Allied Telesis | AT 9924SP AT-9924SP-30 AT-9924SP-30 | AT-9900 Series Switch Software Reference Software

AT-9900 Series Switch Software Reference Software
AT-9900 Series Switch
Software Reference
Software Release 2.7.3
AT-9924T
AT-9924SP
AT-9924T/4SP
AT-9900 Series Software Reference for Software Release 2.7.3
Document Number C613-03103-00 REV A.
© 2005 Allied Telesyn Inc. All rights reserved. No part of this publication may be
reproduced without prior written permission from Allied Telesyn Inc.
Allied Telesyn Inc. reserves the right to make changes in specifications and other
information in this document without prior written notice. The information provided
herein is subject to change without notice. In no event shall Allied Telesyn Inc. be liable
for any incidental, special, indirect, or consequential damages whatsoever, including
but not limited to lost profits, arising out of or related to this manual or the information
contained herein, even if Allied Telesyn Inc. has been advised of, known, or should have
known, the possibility of such damages.
All company names, logos, and product designs that are trademarks or registered
trademarks are the property of their respective owners.
Contents
List of Figures
List of Tables
About this Software Reference
Introduction ..................................................................................................... lix
Structure of this Software Reference ................................................................ lix
Intended Audience ......................................................................................... lxii
Conventions ................................................................................................... lxii
Command Descriptions ........................................................................... lxiii
Where To Find More Information .................................................................... lxv
Obtaining Copies of Internet Protocols and Standards .............................. lxv
Publicly Accessible Documents ................................................................. lxvi
Allied Telesyn Offices and Locations ......................................................... lxvi
Reader’s Comments ...................................................................................... lxvii
Command Summary
Operation—obsolete
CHAPTER 1
Getting Started
Establishing a Management Session with the Switch ......................................
Assigning an IP Address .................................................................................
Setting Routes ...............................................................................................
Checking Connections with PING ..................................................................
Changing a Password ....................................................................................
Using Command Line Help ............................................................................
Enabling Special Feature Licences ...................................................................
Setting System Parameters .............................................................................
Saving Configurations Entered with the CLI ...................................................
Troubleshooting Traffic Flow ..........................................................................
Upgrading Switch Software ...........................................................................
SNMP and MIBs .............................................................................................
Tips to Avoid Problems ..................................................................................
For More Information .....................................................................................
CHAPTER 2
1-2
1-2
1-2
1-3
1-3
1-3
1-4
1-4
1-5
1-5
1-6
1-6
1-6
1-8
Using the Command Line Interface (CLI)
Introduction ...................................................................................................
Command Syntax ..........................................................................................
Command Line Editing and Recall ..................................................................
Aliases ...........................................................................................................
2-2
2-2
2-4
2-5
iv
AT-9900 Series Software Reference
Online Help ...................................................................................................
Command Reference .....................................................................................
add alias ..................................................................................................
delete alias ..............................................................................................
help ........................................................................................................
set help ...................................................................................................
show alias ...............................................................................................
CHAPTER 3
2-5
2-6
2-6
2-7
2-7
2-8
2-8
Configuring and Monitoring the System
Introduction ................................................................................................... 3-2
System Identification ...................................................................................... 3-2
Time and Date ............................................................................................... 3-3
Monitoring Switch Operations ....................................................................... 3-4
Monitoring the Power Supply ........................................................................ 3-6
Emailing Alerts from the Switch ..................................................................... 3-6
Configuration Examples .......................................................................... 3-7
Command Reference ..................................................................................... 3-8
activate system psu test ........................................................................... 3-9
delete mail .............................................................................................. 3-9
disable mail debug ................................................................................ 3-10
dump .................................................................................................... 3-11
enable mail debug ................................................................................. 3-12
mail ....................................................................................................... 3-13
modify .................................................................................................. 3-14
reset cpu utilisation ............................................................................... 3-15
set mail ................................................................................................. 3-15
set system contact ................................................................................. 3-16
set system location ................................................................................ 3-16
set system name .................................................................................... 3-17
set time ................................................................................................. 3-17
show buffer .......................................................................................... 3-18
show cpu .............................................................................................. 3-21
show debug .......................................................................................... 3-22
show exception ..................................................................................... 3-24
show mail ............................................................................................. 3-25
show startup ......................................................................................... 3-26
show system ......................................................................................... 3-27
show system serialnumber ..................................................................... 3-30
show time ............................................................................................. 3-30
CHAPTER 4
Managing Configuration Files and Software Versions
Managing Configuration Files ........................................................................ 4-3
Loading Files onto the Switch ........................................................................ 4-4
Loading from a Trivial File Transfer Protocol (TFTP) Server .......................... 4-4
Loading from a Web Server ..................................................................... 4-5
Loading from a Lightweight Directory Access Protocol (LDAP) Server ....... 4-6
Additional Loader Commands ................................................................. 4-7
Uploading Files from the Switch ..................................................................... 4-8
Using HTTP .............................................................................................. 4-8
Using TFTP and ZMODEM ........................................................................ 4-9
Software Upgrades ...................................................................................... 4-11
Upgrade Overview ................................................................................. 4-11
Install Process ........................................................................................ 4-12
Filenames .............................................................................................. 4-13
Licencing ............................................................................................... 4-13
Patches ................................................................................................. 4-15
Example: Upgrading to new software .................................................... 4-15
Example: Upgrading to a new patch file ................................................ 4-17
Software Release 2.7.3
C613-03103-00 REV A
Contents
v
Command Reference ................................................................................... 4-18
create config ......................................................................................... 4-18
delete install .......................................................................................... 4-19
disable feature ...................................................................................... 4-19
disable http debug ................................................................................ 4-20
disable http server ................................................................................. 4-20
disable ldap debug ................................................................................ 4-21
disable release ....................................................................................... 4-21
enable feature ....................................................................................... 4-22
enable http debug ................................................................................. 4-23
enable http server ................................................................................. 4-24
enable ldap debug ................................................................................ 4-24
enable release ....................................................................................... 4-25
load ...................................................................................................... 4-26
purge ldap ............................................................................................ 4-31
reset http server .................................................................................... 4-31
reset loader ........................................................................................... 4-31
restart ................................................................................................... 4-32
set config .............................................................................................. 4-33
set http server ....................................................................................... 4-34
set install ............................................................................................... 4-35
set loader .............................................................................................. 4-36
show config .......................................................................................... 4-40
show feature ......................................................................................... 4-42
show http client .................................................................................... 4-44
show http debug ................................................................................... 4-45
show http server ................................................................................... 4-46
show http server session ........................................................................ 4-47
show install ........................................................................................... 4-48
show ldap ............................................................................................. 4-49
show ldap request ................................................................................. 4-50
show loader .......................................................................................... 4-52
show patch ........................................................................................... 4-53
show release ......................................................................................... 4-54
upload .................................................................................................. 4-55
CHAPTER 5
Managing the File System
Introduction ................................................................................................... 5-2
File Naming Conventions ............................................................................... 5-2
Long filenames in releases ....................................................................... 5-4
Working with Files ......................................................................................... 5-4
Built-In Editor .......................................................................................... 5-5
Using Wildcards ...................................................................................... 5-6
Flash Memory ................................................................................................ 5-6
The Flash File System (FFS) ....................................................................... 5-7
If You Clear Flash Memory Completely .................................................... 5-8
Non-Volatile Storage (NVS) ............................................................................ 5-9
CompactFlash (CFlash) Memory ..................................................................... 5-9
The FAT File System ............................................................................... 5-10
Inserting and Removing a CompactFlash Card ....................................... 5-10
Testing a CompactFlash Card ................................................................. 5-10
Working with CompactFlash ................................................................. 5-11
Command Reference ................................................................................... 5-13
activate flash compaction ...................................................................... 5-13
add cflash dir ........................................................................................ 5-14
clear cflash ............................................................................................ 5-14
clear flash totally ................................................................................... 5-15
clear nvs totally ..................................................................................... 5-15
Software Release 2.7.3
C613-03103-00 REV A
vi
AT-9900 Series Software Reference
copy ...................................................................................................... 5-16
delete cflash dir ..................................................................................... 5-17
delete file .............................................................................................. 5-18
delete nvs .............................................................................................. 5-19
disable cflash test .................................................................................. 5-19
dump nvs .............................................................................................. 5-20
edit ....................................................................................................... 5-21
enable cflash test .................................................................................. 5-23
modify nvs ............................................................................................ 5-23
purge file translationtable ...................................................................... 5-24
rename ................................................................................................. 5-25
set cflash dir .......................................................................................... 5-26
show cflash ........................................................................................... 5-27
show cflash counters ............................................................................. 5-28
show cflash file ..................................................................................... 5-29
show cflash test .................................................................................... 5-30
show ffile .............................................................................................. 5-32
show file ............................................................................................... 5-34
show flash ............................................................................................. 5-37
show flash physical ................................................................................ 5-39
show nvs ............................................................................................... 5-40
show nvs free ........................................................................................ 5-41
CHAPTER 6
Switching
Introduction ................................................................................................... 6-5
Switch Ports ................................................................................................... 6-6
Enabling and Disabling Switch Ports ........................................................ 6-6
Autonegotiation of Port Speed and Duplex Mode .................................... 6-7
Auto MDI/MDI-X ..................................................................................... 6-8
Port Trunking .......................................................................................... 6-8
Link Aggregation Control Protocol (LACP) ............................................... 6-9
Broadcast Storm Protection ................................................................... 6-10
Port Mirroring ....................................................................................... 6-12
Port Security .......................................................................................... 6-13
Support for Jumbo Frames ........................................................................... 6-13
Virtual Local Area Networks (VLANs) ............................................................ 6-14
Dynamic VLAN Assignment ................................................................... 6-15
802.1x Guest VLAN ............................................................................... 6-16
VLAN Tagging ....................................................................................... 6-16
VLAN Membership using VLAN Tags ...................................................... 6-18
VLAN Membership of Untagged Packets ............................................... 6-19
Creating VLANs ..................................................................................... 6-22
Deleting Untagged Ports ....................................................................... 6-24
Displaying Information about VLANs ..................................................... 6-25
The Default VLAN .................................................................................. 6-25
VLAN Interaction with Trunk Groups ...................................................... 6-26
Static and Dynamic VLANs ..................................................................... 6-26
Private VLANs ........................................................................................ 6-27
Nested VLANs ....................................................................................... 6-29
The Layer 2 Switching Process ...................................................................... 6-32
The Ingress Rules ................................................................................... 6-32
The Learning Process ............................................................................. 6-33
The Forwarding Process ......................................................................... 6-34
The Egress Rules .................................................................................... 6-35
Layer 2 Filtering ........................................................................................... 6-35
Layer 2 QoS Actions in Hardware Filters ....................................................... 6-36
Software Release 2.7.3
C613-03103-00 REV A
Contents
vii
Spanning Tree Protocol (STP) ........................................................................ 6-37
Electing the Root Bridge and Designated Bridge .................................... 6-38
Spanning Tree Modes ............................................................................ 6-39
Rapid Mode Spanning Tree Types ........................................................... 6-39
Spanning Tree and Rapid Spanning Tree port states ............................... 6-40
Multiple Spanning Trees and STP interaction with VLANs ....................... 6-41
Configuring STP .................................................................................... 6-41
Multiple Spanning Tree Protocol (MSTP) ....................................................... 6-45
Multiple Spanning Tree Regions ............................................................. 6-45
Bridge Protocol Data Units (BPDUs) ........................................................ 6-46
Compatibility with Previous Spanning Tree Protocols .............................. 6-47
Configuring MSTP ................................................................................. 6-48
Common and Internal Spanning Tree (CIST) ........................................... 6-54
The Relationship between Spanning Trees and Trunks ............................ 6-58
Classifier-Based Packet Filters ....................................................................... 6-58
Access Control Lists (ACLs) .................................................................... 6-60
Classifier-Based Filters with Accelerated IPv6 Traffic ...................................... 6-61
Configuring Accelerator Hardware Filters ............................................... 6-62
Triggers ........................................................................................................ 6-63
Configuration Examples ............................................................................... 6-64
Port-Based VLAN with Untagged Ports .................................................. 6-64
VLAN with Tagged Ports ........................................................................ 6-65
Subnet-Based VLAN .............................................................................. 6-68
Command Reference ................................................................................... 6-71
activate mstp migrationcheck port ......................................................... 6-71
activate switch port ............................................................................... 6-72
add lacp port ......................................................................................... 6-72
add mstp msti vlan ................................................................................ 6-74
add stp vlan .......................................................................................... 6-75
add switch accelerator hwfilter .............................................................. 6-76
add switch filter .................................................................................... 6-77
add switch hwfilter ................................................................................ 6-79
add switch trunk ................................................................................... 6-80
add vlan port ......................................................................................... 6-81
add vlan protocol .................................................................................. 6-85
