the no ipv6 unreachables command, secures your network against this type of probing. NOTE: Disabling ICMPv6 destination unreachable messages breaks applications such as traceroute, which depend on these messages to operate correctly. Table 19-1: ICMPv6 type 1 reason codes and description Example Code Description [RFC] 0 No route to destination [RFC4443] 1 Communication with destination administratively prohibited [RFC4443] 2 Beyond scope of source address [RFC4443] 3 Address unreachable [RF4443] 4 Port unreachable [RFC4443] 5 Source address failed ingress/egress policy [RFC4443] 6 Reject route to destination [RFC4443 7 Error in Source Routing Header [RFC6554] To disable destination unreachable messages, use the commands awplus# configure terminal awplus(config)# no ipv6 unreachables To enable destination unreachable messages, use the commands awplus# configure terminal awplus(config)# ipv6 unreachables C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 632 IPV6 COMMANDS PING IPV6 ping ipv6 Overview This command sends a query to another IPv6 host (send Echo Request messages). NOTE: Use of the interface parameter keyword, plus an interface or an interface range, with this command is only valid when pinging an IPv6 link local address. Syntax ping ipv6 {<host>|<ipv6-address>} [repeat {<1-2147483647>|continuous}] [size <10-1452>] [interface <interface-list>] [timeout <1-65535>] Parameter Description <ipv6-addr> The destination IPv6 address. The IPv6 address uses the format X:X::X:X. <hostname> The destination hostname. repeat Specify the number of ping packets to send. <1-2147483647> Specify repeat count. The default is 5. size <10-1452> The number of data bytes to send, excluding the 8 byte ICMP header. The default is 56 (64 ICMP data bytes). interface The interface or range of configured IP interfaces to use as the <interface-list> source in the IP header of the ping packet. Mode Example Related Commands C613-50081-01 REV A timeout <1-65535> The time in seconds to wait for echo replies if the ARP entry is present, before reporting that no reply was received. If no ARP entry is present, it does not wait. repeat Specify the number of ping packets to send. <1-2147483647> Specify repeat count. The default is 5. continuous Continuous ping. size <10-1452> The number of data bytes to send, excluding the 8 byte ICMP header. The default is 56 (64 ICMP data bytes). timeout <1-65535> The time in seconds to wait for echo replies if the ARP entry is present, before reporting that no reply was received. If no ARP entry is present, it does not wait. User Exec and Privileged Exec awplus# ping ipv6 2001:0db8::a2 traceroute ipv6 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 633 IPV6 COMMANDS SHOW IPV6 INTERFACE BRIEF show ipv6 interface brief Overview Use this command to display brief information about interfaces and the IPv6 address assigned to them. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Examples Output show ipv6 interface [brief] Parameter Description brief Specify this optional parameter to display brief IPv6 interface information. User Exec and Privileged Exec awplus# show ipv6 interface brief Figure 19-1: Example output from the show ipv6 interface brief command awplus#show ipv6 interface brief Interface IPv6-Address lo unassigned vlan1 2001:db8::1/48 fe80::215:77ff:fee9:5c50/64 Related Commands C613-50081-01 REV A Status admin up admin up Protocol running down show interface brief Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 634 IPV6 COMMANDS SHOW IPV6 NEIGHBORS show ipv6 neighbors Overview Use this command to display all IPv6 neighbors. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode C613-50081-01 REV A show ipv6 neighbors User Exec and Privileged Exec Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 635 IPV6 COMMANDS SHOW IPV6 ROUTE show ipv6 route Overview Use this command to display the IPv6 routing table for a protocol or from a particular table. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show ipv6 route [connected|database|summary|<ipv6-address>|<ipv6-addr/prefix-l ength>)] Parameter Description connected Displays only the routes learned from connected interfaces. database Displays only the IPv6 routing information extracted from the database. summary Displays summary information from the IPv6 routing table. <ipv6-address> Displays the routes for the specified address in the IP routing table. The IPv6 address uses the format X:X::X:X/Prefix-Length. The prefix-length is usually set between 0 and 64. <ipv6-prefix/length> Displays only the routes for the specified IP prefix. Mode Example 1 User Exec and Privileged Exec To display an IP route with all parameters turned on, use the following command: awplus# show ipv6 route Output Figure 19-2: Example output of the show ipv6 route command IPv6 Routing Table Codes: C - connectedS ::/0 [1/0] via 2001::a:0:0:c0a8:a6, vlan10 C 2001:db8::a:0:0:0:0/64 via ::, vlan10 C 2001:db8::14:0:0:0:0/64 via ::, vlan20 C 2001:db8::0:0:0:0/64 via ::, vlan30 C 2001:db8::28:0:0:0:0/64 via ::, vlan40 C 2001:db8::fa:0:0:0:0/64 via ::, vlan250 C 2001:db8::/64 via ::, vlan250 C 2001:db8::/64 via ::, vlan40 C 2001:db8::/64 via ::, vlan20 C 2001:db8::/64 via ::, vlan10 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 636 IPV6 COMMANDS SHOW IPV6 ROUTE Example 2 To display all database entries for an IP route, use the following command: awplus# show ipv6 route database Output Figure 19-3: Example output of the show ipv6 route database command IPv6 Routing Table Codes: C - connected> - selected route, * - FIB route, p - stale info Timers: Uptime S ::/0 [1/0] via 2001::a:0:0:c0a8:a01 inactive, 6d22h12m [1/0] via 2001::fa:0:0:c0a8:fa01 inactive, 6d22h12m C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 637 IPV6 COMMANDS SHOW IPV6 ROUTE SUMMARY show ipv6 route summary Overview Use this command to display the summary of the current NSM RIB entries. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show ipv6 route summary Mode User Exec and Privileged Exec Example To display IP route summary, use the following command: awplus# show ipv6 route summary Output Figure 19-4: Example output from the show ipv6 route summary command IPv6 routing table name is Default-IPv6-Routing-Table(0) IPv6 routing table maximum-paths is 4 RouteSource Networks connected 4 FIB 5 Related Commands C613-50081-01 REV A show ip route database Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 638 IPV6 COMMANDS TRACEROUTE IPV6 traceroute ipv6 Overview Syntax Mode Example Use this command to trace the route to the specified IPv6 host. traceroute ipv6 {<ipv6-addr>|<hostname>} Parameter Description <ipv6-addr> The destination IPv6 address. The IPv6 address uses the format X:X::X:X. <hostname> The destination hostname. User Exec and Privileged Exec To run a traceroute for the IPv6 address 2001:0db8::a2, use the following command: awplus# traceroute ipv6 2001:0db8::a2 Related Commands C613-50081-01 REV A ping ipv6 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 639 20 Static Routing Commands for Management Purposes Introduction Overview Command List C613-50081-01 REV A This chapter provides an alphabetical reference of static routing commands that are used to direct management packets to appropriate VLANs. • “ip route” on page 641 • “show ip route” on page 642 • “show ip route database” on page 644 • “show ip route summary” on page 645 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 640 STATIC ROUTING COMMANDS FOR MANAGEMENT PURPOSES IP ROUTE ip route Overview This command creates a static route, in order to send management packets to the appropriate VLAN. Your switch does not use static routes to route traffic from one VLAN to another VLAN, even if the VLANs have IP addresses. You cannot create static routes to route data, only management packets. The no variant of this command removes the static route. Syntax ip route <subnet&mask> {<gateway-ip>|<interface>} [<distance>] no ip route <subnet&mask> {<gateway-ip>|<interface>} [<distance>] Parameter Description <subnet&mask> The IPv4 address of the destination subnet defined using either a prefix length or a separate mask specified in one of the following formats: The IPv4 subnet address in dotted decimal notation followed by the subnet mask, also in dotted decimal notation. The IPv4 subnet address in dotted decimal notation, followed by a forward slash, then the prefix length. Mode Default Example <gateway-ip> The IPv4 address of the gateway device. <interface> The VLAN interface that the target packets should be sent to. Enter the name of the VLAN or its VID. The gateway IP address or the interface is required. <distance> The administrative distance for the static route in the range <1-255>. Static routes by default have an administrative distance of 1. Global Configuration The default administrative distance for a static route is 1. To send management traffic on the 10.0.0.0 network to vlan10 and other management traffic to vlan5, use the commands: awplus# configure terminal awplus(config)# ip route 10.0.0.0/8 vlan10 awplus(config)# ip route 0.0.0.0/0 vlan5 Related Commands C613-50081-01 REV A show ip route show ip route database Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 641 STATIC ROUTING COMMANDS FOR MANAGEMENT PURPOSES SHOW IP ROUTE show ip route Overview Use this command to display routing entries in the FIB (Forwarding Information Base). The FIB contains the best routes to a destination, and your device uses these routes when forwarding traffic. You can display a subset of the entries in the FIB based on protocol. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. Syntax Mode Example show ip route [connected|static|<ip-addr>| <ip-addr/prefix-length>] Parameter Description connected Displays only the routes learned from connected interfaces. static Displays only the static routes you have configured. <ip-addr> Displays the routes for the specified address. Enter an IPv4 address. <ip-addr/prefix-length> Displays the routes for the specified network. Enter an IPv4 address and prefix length. User Exec and Privileged Exec To display the static routes in the FIB, use the command: awplus# show ip route static Output Each entry in the output from this command has a code preceding it, indicating the source of the routing entry. The first few lines of the output list the possible codes that may be seen with the route entries. Typically, route entries are composed of the following elements: C613-50081-01 REV A • code • a second label indicating the sub-type of the route • network or host ip address • administrative distance and metric • next hop ip address • outgoing interface name • time since route entry was added Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 642 STATIC ROUTING COMMANDS FOR MANAGEMENT PURPOSES SHOW IP ROUTE Figure 20-1: Example output from the show ip route command Codes: C - connected, S - static, R - RIP, B - BGP O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 * - candidate default C 3.3.3.0/24 is directly connected, vlan1 C 10.10.31.0/24 is directly connected, vlan2 C 10.70.0.0/24 is directly connected, vlan4 C 33.33.33.33/32 is directly connected, lo To avoid repetition, only selected route entries comprising of different elements are described here: Connected Route The connected route entry consists of: C 10.10.31.0/24 is directly connected, vlan2 This route entry denotes: Related Commands C613-50081-01 REV A • Route entries for network 10.10.31.0/24 are derived from the IP address of local interface vlan2. • These routes are marked as Connected routes (C) and always preferred over routes for the same network learned from other routing protocols. show ip route database Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 643 STATIC ROUTING COMMANDS FOR MANAGEMENT PURPOSES SHOW IP ROUTE DATABASE show ip route database Overview This command displays the routing entries in the RIB (Routing Information Base). When multiple entries are available for the same prefix, RIB uses the routes’ administrative distances to choose the best route. All best routes are entered into the FIB (Forwarding Information Base). To view the routes in the FIB, use the show ip route command. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. Syntax Mode Example show ip route database [connected|static] Parameter Description connected Displays only the routes learned from connected interfaces. static Displays only the static routes you have configured. User Exec and Privileged Exec To display the static routes in the RIB, use the command: awplus# show ip route database static Output Figure 20-2: Example output from the show ip route database command awplus#show ip route database Codes: C - connected, S - static, R - RIP, B - BGP O - OSPF, D - DHCP, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 > - selected route, * - FIB route, p - stale info S *> 0.0.0.0/0 [1/0] via 10.34.1.1, vlan1 C *> 10.34.0.0/16 is directly connected, vlan1 S 192.168.2.0/24 [1/0] is directly connected, vlan2 inactive Gateway of last resort is not set The routes added to the FIB are marked with a *. When multiple routes are available for the same prefix, the best route is indicated with the > symbol. All unselected routes have neither the * nor the > symbol. Related Commands C613-50081-01 REV A show ip route Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 644 STATIC ROUTING COMMANDS FOR MANAGEMENT PURPOSES SHOW IP ROUTE SUMMARY show ip route summary Overview This command displays a summary of the current RIB (Routing Information Base) entries. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. Syntax Mode Example show ip route summary User Exec and Privileged Exec To display a summary of the current RIB entries, use the command: awplus# show ip route summary Output Figure 20-3: Example output from the show ip route summary command IP routing table name is Default-IP-Routing-Table(0) IP routing table maximum-paths is 4 Route Source Networks connected 5 Total 8 Related Commands C613-50081-01 REV A show ip route show ip route database Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 645 Part 4: Multicast Applications C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 646 21 Multicast Commands Introduction Overview This chapter provides an alphabetical reference of generic multicast commands. For commands for particular multicast protocols, see: • IGMP Snooping Commands. • MLD Snooping Commands NOTE: The IPv6 Multicast addresses shown can be derived from IPv6 unicast prefixes as per RFC 3306.The IPv6 unicast prefix reserved for documentation is 2001:0db8::/32 as per RFC 3849. Using the base /32 prefix the IPv6 multicast prefix for 2001:0db8::/32 is ff3x:20:2001:0db8::/64. Where an RP address is 2001:0db8::1 the embedded RP multicast prefix is ff7x:120:2001:0db8::/96. For ASM (Any-Source Multicast) the IPV6 multicast addresses allocated for documentation purposes are ff0x::0db8:0:0/96 as per RFC 6676. This is a /96 prefix so that it can be used with group IDs as per RFC 3307. These addresses should not be used for practical networks (other than for testing purposes), nor should they appear in any public network. The IPv6 addresses shown use the address space 2001:0db8::/32, defined in RFC 3849 for documentation purposes. These addresses should not be used for practical networks (other than for testing purposes) nor should they appear on any public network. Command List C613-50081-01 REV A • “clear ip mroute” on page 649 • “clear ip mroute statistics” on page 650 • “clear ipv6 mroute” on page 651 • “clear ipv6 mroute statistics” on page 652 • “debug nsm mcast” on page 653 • “debug nsm mcast6” on page 654 • “ip mroute” on page 655 • “ip multicast forward-first-packet” on page 657 • “ip multicast route” on page 658 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 647 MULTICAST COMMANDS C613-50081-01 REV A • “ip multicast route-limit” on page 660 • “ip multicast wrong-vif-suppression” on page 661 • “ip multicast-routing” on page 662 • “ipv6 multicast route” on page 663 • “ipv6 multicast route-limit” on page 665 • “ipv6 multicast-routing” on page 666 • “multicast” on page 667 • “show ip mroute” on page 668 • “show ip mvif” on page 670 • “show ip rpf” on page 671 • “show ipv6 mroute” on page 672 • “show ipv6 mif” on page 674 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 648 MULTICAST COMMANDS CLEAR IP MROUTE clear ip mroute Overview Use this command to delete entries from the IPv4 multicast routing table. NOTE: If you use this command, you should also use the clear ip igmp group command to clear IGMP group membership records. Syntax clear ip mroute {*|<ipv4-group-address> [<ipv4-source-address>]} [pim sparse-mode] Parameter Description * Deletes all multicast routes. <ipv4-groupaddress> Group IPv4 address, in dotted decimal notation in the format A.B.C.D. <ipv4-sourceaddress> Source IPv4 address, in dotted decimal notation in the format A.B.C.D. pim sparse-mode Clear specified IPv4 multicast route(s) for PIM Sparse Mode only. Mode Privileged Exec Usage When this command is used, the Multicast Routing Information Base (MRIB) clears the IPv4 multicast route entries in its IPv4 multicast route table, and removes the entries from the multicast forwarder. The MRIB sends a “clear” message to the multicast protocols. Each multicast protocol has its own “clear” multicast route command. The protocol-specific “clear” command clears multicast routes from PIM Sparse Mode, and also clears the routes from the MRIB. Examples awplus# clear ip mroute 225.1.1.1 192.168.3.3 awplus# clear ip mroute * Related Commands C613-50081-01 REV A ip multicast route show ip mroute Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 649 MULTICAST COMMANDS CLEAR IP MROUTE STATISTICS clear ip mroute statistics Overview Syntax Mode Example Use this command to delete multicast route statistics entries from the IP multicast routing table. clear ip mroute statistics {*|<ipv4-group-addr> [<ipv4-source-addr>]} Parameter Description * All multicast route entries. <ipv4-group-addr> Group IPv4 address, in dotted decimal notation in the format A.B.C.D. <ipv4-source-addr> Source IPv4 address, in dotted decimal notation in the format A.B.C.D. Privileged Exec awplus# clear ip mroute statistics 225.1.1.2 192.168.4.4 awplus# clear ip mroute statistics * C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 650 MULTICAST COMMANDS CLEAR IPV6 MROUTE clear ipv6 mroute Overview Syntax Use this command to delete one or more dynamically-added route entries from the IPv6 multicast routing table. You need to do this, for example, if you want to create a static route instead of an existing dynamic route. clear ipv6 mroute {*|<ipv6-group-address> [<ipv6-source-address>]} Parameter Description * Deletes all dynamically-learned IPv6 multicast routes. <ipv6-group-address> Group IPv6 address, in hexadecimal notation in the format X.X::X.X. <ipv6-source-address> Source IPv6 address, in hexadecimal notation in the format X.X::X.X. Mode Privileged Exec Usage When this command is used, the Multicast Routing Information Base (MRIB) clears the relevant IPv6 multicast route entries in its IPv6 multicast route table, and removes the entries from the multicast forwarder. The MRIB sends a “clear” message to the multicast protocols. Each multicast protocol has its own “clear” multicast route command. This command does not remove static routes from the routing table or the configuration. To remove static routes, use the no parameter of the command ipv6 multicast route. Example Related Commands C613-50081-01 REV A awplus# clear ipv6 mroute 2001::2 ff08::1 ipv6 multicast route show ipv6 mroute Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 651 MULTICAST COMMANDS CLEAR IPV6 MROUTE STATISTICS clear ipv6 mroute statistics Overview Use this command to delete multicast route statistics entries from the IPv6 multicast routing table. NOTE: Static IPv6 multicast routes take priority over dynamic IPv6 multicast routes. Use the clear ipv6 mroute command to clear static IPv6 multicast routes and ensure dynamic IPv6 multicast routes can take over from previous static IPv6 multicast routes. Syntax Mode Examples clear ipv6 mroute statistics {*|<ipv6-group-address> [<ipv6-source-address>]} Parameter Description * All multicast route entries. <ipv6-group-addr> Group IPv6 address, in hexadecimal notation in the format X.X::X.X. <ipv6-source-addr> Source IPv6 address, in hexadecimal notation in the format X.X::X.X. Privileged Exec awplus# clear ipv6 mroute statistics 2001::2 ff08::1 awplus# clear ipv6 mroute statistics * C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 652 MULTICAST COMMANDS DEBUG NSM MCAST debug nsm mcast Overview Syntax Mode Examples Use this command to debug IPv4 events in the Multicast Routing Information Base (MRIB). debug nsm mcast {all|fib-msg|mrt|mtrace|mtrace-detail|register|stats|vif} Parameter Description all All IPv4 multicast debugging. fib-msg Forwarding Information Base (FIB) messages. mrt Multicast routes. mtrace Multicast traceroute. mtrace-detail Multicast traceroute detailed debugging. register Multicast PIM register messages. stats Multicast statistics. vif Multicast interface. Privileged Exec and Global Configuration awplus# configure terminal awplus(config)# debug nsm mcast all awplus# configure terminal awplus(config)# debug nsm mcast fib-msg awplus# configure terminal awplus(config)# debug nsm mcast mrt awplus# configure terminal awplus(config)# debug nsm mcast mtrace awplus# configure terminal awplus(config)# debug nsm mcast mtrace-detail awplus# configure terminal awplus(config)# debug nsm mcast register awplus# configure terminal awplus(config)# debug nsm mcast stat awplus# configure terminal awplus(config)# debug nsm mcast vif C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 653 MULTICAST COMMANDS DEBUG NSM MCAST6 debug nsm mcast6 Overview Syntax Mode Examples Use this command to debug IPv6 events in the Multicast Routing Information Base (MRIB). debug nsm mcast6 {all|fib-msg|mrt|mtrace|mtrace-detail|register|stats|vif} Parameter Description all All IPv4 multicast debugging. fib-msg Forwarding Information Base (FIB) messages. mif Multicast interfaces. mrt Multicast routes. register Multicast PIM register messages. stats Multicast statistics. Privileged Exec and Global Configuration awplus# configure terminal awplus(config)# debug nsm mcast6 all awplus# configure terminal awplus(config)# debug nsm mcast6 fib-msg awplus# configure terminal awplus(config)# debug nsm mcast6 mif awplus# configure terminal awplus(config)# debug nsm mcast6 mrt awplus# configure terminal awplus(config)# debug nsm mcast6 register awplus# configure terminal awplus(config)# debug nsm mcast6 stats C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 654 MULTICAST COMMANDS IP MROUTE ip mroute Overview Use this command to inform multicast of the RPF (Reverse Path Forwarding) route to a given IPv4 multicast source. Use the no variant of this command to delete a route to an IPv4 multicast source. Syntax ip mroute <ipv4-source-address/mask-length> [bgp|ospf|rip|static] <rpf-address> [<admin-distance>] no ip mroute <ipv4-source-address/mask-length> [bgp|ospf|rip|static] Parameter Description <ipv4-sourceaddress/mask-length> A multicast source IPv4 address and mask length, in dotted decimal notation in the format A.B.C.D/M. ospf OSPF unicast routing protocol. rip RIP unicast routing protocol. static Specifies a static route. <rpf-address> A.B.C.D The closest known address on the multicast route back to the specified source. This host IPv4 address can be within a directly connected subnet or within a remote subnet. In the case that the address is in a remote subnet, a lookup is done from the unicast route table to find the next hop address on the path to this host. <admin-distance> The administrative distance. Use this to determine whether the RPF lookup selects the unicast or multicast route. Lower distances have preference. If the multicast static route has the same distance as the other RPF sources, the multicast static route takes precedence. The default is 0 and the range available is 0-255. Mode Global Configuration Usage Typically, when a Layer 3 multicast routing protocol is determining the RPF (Reverse Path Forwarding) interface for the path to an IPv4 multicast source, it uses the unicast route table to find the best path to the source. However, in some networks a deliberate choice is made to send multicast via different paths to those used for unicast. In this case, the interface via which a multicast stream from a given source enters a router may not be the same as the interface that connects to the best unicast route to that source. This command enables the user to statically configure the device with “multicast routes” back to given sources. When performing the RPF check on a stream from a given IPv4 source, the multicast routing protocol will look at these static entries as well as looking into the unicast routing table. The route with the lowest C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 655 MULTICAST COMMANDS IP MROUTE administrative distance - whether a static “multicast route” or a route from the unicast route table - will be chosen as the RPF route to the source. Note that in this context the term “multicast route” does not imply a route via which the current router will forward multicast; instead it refers to the route the multicast will have traversed in order to arrive at the current router. Examples The following example creates a static multicast IPv4 route back to the sources in the 10.10.3.0/24 subnet. The multicast route is via the host 192.168.2.3, and has an administrative distance of 2: awplus# configure terminal awplus(config)# ip mroute 10.10.3.0/24 static 2 192.168.2.3 2 The following example creates a static multicast IPv4 route back to the sources in the 192.168.3.0/24subnet. The multicast route is via the host 10.10.10.50. The administrative distance on this route has the default value of 0: awplus# configure terminal awplus(config)# ip mroute 192.168.3.0/24 10.10.10.50 Validation Commands C613-50081-01 REV A show ip rpf Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 656 MULTICAST COMMANDS IP MULTICAST FORWARD-FIRST-PACKET ip multicast forward-first-packet Overview Use this command to enable multicast to forward the first multicast packets coming to the device. Use the no variant of this command to disable this feature. Syntax ip multicast forward-first-packet no ip multicast forward-first-packet Default By default, this feature is disabled. Mode Global Configuration Usage If this command is enabled, the device will forward the first packets in a multicast stream that create the multicast route, possibly causing degradation in the quality of the multicast stream, such as the pixelation of video and audio data. NOTE: If you use this command, ensure that the ip igmp snooping command is enabled, the default setting, otherwise the device will not process the first packets of the multicast stream correctly. The device will forward the first multicast packets to all interfaces which are on the same VLAN as those which asked for this multicast group. Examples To enable the