add vlan subnet ..................................................................................... 6-87
create mstp msti .................................................................................... 6-88
create stp .............................................................................................. 6-89
create switch trunk ................................................................................ 6-90
create vlan ............................................................................................ 6-91
delete lacp port ..................................................................................... 6-93
delete mstp msti vlan ............................................................................ 6-94
delete stp vlan ....................................................................................... 6-95
delete switch accelerator hwfilter .......................................................... 6-96
delete switch filter ................................................................................. 6-96
delete switch hwfilter ............................................................................ 6-97
delete switch trunk ................................................................................ 6-97
delete vlan port ..................................................................................... 6-98
delete vlan protocol ............................................................................. 6-100
delete vlan subnet ............................................................................... 6-101
destroy mstp msti ................................................................................ 6-102
destroy stp .......................................................................................... 6-102
destroy switch trunk ............................................................................ 6-103
destroy vlan ......................................................................................... 6-103
disable lacp ......................................................................................... 6-104
disable lacp debug .............................................................................. 6-104
disable mstp ........................................................................................ 6-105
disable mstp cist port .......................................................................... 6-105
disable mstp debug ............................................................................. 6-106
Software Release 2.7.3
C613-03103-00 REV A
viii
AT-9900 Series Software Reference
disable mstp msti port ......................................................................... 6-107
disable stp ........................................................................................... 6-108
disable stp debug ................................................................................ 6-109
disable stp port ................................................................................... 6-111
disable switch accelerator .................................................................... 6-112
disable switch accelerator function ...................................................... 6-112
disable switch accelerator debug ......................................................... 6-113
disable switch ageingtimer .................................................................. 6-113
disable switch debug ........................................................................... 6-114
disable switch hash ............................................................................. 6-115
disable switch mclimiting ..................................................................... 6-115
disable switch learning ........................................................................ 6-116
disable switch mirror ........................................................................... 6-116
disable switch port .............................................................................. 6-117
disable switch stpforward .................................................................... 6-118
disable vlan debug .............................................................................. 6-118
enable lacp .......................................................................................... 6-119
enable lacp debug ............................................................................... 6-119
enable mstp ........................................................................................ 6-120
enable mstp cist port ........................................................................... 6-121
enable mstp debug ............................................................................. 6-122
enable mstp msti port ......................................................................... 6-124
enable stp ........................................................................................... 6-125
enable stp debug ................................................................................ 6-126
enable stp port .................................................................................... 6-128
enable switch accelerator .................................................................... 6-129
enable switch accelerator function ...................................................... 6-129
enable switch accelerator debug ......................................................... 6-130
enable switch ageingtimer ................................................................... 6-131
enable switch bist ................................................................................ 6-132
enable switch debug ........................................................................... 6-133
enable switch hash .............................................................................. 6-134
enable switch learning ........................................................................ 6-135
enable switch mclimiting ..................................................................... 6-135
enable switch mirror ............................................................................ 6-136
enable switch port ............................................................................... 6-137
enable switch stpforward .................................................................... 6-138
enable vlan debug ............................................................................... 6-138
purge lacp ........................................................................................... 6-139
purge mstp ......................................................................................... 6-139
purge stp ............................................................................................ 6-140
reset lacp port counter ........................................................................ 6-140
reset mstp counter port ....................................................................... 6-141
reset stp .............................................................................................. 6-141
reset switch ......................................................................................... 6-142
reset switch accelerator counter .......................................................... 6-142
reset switch port ................................................................................. 6-143
set lacp port ........................................................................................ 6-144
set lacp priority .................................................................................... 6-145
set mstp .............................................................................................. 6-146
set mstp cist ........................................................................................ 6-148
set mstp cist port ................................................................................. 6-149
set mstp msti ....................................................................................... 6-151
set mstp msti port ............................................................................... 6-152
set stp ................................................................................................. 6-154
set stp port .......................................................................................... 6-157
set switch ageingtimer ........................................................................ 6-160
set switch cputxpriority ........................................................................ 6-161
set switch cputxqueue ......................................................................... 6-161
Software Release 2.7.3
C613-03103-00 REV A
Contents
ix
set switch dlflimit ................................................................................ 6-162
set switch enhancedmode ................................................................... 6-162
set switch hwlearndelay ...................................................................... 6-163
set switch jumbo ................................................................................. 6-163
set switch mirror ................................................................................. 6-163
set switch nestedtpid ........................................................................... 6-164
set switch port .................................................................................... 6-165
set switch trunk ................................................................................... 6-170
set vlan port ........................................................................................ 6-171
show lacp ............................................................................................ 6-172
show lacp port .................................................................................... 6-173
show lacp port counter ....................................................................... 6-175
show lacp trunk .................................................................................. 6-176
show mstp .......................................................................................... 6-177
show mstp cist .................................................................................... 6-179
show mstp cist port ............................................................................. 6-181
show mstp counter port ...................................................................... 6-183
show mstp debug ............................................................................... 6-184
show mstp msti ................................................................................... 6-185
show mstp msti port ........................................................................... 6-187
show stp ............................................................................................. 6-188
show stp counter ................................................................................ 6-192
show stp debug .................................................................................. 6-194
show stp port ...................................................................................... 6-195
show switch ........................................................................................ 6-199
show switch accelerator ...................................................................... 6-202
show switch accelerator counter ......................................................... 6-203
show switch accelerator debug ........................................................... 6-206
show switch accelerator hwfilter ......................................................... 6-207
show switch counter ........................................................................... 6-208
show switch debug ............................................................................. 6-210
show switch fdb .................................................................................. 6-211
show switch filter ................................................................................ 6-212
show switch hwfilter ........................................................................... 6-214
show switch port ................................................................................. 6-215
show switch port counter .................................................................... 6-218
show switch port intrusion .................................................................. 6-220
show switch trunk ............................................................................... 6-221
show vlan ............................................................................................ 6-222
show vlan debug ................................................................................. 6-226
show vlan port .................................................................................... 6-227
CHAPTER 7
Generic Attribute Registration Protocol (GARP)
Introduction ................................................................................................... 7-2
GARP Operations ........................................................................................... 7-2
Overview of Generic VLAN Registration Protocol (GVRP) ................................ 7-5
Configuring GARP ......................................................................................... 7-6
Command Reference ..................................................................................... 7-8
disable garp ............................................................................................ 7-9
disable garp debug ................................................................................ 7-10
disable garp gip ..................................................................................... 7-11
enable garp ........................................................................................... 7-12
enable garp debug ................................................................................ 7-13
enable garp gip ..................................................................................... 7-14
reset garp .............................................................................................. 7-15
set garp port ......................................................................................... 7-16
set garp timer ........................................................................................ 7-18
show garp ............................................................................................. 7-20
Software Release 2.7.3
C613-03103-00 REV A
x
AT-9900 Series Software Reference
show garp counter ................................................................................ 7-22
show garp db ........................................................................................ 7-25
show garp debug .................................................................................. 7-26
show garp gip ....................................................................................... 7-27
show garp machine ............................................................................... 7-28
CHAPTER 8
Interfaces
Introduction ................................................................................................... 8-2
Naming Interfaces .......................................................................................... 8-3
Ethernet ........................................................................................................ 8-3
Encapsulations ........................................................................................ 8-4
Asynchronous Interfaces ................................................................................ 8-6
Encapsulations ........................................................................................ 8-6
Configuration .......................................................................................... 8-6
Session Timeout .................................................................................... 8-10
Connecting a Modem to the Asynchronous Port ................................... 8-10
MIB Counters ........................................................................................ 8-11
Autobauding ......................................................................................... 8-12
Testing Serial Data Circuits ........................................................................... 8-13
Carrier Detect ........................................................................................ 8-13
Loopback .............................................................................................. 8-13
Data indicators ...................................................................................... 8-13
Displaying Interfaces .................................................................................... 8-14
Interface Link Traps ...................................................................................... 8-14
Managing Interfaces with SNMP .................................................................. 8-15
Command Reference ................................................................................... 8-15
connect asyn ......................................................................................... 8-15
disable asyn ........................................................................................... 8-16
disable interface linktrap ....................................................................... 8-17
enable asyn ........................................................................................... 8-17
enable interface linktrap ........................................................................ 8-18
purge asyn ............................................................................................ 8-19
reset asyn .............................................................................................. 8-19
reset asyn counter ................................................................................. 8-20
reset asyn history ................................................................................... 8-20
reset interface counters ......................................................................... 8-21
set asyn ................................................................................................. 8-22
set interface mtu ................................................................................... 8-26
set interface traplimit ............................................................................ 8-27
show asyn ............................................................................................. 8-28
show interface ...................................................................................... 8-35
CHAPTER 9
Point-to-Point Protocol (PPP)
Introduction ................................................................................................... 9-3
The Point-to-Point Protocol ............................................................................ 9-3
Encapsulation .......................................................................................... 9-4
Control Protocols .................................................................................... 9-5
LCP Options ............................................................................................ 9-6
Configuring PPP ............................................................................................. 9-7
Link Quality Management .............................................................................. 9-8
Multilink PPP .................................................................................................. 9-9
Bandwidth Allocation Protocol ....................................................................... 9-9
Dial-On-Demand .......................................................................................... 9-10
Link Backup ................................................................................................. 9-11
Bandwidth on Demand ................................................................................ 9-11
PPP Over Ethernet ........................................................................................ 9-12
PPP over Ethernet Client Mode .............................................................. 9-13
PPP over Ethernet Access Concentrator Mode ....................................... 9-13
Software Release 2.7.3
C613-03103-00 REV A
Contents
xi
Templates .................................................................................................... 9-14
PPP Callback ................................................................................................ 9-15
Magic Number ............................................................................................. 9-16
Authentication Protocols .............................................................................. 9-17
Password Authentication Protocol (PAP) ................................................. 9-17
Challenge-Handshake Authentication Protocol (CHAP) .......................... 9-18
Assigning IP Addresses ................................................................................. 9-21
PPP Link Management ................................................................................. 9-23
Configuring PPP Control Protocols ............................................................... 9-24
Debugging PPP Links ................................................................................... 9-25
What to Do if the PPP Link Disconnects Regularly ......................................... 9-27
Configuration Examples ............................................................................... 9-27
Dial-on-Demand Links ........................................................................... 9-27
Link Quality Monitoring ......................................................................... 9-28
Command Reference ................................................................................... 9-29
activate ppp .......................................................................................... 9-29
add ppp ................................................................................................ 9-30
add ppp acservice .................................................................................. 9-33
create ppp ............................................................................................. 9-34
create ppp template .............................................................................. 9-39
delete ppp ............................................................................................. 9-45
delete ppp acservice .............................................................................. 9-46
destroy ppp ........................................................................................... 9-47
destroy ppp template ............................................................................ 9-47
disable ppp ........................................................................................... 9-48
disable ppp accessconcentrator ............................................................. 9-48
disable ppp debug ................................................................................. 9-49
disable ppp template debug .................................................................. 9-50
enable ppp ............................................................................................ 9-51
enable ppp accessconcentrator .............................................................. 9-51
enable ppp debug ................................................................................. 9-52
enable ppp template debug .................................................................. 9-54
purge ppp ............................................................................................. 9-55
reset ppp ............................................................................................... 9-56
set ppp .................................................................................................. 9-57
set ppp acservice ................................................................................... 9-63
set ppp template ................................................................................... 9-64
show ppp .............................................................................................. 9-70
show ppp config ................................................................................... 9-71
show ppp count .................................................................................... 9-76
show ppp debug ................................................................................... 9-89
show ppp idletimer ............................................................................... 9-90
show ppp limits ..................................................................................... 9-91
show ppp multilink ................................................................................ 9-92
show ppp nameserver ........................................................................... 9-94
show ppp pppoe ................................................................................... 9-95