forwarding of the first multicast packets, use the following commands: awplus# configure terminal awplus(config)# ip multicast forward-first-packet To disable the forwarding of the first multicast packets, use the following commands: awplus# configure terminal awplus(config)# no ip multicast forward-first-packet C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 657 MULTICAST COMMANDS IP MULTICAST ROUTE ip multicast route Overview Use this command to add an IPv4 static multicast route for a specific multicast source and group IPv4 address to the multicast Routing Information Base (RIB). This IPv4 multicast route is used to forward multicast traffic from a specific source and group ingressing on an upstream VLAN to a single or range of downstream VLANs. Use the no variant of this command to either remove an IPv4 static multicast route set with this command or to remove a specific downstream VLAN interface from an IPv4 static multicast route for a specific multicast source and group IPv4 address. Syntax ip multicast route <ipv4-source-addr> <ipv4-group-addr> <upstream-vlan-id> [<downstream-vlan-id>] no ip multicast route <ipv4-source-addr> <ipv4-group-addr> [<upstream-vlan-id> <downstream-vlan-id>] Parameter Description <ipv4-source-addr> Source IPv4 address, in dotted decimal notation in the format A.B.C.D. <ipv4-group-addr> Group IPv4 address, in dotted decimal notation in the format A.B.C.D. <upstream-vlan-id> Upstream VLAN interface on which the multicast packets ingress. <downstream-vlan-id> Downstream VLAN interface or range of VLAN interfaces to which the multicast packets are sent. Default By default, this feature is disabled. Mode Global Configuration Usage Only one multicast route entry per IPv4 address and multicast group can be specified. Therefore, if one entry for a static multicast route is configured, PIM will not be able to update this multicast route in any way. If a dynamic multicast route exists you cannot create a static multicast route with same source IPv4 address, group IPv4 address, upstream VLAN and downstream VLANs. An error message is displayed and logged. To add a new static multicast route, either wait for the dynamic multicast route to timeout or clear the dynamic multicast route with the clear ip mroute command. To update an existing static multicast route entry with more or a new set of downstream VLANs, you must firstly remove the existing static multicast route and then add the new static multicast route with all downstream VLANs specified. If you attempt to update an existing static multicast route entry with an additional VLAN or VLANs an error message is displayed and logged. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 658 MULTICAST COMMANDS IP MULTICAST ROUTE To remove a specific downstream VLAN from an existing static multicast route entry, specify the VLAN you want to remove with the <downstream-vlan-id> parameter when entering the no variant of this command. Examples To create a static multicast route for the multicast source IPv4 address 2.2.2.2 and group IPv4 address 224.9.10.11, specifying the upstream VLAN interface as vlan10 and the downstream VLAN interface as vlan20, use the following commands: awplus# configure terminal awplus(config)# ip multicast route 2.2.2.2 224.9.10.11 vlan10 vlan20 To create an IPv4 static multicast route for the multicast source IPv4 address 2.2.2.2 and group IP address 224.9.10.11, specifying the upstream VLAN interface as vlan10 and the downstream VLAN range as vlan20-25, use the following commands: awplus# configure terminal awplus(config)# ip multicast route 2.2.2.2 224.9.10.11 vlan10 vlan20-25 To remove the downstream VLAN 23 from the IPv4 static multicast route created with the above command, use the following commands: awplus# configure terminal awplus(config)# no ip multicast route 2.2.2.2 224.9.10.11 vlan10 vlan23 To delete an IPv4 static multicast route for the multicast source IP address 2.2.2.2 and group IP address 224.9.10.11, use the following commands: awplus# configure terminal awplus(config)# no ip multicast route 2.2.2.2 224.9.10.11 Related Commands C613-50081-01 REV A clear ip mroute show ip mroute Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 659 MULTICAST COMMANDS IP MULTICAST ROUTE-LIMIT ip multicast route-limit Overview Use this command to limit the number of multicast routes that can be added to an IPv4 multicast routing table. Use the no variant of this command to return the IPv4 route limit to the default. Syntax ip multicast route-limit <limit> [<threshold>] no ip multicast route-limit Default Parameter Description <limit> <1-2147483647> Number of routes. <threshold> <1-2147483647> Threshold above which to generate a warning message. The mroute warning threshold must not exceed the mroute limit. The default limit and threshold value is 2147483647. Mode Global Configuration Usage This command limits the number of multicast IPv4 routes (mroutes) that can be added to a router, and generates an error message when the limit is exceeded. If the threshold parameter is set, a threshold warning message is generated when this threshold is exceeded, and the message continues to occur until the number of mroutes reaches the limit set by the limit argument. Examples awplus# configure terminal awplus(config)# ip multicast route-limit 34 24 awplus# configure terminal awplus(config)# no ip multicast route-limit C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 660 MULTICAST COMMANDS IP MULTICAST WRONG-VIF-SUPPRESSION ip multicast wrong-vif-suppression Overview Use this command to prevent unwanted multicast packets received on an unexpected VLAN being trapped to the CPU. Use the no variant of this command to disable wrong VIF suppression. Syntax ip ip multicast wrong-vif-suppression no ip multicast wrong-vif-suppression Default By default, this feature is disabled. Mode Global Configuration Usage Use this command if there is excessive CPU load and multicast traffic is enabled. To confirm that VIF messages are being sent to the CPU use the debug nsm mcast6 command. Examples To enable the suppression of wrong VIF packets, use the following commands: awplus# configure terminal awplus(config)# ip multicast wrong-vif-suppression To disable the suppression of wrong VIF packets, use the following commands: awplus# configure terminal awplus(config)# no ip multicast wrong-vif-suppression C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 661 MULTICAST COMMANDS IP MULTICAST-ROUTING ip multicast-routing Overview Use this command to turn on/off IPv4 multicast routing on the router; when turned off the device does not perform multicast functions. Use the no variant of this command to disable IPv4 multicast routing after enabling it. Note the default stated below. Syntax ip multicast-routing no ip multicast-routing Default By default, IPv4 multicast routing is off. Mode Global Configuration Usage When the no variant of this command is used, the Multicast Routing Information Base (MRIB) cleans up Multicast Routing Tables (MRT), stops IGMP operation, and stops relaying multicast forwarder events to multicast protocols. When multicast routing is enabled, the MRIB starts processing any MRT addition/deletion requests, and any multicast forwarding events. You must enable multicast routing before issuing other multicast commands. Example awplus# configure terminal awplus(config)# ip multicast-routing Validation Commands C613-50081-01 REV A show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 662 MULTICAST COMMANDS IPV6 MULTICAST ROUTE ipv6 multicast route Overview Use this command to add an IPv6 static multicast route for a specific multicast source and group IPv6 address to the multicast Routing Information Base (RIB). This IPv6 multicast route is used to forward IPv6 multicast traffic from a specific source and group ingressing on an upstream VLAN to a single or range of downstream VLANs. See detailed usage notes below to configure static multicast router ports when using static IPv6 multicast routes with EPSR, and the destination VLAN is an EPSR data VLAN. Use the no variant of this command to either remove an IPv6 static multicast route set with this command or to remove a specific downstream VLAN interface from an IPv6 static multicast route for a specific IPv6 multicast source and group address. Syntax ipv6 multicast route <ipv6-source-addr> <ipv6-group-addr> <upstream-vlan-id> [<downstream-vlan-id>] no ipv6 multicast route <ipv6-source-addr> <ipv6-group-addr> [<upstream-vlan-id> <downstream-vlan-id>] Parameter Description <ipv6-group-addr> Source IPv6 address, in dotted decimal notation in the format X.X::X.X. <ipv6-group-addr> Group IP address, in dotted decimal notation in the format X.X::X.X. <upstream-vlan-id> Upstream VLAN interface on which the multicast packets ingress. <downstream-vlan-id> Downstream VLAN interface or range of VLAN interfaces to which the multicast packets are sent. Default By default, no static routes exist. Mode Global Configuration Usage Only one multicast route entry per IPv6 address and multicast group can be specified. Therefore, if one entry for an IPv6 static multicast route is configured, PIM will not be able to update this multicast route in any way. If a dynamic multicast route exists, you cannot create a static multicast route with the same source IPv6 address and group IPv6 address. An error message is displayed and logged. To add a new static multicast route, either wait for the dynamic multicast route to time out or clear the dynamic multicast route with the clear ipv6 mroute command. To update an existing IPv6 static multicast route entry with new or additional downstream VLANs, you must firstly remove the existing static multicast route and then add the new static multicast route with all downstream VLANs specified. If C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 663 MULTICAST COMMANDS IPV6 MULTICAST ROUTE you attempt to update an existing static multicast route entry with an additional VLAN or VLANs an error message is displayed and logged. To remove a specific downstream VLAN from an existing static multicast route entry, specify the VLAN you want to remove with the <downstream-vlan-id> parameter when entering the no variant of this command. Note that if static IPv6 multicast routing is being used with EPSR and the destination VLAN is an EPSR data VLAN, then multicast router (mrouter) ports must be statically configured. This minimizes disruption for multicast traffic in the event of ring failure or restoration. When configuring the EPSR data VLAN, statically configure mrouter ports so that the multicast router can be reached in either direction around the EPSR ring. See ipv6 mld snooping mrouter for a command description and command examples. Examples To create an IPv6 static multicast route for the multicast source IPv6 address 2001::1 and group IPv6 address ff08::1, specifying the upstream VLAN interface as vlan10 and the downstream VLAN interface as vlan20, use the following commands: awplus# configure terminal awplus(config)# ipv6 multicast route 2001::1 ff08::1 vlan10 vlan20 To create an IPv6 static multicast route for the multicast source IPv6 address 2001::1 and group IPv6 address ff08::1, specifying the upstream VLAN interface as vlan10 and the downstream VLAN range as vlan20-25, use the following commands: awplus# configure terminal awplus(config)# ipv6 multicast route 2001::1 ff08::1 vlan10 vlan20-25 To remove the downstream VLAN 23 from the IPv6 static multicast route created with the above command, use the following commands: awplus# configure terminal awplus(config)# no ipv6 multicast route 2001::1 ff08::1 vlan10 vlan23 To delete an IPv6 static multicast route for the multicast source IPv6 address 2001::1 and group IPv6 address ff08::1, use the following commands: awplus# configure terminal awplus(config)# no ipv6 multicast route 2001::1 ff08::1 Related Commands clear ipv6 mroute ipv6 mld snooping mrouter show ipv6 mroute C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 664 MULTICAST COMMANDS IPV6 MULTICAST ROUTE-LIMIT ipv6 multicast route-limit Overview Use this command to limit the number of multicast routes that can be added to an IPv6 multicast routing table. Use the no variant of this command to return the IPv6 route limit to the default. Syntax ipv6 multicast route-limit <limit> [<threshold>] no ipv6 multicast route-limit Default Parameter Description <limit> <1-2147483647> Number of routes. <threshold> <1-2147483647> Threshold above which to generate a warning message. The mroute warning threshold must not exceed the mroute limit. The default limit and threshold value is 2147483647. Mode Global Configuration Usage This command limits the number of multicast IPv6 routes (mroutes) that can be added to a router, and generates an error message when the limit is exceeded. If the threshold parameter is set, a threshold warning message is generated when this threshold is exceeded, and the message continues to occur until the number of mroutes reaches the limit set by the limit argument. Examples awplus# configure terminal awplus(config)# ipv6 multicast route-limit 34 24 awplus# configure terminal awplus(config)# no ipv6 multicast route-limit C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 665 MULTICAST COMMANDS IPV6 MULTICAST-ROUTING ipv6 multicast-routing Overview Use this command to turn on/off IPv6 multicast routing on the router; when turned off the device does not perform multicast functions. Use the no variant of this command to disable IPv6 multicast routing after enabling it. Note the default stated