show ppp template ............................................................................... 9-97
show ppp txstatus ............................................................................... 9-100
show ppp utilisation ............................................................................ 9-102
CHAPTER 10
Layer Two Tunnelling Protocol (L2TP)
Introduction ................................................................................................. 10-2
Overview of L2TP ......................................................................................... 10-2
L2TP on the Switch ...................................................................................... 10-3
Configuration Examples ............................................................................... 10-6
Inter-Switch Tunnels .............................................................................. 10-6
Simple Dial-In System ............................................................................ 10-8
Configure L2TP to tunnel PPPoE sessions ............................................... 10-9
Software Release 2.7.3
C613-03103-00 REV A
xii
AT-9900 Series Software Reference
Command Reference ................................................................................. 10-12
activate l2tp call .................................................................................. 10-12
add l2tp call ........................................................................................ 10-13
add l2tp ip .......................................................................................... 10-15
add l2tp password ............................................................................... 10-16
add l2tp user ....................................................................................... 10-17
deactivate l2tp call .............................................................................. 10-19
delete l2tp call ..................................................................................... 10-20
delete l2tp ip ....................................................................................... 10-20
delete l2tp password ........................................................................... 10-21
delete l2tp user ................................................................................... 10-22
disable l2tp ......................................................................................... 10-22
disable l2tp debug ............................................................................... 10-23
disable l2tp server ............................................................................... 10-24
enable l2tp .......................................................................................... 10-24
enable l2tp debug ............................................................................... 10-25
enable l2tp server ................................................................................ 10-26
set l2tp call .......................................................................................... 10-27
set l2tp checksum ............................................................................... 10-29
set l2tp filter ........................................................................................ 10-29
set l2tp password ................................................................................ 10-30
set l2tp user ........................................................................................ 10-31
show l2tp ............................................................................................ 10-33
show l2tp call ...................................................................................... 10-37
show l2tp ip ........................................................................................ 10-39
show l2tp tunnel ................................................................................. 10-40
show l2tp user .................................................................................... 10-49
CHAPTER 11
Internet Protocol (IP)
Introduction ................................................................................................. 11-5
The Internet ................................................................................................. 11-5
IP Packets .................................................................................................... 11-5
Addressing .................................................................................................. 11-7
Subnets ..................................................................................................... 11-10
Assigning an IP Address ............................................................................. 11-10
Multihoming .............................................................................................. 11-11
Local Interfaces .......................................................................................... 11-12
Address Resolution Protocol (ARP) .............................................................. 11-14
MAC Address Logging ........................................................................ 11-15
DHCP Client .............................................................................................. 11-15
ICMP ......................................................................................................... 11-15
ICMP Router Discovery Advertisements ...................................................... 11-17
Routing ..................................................................................................... 11-20
Types of Routes ................................................................................... 11-20
The Routing Table ................................................................................ 11-20
Configuring Static Routes .................................................................... 11-21
Blackhole Routing ............................................................................... 11-21
Caching Routes ................................................................................... 11-25
Dynamic Routing Protocols .................................................................. 11-25
Setting Preference of Dynamically-Learned Routes ............................... 11-26
Displaying Route Information .............................................................. 11-26
Equal Cost Multipath Routing .................................................................... 11-27
Routing Information Filters ......................................................................... 11-29
Route Filters ........................................................................................ 11-29
Trusted Routers ................................................................................... 11-30
Routing Information Protocol (RIP) ............................................................. 11-31
Exterior Gateway Protocol (EGP) ................................................................. 11-32
Open Shortest Path First (OSPF) .................................................................. 11-33
Software Release 2.7.3
C613-03103-00 REV A
Contents
xiii
Metrics ...................................................................................................... 11-33
OSPF Auto Cost Calculation ................................................................ 11-33
Policy-Based Routing .................................................................................. 11-34
Priority-Based Routing ................................................................................ 11-36
Route Templates ........................................................................................ 11-37
Named Hosts ............................................................................................. 11-37
DNS Relay Agent ....................................................................................... 11-39
DNS Caching ............................................................................................. 11-40
Server Selection ......................................................................................... 11-40
Traffic Filters .............................................................................................. 11-41
SNMP ........................................................................................................ 11-43
Control and Debug Commands ................................................................. 11-43
Ping and Trace Route ................................................................................. 11-45
Ping .................................................................................................... 11-45
Trace Route ......................................................................................... 11-45
Finger ........................................................................................................ 11-46
Security Options ........................................................................................ 11-46
Broadcast Forwarding ................................................................................ 11-47
Examples ............................................................................................. 11-47
BOOTP Relay Agent ................................................................................... 11-51
IP Multicasting ........................................................................................... 11-52
Static Multicast Forwarding ................................................................. 11-52
Remote Address Assignment ...................................................................... 11-53
IP Address Pools ......................................................................................... 11-54
Configuration Examples ............................................................................. 11-55
A Basic TCP/IP Setup ............................................................................ 11-55
Configuring IP Filters ........................................................................... 11-58
Troubleshooting ......................................................................................... 11-63
No Route Exists to the Remote Switch ................................................. 11-63
Getting an IP Address from DHCP ........................................................ 11-63
Telnet Fails ........................................................................................... 11-64
Command Reference ................................................................................. 11-65
add bootp relay ................................................................................... 11-65
add ip advertise interface .................................................................... 11-66
add ip arp ........................................................................................... 11-67
add ip dns ........................................................................................... 11-68
add ip egp ........................................................................................... 11-69
add ip filter ......................................................................................... 11-70
add ip helper ....................................................................................... 11-77
add ip host .......................................................................................... 11-78
add ip interface ................................................................................... 11-79
add ip local ......................................................................................... 11-83
add ip rip ............................................................................................ 11-84
add ip route ........................................................................................ 11-86
add ip route filter ................................................................................ 11-88
add ip route template .......................................................................... 11-90
add ip trusted ...................................................................................... 11-91
create ip pool ...................................................................................... 11-92
delete bootp relay ............................................................................... 11-92
delete ip advertise interface ................................................................. 11-93
delete ip arp ........................................................................................ 11-93
delete ip dns ....................................................................................... 11-94
delete ip egp ....................................................................................... 11-95
delete ip filter ...................................................................................... 11-96
delete ip helper ................................................................................... 11-97
delete ip host ...................................................................................... 11-98
delete ip interface ............................................................................... 11-99
delete ip local .................................................................................... 11-100
delete ip rip ....................................................................................... 11-101
Software Release 2.7.3
C613-03103-00 REV A
xiv
AT-9900 Series Software Reference
delete ip route ................................................................................... 11-102
delete ip route filter ........................................................................... 11-103
delete ip route template .................................................................... 11-103
delete ip trusted ................................................................................ 11-104
delete tcp .......................................................................................... 11-105
destroy ip pool .................................................................................. 11-105
disable bootp relay ............................................................................ 11-106
disable ip ........................................................................................... 11-106
disable ip advertise ............................................................................ 11-107
disable ip arp log ............................................................................... 11-107
disable ip debug ................................................................................ 11-107
disable ip dnsrelay ............................................................................. 11-108
disable ip echoreply ........................................................................... 11-108
disable ip egp .................................................................................... 11-108
disable ip exportrip ............................................................................ 11-109
disable ip fofilter ............................................................................... 11-109
disable ip forwarding ......................................................................... 11-110
disable ip helper ................................................................................ 11-110
disable ip icmpreply ........................................................................... 11-111
disable ip interface ............................................................................ 11-112
disable ip remoteassign ..................................................................... 11-113
disable ip route ................................................................................. 11-113
disable ip srcroute ............................................................................. 11-114
disable telnet server ........................................................................... 11-114
enable bootp relay ............................................................................ 11-115
enable ip ........................................................................................... 11-115
enable ip advertise ............................................................................ 11-116
enable ip arp log ............................................................................... 11-116
enable ip debug ................................................................................ 11-116
enable ip dnsrelay ............................................................................. 11-117
enable ip echoreply ........................................................................... 11-117
enable ip egp .................................................................................... 11-117
enable ip exportrip ............................................................................ 11-118
enable ip fofilter ................................................................................ 11-118
enable ip forwarding ......................................................................... 11-119
enable ip helper ................................................................................ 11-119
enable ip icmpreply ........................................................................... 11-120
enable ip interface ............................................................................. 11-120
enable ip remoteassign ...................................................................... 11-121
enable ip route .................................................................................. 11-121
enable ip srcroute .............................................................................. 11-122
enable telnet server ........................................................................... 11-122
finger ................................................................................................ 11-123
ping .................................................................................................. 11-124
purge bootp relay .............................................................................. 11-126
purge ip ............................................................................................ 11-126
reset ip .............................................................................................. 11-127
reset ip counter ................................................................................. 11-127
reset ip interface ............................................................................... 11-128
set bootp maxhops ............................................................................ 11-128
set ip advertise interface .................................................................... 11-129
set ip arp ........................................................................................... 11-130
set ip arp timeout .............................................................................. 11-131
set ip dns .......................................................................................... 11-131
set ip dns cache ................................................................................. 11-133
set ip dnsrelay ................................................................................... 11-134
set ip dscpoverride ............................................................................ 11-134
set ip filter ......................................................................................... 11-135
set ip host ......................................................................................... 11-139
Software Release 2.7.3
C613-03103-00 REV A
Contents
xv
set ip interface .................................................................................. 11-140
set ip local ......................................................................................... 11-143
set ip nameserver .............................................................................. 11-145
set ip rip ............................................................................................ 11-146
set ip riptimer .................................................................................... 11-148
set ip route ........................................................................................ 11-149
set ip route filter ................................................................................ 11-151
set ip route preference ...................................................................... 11-153
set ip route template ......................................................................... 11-154
set ip secondarynameserver ............................................................... 11-155
set ping ............................................................................................. 11-156
set trace ............................................................................................ 11-158
show bootp relay .............................................................................. 11-160
show ip ............................................................................................. 11-161
show ip advertise .............................................................................. 11-164
show ip arp ....................................................................................... 11-165
show ip counter ................................................................................ 11-166
show ip debug .................................................................................. 11-174
show ip dns ....................................................................................... 11-175
show ip dns cache ............................................................................. 11-177
show ip egp ...................................................................................... 11-178
show ip filter ..................................................................................... 11-179
show ip helper .................................................................................. 11-181
show ip host ..................................................................................... 11-183
show ip icmpreply ............................................................................. 11-184
show ip interface ............................................................................... 11-185
show ip pool ..................................................................................... 11-189
show ip rip ........................................................................................ 11-191
show ip rip counter ........................................................................... 11-193
show ip riptimer ................................................................................ 11-195
show ip route .................................................................................... 11-196
show ip route filter ............................................................................ 11-200
show ip route multicast ..................................................................... 11-201
show ip route preference ................................................................... 11-202
show ip route template ..................................................................... 11-203
show ip trusted ................................................................................. 11-204
show ip udp ...................................................................................... 11-205
show ping ......................................................................................... 11-206
show tcp ........................................................................................... 11-208
show trace ........................................................................................ 11-213
stop ping ........................................................................................... 11-214
stop trace .......................................................................................... 11-215
trace ................................................................................................. 11-215
CHAPTER 12
Dynamic Host Configuration Protocol (DHCP)
Introduction ................................................................................................. 12-2
Configuring the DHCP Server ....................................................................... 12-2
BOOTP Relay Agents ............................................................................. 12-3
Configuring the DHCP Client ....................................................................... 12-4
DHC Files ..................................................................................................... 12-4
Configuration Example ................................................................................ 12-4
Troubleshooting ........................................................................................... 12-5
Command Reference ................................................................................... 12-6
add dhcp policy ..................................................................................... 12-6
add dhcp range ................................................................................... 12-12
create dhcp policy ............................................................................... 12-13
create dhcp range ............................................................................... 12-14
delete dhcp policy ............................................................................... 12-15
Software Release 2.7.3
C613-03103-00 REV A
xvi
AT-9900 Series Software Reference
delete dhcp range ............................................................................... 12-19
destroy dhcp policy ............................................................................. 12-20
destroy dhcp range ............................................................................. 12-20
disable dhcp ........................................................................................ 12-21
enable dhcp ........................................................................................ 12-21
set dhcp .............................................................................................. 12-22
set dhcp policy .................................................................................... 12-22
set dhcp range .................................................................................... 12-28
show dhcp .......................................................................................... 12-29
show dhcp client ................................................................................. 12-31
show dhcp policy ................................................................................ 12-33
show dhcp range ................................................................................ 12-34
CHAPTER 13
IP Multicasting
Introduction ................................................................................................. 13-3
References ................................................................................................... 13-3
IP Multicast Routing ..................................................................................... 13-4
Interoperability between Multicast Routing Protocols ................................... 13-5
Distance Vector Multicast Routing Protocol (DVMRP) .................................... 13-6
Configuring DVMRP .............................................................................. 13-7
Protocol Independent Multicast (PIM) ........................................................... 13-8
PIM Sparse Mode ......................................................................................... 13-8
PIM Sparse Mode Roles ......................................................................... 13-9
PIM Sparse Mode Operation ................................................................ 13-10
Configuring PIM Sparse Mode ............................................................. 13-12
Logging and SNMP Traps for PIM-SM ......................................................... 13-16
PIM Dense Mode ....................................................................................... 13-17
Configuring PIM Dense Mode ............................................................. 13-17
Internet Group Management Protocol (IGMP) ............................................ 13-20
Configuring IGMP ............................................................................... 13-20
Static IGMP ......................................................................................... 13-21
IGMP Snooping ......................................................................................... 13-23
IGMP Snooping All-Groups ........................................................................ 13-24
Configuration Examples ............................................................................. 13-25
Multicasting using DVMRP .................................................................. 13-25
Protocol Independent Multicast (PIM) .................................................. 13-28
Command Reference ................................................................................. 13-36
add dvmrp interface ............................................................................ 13-36
add igmpsnooping routeraddress ........................................................ 13-37
add ip igmp destination ....................................................................... 13-38
add pim bsrcandidate .......................................................................... 13-39
add pim interface ................................................................................ 13-40
add pim rpcandidate ........................................................................... 13-41
create ip igmp destination ................................................................... 13-43
delete dvmrp interface ........................................................................ 13-44
delete igmpsnooping routeraddress ..................................................... 13-44
delete ip igmp destination ................................................................... 13-45
delete pim bsrcandidate ...................................................................... 13-45
delete pim interface ............................................................................ 13-46
delete pim rpcandidate ........................................................................ 13-47
destroy ip igmp destination ................................................................. 13-48
disable dvmrp ...................................................................................... 13-48
disable dvmrp debug ........................................................................... 13-49
disable igmpsnooping ......................................................................... 13-50
disable ip igmp .................................................................................... 13-50
disable ip igmp allgroup ...................................................................... 13-51
disable ip igmp debug ......................................................................... 13-51
disable ip igmp interface ..................................................................... 13-52
Software Release 2.7.3
C613-03103-00 REV A
Contents
xvii
disable pim .......................................................................................... 13-52
disable pim debug ............................................................................... 13-53
enable dvmrp ...................................................................................... 13-53
enable dvmrp debug ........................................................................... 13-54
enable igmpsnooping .......................................................................... 13-55
enable ip igmp .................................................................................... 13-55
enable ip igmp allgroup ....................................................................... 13-56
enable ip igmp debug ......................................................................... 13-56
enable ip igmp interface ...................................................................... 13-57
enable pim .......................................................................................... 13-57
enable pim debug ............................................................................... 13-58
purge dvmrp ....................................................................................... 13-59
purge pim ........................................................................................... 13-59
reset dvmrp interface .......................................................................... 13-60
reset pim interface .............................................................................. 13-61
set dvmrp interface ............................................................................. 13-62
set ip igmp .......................................................................................... 13-63
set igmpsnooping routermode ............................................................ 13-64
set pim ................................................................................................ 13-65
set pim log .......................................................................................... 13-66
set pim bsrcandidate ........................................................................... 13-67
set pim interface ................................................................................. 13-68
set pim rpcandidate ............................................................................. 13-70
show dvmrp ........................................................................................ 13-71
show dvmrp counters .......................................................................... 13-72
show dvmrp debug ............................................................................. 13-73
show dvmrp forwarding ...................................................................... 13-74
show dvmrp interface .......................................................................... 13-75
show dvmrp neighbour ....................................................................... 13-76
show dvmrp route ............................................................................... 13-77
show igmpsnooping ............................................................................ 13-78
show igmpsnooping routeraddress ...................................................... 13-80
show ip igmp ...................................................................................... 13-81
show ip igmp debug ........................................................................... 13-84
show pim ............................................................................................ 13-85
show pim bsrcandidate ....................................................................... 13-86
show pim config ................................................................................. 13-87
show pim counters .............................................................................. 13-88
show pim debug ................................................................................. 13-92
show pim interface .............................................................................. 13-93
show pim neighbour ........................................................................... 13-95
show pim route ................................................................................... 13-96
show pim rpcandidate ....................................................................... 13-102
show pim rpset ................................................................................. 13-103
show pim staterefresh ....................................................................... 13-104
show pim timer ................................................................................. 13-105
CHAPTER 14
Open Shortest Path First (OSPF)
Introduction ................................................................................................. 14-3
OSPF Features .............................................................................................. 14-3
Adjacency and Designated Routers .............................................................. 14-5
Link State Advertisements ............................................................................ 14-6
OSPF Packet Types ....................................................................................... 14-7
OSPF States ................................................................................................. 14-7
OSPF Metrics ............................................................................................... 14-9
OSPF Auto Cost Calculation .................................................................. 14-9
Routing with OSPF ..................................................................................... 14-10
Addressless Interfaces ................................................................................ 14-10
Software Release 2.7.3
C613-03103-00 REV A
xviii
AT-9900 Series Software Reference
Authenticating OSPF .................................................................................. 14-11
Password Authentication ..................................................................... 14-11
Cryptographic Authentication ............................................................. 14-11
Using OSPF and RIP .................................................................................... 14-12
Importing BGP routes into OSPF ................................................................. 14-13
OSPF On Demand Circuits .......................................................................... 14-14
Configuration Examples ............................................................................. 14-16
Basic OSPF Network ............................................................................ 14-16
OSPF Network with Virtual Links .......................................................... 14-19
Command Reference ................................................................................. 14-22
add ospf area ...................................................................................... 14-22
add ospf host ...................................................................................... 14-24
add ospf interface ............................................................................... 14-25
add ospf md5key ................................................................................ 14-28
add ospf neighbour ............................................................................. 14-29
add ospf range .................................................................................... 14-30
add ospf stub ...................................................................................... 14-31
delete ospf area .................................................................................. 14-32
delete ospf host .................................................................................. 14-32
delete ospf interface ............................................................................ 14-33
delete ospf md5key ............................................................................. 14-34
delete ospf neighbour ......................................................................... 14-35
delete ospf range ................................................................................ 14-35
delete ospf stub .................................................................................. 14-36
disable ospf ......................................................................................... 14-36
disable ospf debug .............................................................................. 14-37
disable ospf interface .......................................................................... 14-37
disable ospf log ................................................................................... 14-38
enable ospf ......................................................................................... 14-39
enable ospf debug .............................................................................. 14-39
enable ospf interface ........................................................................... 14-40
enable ospf log ................................................................................... 14-40
purge ospf .......................................................................................... 14-41
reset ospf ............................................................................................ 14-41
reset ospf counter ............................................................................... 14-42
reset ospf interface .............................................................................. 14-42
set ospf ............................................................................................... 14-43
set ospf area ....................................................................................... 14-46
set ospf host ....................................................................................... 14-47
set ospf interface ................................................................................. 14-48
set ospf neighbour .............................................................................. 14-51
set ospf range ..................................................................................... 14-52
set ospf stub ....................................................................................... 14-53
show ospf ........................................................................................... 14-54
show ospf area .................................................................................... 14-56
show ospf debug ................................................................................ 14-58
show ospf host .................................................................................... 14-59
show ospf interface ............................................................................. 14-60
show ospf lsa ...................................................................................... 14-65
show ospf md5key .............................................................................. 14-70
show ospf neighbour .......................................................................... 14-71
show ospf range ................................................................................. 14-72
show ospf route .................................................................................. 14-73
show ospf stub .................................................................................... 14-75
Software Release 2.7.3
C613-03103-00 REV A
Contents
xix
CHAPTER 15
Border Gateway Protocol version 4 (BGP-4)
Introduction ................................................................................................. 15-4
Overview of BGP-4 ...................................................................................... 15-4
BGP Operation ............................................................................................. 15-6
BGP Attributes ...................................................................................... 15-7
BGP Route Selection .............................................................................. 15-9
Classless Inter-domain Routing (CIDR) and Aggregation ....................... 15-10
BGP Multi-Homing ..................................................................................... 15-11
BGP Route Filtering .................................................................................... 15-13
Route Maps ......................................................................................... 15-14
AS Confederations ..................................................................................... 15-16
Triggers ...................................................................................................... 15-17
How to Configure BGP Peers ..................................................................... 15-19
How to Create a Basic BGP AS ............................................................ 15-19
How to Create BGP Peers Using Peer Templates ................................... 15-23
How to Modify BGP Peers (Without Templates) .................................... 15-24
How to Use a Template to Modify BGP Peers ....................................... 15-25
How to Modify BGP Peers that Use a Template .................................... 15-26
How to Delete BGP Peers .................................................................... 15-26
How to Filter Routes for BGP ..................................................................... 15-27
How to Configure AS Path Filters ........................................................ 15-27
How to Configure Prefix Filters ............................................................ 15-29
How to Configure Route Maps ............................................................ 15-30
How to Optimise BGP ................................................................................ 15-36
How to Minimise the Impact of Unstable EBGP Routes ........................ 15-36
How to Withdraw Routes As Soon As they Fail .................................... 15-41
How to Improve IBGP Scalability .......................................................... 15-42
How to Handle Spikes in Memory Use ................................................. 15-47
How to Stop BGP from Overloading System Memory ........................... 15-48
How to Avoid Leaking Private AS Numbers into Global BGP Tables ...... 15-48
How to Control Import of Static Routes ............................................... 15-49
How to Set the IP Address By Which the Switch Identifies Itself ........... 15-50
Configuration Examples ............................................................................. 15-51
Example One ....................................................................................... 15-51
Example Two ....................................................................................... 15-53
Example Three ..................................................................................... 15-54
Example Four ...................................................................................... 15-54
Example Five ....................................................................................... 15-55
Example Six ......................................................................................... 15-55
Example Seven .................................................................................... 15-56
Example Eight ..................................................................................... 15-56
Command Reference ................................................................................. 15-58
add bgp aggregate .............................................................................. 15-58
add bgp confederationpeer ................................................................. 15-60
add bgp import ................................................................................... 15-61
add bgp network ................................................................................ 15-62
add bgp peer ...................................................................................... 15-63
add bgp peertemplate ......................................................................... 15-69
add ip aspathlist .................................................................................. 15-74
add ip communitylist ........................................................................... 15-76
add ip prefixlist .................................................................................... 15-78
add ip routemap ................................................................................. 15-81
create bgp damping parameterset ....................................................... 15-86
delete bgp aggregate .......................................................................... 15-88
delete bgp confederationpeer ............................................................. 15-89
delete bgp import ............................................................................... 15-89
delete bgp network ............................................................................. 15-90
delete bgp peer ................................................................................... 15-90
delete bgp peertemplate ..................................................................... 15-91
Software Release 2.7.3
C613-03103-00 REV A
xx
AT-9900 Series Software Reference
delete ip aspathlist .............................................................................. 15-91
delete ip communitylist ....................................................................... 15-92
delete ip prefixlist ................................................................................ 15-92
delete ip routemap .............................................................................. 15-93
destroy bgp damping parameterset ..................................................... 15-94
disable bgp autosoftupdate ................................................................. 15-94
disable bgp damping ........................................................................... 15-95
disable bgp debug ............................................................................... 15-96
disable bgp peer .................................................................................. 15-97
enable bgp autosoftupdate ................................................................. 15-97
enable bgp damping ........................................................................... 15-98
enable bgp debug ............................................................................... 15-99
enable bgp peer ................................................................................ 15-100
purge bgp damping .......................................................................... 15-100
reset bgp damping ............................................................................ 15-101
reset bgp peer ................................................................................... 15-101
reset bgp peer soft ............................................................................ 15-102
set bgp .............................................................................................. 15-103