below. Syntax ipv6 multicast-routing no ipv6 multicast-routing Default By default, IPv6 multicast routing is off. Mode Global Configuration Usage When the no variant of this command is used, the Multicast Routing Information Base (MRIB) cleans up Multicast Routing Tables (MRT, and stops relaying multicast forwarder events to multicast protocols. When multicast routing is enabled, the MRIB starts processing any MRT addition/deletion requests, and any multicast forwarding events. You must enable multicast routing before issuing other multicast commands. Examples awplus# configure terminal awplus(config)# ipv6 multicast-routing awplus# configure terminal awplus(config)# no ipv6 multicast-routing Validation Commands C613-50081-01 REV A show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 666 MULTICAST COMMANDS MULTICAST multicast Overview Use this command to enable a device port to route multicast packets that ingress the port. Use the no variant of this command to stop the device port from routing multicast packets that ingress the port. Note that this does not affect Layer 2 forwarding of multicast packets. If you enter no multicast on a port, multicast packets received on that port will not be forwarded to other VLANs, but ports in the same VLANs as the receiving port will still receive the multicast packets. Syntax multicast no multicast Default Mode Examples By default, all device ports route multicast packets. Interface Configuration awplus# configure terminal awplus(config-if)# multicast awplus# configure terminal awplus(config-if)# no multicast Validation Commands C613-50081-01 REV A show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 667 MULTICAST COMMANDS SHOW IP MROUTE show ip mroute Overview Syntax Mode Examples Use this command to display the contents of the IPv4 multicast routing (mroute) table. show ip mroute [<ipv4-group-addr>] [<ipv4-source-addr>] [{dense|sparse}] [{count|summary}] Parameter Description <ipv4-group-addr> Group IPv4 address, in dotted decimal notation in the format A.B.C.D. <ipv4-source-addr> Source IPv4 address, in dotted decimal notation in the format A.B.C.D. dense Display dense IPv4 multicast routes. sparse Display sparse IPv4 multicast routes. count Display the route and packet count from the IPv4 multicast routing (mroute) table. summary Display the contents of the IPv4 multicast routing (mroute) table in an abbreviated form. User Exec and Privileged Exec awplus# show ip mroute 10.10.3.34 224.1.4.3 awplus# show ip mroute 10.10.5.24 225.2.2.2 count awplus# show ip mroute 10.10.1.34 summary Output The following is a sample output of this command displaying the IPv4 multicast routing table, with and without specifying the group and source IPv4 address: Figure 21-1: Example output from the show ip mroute command awplus# show ip mroute IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (10.10.1.52, 224.0.1.3), uptime 00:00:31, stat expires 00:02:59 Owner PIM-SM, Flags: TF Incoming interface: vlan2 Outgoing interface list: vlan3 (1) C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 668 MULTICAST COMMANDS SHOW IP MROUTE Figure 21-2: Example output from the show ip mroute command with the source and group IPv4 address specified awplus# show ip mroute 10.10.1.52 224.0.1.3 IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (10.10.1.52, 224.0.1.3), uptime 00:03:24, stat expires 00:01:28 Owner PIM-SM, Flags: TF Incoming interface: vlan2 Outgoing interface list: vlan3 (1) The following is a sample output of this command displaying the packet count from the IPv4 multicast routing table: Figure 21-3: Example output from the show ip mroute count command awplus# show ip mroute count IP Multicast Statistics Total 1 routes using 132 bytes memory Route limit/Route threshold: 2147483647/2147483647 Total NOCACHE/WRONGVIF/WHOLEPKT recv from fwd: 1/0/0 Total NOCACHE/WRONGVIF/WHOLEPKT sent to clients: 1/0/0 Immediate/Timed stat updates sent to clients: 0/0 Reg ACK recv/Reg NACK recv/Reg pkt sent: 0/0/0 Next stats poll: 00:01:10 Forwarding Counts: Pkt count/Byte count, Other Counts: Wrong If pkts Fwd msg counts: WRONGVIF/WHOLEPKT recv Client msg counts: WRONGVIF/WHOLEPKT/Imm Stat/Timed Stat sent Reg pkt counts: Reg ACK recv/Reg NACK recv/Reg pkt sent (10.10.1.52, 224.0.1.3), Forwarding: 2/19456, Other: 0 Fwd msg: 0/0, Client msg: 0/0/0/0, Reg: 0/0/0 The following is a sample output for this command displaying the IPv4 multicast routing table in an abbreviated form: Figure 21-4: Example output from the show ip mroute summary command awplus# show ip mroute summary IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (10.10.1.52, 224.0.1.3), 00:01:32/00:03:20, PIM-SM, Flags: TF C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 669 MULTICAST COMMANDS SHOW IP MVIF show ip mvif Overview Syntax Mode Example Output Interface vlan2 Register vlan3 Vif Idx 0 1 2 Use this command to display the contents of the IPv4 Multicast Routing Information Base (MRIB) VIF table. show ip mvif [<interface>] Parameter Description <interface> The interface to display information about. User Exec and Privileged Exec awplus# show ip mvif vlan2 Figure 21-5: Owner Module PIM-SM PIM-SM Example output from the show ip mvif command TTL 1 1 1 Figure 21-6: Interface vlan2 C613-50081-01 REV A Vif Idx 0 Owner Module PIM-SM Local Address 192.168.1.53 192.168.1.53 192.168.10.53 Remote Address 0.0.0.0 0.0.0.0 0.0.0.0 Uptime 00:04:26 00:04:26 00:04:25 Example output from the show ip mvif command with the interface parameter vlan2 specified TTL 1 Local Address 192.168.1.53 Remote Address 0.0.0.0 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x Uptime 00:05:17 670 MULTICAST COMMANDS SHOW IP RPF show ip rpf Overview Syntax Mode Example C613-50081-01 REV A Use this command to display Reverse Path Forwarding (RPF) information for the specified IPv4 source address. show ip rpf <source-addr> Parameter Description <ipv4-source- addr> Source IPv4 address, in dotted decimal notation in the format A.B.C.D. User Exec and Privileged Exec awplus# show ip rpf 10.10.10.50 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 671 MULTICAST COMMANDS SHOW IPV6 MROUTE show ipv6 mroute Overview Syntax Use this command to display the contents of the IPv6 multicast routing (mroute) table. show ipv6 mroute [<ipv6-group-addr>] [<ipv6-source-addr>] [{count|summary}] Parameter Description <ipv6-group-addr> Group IPv6 address, in hexadecimal notation in the format X.X::X.X. <ipv6-source-addr> Source IPv6 address, in hexadecimal notation in the format X.X::X.X. Mode Examples count Display the route and packet count from the IPv6 multicast routing (mroute) table. summary Display the contents of the IPv6 multicast routing (mroute) table in an abbreviated form. User Exec and Privileged Exec awplus# show ipv6 mroute awplus# show ipv6 mroute count awplus# show ipv6 mroute summary awplus# show ipv6 mroute 2001::2 ff08::1 count awplus# show ipv6 mroute 2001::2 ff08::1 awplus# show ipv6 mroute 2001::2 summary Output The following is a sample output of this command displaying the IPv6 multicast routing table for a single static IPv6 Multicast route: Figure 21-7: Example output from the show ipv6 mroute command awplus#show ipv6 mroute IPv6 Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (2001::2, ff08::1), uptime 03:18:38 Owner IMI, Flags: F Incoming interface: vlan2 Outgoing interface list: vlan3 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 672 MULTICAST COMMANDS SHOW IPV6 MROUTE The following is a sample output of this command displaying the IPv6 multicast routing count table for a single static IPv6 Multicast route: Figure 21-8: Example output from the show ipv6 mroute count command awplus#show ipv6 mroute count IPv6 Multicast Statistics Total 1 routes using 152 bytes memory Route limit/Route threshold: 1024/1024 Total NOCACHE/WRONGmif/WHOLEPKT recv from fwd: 6/0/0 Total NOCACHE/WRONGmif/WHOLEPKT sent to clients: 6/0/0 Immediate/Timed stat updates sent to clients: 0/0 Reg ACK recv/Reg NACK recv/Reg pkt sent: 0/0/0 Next stats poll: 00:01:14 Forwarding Counts: Pkt count/Byte count, Other Counts: Wrong If pkts Fwd msg counts: WRONGmif/WHOLEPKT recv Client msg counts: WRONGmif/WHOLEPKT/Imm Stat/Timed Stat sent Reg pkt counts: Reg ACK recv/Reg NACK recv/Reg pkt sent (2001::2, ff08::1), Forwarding: 0/0, Other: 0 Fwd msg: 0/0, Client msg: 0/0/0/0, Reg: 0/0/0 The following is a sample output of this command displaying the IPv6 multicast routing summary table for a single static IPv6 Multicast route: Figure 21-9: Example output from the show ipv6 mroute summary command awplus#show ipv6 mroute summary IPv6 Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (2001::2, ff08::1), 03:20:28/-, IMI, Flags: F C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 673 MULTICAST COMMANDS SHOW IPV6 MIF show ipv6 mif Overview Syntax Mode Example Use this command to display the contents of the IPv6 Multicast Routing Information Base (MRIB) MIF table. show ipv6 mif [<interface>] Parameter Description <interface> The interface to display information about. User Exec and Privileged Exec awplus# show ipv6 mif awplus# show ipv6 mif vlan2 Output Figure 21-10: Example output from the show ipv6 mif command awplus#show ipv6 mif Interface Mif Owner Uptime Idx Module vlan3 0 MLD/MLD Proxy-Service 03:28:48 vlan2 1 MLD/MLD Proxy-Service 03:28:48 vlan1 2 MLD/MLD Proxy-Service 03:28:48 Figure 21-11: Example output from the show ipv6 mif command with the interface parameter vlan2 specified Interface vlan2 C613-50081-01 REV A Mif Idx 0 Owner TTL Module PIM-SMv6 1 Remote Address 0.0.0.0 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x Uptime 00:05:17 674 22 IGMP Snooping Commands Introduction Overview Command List C613-50081-01 REV A The Internet Group Management Protocol (IGMP) module includes IGMP Snooping functionality. Some of the following commands may have commonalities and restrictions. These are described under the Usage section for each command. • “clear ip igmp” on page 677 • “clear ip igmp group” on page 678 • “clear ip igmp interface” on page 679 • “debug igmp” on page 680 • “ip igmp flood specific-query” on page 681 • “ip igmp snooping” on page 682 • “ip igmp snooping fast-leave” on page 683 • “ip igmp snooping querier” on page 684 • “ip igmp snooping report-suppression” on page 685 • “ip igmp snooping routermode” on page 686 • “ip igmp snooping tcn query solicit” on page 688 • “ip igmp static-group” on page 690 • “ip igmp trusted” on page 692 • “ip igmp version” on page 693 • “show debugging igmp” on page 694 • “show ip igmp groups” on page 695 • “show ip igmp interface” on page 697 • “show ip igmp snooping routermode” on page 700 • “show ip igmp snooping statistics” on page 701 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 675 IGMP SNOOPING COMMANDS • C613-50081-01 REV A “undebug igmp” on page 702 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 676 IGMP SNOOPING COMMANDS CLEAR IP IGMP clear ip igmp Overview Syntax Use this command to clear all IGMP group membership records on all VLAN interfaces. clear ip igmp Mode Privileged Exec Usage This command applies to VLAN interfaces configured for IGMP Snooping. Example awplus# clear ip igmp Validation Commands show ip igmp interface Related Commands clear ip igmp group C613-50081-01 REV A show running-config clear ip igmp interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 677 IGMP SNOOPING COMMANDS CLEAR IP IGMP GROUP clear ip igmp group Overview Syntax Use this command to clear IGMP group membership records for a specific group on either all VLAN interfaces, a single VLAN interface, or for a range of VLAN interfaces. clear ip igmp group * clear ip igmp group <ip-address> <interface> Parameter Description * Clears all groups on all VLAN interfaces. This is an alias to the clear ip igmp command. <ip-address> Specifies the group whose membership records will be cleared from all VLAN interfaces, entered in the form A.B.C.D. <interface> Specifies the name of the VLAN interface; all groups learned on this VLAN interface are deleted. Mode Privileged Exec Usage This command applies to groups learned by IGMP Snooping. In addition to the group a VLAN interface can be specified. Specifying this will mean that only entries with the group learned on the interface will be deleted. Examples awplus# clear ip igmp group * awplus# clear ip igmp group 224.1.1.1 vlan1 Validation Commands show ip igmp interface Related Commands clear ip igmp C613-50081-01 REV A show running-config clear ip igmp interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 678 IGMP SNOOPING COMMANDS CLEAR IP IGMP INTERFACE clear ip igmp interface Overview Syntax Use this command to clear IGMP group membership records on a particular VLAN interface. clear ip igmp interface <interface> Parameter Description <interface> Specifies the name of the VLAN interface. All groups learned on this VLAN interface are deleted. Mode Privileged Exec Usage This command applies to interfaces configured for IGMP Snooping. Example awplus# clear ip igmp interface vlan1 Validation Commands show ip igmp interface Related Commands clear ip igmp C613-50081-01 REV A show running-config clear ip igmp group Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 679 IGMP SNOOPING COMMANDS DEBUG IGMP debug igmp Overview Use this command to enable debugging of either all IGMP or a specific component of IGMP. Use the no variant of this command to disable all IGMP debugging, or debugging of a specific component of IGMP. Syntax debug igmp {all|decode|encode|events|fsm|tib} no debug igmp {all|decode|encode|events|fsm|tib} Parameter Description