set bgp aggregate ............................................................................. 15-105
set bgp backoff ................................................................................. 15-106
set bgp damping parameterset .......................................................... 15-107
set bgp import .................................................................................. 15-109
set bgp memlimit .............................................................................. 15-110
set bgp peer ...................................................................................... 15-110
set bgp peertemplate ........................................................................ 15-117
set ip autonomous ............................................................................ 15-122
set ip prefixlist ................................................................................... 15-123
set ip routemap ................................................................................. 15-124
show bgp .......................................................................................... 15-129
show bgp aggregate ......................................................................... 15-131
show bgp confederation ................................................................... 15-132
show bgp backoff ............................................................................. 15-133
show bgp counters ............................................................................ 15-135
show bgp damping ........................................................................... 15-139
show bgp damping routes ................................................................. 15-141
show bgp import ............................................................................... 15-142
show bgp memlimit .......................................................................... 15-143
show bgp memlimit scan ................................................................... 15-144
show bgp network ............................................................................ 15-146
show bgp peer .................................................................................. 15-147
show bgp peertemplate .................................................................... 15-152
show bgp route ................................................................................. 15-154
show ip aspathlist .............................................................................. 15-157
show ip communitylist ....................................................................... 15-158
show ip prefixlist ............................................................................... 15-159
show ip routemap ............................................................................. 15-160
CHAPTER 16
Generic Routing Encapsulation (GRE)
Introduction ................................................................................................. 16-2
GRE on the Switch ....................................................................................... 16-3
Configuration Examples ............................................................................... 16-5
A Basic GRE Configuration .................................................................... 16-5
A Multi-Point GRE Configuration ........................................................... 16-6
Command Reference ................................................................................. 16-11
add gre ............................................................................................... 16-11
add gre tunnel .................................................................................... 16-13
delete gre ............................................................................................ 16-14
delete gre tunnel ................................................................................. 16-14
Software Release 2.7.3
C613-03103-00 REV A
Contents
xxi
disable gre .......................................................................................... 16-15
disable gre debug ................................................................................ 16-15
enable gre ........................................................................................... 16-15
enable gre debug ................................................................................ 16-16
purge gre ............................................................................................ 16-16
reset gre .............................................................................................. 16-17
set gre ................................................................................................. 16-17
set gre tunnel ...................................................................................... 16-19
show gre ............................................................................................. 16-20
show gre general ................................................................................ 16-21
show gre tunnel .................................................................................. 16-22
CHAPTER 17
Internet Protocol version 6 (IPv6)
Introduction ................................................................................................. 17-3
Overview of IPv6 .......................................................................................... 17-3
The 6bone ............................................................................................. 17-4
IPv6 Addresses and Prefixes ................................................................... 17-4
IPv6 Headers ......................................................................................... 17-6
The Internet Control Message Protocol (ICMPv6) ................................... 17-8
IPv6 Routing ........................................................................................ 17-11
IPv6 Filtering ........................................................................................ 17-11
Integration of IPv4 and IPv6 ................................................................. 17-12
IPv6 on the Switch ..................................................................................... 17-12
Enabling IPv6 ....................................................................................... 17-13
IPv6 Interfaces and Addresses .............................................................. 17-13
Extension Header Processing ............................................................... 17-15
Routing Table Processing and RIPv6 ..................................................... 17-15
Neighbour Discovery ........................................................................... 17-16
IPv6 Filtering ........................................................................................ 17-17
IPv6 Fragmentation ............................................................................. 17-18
Telnet v6 ............................................................................................. 17-18
Ping .................................................................................................... 17-19
Secure Shell ......................................................................................... 17-20
Tunnelling IPv6 packets over IPv4 ............................................................... 17-20
6-to-4 ................................................................................................. 17-20
Static Tunnelling .................................................................................. 17-21
IPv6 Acceleration ....................................................................................... 17-22
Troubleshooting the Accelerator Card .................................................. 17-23
Configuration Examples ............................................................................. 17-24
Basic Routing ...................................................................................... 17-24
Dynamic Routing with RIPv6 ................................................................ 17-25
Dynamic (6-to-4) Tunnelling over an IPv4 Network ............................... 17-29
Static Tunnelling over an IPv4 Network ................................................ 17-31
IPv6 Filters ........................................................................................... 17-33
Command Reference ................................................................................. 17-35
add ipv6 6to4 ...................................................................................... 17-35
add ipv6 filter ...................................................................................... 17-36
add ipv6 host ...................................................................................... 17-41
add ipv6 interface ............................................................................... 17-42
add ipv6 nd ......................................................................................... 17-45
add ipv6 prefix .................................................................................... 17-46
add ipv6 rip ......................................................................................... 17-47
add ipv6 route ..................................................................................... 17-48
add ipv6 tunnel ................................................................................... 17-49
create ipv6 interface ............................................................................ 17-51
delete ipv6 6to4 .................................................................................. 17-52
delete ipv6 filter .................................................................................. 17-52
delete ipv6 host ................................................................................... 17-53
Software Release 2.7.3
C613-03103-00 REV A
xxii
AT-9900 Series Software Reference
delete ipv6 interface ............................................................................ 17-53
delete ipv6 nd ..................................................................................... 17-54
delete ipv6 prefix ................................................................................. 17-55
delete ipv6 rip ..................................................................................... 17-56
delete ipv6 route ................................................................................. 17-57
delete ipv6 tunnel ............................................................................... 17-58
destroy ipv6 interface .......................................................................... 17-59
disable ipv6 ......................................................................................... 17-59
disable ipv6 advertise .......................................................................... 17-60
disable ipv6 debug .............................................................................. 17-60
disable ipv6 mtudiscovery .................................................................... 17-61
disable ipv6 rip .................................................................................... 17-61
enable ipv6 ......................................................................................... 17-61
enable ipv6 advertise ........................................................................... 17-62
enable ipv6 debug ............................................................................... 17-63
enable ipv6 mtudiscovery .................................................................... 17-63
enable ipv6 rip .................................................................................... 17-63
reset ipv6 ndcache .............................................................................. 17-64
set ipv6 filter ....................................................................................... 17-64
set ipv6 interface ................................................................................. 17-67
set ipv6 mtu ........................................................................................ 17-69
set ipv6 nd .......................................................................................... 17-70
set ipv6 prefix ...................................................................................... 17-72
set ipv6 route preference ..................................................................... 17-73
show ipv6 ........................................................................................... 17-74
show ipv6 counter ............................................................................... 17-76
show ipv6 filter ................................................................................... 17-81
show ipv6 host .................................................................................... 17-83
show ipv6 interface ............................................................................. 17-84
show ipv6 multicast ............................................................................. 17-86
show ipv6 ndcache .............................................................................. 17-87
show ipv6 ndconfig ............................................................................. 17-88
show ipv6 rip ...................................................................................... 17-90
show ipv6 route .................................................................................. 17-92
show ipv6 route multicast ................................................................... 17-93
show ipv6 route preference ................................................................. 17-95
show ipv6 tunnel ................................................................................. 17-96
CHAPTER 18
Dynamic Host Configuration Protocol for IPv6 (DHCP6)
Introduction ................................................................................................. 18-2
DHCP for IPv6 .............................................................................................. 18-2
DHCP6 Messages .................................................................................. 18-2
DHCP Unique Identifier (DUID) .............................................................. 18-3
Identity Associations .............................................................................. 18-3
Configuring DHCP6 Servers ......................................................................... 18-4
Configuring DHCP6 Clients .......................................................................... 18-5
DHCP6 Message Authentication .................................................................. 18-6
Rapid Commit ....................................................................................... 18-6
Configuration Examples ............................................................................... 18-7
Address Assignment .............................................................................. 18-7
Prefix Delegation ................................................................................... 18-8
Command Reference ................................................................................. 18-10
add dhcp6 interface ............................................................................ 18-11
add dhcp6 key .................................................................................... 18-12
add dhcp6 policy ................................................................................. 18-13
add dhcp6 range ................................................................................. 18-15
create dhcp6 policy ............................................................................. 18-16
create dhcp6 range ............................................................................. 18-17
Software Release 2.7.3
C613-03103-00 REV A
Contents
xxiii
delete dhcp6 interface ......................................................................... 18-18
delete dhcp6 key ................................................................................. 18-18
delete dhcp6 policy ............................................................................. 18-19
delete dhcp6 range ............................................................................. 18-20
destroy dhcp6 policy ........................................................................... 18-20
destroy dhcp6 range ........................................................................... 18-21
disable dhcp6 ...................................................................................... 18-21
disable dhcp6 debug ........................................................................... 18-22
disable dhcp6 rapidcommit ................................................................. 18-22
enable dhcp6 ...................................................................................... 18-22
enable dhcp6 debug ........................................................................... 18-23
enable dhcp6 rapidcommit .................................................................. 18-23
set dhcp6 key ...................................................................................... 18-24
set dhcp6 policy .................................................................................. 18-25
show dhcp6 ........................................................................................ 18-27
show dhcp6 client ............................................................................... 18-29
show dhcp6 counter ........................................................................... 18-31
show dhcp6 interface .......................................................................... 18-34
show dhcp6 key .................................................................................. 18-36
show dhcp6 policy .............................................................................. 18-37
show dhcp6 range .............................................................................. 18-38
show dhcp6 server .............................................................................. 18-40
CHAPTER 19
IPv6 Multicasting
Introduction ................................................................................................. 19-3
Overview of IPv6 Multicast Routing .............................................................. 19-3
Interoperability between Multicast Routing Protocols ................................... 19-4
Multicast Listener Discovery (MLD) ............................................................... 19-5
Queries and Reports .............................................................................. 19-5
Configuring MLD .................................................................................. 19-7
MLD Snooping ...................................................................................... 19-7
Protocol Independent Multicast Sparse Mode (PIM-SM) ................................ 19-9
Configuring PIM Sparse Mode ............................................................... 19-9
Protocol Independent Multicast Dense Mode (PIM-DM) .............................. 19-13
Configuring PIM Dense Mode ............................................................. 19-13
Configuration Examples ............................................................................. 19-16
Command Reference ................................................................................. 19-27
add pim6 bsrcandidate ........................................................................ 19-27
add pim6 interface .............................................................................. 19-28
add pim6 rpcandidate ......................................................................... 19-29
delete pim6 bsrcandidate .................................................................... 19-30
delete pim6 interface .......................................................................... 19-30
delete pim6 rpcandidate ...................................................................... 19-31
disable ipv6 mld .................................................................................. 19-31
disable ipv6 mld debug ....................................................................... 19-32
disable ipv6 mld interface .................................................................... 19-32
disable mldsnooping ........................................................................... 19-33
disable mldsnooping debug ................................................................. 19-33
disable pim6 ........................................................................................ 19-33
disable pim6 debug ............................................................................. 19-34
enable ipv6 mld ................................................................................... 19-34
enable ipv6 mld debug ........................................................................ 19-35
enable ipv6 mld interface .................................................................... 19-35
enable mldsnooping ............................................................................ 19-36
enable mldsnooping debug ................................................................. 19-36
enable pim6 ........................................................................................ 19-36
enable pim6 debug ............................................................................. 19-37
purge pim6 ......................................................................................... 19-38
Software Release 2.7.3
C613-03103-00 REV A
xxiv
AT-9900 Series Software Reference
reset pim6 interface ............................................................................ 19-38
set ipv6 mld ........................................................................................ 19-39
set ipv6 mld interface .......................................................................... 19-40
set pim6 .............................................................................................. 19-41
set pim6 bsrcandidate ......................................................................... 19-42
set pim6 interface ............................................................................... 19-43
set pim6 rpcandidate ........................................................................... 19-44
show ipv6 mld ..................................................................................... 19-45
show ipv6 mld config .......................................................................... 19-47
show ipv6 mld counters ...................................................................... 19-48
show ipv6 mld debug .......................................................................... 19-49
show mldsnooping .............................................................................. 19-50
show mldsnooping counter ................................................................. 19-51
show pim6 .......................................................................................... 19-52
show pim6 bsrcandidate ..................................................................... 19-53
show pim6 config ............................................................................... 19-54
show pim6 counters ............................................................................ 19-55
show pim6 debug ............................................................................... 19-59
show pim6 interface ............................................................................ 19-60
show pim6 neighbour ......................................................................... 19-62
show pim6 route ................................................................................. 19-63
show pim6 rpcandidate ....................................................................... 19-68
show pim6 rpset ................................................................................. 19-69
show pim6 staterefresh ....................................................................... 19-71
show pim6 timer ................................................................................. 19-72
CHAPTER 20
Generic Packet Classifier
Introduction ................................................................................................. 20-2
Classification Functions ......................................................................... 20-3
Configuration of Packet Matching Rules/Classifiers ................................ 20-3
Command Reference ................................................................................... 20-4
create classifier ...................................................................................... 20-5
destroy classifier .................................................................................. 20-13
set classifier ......................................................................................... 20-14
show classifier ..................................................................................... 20-19
CHAPTER 21
Quality of Service (QoS)
Introduction ................................................................................................. 21-3
What is Quality of Service? .................................................................... 21-3