all Enable or disable all debug options for IGMP decode Debug of IGMP packets that have been received encode Debug of IGMP packets that have been sent events Debug IGMP events fsm Debug IGMP Finite State Machine (FSM) tib Debug IGMP Tree Information Base (TIB) Modes Privileged Exec and Global Configuration Usage This command applies to interfaces configured for IGMP Snooping. Example awplus# configure terminal awplus(config)# debug igmp all Related Commands C613-50081-01 REV A show debugging igmp undebug igmp Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 680 IGMP SNOOPING COMMANDS IP IGMP FLOOD SPECIFIC-QUERY ip igmp flood specific-query Overview Use this command if you want IGMP to flood specific queries to all VLAN member ports, instead of only sending the queries to multicast group member ports. Use the no variant of this command if you want IGMP to only send the queries to multicast group member ports. Syntax ip igmp flood specific-query no ip igmp flood specific-query Default By default, specific queries are flooded to all VLAN member ports. Mode Global Configuration Usage In an L2 switched network running IGMP, it is considered more robust to flood all specific queries. In most cases, the benefit of flooding specific queries to all VLAN member ports outweighs the disadvantages. However, sometimes this is not the case. For example, if hosts with very low CPU capability receive specific queries for multicast groups they are not members of, their performance may degrade unacceptably. In this situation, it is desirable for IGMP to send specific queries to known member ports only. This minimises the performance degradation of such hosts. In those circumstances, use this command to turn off flooding of specific queries. Example To cause IGMP to flood specific queries only to multicast group member ports, use the commands: awplus# configure terminal awplus(config)# no ip igmp flood specific-query Related Commands C613-50081-01 REV A show ip igmp interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 681 IGMP SNOOPING COMMANDS IP IGMP SNOOPING ip igmp snooping Overview Use this command to enable IGMP Snooping. When this command is used in the Global Configuration mode, IGMP Snooping is enabled at the device level. When this command is used in Interface Configuration mode, IGMP Snooping is enabled for the specified VLANs. Use the no variant of this command to either globally disable IGMP Snooping, or disable IGMP Snooping on a specified interface. NOTE: IGMP snooping cannot be disabled on an interface if IGMP snooping has already been disabled globally. IGMP snooping can be disabled on both an interface and globally if disabled on the interface first and then disabled globally. Syntax ip igmp snooping no ip igmp snooping Default By default, IGMP Snooping is enabled both globally and on all VLANs. Mode Global Configuration and Interface Configuration for a VLAN interface. Usage For IGMP snooping to operate on particular VLAN interfaces, it must be enabled both globally by using this command in Global Configuration mode, and on individual VLAN interfaces by using this command in Interface Configuration mode (both are enabled by default.) Both IGMP snooping and MLD snooping must be enabled globally on the device for IGMP snooping to operate. MLD snooping is also enabled by default. To enable it if it has been disabled, use the ipv6 mld snooping command in Global Configuration mode. Examples awplus# configure terminal awplus(config)# ip igmp snooping awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ip igmp snooping Related Commands ipv6 mld snooping show ip igmp interface show running-config C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 682 IGMP SNOOPING COMMANDS IP IGMP SNOOPING FAST-LEAVE ip igmp snooping fast-leave Overview Use this command to enable IGMP Snooping fast-leave processing. Fast-leave processing is analogous to immediate-leave processing. The IGMP group-membership entry is removed as soon as an IGMP leave group message is received, without sending out a group-specific query. Use the no variant of this command to disable fast-leave processing. Syntax ip igmp snooping fast-leave no ip igmp snooping fast-leave Default IGMP Snooping fast-leave processing is disabled. Mode Interface Configuration for a VLAN interface. Usage This IGMP Snooping command can only be configured on VLAN interfaces. Example This example shows how to enable fast-leave processing on the VLAN interface vlan2: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ip igmp snooping fast-leave Validation Commands C613-50081-01 REV A show ip igmp interface show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 683 IGMP SNOOPING COMMANDS IP IGMP SNOOPING QUERIER ip igmp snooping querier Overview Use this command to enable IGMP querier operation when no multicast routing protocol is configured. When enabled, the IGMP Snooping querier sends out periodic IGMP queries for all interfaces. This command applies to interfaces configured for IGMP Snooping. Use the no variant of this command to disable IGMP querier configuration. Syntax ip igmp snooping querier no ip igmp snooping querier Mode Interface Configuration for a VLAN interface. Usage The IGMP Snooping querier uses the 0.0.0.0 Source IP address because it only masquerades as a proxy IGMP querier for faster network convergence. It does not start, or automatically cease, the IGMP Querier operation if it detects query message(s) from a multicast router. If an IP address is assigned to a VLAN, which has IGMP querier enabled on it, then the IGMP Snooping querier uses the VLAN’s IP address as the Source IP Address in IGMP queries. The IGMP Snooping Querier will not stop sending IGMP Queries if there is another IGMP Snooping Querier in the network with a lower Source IP Address. NOTE: Do not enable the IGMP Snooping Querier feature on a Layer 2 device when there is an operational IGMP Querier in the network. Example awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ip igmp snooping querier Validation Commands C613-50081-01 REV A show ip igmp interface show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 684 IGMP SNOOPING COMMANDS IP IGMP SNOOPING REPORT-SUPPRESSION ip igmp snooping report-suppression Overview Use this command to enable report suppression for IGMP versions 1 and 2. This command applies to interfaces configured for IGMP Snooping. Report suppression stops reports being sent to an upstream multicast router port when there are already downstream ports for this group on this interface. Use the no variant of this command to disable report suppression. Syntax ip igmp snooping report-suppression no ip igmp snooping report-suppression Default Mode Example Report suppression does not apply to IGMPv3, and is turned on by default for IGMPv1 and IGMPv2 reports. Interface Configuration for a VLAN interface. This example shows how to enable report suppression for IGMPv2 reports for the VLAN interface vlan2: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ip igmp version 2 awplus(config-if)# ip igmp snooping report-suppression Validation Commands C613-50081-01 REV A show ip igmp interface show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 685 IGMP SNOOPING COMMANDS IP IGMP SNOOPING ROUTERMODE ip igmp snooping routermode Overview Use this command to set the destination IP addresses as router multicast addresses. Use the no variant of this command to set it to the default. You can also remove a specified IP address from a custom list of multicast addresses. Syntax ip igmp snooping routermode {all|default|ip|multicastrouter|address <ip-address>} no ip igmp snooping routermode [address <ip-address>] Default Parameter Description all All reserved multicast addresses (224.0.0.x). Packets from all possible addresses in range 224.0.0.x are treated as coming from routers. default Default set of reserved multicast addresses. Packets from 224.0.0.1, 224.0.0.2, 224.0.0.4, 224.0.0.5, 224.0.0.6, 224.0.0.9, 224.0.0.13, 224.0.0.15 and 224.0.0.24 are treated as coming from routers. ip Custom reserved multicast addresses. Packets from custom IP address in the 224.0.0.x range are treated as coming from routers. multicastrouter Packets from DVMRP (224.0.0.4) and PIM (224.0.0.13) multicast addresses are treated as coming from routers. address <ip-address> Packets from the specified multicast address are treated as coming from routers. The address must be in the 224.0.0.x range. The default routermode is default (not all) and shows the following reserved multicast addresses: Router mode.............Def Reserved multicast address 224.0.0.1 224.0.0.2 224.0.0.4 224.0.0.5 224.0.0.6 224.0.0.9 224.0.0.13 224.0.0.15 224.0.0.24 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 686 IGMP SNOOPING COMMANDS IP IGMP SNOOPING ROUTERMODE Mode Examples To set ip igmp snooping routermode for all default reserved addresses enter: awplus(config)# ip igmp snooping routermode default To remove the multicast address 224.0.0.5 from the custom list of multicast addresses enter: awplus(config)# no ip igmp snooping routermode address 224.0.0.5 Related commands C613-50081-01 REV A ip igmp trusted show ip igmp snooping routermode Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 687 IGMP SNOOPING COMMANDS IP IGMP SNOOPING TCN QUERY SOLICIT ip igmp snooping tcn query solicit Overview Use this command to enable IGMP (Internet Group Management Protocol) Snooping TCN (Topology Change Notification) Query Solicitation feature. When this command is used in the Global Configuration mode, Query Solicitation is enabled. Use the no variant of this command to disable IGMP Snooping TCN Query Solicitation. When the no variant of this command is used in Interface Configuration mode, this overrides the Global Configuration mode setting and Query Solicitation is disabled. Syntax ip igmp snooping tcn query solicit no ip igmp snooping tcn query solicit Default IGMP Snooping TCN Query Solicitation is disabled by default on the device, unless the device is the Master Node in an EPSR ring, or is the Root Bridge in a Spanning Tree. When the device is the Master Node in an EPSR ring, or the device is the Root Bridge in a Spanning Tree, then IGMP Snooping TCN Query Solicitation is enabled by default and cannot be disabled using the Global Configuration mode command. However, Query Solicitation can be disabled for specified VLANs using this command from the Interface Configuration mode. Select the VLAN you want to disable in Interface Configuration mode then issue the no variant of this command to disable the specified VLAN without disabling this feature for other VLANs. Mode Global Configuration and Interface Configuration for a VLAN interface. Usage Once enabled, if the device is not an IGMP Querier, on detecting a topology change, the device generates IGMP Query Solicit messages that are sent to all the ports of the vlan configured for IGMP Snooping on the device. On a device that is not the Master Node in an EPSR ring or the Root Bridge in a Spanning Tree, Query Solicitation can be disabled using the no variant of this command after being enabled. If the device that detects a topology change is an IGMP Querier then the device will generate an IGMP Query message. Note that the no variant of this command when issued in Global Configuration mode has no effect on a device that is the Master Node in an EPSR ring or on a device that is a Root Bridge in a Spanning Tree. Query Solicitation is not disabled for the device these instances. However, Query Solicitation can be disabled on a per-vlan basis from the Interface Configuration mode. See the below state table that shows when Query Solicit messages are sent in these instances: C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 688 IGMP SNOOPING COMMANDS IP IGMP SNOOPING TCN QUERY SOLICIT Command issued from Global Configuration Device is STP Root Command issued Bridge or the from Interface EPSR Master Node Configuration IGMP Query Solicit message sent on VLAN No Yes Yes Yes Yes Yes No No Yes Yes Yes Yes See the IGMP Feature Overview and Configuration Guide for introductory information about the Query Solicitation feature. Examples This example shows how to enable IGMP Snooping TCN Query Solicitation on a device: awplus# configure terminal awplus(config)# ip igmp snooping tcn query solicit This example shows how to disable IGMP Snooping TCN Query Solicitation on a device: awplus# configure terminal awplus(config)# no ip igmp snooping tcn query solicit This example shows how to enable IGMP Snooping TCN Query Solicitation for the VLAN interface vlan2: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ip igmp snooping tcn query solicit This example shows how to disable IGMP Snooping TCN Query Solicitation for the VLAN interface vlan2: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# no ip igmp snooping tcn query solicit Validation Commands C613-50081-01 REV A show ip igmp interface show running-config Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 689 IGMP SNOOPING COMMANDS IP IGMP STATIC-GROUP ip igmp static-group Overview Use this command to statically configure multicast group membership entries on a VLAN interface, or to statically forward a multicast channel out a particular port or port range. To statically add only a group membership, do not specify any parameters. To statically add a (*,g) entry to forward a channel out of a port, specify only the multicast group address and the switch port range. To statically add an (s,g) entry to forward a channel out of a port, specify the multicast group address, the source IP address, and the switch port range. Use the no variant of this command to delete static group membership entries. Syntax ip igmp static-group <ip-address> [source {<ip-source-addr>}] [interface <port>] no ip igmp static-group <ip-address> [source {<ip-source-addr>}] [interface <port>] Parameter Description <ip-address> Standard IP Multicast group address, entered in the form A.B.C.D, to be configured as a static group member. source Optional. <ip-source-addr> Standard IP source address, entered in the form A.B.C.D, to be configured as a static source from where multicast packets originate. interface Use this parameter to specify a specific switch port or switch port range to statically forward the multicast group out of. If not used, static configuration is applied on all ports in the VLAN. <port> The port or port range to statically forward the group out of. The port may be a switch port (e.g. port1.0.4), a static channel group (e.g. sa2), or a dynamic (LACP) channel group (e.g. po2). Mode Interface Configuration for a VLAN interface. Usage This command applies to IGMP Snooping on a VLAN interface, to statically add group and/ or source records. C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 690 IGMP SNOOPING COMMANDS IP IGMP STATIC-GROUP Example The following example show how to statically add group and source records for IGMP on the VLAN interface vlan3: awplus# configure terminal awplus(config)# interface vlan3 awplus(config-if)# ip igmp awplus(config-if)# ip igmp static-group 226.1.2.4 source 10.2.3.4 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 691 IGMP SNOOPING COMMANDS IP IGMP TRUSTED ip igmp trusted Overview Use this command to allow IGMP to process packets received on certain trusted ports only. Use the no variant of this command to stop IGMP from processing specified packets if the packets are received on the specified ports or aggregator. Syntax ip igmp trusted {all|query|report|routermode} no ip igmp trusted {all|query|report|routermode} Default Parameter Description all Specifies whether or not the interface is allowed to receive all IGMP and other routermode packets query Specifies whether or not the interface is allowed to receive IGMP queries report Specifies whether or not the interface is allowed to receive IGMP membership reports routermode Specifies whether or not the interface is allowed to receive routermode packets By default, all ports and aggregators are trusted interfaces, so IGMP is allowed to process all IGMP query, report, and router mode packets arriving on all interfaces. Mode Interface mode for one or more switch ports or aggregators Usage Because all ports are trusted by default, use this command in its no variant to stop IGMP processing packets on ports you do not trust. For example, you can use this command to make sure that only ports attached to approved IGMP routers are treated as router ports. Example To stop ports port1.0.3-port1.0.6 from being treated as router ports by IGMP, use the commands: awplus(config)# interface port1.0.3-port1.0.6 awplus(config-if)# no ip igmp trusted routermode C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 692 IGMP SNOOPING COMMANDS IP IGMP VERSION ip igmp version Overview Use this command to set the current IGMP version (IGMP version 1, 2 or 3) on an interface. Use the no variant of this command to return to the default version. Syntax ip igmp version <1-3> no ip igmp version Default Parameter Description <1-3> IGMP protocol version number The default IGMP protocol version number is 3. Mode Interface Configuration for a VLAN interface. Usage This command applies to VLAN interfaces configured for IGMP. Example awplus# configure terminal awplus(config)# interface vlan5 awplus(config-if)# ip igmp version 2 Validation Commands C613-50081-01 REV A show ip igmp interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 693 IGMP SNOOPING COMMANDS SHOW DEBUGGING IGMP show debugging igmp Overview Use this command to display the IGMP debugging options set. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show debugging igmp User Exec and Privileged Exec To display the IGMP debugging options set, enter the command: awplus# show debugging igmp Output Figure 22-1: Example output from the show debugging igmp command IGMP Debugging status: IGMP Decoder debugging is on IGMP Encoder debugging is on IGMP Events debugging is on IGMP FSM debugging is on IGMP Tree-Info-Base (TIB) debugging is on Related Commands C613-50081-01 REV A debug igmp Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 694 IGMP SNOOPING COMMANDS SHOW IP IGMP GROUPS show ip igmp groups Overview Use this command to display the multicast groups with receivers directly connected to the router, and learned through IGMP. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show ip igmp groups [<ip-address>|<interface> detail] Parameter Description <ip-address> Address of the multicast group, entered in the form A.B.C.D. <interface> Interface name for which to display local information. User Exec and Privileged Exec The following command displays local-membership information for all ports in all interfaces: awplus# show ip igmp groups Output Figure 22-2: Example output from the show ip igmp groups command IGMP Connected Group Membership Group Address Interface Uptime Reporter 224.0.1.1 port1.0.1 00:00:09 224.0.1.24 port1.0.2 00:00:06 224.0.1.40 port1.0.3 00:00:09 224.0.1.60 port1.0.3 00:00:05 224.100.100.100 port1.0.1 00:00:11 228.5.16.8 port1.0.3 00:00:11 228.81.16.8 port1.0.6 00:00:05 228.249.13.8 port1.0.3 00:00:08 235.80.68.83 port1.0.5 00:00:12 239.255.255.250 port1.0.3 00:00:12 239.255.255.254 port1.0.4 00:00:08 Expires Last 00:04:17 00:04:14 00:04:15 00:04:15 00:04:13 00:04:16 00:04:15 00:04:17 00:04:15 00:04:15 00:04:13 10.10.0.82 10.10.0.84 10.10.0.91 10.10.0.7 10.10.0.91 10.10.0.91 10.10.0.91 10.10.0.91 10.10.0.40 10.10.0.228 10.10.0.84 Table 1: Parameters in the output of the show ip igmp groups command C613-50081-01 REV A Parameter Description Group Address Address of the multicast group. Interface Port through which the group is reachable. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 695 IGMP SNOOPING COMMANDS SHOW IP IGMP GROUPS Table 1: Parameters in the output of the show ip igmp groups command (cont.) C613-50081-01 REV A Parameter Description Uptime The time in weeks, days, hours, minutes, and seconds that this multicast group has been known to the device. Expires Time (in hours, minutes, and seconds) until the entry expires. Last Reporter Last host to report being a member of the multicast group. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 696 IGMP SNOOPING COMMANDS SHOW IP IGMP INTERFACE show ip igmp interface Overview Use this command to display the state of IGMP Snooping for a specified VLAN, or all VLANs. IGMP is shown as Active or Disabled in the show output. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Examples show ip igmp interface [<interface>] Parameter Description <interface> The name of the VLAN interface. User Exec and Privileged Exec The following output shows IGMP interface status for vlan2 (with IGMP Snooping enabled): awplus#configure terminal Enter configuration commands, one per line. End with CNTL/Z. awplus(config)#interface vlan2 awplus(config-if)#ip igmp snooping awplus(config-if)#exit awplus(config)#exit awplus#show ip igmp interface vlan2 Interface vlan2 (Index 202) IGMP Disabled, Inactive, Version 3 (default) IGMP interface has 0 group-record states IGMP activity: 0 joins, 0 leaves IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 125 seconds IGMP query holdtime is 500 milliseconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally disabled Num. query-solicit packets: 57 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled awplus# C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 697 IGMP SNOOPING COMMANDS SHOW IP IGMP INTERFACE The following output shows IGMP interface status for vlan2 (with IGMP Snooping disabled): awplus#configure terminal Enter configuration commands, one per line. End with CNTL/Z. awplus(config)#interface vlan2 awplus(config-if)#no ip igmp snooping awplus(config-if)#exit awplus(config)#exit awplus#show ip igmp interface vlan2 Interface vlan2 (Index 202) IGMP Disabled, Inactive, Version 3 (default) IGMP interface has 0 group-record states IGMP activity: 0 joins, 0 leaves IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 125 seconds IGMP query holdtime is 500 milliseconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally disabled Num. query-solicit packets: 57 sent, 0 recvd IGMP Snooping is not enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled awplus# The following command displays the IGMP interface status and Query Solicitation for vlan3: C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 698 IGMP SNOOPING COMMANDS SHOW IP IGMP INTERFACE awplus#show ip igmp interface vlan3 Interface vlan3 (Index 203) IGMP Enabled, Active, Querier, Version 3 (default) Internet address is 192.168.9.1 IGMP interface has 256 group-record states IGMP activity: 51840 joins, 0 leaves IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 125 seconds IGMP query holdtime is 500 milliseconds IGMP querier timeout is 250 seconds IGMP max query response time is 1 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 251 seconds Strict IGMPv3 ToS checking is disabled on this interface IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled Num. query-solicit packets: 1 sent, 10 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled awplus# NOTE: Query Solicitation status information is highlighted in bold in the above output. Use the show ip igmp interface command to validate that Query Solicitation is enabled and to show the number of query-solicit message packets sent and received on a VLAN. Related Commands clear ip igmp clear ip igmp group clear ip igmp interface ip igmp snooping ip igmp snooping fast-leave ip igmp snooping querier ip igmp snooping report-suppression ip igmp snooping tcn query solicit ip igmp version C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 699 IGMP SNOOPING COMMANDS SHOW IP IGMP SNOOPING ROUTERMODE show ip igmp snooping routermode Overview C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 700 IGMP SNOOPING COMMANDS SHOW IP IGMP SNOOPING STATISTICS show ip igmp snooping statistics Overview Use this command to display IGMP Snooping statistics data. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show ip igmp snooping statistics interface <interface-range> [group [<ip-address>]] Parameter Description <ip-address> Optionally specify the address of the multicast group, entered in the form A.B.C.D. <interface> Specify the name of the VLAN interface or interface range. User Exec and Privileged Exec To display IGMP statistical information for vlan1 and vlan2, use the command: awplus# show ip igmp snooping statistics interface vlan1-vlan2 Output Figure 22-3: Example output from the show ip igmp snooping statistics command IGMP Snooping statistics for vlan1 Interface: port1.0.3 Group: 224.1.1.1 Uptime: 00:00:09 Group mode: Exclude (Expires: 00:04:10) Last reporter: 10.4.4.5 Source list is empty IGMP Snooping statistics for vlan2 Interface: port1.0.4 Group: 224.1.1.2 Uptime: 00:00:19 Group mode: Exclude (Expires: 00:05:10) Last reporter: 10.4.4.6 Source list is empty C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 701 IGMP SNOOPING COMMANDS UNDEBUG IGMP undebug igmp Overview C613-50081-01 REV A This command applies the functionality of the no debug igmp command. Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 702 23 MLD Snooping Commands Introduction Overview This chapter provides an alphabetical reference of configuration, clear, and show commands related to MLD Snooping. NOTE: Command List C613-50081-01 REV A • “clear ipv6 mld” on page 704 • “clear ipv6 mld group” on page 705 • “clear ipv6 mld interface” on page 706 • “debug mld” on page 707 • “ipv6 mld access-group” on page 708 • “ipv6 mld limit” on page 709 • “ipv6 mld snooping” on page 711 • “ipv6 mld snooping fast-leave” on page 713 • “ipv6 mld snooping mrouter” on page 714 • “ipv6 mld snooping querier” on page 716 • “ipv6 mld snooping report-suppression” on page 717 • “ipv6 mld static-group” on page 719 • “show debugging mld” on page 721 • “show ipv6 mld groups” on page 722 • “show ipv6 mld interface” on page 723 • “show ipv6 mld snooping mrouter” on page 724 • “show ipv6 mld snooping statistics” on page 725 Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 703 MLD SNOOPING COMMANDS CLEAR IPV6 MLD clear ipv6 mld Overview Syntax Mode Example Related Commands C613-50081-01 REV A Use this command to clear all MLD local memberships on all interfaces. clear ipv6 mld Privileged Exec awplus# clear ipv6 mld clear ipv6 mld group clear ipv6 mld interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 704 MLD SNOOPING COMMANDS CLEAR IPV6 MLD GROUP clear ipv6 mld group Overview Syntax Mode Example Related Commands C613-50081-01 REV A Use this command to clear MLD specific local-membership(s) on all interfaces, for a particular group. clear ipv6 mld group {*|<ipv6-address>} Parameter Description * Clears all groups on all interfaces. This is an alias to the clear ipv6 mld command. <ipv6-address> Specify the group address for which MLD local-memberships are to be cleared from all interfaces. Specify the IPv6 multicast group address in the format in the format X:X::X:X. Privileged Exec awplus# clear ipv6 mld group * clear ipv6 mld clear ipv6 mld interface Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 705 MLD SNOOPING COMMANDS CLEAR IPV6 MLD INTERFACE