Who Benefits from Quality of Service? ................................................... 21-3
How a QoS Solution is Described in this Document ................................ 21-4
Overview of QoS Mechanisms ............................................................... 21-4
Quality of Service with Accelerated IPv6 Traffic ...................................... 21-5
Packet Flow through the Switch ............................................................ 21-5
Packet Flow for Accelerated IPv6 Traffic ................................................. 21-8
How to Configure QoS on the Switch ........................................................ 21-12
Steps to Configure QoS on the Switch ................................................. 21-12
QoS Policy Configuration Rules ............................................................ 21-13
Destroying a QoS Element ................................................................... 21-14
Classifiers ............................................................................................ 21-14
QoS Flow Groups ................................................................................ 21-15
QoS Traffic Classes .............................................................................. 21-16
Default Traffic Class ............................................................................. 21-17
QoS Policies ......................................................................................... 21-17
Traffic Class and Policy Default Traffic Class Counters ................................. 21-18
Configuring QoS on Accelerated IPv6 Traffic ........................................ 21-18
Premarking .......................................................................................... 21-21
Bandwidth Metering ........................................................................... 21-23
Software Release 2.7.3
C613-03103-00 REV A
Contents
xxv
Remarking ........................................................................................... 21-26
QoS RED Curves .................................................................................. 21-28
Replacing Priorities on Egress ............................................................... 21-30
DiffServ Domains ....................................................................................... 21-32
How to Enable DiffServ QoS Functionality on the Switch ..................... 21-33
Layer 2 Priority-based QoS ......................................................................... 21-35
How to Enable Layer 2 QoS ................................................................. 21-35
Actions for QoS Traffic Classes and Flow Groups ........................................ 21-37
Command Reference ................................................................................. 21-39
add qos flowgroup .............................................................................. 21-39
add qos policy ..................................................................................... 21-40
add qos trafficclass .............................................................................. 21-41
create qos flowgroup .......................................................................... 21-42
create qos policy ................................................................................. 21-44
create qos red ..................................................................................... 21-47
create qos trafficclass .......................................................................... 21-48
delete qos flowgroup .......................................................................... 21-51
delete qos policy ................................................................................. 21-52
delete qos trafficclass .......................................................................... 21-53
destroy qos flowgroup ........................................................................ 21-54
destroy qos policy ................................................................................ 21-55
destroy qos red ................................................................................... 21-56
destroy qos trafficclass ......................................................................... 21-56
disable qos debug ............................................................................... 21-57
enable qos debug ................................................................................ 21-57
purge qos ............................................................................................ 21-57
reset qos accelerator ........................................................................... 21-58
reset qos port ...................................................................................... 21-58
set qos accelerator policy ..................................................................... 21-59
set qos defaultpriority .......................................................................... 21-59
set qos dscpmap ................................................................................. 21-60
set qos flowgroup ............................................................................... 21-62
set qos policy ...................................................................................... 21-64
set qos port ......................................................................................... 21-67
set qos port egressqueue ..................................................................... 21-68
set qos prio2queuemap ....................................................................... 21-69
set qos queue2priomap ....................................................................... 21-70
set qos red .......................................................................................... 21-71
set qos trafficclass ............................................................................... 21-74
show qos accelerator ........................................................................... 21-77
show qos defaultpriority ...................................................................... 21-79
show qos dscpmap .............................................................................. 21-80
show qos flowgroup ........................................................................... 21-82
show qos policy ................................................................................... 21-84
show qos port ..................................................................................... 21-87
show qos port counters ....................................................................... 21-90
show qos prio2queuemap ................................................................... 21-92
show qos queue2priomap ................................................................... 21-93
show qos red ...................................................................................... 21-95
show qos trafficclass ........................................................................... 21-99
CHAPTER 22
Resource Reservation Protocol (RSVP)
Introduction ................................................................................................. 22-2
Resource Reservation Protocol (RSVP) ........................................................... 22-2
RSVP on the Switch ..................................................................................... 22-5
RSVP Proxy Agent ........................................................................................ 22-6
Command Reference ................................................................................... 22-8
create rsvp proxy ................................................................................... 22-9
Software Release 2.7.3
C613-03103-00 REV A
xxvi
AT-9900 Series Software Reference
destroy rsvp proxy ............................................................................... 22-11
disable rsvp ......................................................................................... 22-12
disable rsvp debug .............................................................................. 22-12
disable rsvp interface ........................................................................... 22-13
disable rsvp proxy ................................................................................ 22-14
enable rsvp .......................................................................................... 22-14
enable rsvp debug ............................................................................... 22-15
enable rsvp interface ........................................................................... 22-16
enable rsvp proxy ................................................................................ 22-17
reset rsvp proxy ................................................................................... 22-18
set rsvp interface ................................................................................. 22-19
set rsvp proxy ...................................................................................... 22-20
show rsvp ............................................................................................ 22-22
show rsvp counter ............................................................................... 22-24
show rsvp interface ............................................................................. 22-27
show rsvp path .................................................................................... 22-28
show rsvp proxy .................................................................................. 22-29
show rsvp proxy counter ..................................................................... 22-32
show rsvp resv ..................................................................................... 22-33
CHAPTER 23
User Authentication
Introduction ................................................................................................. 23-3
Privilege Levels ............................................................................................. 23-3
User Level .............................................................................................. 23-3
Manager Level ....................................................................................... 23-4
Security Officer Level ............................................................................. 23-5
Remote Security Officer Level ................................................................ 23-6
Operating Modes ......................................................................................... 23-6
User Authentication Facility .......................................................................... 23-7
Logging In and Out ............................................................................... 23-8
The User Authentication Database ............................................................... 23-9
Adding Entries to the User Authentication Database .............................. 23-9
Modifying Entries in the User Authentication Database ........................ 23-10
Choosing Passwords ............................................................................ 23-11
Asynchronous Port Security ................................................................. 23-11
Telneting from the Switch .................................................................... 23-12
Counters ............................................................................................. 23-12
Semipermanent Manager Port ............................................................. 23-12
RADIUS ...................................................................................................... 23-13
TACACS .................................................................................................... 23-15
TACACS+ .................................................................................................. 23-16
Token Card Authentication ........................................................................ 23-20
Token Card Authentication on the Switch ............................................ 23-20
Using Token Card with TACACS+ ........................................................ 23-21
Using Token Card with RADIUS or TACACS ......................................... 23-22
Debug Support for RADIUS, TACACS and TACACS+ .................................. 23-24
S/Key and OTP One-Time Password Systems .............................................. 23-24
Initialising the S/Key or OTP System on the Authentication Server ........ 23-25
Configuring S/Key and OTP on the Switch ........................................... 23-26
Command Reference ................................................................................. 23-28
add radius server ................................................................................. 23-28
add tacacs server ................................................................................. 23-29
add tacplus server ............................................................................... 23-30
add user .............................................................................................. 23-31
add user rso ........................................................................................ 23-33
delete radius server ............................................................................. 23-34
delete tacacs server ............................................................................. 23-35
delete tacplus server ............................................................................ 23-35
Software Release 2.7.3
C613-03103-00 REV A
Contents
xxvii
delete user .......................................................................................... 23-36
delete user rso ..................................................................................... 23-37
disable radius debug ........................................................................... 23-38
disable system security_mode .............................................................. 23-38
disable tacacs debug ........................................................................... 23-39
disable tacplus ..................................................................................... 23-39
disable tacplus debug .......................................................................... 23-39
disable user ......................................................................................... 23-40
disable user rso ................................................................................... 23-40
enable ................................................................................................. 23-41
enable radius debug ............................................................................ 23-42
enable system security_mode .............................................................. 23-42
enable tacacs debug ............................................................................ 23-43
enable tacplus ..................................................................................... 23-43
enable tacplus debug .......................................................................... 23-44
enable user ......................................................................................... 23-44
enable user rso .................................................................................... 23-45
login ................................................................................................... 23-46
logoff .................................................................................................. 23-47
purge user ........................................................................................... 23-47
reset user ............................................................................................ 23-48
set manager asyn ................................................................................ 23-49
set password ....................................................................................... 23-50
set radius ............................................................................................ 23-50
set skey ............................................................................................... 23-51
set tacplus key ..................................................................................... 23-51
set tacplus server ................................................................................. 23-52
set tacplus telnet ................................................................................. 23-53
set user ............................................................................................... 23-54
show manager asyn ............................................................................ 23-56
show radius ......................................................................................... 23-57
show radius debug .............................................................................. 23-58
show skey ........................................................................................... 23-59
show tacacs debug .............................................................................. 23-60
show tacacs server .............................................................................. 23-61
show tacplus key ................................................................................. 23-61
show tacplus server ............................................................................. 23-62
show tacplus telnet ............................................................................. 23-63
show tacplus user ................................................................................ 23-64
show user ........................................................................................... 23-65
show user rso ...................................................................................... 23-69
CHAPTER 24
Compression and Encryption Services
Introduction ................................................................................................. 24-2
Data Compression ....................................................................................... 24-2
Data Encryption ........................................................................................... 24-4
Symmetrical Encryption ......................................................................... 24-4
Asymmetrical (Public Key) Encryption ..................................................... 24-5
Network Encryption ............................................................................... 24-6
Authentication ............................................................................................. 24-7
Key Exchange Algorithms ............................................................................ 24-8
ENCO Services ............................................................................................. 24-8
Compression ......................................................................................... 24-9
Encryption ........................................................................................... 24-10
Authentication .................................................................................... 24-10
Diffie-Hellman Key Exchange Algorithm .............................................. 24-10
Key Creation and Storage .................................................................... 24-11
Access Control ........................................................................................... 24-13
Software Release 2.7.3
C613-03103-00 REV A
xxviii
AT-9900 Series Software Reference
User Modules ............................................................................................ 24-13
IP Payload Encryption and Virtual Private Networks .............................. 24-13
Secure Shell ......................................................................................... 24-14
PPP ...................................................................................................... 24-14
Command Reference ................................................................................. 24-15
create enco key ................................................................................... 24-16
destroy enco key ................................................................................. 24-18
disable enco compstatistics .................................................................. 24-18
disable enco debugging ...................................................................... 24-19
enable enco compstatistics .................................................................. 24-19
enable enco debugging ....................................................................... 24-19
reset enco counters ............................................................................. 24-20
set enco dhpadding ............................................................................. 24-21
set enco dhpriority .............................................................................. 24-21
set enco key ........................................................................................ 24-22
set enco sw ......................................................................................... 24-23
show enco .......................................................................................... 24-24
show enco channel ............................................................................. 24-26
show enco counters ............................................................................ 24-31
show enco key .................................................................................... 24-46
CHAPTER 25
Port Authentication
Introduction ................................................................................................. 25-2
802.1x Port Based Network Access Control .................................................. 25-2
The 802.1x Implementation ................................................................... 25-2
Port Authentication Control .................................................................. 25-5
The Authentication Server ..................................................................... 25-7
The Authentication Process ................................................................... 25-8
802.1x Guest VLAN ..................................................................................... 25-9
MAC Based Authentication ........................................................................ 25-10
The MAC Based Authentication Implementation ................................. 25-10
The MAC Based Authentication Process .............................................. 25-11
Dynamic VLAN Assignment ........................................................................ 25-12
Port Authentication on the Switch ............................................................. 25-13
Enable port authentication on the switch ............................................ 25-13
Enable port authentication on a port ................................................... 25-14
Reauthenticate supplicants .................................................................. 25-15
Set a global 802.1x username and password ....................................... 25-16
Debug Port Authentication .................................................................. 25-16
Multi-supplicant configuration ............................................................. 25-17
Configuration Examples ............................................................................. 25-19
Port as an Authenticator ...................................................................... 25-19
Port as a Supplicant ............................................................................. 25-20
Command Reference ................................................................................. 25-21
activate portauth port reauthenticate .................................................. 25-22
disable portauth .................................................................................. 25-23
disable portauth debug ....................................................................... 25-24
disable portauth port ........................................................................... 25-25
enable portauth .................................................................................. 25-26
enable portauth debug ........................................................................ 25-27
enable portauth port ........................................................................... 25-28
purge portauth port ............................................................................ 25-34
reset portauth port .............................................................................. 25-35
reset portauth port multimib ............................................................... 25-36
set portauth port ................................................................................. 25-37
set portauth port supplicantmac .......................................................... 25-43
set portauth username ........................................................................ 25-46
show portauth .................................................................................... 25-48
Software Release 2.7.3
C613-03103-00 REV A
Contents
xxix
show portauth counter ........................................................................