clear ipv6 mld interface Overview Syntax Mode Example Related Commands C613-50081-01 REV A Use this command to clear MLD interface entries. clear ipv6 mld interface <interface> Parameter Description <interface> Specifies name of the interface; all groups learned from this interface are deleted. Privileged Exec awplus# clear ipv6 mld interface vlan2 clear ipv6 mld clear ipv6 mld group Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 706 MLD SNOOPING COMMANDS DEBUG MLD debug mld Overview Use this command to enable all MLD debugging modes, or a specific MLD debugging mode. Use the no variant of this command to disable all MLD debugging modes, or a specific MLD debugging mode. Syntax debug mld {all|decode|encode|events|fsm|tib} no debug mld {all|decode|encode|events|fsm|tib} Mode Examples Parameter Description all Debug all MLD. decode Debug MLD decoding. encode Debug MLD encoding. events Debug MLD events. fsm Debug MLD Finite State Machine (FSM). tib Debug MLD Tree Information Base (TIB). Privileged Exec and Global Configuration awplus# configure terminal awplus(config)# debug mld all awplus# configure terminal awplus(config)# debug mld decode awplus# configure terminal awplus(config)# debug mld encode awplus# configure terminal awplus(config)# debug mld events Related Commands C613-50081-01 REV A show debugging mld Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 707 MLD SNOOPING COMMANDS IPV6 MLD ACCESS-GROUP ipv6 mld access-group Overview Use this command to control the multicast local-membership groups learned on an interface. Use the no variant of this command to disable this access control. Syntax ipv6 mld access-group <IPv6-access-list-name> no ipv6 mld access-group Default Mode Examples Parameter Description <IPv6-access-listname> Specify a Standard or an Extended software IPv6 access-list name. See IPv6 Software Access Control List (ACL) Commands for supported IPv6 ACLs. No access list is configured by default. Interface Configuration for a specified VLAN interface or a range of VLAN interfaces. In the following example, the VLAN interface vlan2 will only accept MLD joins for groups in the range ff1e:0db8:0001::/64: awplus# configure terminal awplus(config)# ipv6 forwarding awplus(config)# ipv6 multicast-routing awplus(config)# ipv6 access-list standard group1 permit ff1e:0db8:0001::/64 awplus(config)# interface vlan2 awplus(config-if)# ipv6 enable awplus(config-if)# ipv6 mld access-group group1 In the following example, the VLAN interfaces vlan2-vlan4 will only accept MLD joins for groups in the range ff1e:0db8:0001::/64: awplus# configure terminal awplus(config)# ipv6 forwarding awplus(config)# ipv6 multicast-routing awplus(config)# ipv6 access-list standard group1 permit ff1e:0db8:0001::/64 awplus(config)# interface vlan2-vlan4 awplus(config-if)# ipv6 enable awplus(config-if)# ipv6 mld access-group group1 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 708 MLD SNOOPING COMMANDS IPV6 MLD LIMIT ipv6 mld limit Overview Use this command to configure a limit on the maximum number of group memberships that may be learned. The limit may be set for the device as a whole, or for a specific interface. Once the specified group membership limit is reached, all further local-memberships will be ignored. Optionally, an exception access-list can be configured to specify the group-address(es) that are exempted from being subject to the limit. Use the no variant of this command to unset the limit and any specified exception access-list. Syntax ipv6 mld limit <limitvalue> [except <IPv6-access-list-name>] no ipv6 mld limit Parameter Description <limitvalue> <2-512> Maximum number of group membership states. <IPv6-access-list- Specify a Standard or an Extended software IPv6 access-list name> name that defines multicast groups, which are exempted from being subject to the configured limit. See IPv6 Software Access Control List (ACL) Commands for supported IPv6 ACLs. Default The default limit, which is reset by the no variant of this command, is the same as maximum number of group membership entries that can be learned with the ipv6 mld limit command. The default limit of group membership entries that can be learned is 512 entries. Mode Global Configuration and Interface Configuration for a specified VLAN interface or a range of VLAN interfaces. Usage This command applies to interfaces configured for MLD Layer-3 multicast protocols and learned by MLD Snooping. Examples The following example configures an MLD limit of 100 group-memberships across all VLAN interfaces on which MLD is enabled, and excludes groups in the range ff1e:0db8:0001::/64 from this limitation: awplus# configure terminal awplus(config)# ipv6 forwarding awplus(config)# ipv6 multicast-routing awplus(config)# ipv6 access-list standard v6grp permit ff1e:0db8:0001::/64 awplus(config)# ipv6 mld limit 100 except v6grp C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 709 MLD SNOOPING COMMANDS IPV6 MLD LIMIT The following example configures an MLD limit of 100 group-membership states on the VLAN interface vlan2: awplus# configure terminal awplus(config)# ipv6 forwarding awplus(config)# ipv6 multicast-routing awplus(config)# interface vlan2 awplus(config-if)# ipv6 enable awplus(config-if)# ipv6 mld limit 100 The following example configures an MLD limit of 100 group-membership states on the VLAN interfaces vlan2-vlan4: awplus# configure terminal awplus(config)# ipv6 forwarding awplus(config)# ipv6 multicast-routing awplus(config)# interface vlan2-vlan4 awplus(config-if)# ipv6 enable awplus(config-if)# ipv6 mld limit 100 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 710 MLD SNOOPING COMMANDS IPV6 MLD SNOOPING ipv6 mld snooping Overview Use this command to enable MLD Snooping. When this command is issued in the Global Configuration mode, MLD Snooping is enabled globally for the device. When this command is issued in Interface mode for a VLAN then MLD Snooping is enabled for the specified VLAN. Note that MLD Snooping is enabled on the VLAN only if it is enabled globally and on the VLAN. Use the no variant of this command to globally disable MLD Snooping in Global Configuration mode, or for the specified VLAN interface in Interface mode. NOTE: There is a 100 MLD interface limit when applying MLD commands to multiple VLANs. Only the first 100 VLANs have the required multicast structures added to the interfaces that allow multicast routing. The device has a 512 MLD group limit for (*, G) and (S,G) entries. Syntax ipv6 mld snooping no ipv6 mld snooping Default By default, MLD Snooping is enabled both globally and on all VLANs. Mode Global Configuration and Interface Configuration for a specified VLAN interface or a range of VLAN interfaces. Usage For MLD Snooping to operate on particular VLAN interfaces, it must be enabled both globally by using this command in Global Configuration mode, and on individual VLAN interfaces by using this command in Interface Configuration mode (both are enabled by default). MLD requires memory for storing data structures, as well as the hardware tables to implement hardware routing. As the number of ports, VLANs, static and dynamic groups increases then more memory is consumed. You can track the memory used for MLD with the command: awplus# show memory pools nsm | grep MLD Static and dynamic groups (LACP), ports and VLANs are not limited for MLD. For VLANs, this allows you to configure MLD across more VLANs with fewer ports per VLAN, or fewer VLANs with more ports per VLAN. For LACPs, you can configure MLD across more LACP groups with fewer ports per LACP, or fewer LACP groups with more ports per LACP. Examples To configure MLD Snooping on the VLAN interface vlan2, enter the following commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 mld snooping C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 711 MLD SNOOPING COMMANDS IPV6 MLD SNOOPING To configure MLD Snooping on the VLAN interfaces vlan2-vlan4, enter the following commands: awplus# configure terminal awplus(config)# interface vlan2-vlan4 awplus(config-if)# ipv6 mld snooping To disable MLD Snooping for the VLAN interface vlan2, enter the following commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config)# no ipv6 mld snooping To disable MLD Snooping for the VLAN interfaces vlan2-vlan4, enter the following commands: awplus# configure terminal awplus(config)# interface vlan2-vlan4 awplus(config)# no ipv6 mld snooping To configure MLD Snooping globally for the device, enter the following commands: awplus# configure terminal awplus(config)# ipv6 mld snooping To disable MLD Snooping globally for the device, enter the following commands: awplus# configure terminal awplus(config)# no ipv6 mld snooping C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 712 MLD SNOOPING COMMANDS IPV6 MLD SNOOPING FAST-LEAVE ipv6 mld snooping fast-leave Overview Use this command to enable MLD Snooping fast-leave processing. Fast-leave processing is analogous to immediate-leave processing; the MLD group-membership is removed as soon as an MLD leave group message is received, without sending out a group-specific query. Use the no variant of this command to disable fast-leave processing. Syntax ipv6 mld snooping fast-leave no ipv6 mld snooping fast-leave Default MLD Snooping fast-leave processing is disabled. Mode Interface Configuration for a specified VLAN interface or a range of VLAN interfaces. Usage This MLD Snooping command can only be configured on VLAN interfaces. Examples This example shows how to enable fast-leave processing on the VLAN interface vlan2. awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 mld snooping fast-leave This example shows how to enable fast-leave processing on the VLAN interface vlan2- vlan4. awplus# configure terminal awplus(config)# interface vlan2-vlan4 awplus(config-if)# ipv6 mld snooping fast-leave C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 713 MLD SNOOPING COMMANDS IPV6 MLD SNOOPING MROUTER ipv6 mld snooping mrouter Overview Use this command to statically configure the specified port as a Multicast Router interface for MLD Snooping within the specified VLAN. See detailed usage notes below to configure static multicast router ports when using static IPv6 multicast routes with EPSR, and the destination VLAN is an EPSR data VLAN. Use the no variant of this command to remove the static configuration of the interface as a Multicast Router interface. Syntax ipv6 mld snooping mrouter interface <port> no ipv6 mld snooping mrouter interface <port> Parameter Description <port> Specify the name of the port. Mode Interface Configuration for a specified VLAN interface or a range of VLAN interfaces. Usage This MLD Snooping command statically configures a switch port as a Multicast Router interface. Note that if static IPv6 multicast routing is being used with EPSR and the destination VLAN is an EPSR data VLAN, then multicast router (mrouter) ports must be statically configured. This minimizes disruption for multicast traffic in the event of ring failure or restoration. When configuring the EPSR data VLAN, statically configure mrouter ports so that the multicast router can be reached in either direction around the EPSR ring. For example, if port1.0.1 and port1.0.6 are ports on an EPSR data VLAN vlan101, which is the destination for a static IPv6 multicast route, then configure both ports as multicast router (mrouter) ports as shown in the example commands listed below: Output Figure 23-1: Example ipv6 mld snooping mrouter commands when static IPv6 multicast routing is being used and the destination VLAN is an EPSR data VLAN: awplus>enable awplus#configure terminal awplus(config)#interface vlan101 awplus(config-if)#ipv6 mld snooping mrouter interface port1.0.1 awplus(config-if)#ipv6 mld snooping mrouter interface port1.0.6 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 714 MLD SNOOPING COMMANDS IPV6 MLD SNOOPING MROUTER Examples This example shows how to specify the next-hop interface to the multicast router for VLAN interface vlan2: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 mld snooping mrouter interface port1.0.5 This example shows how to specify the next-hop interface to the multicast router for VLAN interfaces vlan2-vlan4: awplus# configure terminal awplus(config)# interface vlan2-vlan4 awplus(config-if)# ipv6 mld snooping mrouter interface port1.0.5 Related Commands C613-50081-01 REV A ipv6 multicast route Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 715 MLD SNOOPING COMMANDS IPV6 MLD SNOOPING QUERIER ipv6 mld snooping querier Overview Use this command to enable MLD querier operation on a subnet (VLAN) when no multicast routing protocol is configured in the subnet (VLAN). When enabled, the MLD Snooping querier sends out periodic MLD queries for all interfaces on that VLAN. Use the no variant of this command to disable MLD querier configuration. Syntax ipv6 mld snooping querier no ipv6 mld snooping querier Mode Interface Configuration for a specified VLAN interface. Usage This command can only be configured on a single VLAN interface - not on multiple VLANs. The MLD Snooping querier uses the 0.0.0.0 Source IP address because it only masquerades as an MLD querier for faster network convergence. The MLD Snooping querier does not start, or automatically cease, the MLD Querier operation if it detects query message(s) from a multicast router. It restarts as an MLD Snooping querier if no queries are seen within the other querier interval. Example awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 mld snooping querier C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 716 MLD SNOOPING COMMANDS IPV6 MLD SNOOPING REPORT-SUPPRESSION ipv6 mld snooping report-suppression Overview Use this command to enable report suppression from hosts for Multicast Listener Discovery version 1 (MLDv1) on a VLAN in Interface Configuration mode. Use the no variant of this command to disable report suppression on a VLAN in Interface Configuration mode. Syntax ipv6 mld snooping report-suppression no ipv6 mld snooping report-suppression Default Report suppression does not apply to MLDv2, and is turned on by default for MLDv1 reports. Mode Interface Configuration for a specified VLAN interface or a range of VLAN interfaces. Usage This MLD Snooping command can only be configured on VLAN interfaces. MLDv1 Snooping maybe configured to suppress reports from hosts. When a querier sends a query, only the first report for particular set of group(s) from a host will be forwarded to the querier by the MLD Snooping device. Similar reports (to the same set of groups) from other hosts, which would not change group memberships in the querier, will be suppressed by the MLD Snooping device to prevent 'flooding' of query responses. Examples This example shows how to enable report suppression for MLD reports on VLAN interface vlan2: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 mld snooping report-suppression This example shows how to disable report suppression for MLD reports on VLAN interface vlan2: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# no ipv6 mld snooping report-suppression This example shows how to enable report suppression for MLD reports on VLAN interfaces vlan2-vlan4: awplus# configure terminal awplus(config)# interface vlan2-vlan4 awplus(config-if)# ipv6 mld snooping report-suppression C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 717 MLD SNOOPING COMMANDS IPV6 MLD SNOOPING REPORT-SUPPRESSION This example shows how to disable report suppression for MLD reports on VLAN interfaces vlan2-vlan4: awplus# configure terminal awplus(config)# interface vlan2-vlan4 awplus(config-if)# no ipv6 mld snooping report-suppression C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 718 MLD SNOOPING COMMANDS IPV6 MLD STATIC-GROUP ipv6 mld static-group Overview Use this command to statically configure IPv6 group membership entries on an interface. To statically add only a group membership, do not specify any parameters. Use the no variant of this command to delete static group membership entries. Syntax ipv6 mld static-group <ipv6-group-address> [source <ipv6-source-address>] [interface <port>] no ipv6 mld static-group <ipv6-group-address> [source <ipv6-source-address>] [interface <port>] Parameter Description <ipv6-groupaddress> Specify a standard IPv6 Multicast group address to be configured as a static group member. The IPv6 address uses the format X:X::X:X. <ipv6-sourceaddress> Optional. Specify a standard IPv6 source address to be configured as a static source from where multicast packets originate. The IPv6 address uses the format X:X::X:X. <port> Optional. Physical interface. This parameter specifies a physical port. If this parameter is used, the static configuration is applied to just to that physical interface. If this parameter is not used, the static configuration is applied on all ports in the VLAN. Mode Interface Configuration for a VLAN interface. Usage This command applies to MLD Snooping on a VLAN interface to statically add groups and/or source records. Examples To add a static group record, use the following commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 mld static-group ff1e::10 To add a static group and source record, use the following commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 mld static-group ff1e::10 source fe80::2fd:6cff:fe1c:b C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 719 MLD SNOOPING COMMANDS IPV6 MLD STATIC-GROUP To add a static group record on a specific port on vlan2, use the following commands: awplus# configure terminal awplus(config)# interface vlan2 awplus(config-if)# ipv6 mld static-group ff1e::10 interface port1.0.4 C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 720 MLD SNOOPING COMMANDS SHOW DEBUGGING MLD show debugging mld Overview Use this command to display the MLD debugging modes enabled with the debug mld command. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show debugging mld Privileged Exec awplus# show debugging mld Output show debugging mld MLD Debugging status: MLD Decoder debugging is on MLD Encoder debugging is on MLD Events debugging is on MLD FSM debugging is on MLD Tree-Info-Base (TIB) debugging is on Related Commands C613-50081-01 REV A debug mld Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 721 MLD SNOOPING COMMANDS SHOW IPV6 MLD GROUPS show ipv6 mld groups Overview Use this command to display the multicast groups that have receivers directly connected to the router and learned through MLD. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax show ipv6 mld groups [<ipv6-address>|<interface>] [detail] Parameter Description <ipv6-address> Optional. Specify Address of the multicast group in format X:X::X:X. <interface> Mode Examples Optional. Specify the Interface name for which to display local information. User Exec and Privileged Exec The following command displays local-membership information for all interfaces: awplus# show ipv6 mld groups Output Figure 23-2: Example output for show ipv6 mld groups awplus#show ipv6 mld groups MLD Connected Group Membership Group Address Interface Last Reporter ff08::1 vlan10 (port1.0.1) fe80::200:1ff:fe20:b5ac Uptime Expires 00:07:27 00:03:10 The following command displays local-membership information for all interfaces: awplus# show ipv6 mld groups detail C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 722 MLD SNOOPING COMMANDS SHOW IPV6 MLD INTERFACE show ipv6 mld interface Overview Use this command to display the state of MLD and MLD Snooping for a specified interface, or all interfaces. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show ipv6 mld interface [<interface>] Parameter Description <interface> Interface name. User Exec and Privileged Exec The following command displays MLD interface status on all interfaces enabled for MLD: awplus# show ipv6 mld interface Output awplus#show ipv6 mld interface Interface vlan1 (Index 301) MLD Enabled, Active, Querier, Version 2 (default) Internet address is fe80::215:77ff:fec9:7468 MLD interface has 0 group-record states MLD activity: 0 joins, 0 leaves MLD robustness variable is 2 MLD last member query count is 2 MLD query interval is 125 seconds MLD querier timeout is 255 seconds MLD max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds MLD Snooping is globally enabled MLD Snooping is enabled on this interface MLD Snooping fast-leave is not enabled MLD Snooping querier is enabled MLD Snooping report suppression is enabled C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 723 MLD SNOOPING COMMANDS SHOW IPV6 MLD SNOOPING MROUTER show ipv6 mld snooping mrouter Overview Use this command to display the multicast router interfaces, both configured and learned, in a VLAN. If you do not specify a VLAN interface then all the VLAN interfaces are displayed. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Examples show ipv6 mld snooping mrouter [<interface>] Parameter Description <interface> Optional. Specify the name of the VLAN interface. Note: If you do not specify a single VLAN interface, then all VLAN interfaces are shown. User Exec and Privileged Exec The following command displays the multicast router interfaces in vlan2: awplus# show ipv6 mld snooping mrouter vlan2 Output awplus#show ipv6 mld VLAN Interface 2 port1.0.2 2 port1.0.3 snooping mrouter vlan2 Static/Dynamic Dynamically Learned Dynamically Learned The following command displays the multicast router interfaces for all VLAN interfaces: awplus# show ipv6 mld snooping mrouter Output awplus#show ipv6 mld VLAN Interface 2 port1.0.2 2 port1.0.3 3 port1.0.4 3 port1.0.5 C613-50081-01 REV A snooping mrouter Static/Dynamic Dynamically Learned Dynamically Learned Statically Assigned Statically Assigned Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 724 MLD SNOOPING COMMANDS SHOW IPV6 MLD SNOOPING STATISTICS show ipv6 mld snooping statistics Overview Use this command to display MLD Snooping statistics data. For information on filtering and saving command output, see “Controlling “show” Command Output” in the “Getting Started with AlliedWare Plus” Feature Overview and Configuration Guide. Syntax Mode Example show ipv6 mld snooping statistics interface <interface> Parameter Description <interface> The name of the VLAN interface. User Exec and Privileged Exec The following command displays MLDv2 statistical information for vlan1: awplus# show ipv6 mld snooping statistics interface vlan1 Output awplus#show ipv6 mld snooping statistics interface vlan1 MLD Snooping statistics for vlan1 Interface: port1.0.1 Group: ff08::1 Uptime: 00:02:18 Group mode: Include () Last reporter: fe80::eecd:6dff:fe6b:4783 Group source list: (R - Remote, M - SSM Mapping, S - Static ) Source Address Uptime v2 Exp Fwd Flags 2001:db8::1 00:02:18 00:02:02 Yes R 2001:db8::3 00:02:18 00:02:02 Yes R C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 725 Part 5: Access and Security C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 726 24 IPv4 Hardware Access Control List (ACL) Commands Introduction Overview This chapter provides an alphabetical reference of IPv4 Hardware Access Control List (ACL) commands. It contains detailed command information and command examples about IPv4 hardware ACLs, which are applied directly to interfaces using the access-group command To apply ACLs to an LACP channel group, apply it to all the individual switch ports in the channel group. To apply ACLs to a static channel group, apply it to the static channel group itself. Sub-modes • Text in parenthesis in command names indicates usage not keyword entry. For example, access-list hardware (named) indicates named IPv4 hardware ACLs entered as access-list hardware <name> where <name> is a placeholder not a keyword. • Parenthesis surrounding ACL filters indicates the type of ACL filter not the keyword entry in the CLI, such as (access-list standard numbered filter) represents command entry in the format shown in the syntax [<sequence-number>] {deny|permit} {<source>|host <host-address>|any}. • Software ACLs will deny access unless explicitly permitted by an ACL action. Many of the ACL commands operate from sub-modes that are specific to particular ACL types. The following table shows the CLI prompts at which ACL commands are entered. Table 24-1: IPv4 Hardware Access List Commands and Prompts Command Name Command Mode Prompt show interface access-group Privileged Exec awplus# show access-list (IPv4 Hardware ACLs) Privileged Exec awplus# show interface access-group Privileged Exec awplus# C613-50081-01 REV A Command Reference for IE200 Series AlliedWare Plus™ Operating System - Version 5.4.6-0.x 727 IPV4 HARDWARE ACCESS CONTROL LIST (ACL) COMMANDS Table 24-1: IPv4 Hardware Access List Commands and Prompts (cont.) Command Name Command Mode Prompt access-group Global Configuration awplus(config)# access-list (hardware IP numbered) Global Configuration awplus(config)# access-list (hardware MAC numbered) Global Configuration awplus(config)# access-list hardware (named) Global Configuration awplus(config)# access-group Interface Configuration awplus(config-if)# (access-list hardware ICMP filter) IPv4 Hardware ACL Configuration awplus(config-ip-hw-acl)# (access-list hardware IP protocol filter) IPv4 Hardware ACL Configuration awplus(config-ip-hw-acl)# (access-list hardware MAC filter) IPv4 Hardware ACL Configuration awplus(config-ip-hw-acl)# (access-list hardware TCP UDP filter) IPv4 Hardware ACL Configuration awplus(config-ip-hw-acl)# commit (IPv4) IPv4 Hardware ACL Configuration awplus(config-ip-hw-acl)# References For descriptions of ACLs, and further information about rules when applying them, see the ACL Feature Overview and Configuration Guide. For more information on link aggregation see the following references: Command List C613-50081-01 REV A • the Link Aggregation Feature Overview and Configuration Guide. • Link Aggregation Commands • “access-group” on page 729 • “access-list (hardware IP numbered)” on page 731 • “access-list (hardware MAC numbered)” on page 739 • “access-list hardware (named)” on page 742 • “(access-list hardware ICMP filter)” on page 744 • “(access-list hardware IP protocol filter)” on page 747 • “(access-list hardware MAC filter)” on page 752 • “(access-list hardware TCP UDP filter)” on page 755 • “commit (IPv4)” on page 758 • “show access-list (IPv4 Hardware ACLs)” on page
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Key Features
- 6 Gigabit Ethernet ports with PoE+ support
- 802.3at/af PoE+ standard compliant
- Up to 30W of power per port
- Robust metal enclosure with IP30 protection
- Wide operating temperature range (-40°C to 75°C)
- Advanced Layer 2 switching features
- Comprehensive security features
- Easy management and configuration
- Redundant power inputs for high availability
- Versatile mounting options
Related manuals
Frequently Answers and Questions
What is the maximum power output per port?
30W
What is the operating temperature range?
-40°C to 75°C
Does it support Layer 3 switching?
No, it supports Layer 2 switching features
What is the management interface?
Web interface, CLI, SNMP
Can it be mounted on a DIN rail?
Yes, with optional DIN rail mounting kit
What is the warranty period?
Limited lifetime warranty