show portauth port .............................................................................
show portauth port multisupplicant .....................................................
show portauth timer ...........................................................................
CHAPTER 26
25-50
25-53
25-60
25-65
Secure Shell
Introduction ................................................................................................. 26-2
Secure Shell on the Switch ........................................................................... 26-2
Configuring Secure Shell .............................................................................. 26-3
Configuration Example ................................................................................ 26-5
Command Reference ................................................................................... 26-9
add ssh user .......................................................................................... 26-9
delete ssh user .................................................................................... 26-10
disable ssh server ................................................................................. 26-11
disable ssh user ................................................................................... 26-12
enable ssh server ................................................................................. 26-13
enable ssh user .................................................................................... 26-14
set ssh server ....................................................................................... 26-15
set ssh user ......................................................................................... 26-16
show ssh ............................................................................................. 26-17
show ssh sessions ................................................................................ 26-24
show ssh user ...................................................................................... 26-25
ssh ...................................................................................................... 26-27
CHAPTER 27
Secure Sockets Layer (SSL)
Introduction ................................................................................................. 27-2
SSL Operations ........................................................................................... 27-2
Phases ................................................................................................... 27-3
SSL on the Switch ........................................................................................ 27-5
Configuration Example ................................................................................ 27-5
Enable SSL on the Switch’s HTTP Server ................................................. 27-5
Command Reference ................................................................................... 27-8
disable ssl debug ................................................................................... 27-8
enable ssl debug ................................................................................... 27-8
set ssl .................................................................................................... 27-9
show ssl .............................................................................................. 27-10
show ssl sessions ................................................................................. 27-20
CHAPTER 28
Public Key Infrastructure (PKI)
Introduction ................................................................................................. 28-2
Overview of PKI ........................................................................................... 28-2
Public Keys ............................................................................................ 28-2
Certificates ............................................................................................ 28-3
Elements of a Public Key Infrastructure .................................................. 28-5
Certificate Validation ............................................................................. 28-5
Certificate Revocation Lists (CRLs) .......................................................... 28-6
PKI on the Switch ........................................................................................ 28-7
Certificate Retrieval and Storage ............................................................ 28-7
Certificate Validation ............................................................................. 28-8
Certificate Revocation Lists .................................................................... 28-9
Requesting a Certificate ........................................................................ 28-9
Global PKI Parameters ......................................................................... 28-10
Configuration Examples ............................................................................. 28-11
Manual Enrollment .............................................................................. 28-11
Automatic Enrollment with CMP ......................................................... 28-13
Command Reference ................................................................................. 28-16
add pki certificate ................................................................................ 28-16
Software Release 2.7.3
C613-03103-00 REV A
xxx
AT-9900 Series Software Reference
add pki crl ........................................................................................... 28-18
add pki ldaprepository ......................................................................... 28-19
create pki certificate ............................................................................ 28-20
create pki enrollmentrequest ............................................................... 28-21
create pki keyupdaterequest ................................................................ 28-22
delete pki certificate ............................................................................ 28-23
delete pki crl ....................................................................................... 28-23
delete pki ldaprepository ..................................................................... 28-24
destroy pki enrollmentrequest ............................................................. 28-24
destroy pki keyupdaterequest .............................................................. 28-25
disable pki debug ................................................................................ 28-25
enable pki debug ................................................................................ 28-26
purge pki ............................................................................................ 28-27
set pki ................................................................................................. 28-27
set pki certificate ................................................................................. 28-28
set pki crl ............................................................................................ 28-29
set pki ldaprepository .......................................................................... 28-30
set system distinguishedname ............................................................. 28-31
show pki ............................................................................................. 28-32
show pki certificate ............................................................................. 28-39
show pki crl ......................................................................................... 28-42
show pki enrollmentrequest ................................................................ 28-45
show pki keyupdaterequest ................................................................. 28-47
show pki ldaprepository ...................................................................... 28-49
CHAPTER 29
Virtual Router Redundancy Protocol (VRRP)
Introduction ................................................................................................. 29-2
Virtual Router Redundancy Protocol ............................................................. 29-2
Interface Monitoring .................................................................................... 29-3
Port Monitoring ........................................................................................... 29-4
Configuring VRRP ........................................................................................ 29-4
Adopting the VRRP IP Address ..................................................................... 29-6
Triggers ........................................................................................................ 29-8
Configuration Example ................................................................................ 29-9
Preferred master with a backup switch .................................................. 29-9
Authenticated virtual router with no preferred master ......................... 29-10
Command Reference ................................................................................. 29-12
add vrrp .............................................................................................. 29-12
add vrrp monitoredinterface ................................................................ 29-13
create vrrp ........................................................................................... 29-14
delete vrrp ........................................................................................... 29-16
delete vrrp monitoredinterface ............................................................ 29-17
destroy vrrp ......................................................................................... 29-17
disable vrrp ......................................................................................... 29-18
disable vrrp debug ............................................................................... 29-18
enable vrrp .......................................................................................... 29-19
enable vrrp debug ............................................................................... 29-19
set vrrp ................................................................................................ 29-20
show vrrp ............................................................................................ 29-22
CHAPTER 30
Ping Polling of Device Reachability
Introduction ................................................................................................. 30-2
Configuring Ping Polling .............................................................................. 30-2
Triggers ........................................................................................................ 30-4
Logging ....................................................................................................... 30-6
Interaction with Other Protocols ................................................................... 30-6
Ping and Traceroute ............................................................................... 30-6
Software Release 2.7.3
C613-03103-00 REV A
Contents
xxxi
Command Reference ................................................................................... 30-7
add ping poll ......................................................................................... 30-7
delete ping poll ..................................................................................... 30-9
disable ping poll .................................................................................. 30-10
disable ping poll debug ....................................................................... 30-10
enable ping poll .................................................................................. 30-11
enable ping poll debug ........................................................................ 30-11
reset ping poll ..................................................................................... 30-12
set ping poll ........................................................................................ 30-13
show ping poll .................................................................................... 30-15
CHAPTER 31
Simple Network Management Protocol (SNMP)
Introduction ................................................................................................. 31-3
Network Management Framework .............................................................. 31-3
Structure of Management Information ......................................................... 31-5
Names ................................................................................................... 31-6
Instances ............................................................................................... 31-6
Syntax ................................................................................................... 31-7
Access ................................................................................................... 31-7
Status .................................................................................................... 31-7
Description ............................................................................................ 31-8
The SNMP Protocol ...................................................................................... 31-8
SNMP Versions ...................................................................................... 31-8
SNMP Messages .................................................................................... 31-9
Polling versus Event Notification ............................................................ 31-9
Message Format for SNMPv1 and SNMPv2c .......................................... 31-9
SNMP Communities (Version v1 and v2c) ............................................. 31-10
SNMPv3 Entities .................................................................................. 31-11
SNMPv3 Message Protocol Format ...................................................... 31-12
SNMPv1 and SNMPv2c on the Switch ........................................................ 31-14
SNMP MIB Views for SNMPv1 and SNMPv2c ....................................... 31-14
SNMP Communities ............................................................................ 31-15
Configuration Example (SNMPv1 and v2) ................................................... 31-18
SNMPv3 on the Switch .............................................................................. 31-20
SNMP MIB Views for SNMPv3 .............................................................. 31-20
SNMP Defined MIB Names .................................................................. 31-20
SNMP Groups ...................................................................................... 31-21
SNMP Users ......................................................................................... 31-21
SNMP Target Addresses ....................................................................... 31-22
SNMP Target Params ........................................................................... 31-22
Configuration Example (SNMPv3) .............................................................. 31-23
Command Reference ................................................................................. 31-24
add snmp community .......................................................................... 31-24
add snmp group .................................................................................. 31-26
add snmp targetaddr ........................................................................... 31-28
add snmp targetparams ...................................................................... 31-29
add snmp user .................................................................................... 31-30
add snmp view .................................................................................... 31-32
create snmp community ...................................................................... 31-33
delete snmp community ...................................................................... 31-35
delete snmp group .............................................................................. 31-36
delete snmp targetaddr ....................................................................... 31-36
delete snmp targetparams ................................................................... 31-37
delete snmp user ................................................................................. 31-37
delete snmp view ................................................................................ 31-38
destroy snmp community .................................................................... 31-39
disable snmp ....................................................................................... 31-39
disable snmp authenticate_trap ........................................................... 31-39
Software Release 2.7.3
C613-03103-00 REV A
xxxii
AT-9900 Series Software Reference
disable snmp community ..................................................................... 31-40
enable snmp ....................................................................................... 31-40
enable snmp authenticate_trap ........................................................... 31-41
enable snmp community ..................................................................... 31-41
purge snmp ......................................................................................... 31-42
set snmp community ........................................................................... 31-42
set snmp engineid ............................................................................... 31-43
set snmp group ................................................................................... 31-44
set snmp local ..................................................................................... 31-45
set snmp targetaddr ............................................................................ 31-46
set snmp targetparams ........................................................................ 31-47
set snmp user ...................................................................................... 31-48
show snmp ......................................................................................... 31-49
show snmp community ....................................................................... 31-52
show snmp group ............................................................................... 31-53
show snmp targetaddr ........................................................................ 31-54
show snmp targetparams .................................................................... 31-55
show snmp user .................................................................................. 31-56
show snmp view ................................................................................. 31-57
CHAPTER 32
Network Time Protocol (NTP)
Introduction ................................................................................................. 32-2
Overview of the Network Time Protocol ....................................................... 32-2
NTP on the Switch ....................................................................................... 32-4
Configuration Example ................................................................................ 32-4
Troubleshooting ........................................................................................... 32-7
Command Reference ................................................................................... 32-8
add ntp peer ......................................................................................... 32-8
delete ntp peer ...................................................................................... 32-8
disable ntp ............................................................................................ 32-9
enable ntp ............................................................................................. 32-9
purge ntp .............................................................................................. 32-9
reset ntp ............................................................................................. 32-10
set ntp utcoffset .................................................................................. 32-10
show ntp ............................................................................................. 32-11
CHAPTER 33
Stacking
Introduction ................................................................................................. 33-2
What is Stacking? ........................................................................................ 33-2
How Stacking Works .................................................................................... 33-4
Configuring a Stack ..................................................................................... 33-6
Configuration Example .............................................................................. 33-14
Command Reference ................................................................................. 33-16
Host-Directed Commands (HDC) ......................................................... 33-16
add stack interface .............................................................................. 33-17
delete stack interface .......................................................................... 33-17
disable stack ........................................................................................ 33-18
disable stack debug ............................................................................. 33-19
enable stack ........................................................................................ 33-20
enable stack debug ............................................................................. 33-21
set stack authentication ....................................................................... 33-22
set stack stackid .................................................................................. 33-23
set system hostid ................................................................................. 33-24
show stack .......................................................................................... 33-25
Software Release 2.7.3
C613-03103-00 REV A
Contents
xxxiii
CHAPTER 34
Scripting
Introduction ................................................................................................. 34-2
Activating a Script at Login .................................................................... 34-2
Creating Scripts ........................................................................................... 34-2
Using Script Commands ........................................................................ 34-3
Using the Built-In Text Editor .................................................................. 34-3
Loading from a TFTP Server .................................................................... 34-3
Loading from an Asynchronous Port ...................................................... 34-4
Using Scripts ................................................................................................ 34-4
Script Parameters ......................................................................................... 34-4
Script Control Structures .............................................................................. 34-5
Command Reference ................................................................................... 34-6
activate script ........................................................................................ 34-7
add script .............................................................................................. 34-8
deactivate script .................................................................................... 34-9
delete script ........................................................................................ 34-10
if..then..else..endif .............................................................................. 34-11
set script ............................................................................................. 34-12
show script .......................................................................................... 34-14
wait .................................................................................................... 34-15
CHAPTER 35
Trigger Facility
Introduction ................................................................................................. 35-2
Defining Triggers .......................................................................................... 35-3
Command Reference ................................................................................... 35-4
activate trigger ...................................................................................... 35-4
add trigger ............................................................................................ 35-5
create trigger ........................................................................................ 35-6
delete trigger ...................................................................................... 35-11
destroy trigger ..................................................................................... 35-11
disable trigger ..................................................................................... 35-12
enable trigger ...................................................................................... 35-13
purge trigger ....................................................................................... 35-13
set trigger ........................................................................................... 35-14
show trigger ........................................................................................ 35-18
CHAPTER 36
Logging Facility
Introduction ................................................................................................. 36-2
Format of Log Messages .............................................................................. 36-3
Secure Router Log Protocol (SRLP) ................................................................ 36-4
Net Manage Message Protocol ..................................................................... 36-4
Processing Log Messages ............................................................................. 36-5
Output Definitions and Message Filters .................................................. 36-5
Destinations .......................................................................................... 36-6
Configuring Output Definitions ............................................................. 36-8
Configuring Message Filters .................................................................. 36-9
Command Reference ................................................................................. 36-10
add log output .................................................................................... 36-11
add log receive .................................................................................... 36-14
create log output ................................................................................ 36-16
delete log output ................................................................................ 36-20
delete log receive ................................................................................ 36-20
destroy log output ............................................................................... 36-21
disable log ........................................................................................... 36-21
disable log generation ......................................................................... 36-21
disable log output ............................................................................... 36-22
disable log reception ........................................................................... 36-22
enable log ........................................................................................... 36-23
Software Release 2.7.3
C613-03103-00 REV A
xxxiv
AT-9900 Series Software Reference
enable log generation ......................................................................... 36-23
enable log output ................................................................................ 36-24
enable log reception ............................................................................ 36-24
flush log output .................................................................................. 36-25
purge log ............................................................................................ 36-25
set log output ..................................................................................... 36-26
set log receive ..................................................................................... 36-32
set log utcoffset .................................................................................. 36-33
show log ............................................................................................. 36-34
show log counter ................................................................................ 36-40
show log output .................................................................................. 36-42
show log queue .................................................................................. 36-47
show log receive ................................................................................. 36-49
show log status ................................................................................... 36-51
CHAPTER 37
Terminal Server
Introduction ................................................................................................. 37-2
TTY Devices ................................................................................................. 37-2
Command Line Editing and Recall ................................................................ 37-4
Multiple Sessions ......................................................................................... 37-5
Accessing Telnet Hosts ................................................................................. 37-6
Telnet .................................................................................................... 37-6
Remote Management ............................................................................ 37-7
Command Reference ................................................................................... 37-8
connect ................................................................................................. 37-8
disable telnet server ............................................................................... 37-8
disconnect ............................................................................................. 37-9
enable telnet server ............................................................................... 37-9
reconnect ............................................................................................ 37-10
set telnet ............................................................................................. 37-11
set tty .................................................................................................. 37-12
show sessions ...................................................................................... 37-13
show telnet ......................................................................................... 37-14
show tty .............................................................................................. 37-15
telnet .................................................................................................. 37-18
CHAPTER 38
Printer Server
Introduction ................................................................................................. 38-2
Stream Printing ............................................................................................ 38-2
Stream Printing on the Switch ............................................................... 38-2
Configuring Stream Printing .................................................................. 38-3
Command Reference ................................................................................... 38-4
add stream ............................................................................................ 38-5
delete stream ........................................................................................ 38-5
reset stream .......................................................................................... 38-6
show stream ......................................................................................... 38-6
CHAPTER 39
Test Facility
Introduction ................................................................................................. 39-2
Ethernet Port Tests ....................................................................................... 39-3
Asynchronous Port Tests ............................................................................... 39-5
Cable Test .................................................................................................... 39-5
Command Reference ................................................................................... 39-7
disable test cable ................................................................................... 39-7
disable test interface ............................................................................. 39-7
enable test cable ................................................................................... 39-8
enable test interface .............................................................................. 39-9
Software Release 2.7.3
C613-03103-00 REV A
Contents
xxxv
reset test cable .................................................................................... 39-10
reset test interface ............................................................................... 39-10
show test ............................................................................................ 39-11
show test cable ................................................................................... 39-15
APPENDIX A
Messages
Introduction .................................................................................................. A-3
Message Descriptions ................................................................................... A-4
smmm001–smmm255: Global Messages ................................................ A-4
s003256–s003999: Point-to-Point Protocol ........................................... A-12
s004256–s004999: AppleTalk ............................................................... A-16
s005256–s005999: Internet Protocol (IP) .............................................. A-20
s006256–s006999: Novell IPX .............................................................. A-31
s120256–s120999: Stacking ................................................................ A-34
s018256–s018999: TEST Module ......................................................... A-35
s022256–s022999: TCP ....................................................................... A-37
s023256–s023999: Ethernet Driver ...................................................... A-37
s031256–s031999: FLASH Driver .......................................................... A-38
s033256–s033999: TELNET .................................................................. A-39
s034256–s034999: System ................................................................... A-40
s035256–s035999: Command Processor .............................................. A-42
s036256–s036999: TTY ........................................................................ A-42
s039256–s039999: BOOTP ................................................................... A-45
s040256–s040999: Network Time Protocol (NTP) ................................. A-45
s043256–s043999: PORT Driver ........................................................... A-46
s045256–s045999: User Authentication Facility .................................... A-50
s048256–s048999: LOADER ................................................................. A-53
s049256–s049999: INSTALL ................................................................. A-56
s050256–s050999: Open Shortest Path First (OSPF) .............................. A-59
s051256–s051999: RADIUS .................................................................. A-63
s052256–s052999: Generic Routing Encapsulation (GRE) ..................... A-64
s053256–s053999: Trigger Facility ........................................................ A-65
s054256–s054999: Scripting ................................................................ A-67
s056256–s056999: File Subsystem ....................................................... A-68
s057256–s057999: Logging Facility ...................................................... A-70
s058256–s058999: PING ...................................................................... A-73
s059256–s059999: Simple Network Management Protocol (SNMP) ...... A-75
s062256–s062999: Security Associations .............................................. A-78
s066256–s066999: Internet Protocol version 6 (IPv6) ............................ A-79
s067256–s067999: Layer 2 Tunnelling Protocol (L2TP) .......................... A-83
s070256–s070999: Dynamic Host Configuration Protocol (DHCP) ........ A-83
s073256–s073999: Encryption ............................................................. A-84
s074256–s074999: Star Key Management ........................................... A-86
s075256–s075999: Secure Shell ........................................................... A-87
s076256–s076999: Resource Reservation Protocol (RSVP) ..................... A-88
s077256–s077999: Firewall .................................................................. A-89
s081256–s081999: IP Security (IPsec) ................................................... A-92
s082256–s082999: ISAKMP/IKE ........................................................... A-97
s083256–s083999: Finger .................................................................... A-98
s084256–s084999: HTTP ...................................................................... A-98
s087256–s087999: Layer 3 Switching .................................................. A-99
s088256–s088999: Virtual Router Redundancy Protocol (VRRP) .......... A-108
s089256–s089999: VLANs ................................................................. A-110
s091256–s091999: GARP ................................................................... A-121
s092256–s092999: Spanning Tree Protocol (STP) ................................ A-123
s094256–s094999: Open Systems Interconnection (OSI) ..................... A-126
s095256–s095999: Public Key Infrastructure (PKI) .............................. A-128
s096256–s096999: Lightweight Directory Access Protocol (LDAP) ....... A-129
Software Release 2.7.3
C613-03103-00 REV A
xxxvi
AT-9900 Series Software Reference
s097256–s097999: Protocol Independent Multicast (PIM) ...................
s099256–s099999: Quality of Service (QoS) .......................................
s100256–s100999: Generic Classifier .................................................
s103256–s103999: Border Gateway Protocol version 4 (BGP-4) ..........
s104256–s104999: Load Balancer ......................................................
s106256–s106999: Compact Flash .....................................................
s112256–s112999: S/Key ...................................................................
s117256–s117999: Dynamic Host Configuration Protocol v6 (DHCP6)
s118256–s118999: Port Authentication .............................................
s120256–s120999: Stacking ..............................................................
s123256–s123999: SWNP ..................................................................
s122256–s122999: Link Aggregation Control Protocol (LACP) ............
s124256–s124999: Multiple Spanning Tree Protocol (MSTP) ...............
s127256–s127999: IPv6 Accelerator ...................................................
APPENDIX B
A-133
A-136
A-137
A-138
A-142
A-146
A-149
A-149
A-151
A-153
A-154
A-154
A-155
A-157
Reference Tables
Module Identifiers and Names ....................................................................... B-2
Flash File System Message Codes ................................................................... B-7
Log Message Types and Subtypes ................................................................... B-9
APPENDIX C
SNMP MIBs
Introduction .................................................................................................. C-2
Allied Telesyn Enterprise MIB ......................................................................... C-3
The Products Sub-tree ............................................................................ C-4
The AT Router Sub-tree .......................................................................... C-7
The Objects Group ................................................................................. C-7
The sysinfo Group ................................................................................ C-13
The arInterfaces Group ......................................................................... C-13
The Modules Group ............................................................................. C-14
MIB-II MIB ................................................................................................... C-24
Implementation .................................................................................... C-25
IP Forwarding Table MIB .............................................................................. C-26
Implementation .................................................................................... C-26
Ethernet-like Interface Types MIB ................................................................ C-27
Implementation .................................................................................... C-27
Bridge MIB .................................................................................................. C-28
Implementation .................................................................................... C-29
Virtual Bridge (VLAN) MIB ........................................................................... C-30
Implementation .................................................................................... C-30
Port Access Control MIB .............................................................................. C-32
Implementation .................................................................................... C-33
RMON MIB ................................................................................................. C-34
Implementation .................................................................................... C-35
Host Resources MIB .................................................................................... C-36
Implementation .................................................................................... C-37
SNMP v3 MIBs ............................................................................................ C-39
Implementation .................................................................................... C-39
Border Gateway Protocol v4 (BGP-4) MIB .................................................... C-40
Implementation .................................................................................... C-41
Glossary
Index
Software Release 2.7.3
C613-03103-00 REV A
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising