ProCurve 5400zl Specifications

Add to my manuals
765 Pages

advertisement

ProCurve 5400zl Specifications | Manualzz
ProCurve
5400zl
Switches
HP ProCurve
Switch
Software
Installation and Getting Started Guide
Command Line Interface Reference Guide
3500yl switches
5400zl switches
6200yl switches
8200zl switches
Software version K.14.09
April 2009
HP ProCurve
3500yl Switches
5400zl Switches
6200yl Switch
8200zl Switches
April 2009
K.14.09
Command Line Interface Reference Guide
Hewlett-Packard Company
Publication Number
5992-3063
April 2009
Copyright
© Copyright 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject
to change without notice.
Disclaimer
HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental
or consequential damages in connection with the furnishing, performance, or use of this material.
The only warranties for HP products and services are set forth in the express warranty statements
accompanying such products and services. Nothing herein should be construed as constituting an additional
warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Hewlett-Packard assumes no responsibility for the use or reliability of its software on equipment that is not
furnished by Hewlett-Packard.
Warranty
See the Customer Support/Warranty booklet included with the product.
A copy of the specific warranty terms applicable to your Hewlett-Packard products and replacement parts
can be obtained from your HP Sales and Service Office or authorized dealer.
Trademark Credits
Microsoft, Windows, Windows 95, and Microsoft Windows NT are US registered trademarks of Microsoft
Corporation.
© 2009 Hewlett-Packard Development Company, L.P.
2
Contents
Introduction ...................................................................................................................................
Introduction ...........................................................................................................................
Conventions ..................................................................................................................
Getting Documentation From the Web ..........................................................................
CLI Online Help .............................................................................................................
Related Publications ......................................................................................................
How to Navigate This Guide ..........................................................................................
Commands ....................................................................................................................................
aaa ........................................................................................................................................
Overview .......................................................................................................................
Command Structure ......................................................................................................
Command Details ..........................................................................................................
access-list ..............................................................................................................................
Overview for IPv4 ACLs .................................................................................................
Overview for IPv6 ACLs .................................................................................................
Command Structure ......................................................................................................
alias .......................................................................................................................................
Overview .......................................................................................................................
Command Structure ......................................................................................................
Examples .......................................................................................................................
Command Details ..........................................................................................................
arp .........................................................................................................................................
Overview .......................................................................................................................
Command Structure ......................................................................................................
arp-protect .............................................................................................................................
Overview .......................................................................................................................
Command Structure ......................................................................................................
Command Details ..........................................................................................................
autorun ..................................................................................................................................
Overview .......................................................................................................................
Notes .............................................................................................................................
Command Structure ......................................................................................................
Command Details ..........................................................................................................
auto-tftp ................................................................................................................................
Overview .......................................................................................................................
Command Structure ......................................................................................................
Examples .......................................................................................................................
Command Details ..........................................................................................................
banner ...................................................................................................................................
Overview .......................................................................................................................
Command Structure ......................................................................................................
Command Details ..........................................................................................................
boot .......................................................................................................................................
Overview .......................................................................................................................
Notes .............................................................................................................................
Command Structure ......................................................................................................
Command Details ..........................................................................................................
cdp ........................................................................................................................................
Overview .......................................................................................................................
Command Structure ......................................................................................................
Examples .......................................................................................................................
Command Details ..........................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
14
15
15
16
16
17
18
20
21
21
21
25
59
59
60
62
63
63
63
63
63
64
64
64
65
65
65
66
68
68
68
68
68
70
70
70
70
70
72
72
72
72
73
73
73
73
73
76
76
76
76
76
3
Command Line Interface Reference Guide
Command Line Interface Reference Guide
chassislocate ......................................................................................................................... 77
Overview ....................................................................................................................... 77
Command Structure ...................................................................................................... 77
Command Details .......................................................................................................... 77
class ...................................................................................................................................... 79
Overview ....................................................................................................................... 79
Command Structure ...................................................................................................... 79
Examples ....................................................................................................................... 79
Command Details .......................................................................................................... 79
clear ...................................................................................................................................... 82
Overview ....................................................................................................................... 82
Command Structure ...................................................................................................... 82
Command Details .......................................................................................................... 83
clock ...................................................................................................................................... 86
Overview ....................................................................................................................... 86
Command Structure ...................................................................................................... 86
Command Details .......................................................................................................... 86
configure ............................................................................................................................... 89
Overview ....................................................................................................................... 89
Command Structure ...................................................................................................... 89
Examples ....................................................................................................................... 89
Command Details .......................................................................................................... 89
connection-rate-filter ............................................................................................................. 90
Overview ....................................................................................................................... 90
Command Structure ...................................................................................................... 90
Command Details .......................................................................................................... 90
console .................................................................................................................................. 92
Overview ....................................................................................................................... 92
Command Structure ...................................................................................................... 92
Examples ....................................................................................................................... 92
Command Details .......................................................................................................... 93
copy ...................................................................................................................................... 96
Overview ....................................................................................................................... 96
Command Structure ...................................................................................................... 96
Command Details ........................................................................................................ 102
core-dump ........................................................................................................................... 137
Overview ..................................................................................................................... 137
Command Structure .................................................................................................... 137
Examples ..................................................................................................................... 137
Command Details ........................................................................................................ 137
crypto .................................................................................................................................. 138
Overview ..................................................................................................................... 138
Command Structure .................................................................................................... 138
Command Details ........................................................................................................ 139
debug .................................................................................................................................. 150
Overview ..................................................................................................................... 150
Command Structure .................................................................................................... 150
Command Details ........................................................................................................ 151
dhcp .................................................................................................................................... 158
Overview ..................................................................................................................... 158
Command Structure .................................................................................................... 158
Command Details ........................................................................................................ 158
dhcp-relay ........................................................................................................................... 159
Overview ..................................................................................................................... 159
© 2009 Hewlett-Packard Development Company, L.P.
4
Command Line Interface Reference Guide
Command Line Interface Reference Guide
Command Structure ....................................................................................................
Command Details ........................................................................................................
dhcp-snooping ....................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
dir ........................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
enable ..................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
end ......................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
erase ....................................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
exit ......................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
fastboot ...............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
fault-finder ...........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
feature-coordinator ..............................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
filter .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
front-panel-security .............................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
getMIB .................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
gvrp .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
159
160
166
166
166
166
171
171
171
171
172
172
172
172
173
173
173
174
174
174
174
174
174
176
176
176
176
177
177
177
178
178
178
178
180
180
180
181
185
185
185
186
190
190
190
190
190
192
192
192
192
193
193
193
5
Command Line Interface Reference Guide
Command Line Interface Reference Guide
hostname ............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
igmp ....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
igmp-proxy-domain .............................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
include-credentials ..............................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
instrumentation ...................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
interface ..............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
ip .........................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
ipv6 .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
jumbo ..................................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
key-chain .............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
kill ........................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
licenses ...............................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
link-keepalive .......................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
194
194
194
194
195
195
195
195
196
196
196
196
198
198
198
198
199
199
200
200
204
204
204
213
290
290
290
292
313
313
313
313
319
319
319
319
319
320
320
320
323
344
344
344
344
344
346
346
346
346
347
349
349
349
6
Command Line Interface Reference Guide
Command Line Interface Reference Guide
Command Details ........................................................................................................
link-test ................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
lldp ......................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
lockout-mac .........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
log .......................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
logging ................................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
log-numbers ........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
logout ..................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
loop-protect .........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
mac-age-time ......................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
management-vlan ...............................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
max-vlans ............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
menu ...................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
mesh ...................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
349
350
350
350
350
351
352
352
352
353
360
360
360
360
361
361
361
361
363
363
363
363
364
368
368
368
369
369
369
370
370
370
370
372
372
372
372
373
373
373
373
374
374
374
374
375
375
375
375
376
376
376
376
376
7
Command Line Interface Reference Guide
Command Line Interface Reference Guide
mirror ..................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
mirror-port ..........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
module ................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
monitor ...............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
page ....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
password .............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
ping .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
ping6 ...................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
policy ...................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
port-security ........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
power-over-ethernet ............................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
primary-vlan ........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
377
377
377
378
381
381
381
381
381
383
383
383
383
383
385
385
385
385
387
387
387
388
388
388
388
392
392
392
393
393
395
395
395
395
396
398
398
398
398
398
400
400
401
401
403
403
403
403
403
404
406
406
406
406
8
Command Line Interface Reference Guide
Command Line Interface Reference Guide
print .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
p-wireless-services ..............................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
qinq .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
qos ......................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
radius-server .......................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
redo .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
redundancy .........................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
redundancy .........................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
reload ..................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
rename ................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
repeat ..................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
router ..................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
407
407
407
407
408
408
408
408
409
409
409
409
409
411
411
411
414
415
456
456
457
458
458
462
462
462
462
463
463
463
463
463
464
466
466
466
466
466
467
467
467
467
467
469
469
469
469
470
470
470
470
471
471
471
9
Command Line Interface Reference Guide
Command Line Interface Reference Guide
Examples .....................................................................................................................
Command Details ........................................................................................................
r-wireless-services ...............................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
savepower ...........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
services ...............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
services ...............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
services ...............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
setMIB .................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
setup ...................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
sflow ....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
show ....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
snmp-server ........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
snmpv3 ...............................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
sntp .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
spanning-tree ......................................................................................................................
Overview .....................................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
473
474
493
493
493
493
494
494
494
494
495
495
495
495
498
498
498
498
501
501
501
501
504
504
504
504
506
506
506
506
507
508
508
508
509
511
511
511
523
612
612
613
614
623
623
623
623
625
634
634
634
634
637
637
10
Command Line Interface Reference Guide
Command Line Interface Reference Guide
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
stack ....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
startup-default .....................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
static-mac ............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
static-vlan ............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
svlan ....................................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
switch-interconnect .............................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
system .................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
tacacs-server .......................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
task-monitor ........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
telnet ...................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
telnet-server ........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
638
640
640
655
655
655
656
657
657
657
657
657
659
659
659
659
659
660
660
660
660
661
661
661
661
662
663
675
675
675
675
675
677
677
677
677
678
678
678
678
680
680
680
680
680
681
681
681
681
681
683
683
683
683
11
Command Line Interface Reference Guide
Command Line Interface Reference Guide
terminal ...............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
tftp .......................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
time .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
timesync ..............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
traceroute ............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
traceroute6 ..........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
trunk ....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
update .................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
upgrade-software ................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
virus-throttle ........................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
vlan .....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
walkMIB ...............................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
web-management ...............................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
684
684
684
684
685
685
685
685
686
686
686
686
687
689
689
689
689
689
690
690
690
691
691
695
695
695
696
700
700
700
701
701
703
703
703
704
704
704
705
705
705
706
706
706
712
754
754
754
754
754
755
755
755
755
12
Command Line Interface Reference Guide
Command Line Interface Reference Guide
wireless-services .................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
wireless-services .................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
wireless-services .................................................................................................................
Overview .....................................................................................................................
Notes ...........................................................................................................................
Command Structure ....................................................................................................
Command Details ........................................................................................................
write ....................................................................................................................................
Overview .....................................................................................................................
Command Structure ....................................................................................................
Examples .....................................................................................................................
Command Details ........................................................................................................
© 2009 Hewlett-Packard Development Company, L.P.
757
757
757
757
757
759
759
759
759
759
760
760
760
760
760
761
761
761
761
761
13
Introduction
© 2009 Hewlett-Packard Development Company, L.P.
14
Introduction
CONVENTIONS
Abstract
This guide uses the following conventions for command syntax and displayed information.
Command Syntax Statements
Syntax:
aaa port-access authenticator PORT-LIST [ control < authorized | auto |
unauthorized >]
■ Vertical bars ( | ) separate alternative, mutually exclusive elements.
■ Square brackets ( [ ] ) indicate optional elements.
■ Braces ( < > ) enclose required elements.
■ Square brackets or braces within square brackets ( [ < > ] ) indicate a required element within an
optional choice.
■ All caps indicate variables for which you must supply a value when executing the command. For
example, in this command syntax, you must provide one or more port numbers:
Syntax:
aaa port-access authenticator PORT-LIST
Command Prompts
In the default configuration the Series 8212zl switches, for example, display the following CLI prompt:
■ ProCurve Switch 8212zl#
To simplify recognition, this guide uses ProCurve or HPswitch to represent command prompts for
all models. For example:
ProCurve#
HPswitch#
(You can use the hostname command to change the text in the CLI prompt.)
© 2009 Hewlett-Packard Development Company, L.P.
15
Command Line Interface Reference Guide
Introduction
Example Commands
Example commands and their output appear in the Courier type face. For example:
ProCurve(config)# clear public-key
ProCurve(config)# show ip client-public-key
show_client_public_key: cannot stat keyfile
Port Numbering Conventions
ProCurve chassis switches designate individual ports with a letter/number combination to show the
slot in which the port is found and the sequential number the port has in that slot (A1, A2, B1, B2,
etc.)
GETTING DOCUMENTATION FROM THE WEB
You need the Adobe® Acrobat® Reader to view, print, and/or copy ProCurve Networking product
documentation.
1.
Go to the ProCurve Networking Web site at www.procurve.com [http://www.procurve.com.]
2.
Click on Support, and then Manuals.
3.
Click on the name of the product for which you want documentation.
4.
On the resulting Web page, double-click on a document you want to view or download.
CLI ONLINE HELP
To access the online help, type the command, followed by a space, then press the [Tab] key.
List Available Commands
Type “?” to list available commands. Typing the ? symbol lists the commands you can execute at
the current privilege level.
Use [Tab] to search for or complete a command word. You can use [Tab] to help you find CLI
commands or to quickly complete the current word in a command. To do so, type one or more
consecutive characters in a command and then press [Tab] (with no spaces allowed). Pressing [Tab]
after a completed command word lists the further options for that command.
Options Available in Current Context
You can use the CLI to remind you of the options available for a command by entering command
keywords followed by ?.
Displaying Command-List Help
Syntax: help
Displays a listing of command help summaries for all commands available at the current privilege
level. That is, at the Operator level, executing help displays the help summaries only for Operator-Level
commands. At the Manager level, executing help displays the help summaries for both the Operator
and Manager levels, and so on.
Displaying Help for an Individual Command
Syntax: COMMAND-STRING help
© 2009 Hewlett-Packard Development Company, L.P.
16
Command Line Interface Reference Guide
Introduction
This option displays help for any command available at the current context level.
RELATED PUBLICATIONS
The following documents (available on the ProCurve website) provide additional information on the
CLI commands.
Software Release Notes
Release notes provide information on new software updates:
■ New features and how to configure and use them
■ Software management, including downloading software to the switch
■ Software fixes addressed in current and previous releases
Product Notes and Software Update Information
The printed Read Me First shipped with your switch provides product notes and other information.
Installation and Getting Started Guide
Use the Installation and Getting Started Guide to prepare for and perform the physical installation.
This guide also steps you through connecting the switch to your network and assigning IP addressing,
and describes the LED indications for correct operation and trouble analysis. You can download this
guide from the ProCurve website.
Management and Configuration Guide
Use the Management and Configuration Guide for information on:
■
■
■
■
■
■
■
■
■
■
Using the command line (CLI), Menu interface, and web browser interface
Memory and configuration operation
IP addressing
Time protocols
Port configuration, trunking, traffic control, and PoE operation
Redundancy
SNMP, LLDP, and other network management topics
File transfers, switch monitoring, troubleshooting, and MAC address management
Resource management
Scalability
Access Security Guide
Use the Access Security Guide to learn how to use and configure the following access security features
available in the switch:
■
■
■
■
■
■
■
■
■
Local username and password security
Web-based and MAC-based authentication
Virus-throttling
RADIUS and TACACS+ authentication
SSH (Secure Shell) and SSL (Secure Socket Layer) operation
802.1X access control
Port security operation with MAC-based control
Authorized IP Manager security
Access Control Lists (ACLs)
© 2009 Hewlett-Packard Development Company, L.P.
17
Command Line Interface Reference Guide
Introduction
■ KMS (Key Management System)
Advanced Traffic Management Guide
Use the Advanced Traffic Management Guide for information on:
■
■
■
■
■
VLANs: Static port-based and protocol VLANs, and dynamic GVRP VLANs
Spanning-Tree: 802.1D (STP), 802.1w (RSTP), and 802.1s (MSTP)
Meshing
Quality-of-Service (QoS)
QinQ
Multicast and Routing Guide
Use the Multicast and Routing Guide for information on:
■
■
■
■
IGMP
PIM (SM and DM)
IP routing
VRRP
IPv6 Configuration Guide
Use the IPv6 Configuration Guide for information on:
■
■
■
■
■
■
Migrating to IPv6
IPv6 Configuration and Management
IPv6 Security
IPv6 ACLs
IPv6 Troubleshooting
IPv6 Scalability
HOW TO NAVIGATE THIS GUIDE
The commands and page numbers in this guide are hyperlinked in blue to allow you to easily navigate
to the desired command detail. Hyperlinked areas are:
■ Overview: Related commands section
■ Command Structure
■ Command Details summary listing
■ Next Available Options within individual command options and parameters
■ Page numbers displayed with commands
When the hand cursor is positioned over a blue hyperlinked area, the hand displays a pointing finger.
Left-click once to go the the indicated command. Additionally, the Command Details section lists the
commands in alphabetical order.
Navigating Printed Copy
If you are using a printed copy of this guide, use the page numbers displayed at the end of a command,
option, or parameter to go to the desired command detail.
Traversing the Command Structure
The commands shown in the Command Structure section of a chapter mimic the command
organization of the switch. For example, if you select the command "aaa", one of the next command
options is "accounting". The next available option under accounting is "commands". The Command
© 2009 Hewlett-Packard Development Company, L.P.
18
Command Line Interface Reference Guide
Introduction
Structure provides a high-level view of all the command options and parameters for that command.
Each of these is hyperlinked to take you to the details about that option or parameter.
© 2009 Hewlett-Packard Development Company, L.P.
19
Commands
© 2009 Hewlett-Packard Development Company, L.P.
20
aaa
OVERVIEW
Category:
802.1X, Accounting, Switch Security
Primary context:
config
Related Commands
show (page 511)
show (page 511)
show (page 511)
show (page 511)
show (page 511)
radius-server (page 456)
tacacs-server (page 678)
Usage: aaa <...>
Description: Configure the switch Authentication, Authorization, and Accounting
features. Use 'aaa ?' command to see a list of all possible
configuration options.
COMMAND STRUCTURE
■ aaa accounting -- Configure accounting parameters on the switch (p. 26)
■ commands -- Configure 'commands' type of accounting (p. 31)
■ mode < stop-only > -- Specify how to initiate and terminate an accounting session. (p. 40)
■ method < radius > -- Specify which accounting method to use (radius) (p. 40)
■ exec -- Configure 'exec' type of accounting (p. 34)
■ mode < start-stop | stop-only > -- Specify how to initiate and terminate an accounting
session. (p. 40)
■ method < radius > -- Specify which accounting method to use (radius) (p. 40)
■ network -- Configure 'network' type of accounting (p. 41)
■ mode < start-stop | stop-only > -- Specify how to initiate and terminate an accounting
session. (p. 40)
■ method < radius > -- Specify which accounting method to use (radius) (p. 40)
■ suppress -- Do not generate accounting records for a specific type of user. (p. 52)
■ null-username -- Do not generate accounting records for users with a null-username. (p.
41)
■ system -- Configure 'system' type of accounting (p. 52)
■ mode < start-stop | stop-only > -- Specify how to initiate and terminate an accounting
session. (p. 40)
■ method < radius > -- Specify which accounting method to use (radius) (p. 40)
■ update -- Configure update accounting records mechanism (p. 54)
■ periodic < 1 to 525600 > -- Configure update accounting records mechanism (p. 42)
■ aaa authentication -- Configure authentication parameters on the switch (p. 27)
■ console -- Configure authentication mechanism used to control access to the switch console
(p. 32)
■ enable -- Configure access to the privileged mode commands. (p. 33)
■ primary < local | tacacs | radius > -- Specify the primary authentication method for access
control. (p. 44)
■ secondary < local | none | authorized > -- Specify the backup authentication method
for access control. (p. 48)
■ login -- Configure login access to the switch. (p. 36)
© 2009 Hewlett-Packard Development Company, L.P.
21
Command Line Interface Reference Guide
■
■
■
■
■
■
■
aaa
■ primary < local | tacacs | radius > -- Specify the primary authentication method for access
control. (p. 44)
■ secondary < local | none | authorized > -- Specify the backup authentication method
for access control. (p. 48)
login -- Specify that switch respects the authentication server's privilege level (p. 36)
■ privilege-mode -- Specify that switch respects the authentication server's privilege level (p.
47)
mac-based -- Configure authentication mechanism used to control mac-based port access to
the switch (p. 37)
■ primary < chap-radius | peap-mschapv2 > -- Specify the primary authentication method
for access control. (p. 44)
■ secondary < none | authorized > -- Specify the backup authentication method for access
control. (p. 48)
num-attempts < 1 to 10 > -- Specify the maximum number of login attempts allowed (p. 42)
port-access -- Configure authentication mechanism used to control access to the network (p.
42)
■ primary < local | eap-radius | chap-radius > -- Specify the primary authentication method
for access control. (p. 44)
■ secondary < none | authorized > -- Specify the backup authentication method for access
control. (p. 48)
ssh -- Configure authentication mechanism used to control SSH access to the switch (p. 50)
■ enable -- Configure access to the privileged mode commands. (p. 33)
■ primary < local | tacacs | radius | ... > -- Specify the primary authentication method for
access control. (p. 44)
■ secondary < local | none | authorized > -- Specify the backup authentication method
for access control. (p. 48)
■ login -- Configure login access to the switch. (p. 36)
■ primary < local | tacacs | radius | ... > -- Specify the primary authentication method for
access control. (p. 44)
■ secondary < local | none | authorized > -- Specify the backup authentication method
for access control. (p. 48)
telnet -- Configure authentication mechanism used to control telnet access to the switch (p.
52)
■ enable -- Configure access to the privileged mode commands. (p. 33)
■ primary < local | tacacs | radius > -- Specify the primary authentication method for access
control. (p. 44)
■ secondary < local | none | authorized > -- Specify the backup authentication method
for access control. (p. 48)
■ login -- Configure login access to the switch. (p. 36)
■ primary < local | tacacs | radius > -- Specify the primary authentication method for access
control. (p. 44)
■ secondary < local | none | authorized > -- Specify the backup authentication method
for access control. (p. 48)
web -- Configure authentication mechanism used to control web access to the switch (p. 54)
■ enable -- Configure access to the privileged mode commands. (p. 33)
■ primary < local | radius > -- Specify the primary authentication method for access control.
(p. 44)
■ secondary < local | none | authorized > -- Specify the backup authentication method
for access control. (p. 48)
■ login -- Configure login access to the switch. (p. 36)
■ primary < local | radius > -- Specify the primary authentication method for access control.
(p. 44)
© 2009 Hewlett-Packard Development Company, L.P.
22
Command Line Interface Reference Guide
aaa
■ secondary < local | none | authorized > -- Specify the backup authentication method
for access control. (p. 48)
■ web-based -- Configure authentication mechanism used to control web-based port access to
the switch (p. 55)
■ primary < chap-radius | peap-mschapv2 > -- Specify the primary authentication method
for access control. (p. 44)
■ secondary < none | authorized > -- Specify the backup authentication method for access
control. (p. 48)
■ aaa authorization -- Configure authorization parameters on the switch (p. 30)
■ commands -- Configure exec (shell) commands authorization. (p. 31)
■ primary_method < radius | none > -- (p. 47)
■ aaa port-access -- Configure 802 (p. 42)
■ authenticator -- Configure 802 (p. 28)
■ active -- Activate/deactivate 802.1X authenticator. (p. 27)
■ PORT-LIST -- Manage 802.1X on the device port(s). ([ethernet] PORT-LIST) (p. 43)
■ auth-vid -- Configures VLAN where to move port after successful authentication (not
configured by default). (p. 30)
■ VLAN-ID -- Configures VLAN where to move port after successful authentication (not
configured by default). (VLAN-ID) (p. 54)
■ clear-statistics -- Clear the authenticator statistics. (p. 31)
■ client-limit -- Set the maximum number of clients to allow on the port. (p. 31)
■ NUMBER-OF-CLIENTS < 1 to 32 > -- Set the maximum number of clients to allow on
the port. (NUMBER) (p. 42)
■ control < authorized | auto | unauthorized > -- Set the authenticator to Force Authorized,
Force Unauthorized or Auto state (default Auto). (NUMBER) (p. 32)
■ initialize -- Reinitialize the authenticator state machine. (p. 35)
■ logoff-period < 1 to 999999999 > -- Set period of time after which a client will be
considered removed from the port for a lack of activity. (NUMBER) (p. 36)
■ max-requests < 1 to 10 > -- Set maximum number of times the switch retransmits
authentication requests (default 2). (NUMBER) (p. 39)
■ quiet-period < 0 to 65535 > -- Set the period of time the switch does not try to acquire
a supplicant (default 60 sec.). (NUMBER) (p. 47)
■ reauthenticate -- Force re-authentication to happen. (p. 47)
■ reauth-period < 0 to 9999999 > -- Set the re-authentication timeout (in seconds, default
0); set to '0' to disable re-authentication. (NUMBER) (p. 47)
■ server-timeout < 1 to 300 > -- Set the authentication server response timeout (default
30sec.). (NUMBER) (p. 50)
■ supplicant-timeout < 1 to 300 > -- Set the supplicant response timeout on an EAP request
(default 30 sec.). (NUMBER) (p. 52)
■ tx-period < 1 to 65535 > -- Set the period of time the switch waits until retransmission
of EAPOL PDU (default 30 sec.). (NUMBER) (p. 53)
■ unauth-period < 0 to 255 > -- Set period of time the switch waits for authentication
before moving the port to the VLAN for unauthenticated clients. (NUMBER) (p. 53)
■ unauth-vid -- Configures VLAN where to keep port while there is an unauthenticated
client connected (not configured by default). (p. 53)
■ VLAN-ID -- Configures VLAN where to keep port while there is an unauthenticated
client connected (not configured by default). (VLAN-ID) (p. 54)
■ gvrp-vlans -- Enable/disable the use of RADIUS-assigned dynamic (GVRP) VLANs (p. 34)
■ mac-based -- Configure MAC address based network authentication on the device or the
device's port(s) (p. 37)
■ addr-format < no-delimiter | single-dash | multi-dash | ... > -- Set the MAC address format
to be used in the RADIUS request message (default no-delimiter). (p. 27)
© 2009 Hewlett-Packard Development Company, L.P.
23
Command Line Interface Reference Guide
aaa
■ mac-list1 -- Manage MAC address based network authentication on the device port(s).
([ethernet] PORT-LIST) (p. 39)
■ addr-limit < 1 to 32 > -- Set the port's maximum number of authenticated MAC addresses
(default 1). (NUMBER) (p. 27)
■ addr-moves -- Set whether the MAC can move between ports (default disabled - no
moves). (p. 27)
■ auth-vid -- Configures VLAN where to move port after successful authentication (not
configured by default). (p. 30)
■ VLAN-ID -- Configures VLAN where to move port after successful authentication (not
configured by default). (VLAN-ID) (p. 54)
■ logoff-period < 1 to 9999999 > -- Set the period of time of inactivity that the switch
considers an implicit logoff (default 300 seconds). (NUMBER) (p. 36)
■ max-requests < 1 to 10 > -- Set maximum number of times the switch retransmits
authentication requests (default 3). (NUMBER) (p. 39)
■ quiet-period < 1 to 65535 > -- Set the period of time the switch does not try to
authenticate (default 60 seconds). (NUMBER) (p. 47)
■ reauthenticate -- Force re-authentication to happen. (p. 47)
■ reauth-period < 0 to 9999999 > -- Set the re-authentication timeout in seconds; set to
'0' to disable re-authentication (default 0). (NUMBER) (p. 47)
■ server-timeout < 1 to 300 > -- Set the authentication server response timeout (default
30 seconds). (NUMBER) (p. 50)
■ unauth-vid -- Configures VLAN where to keep port while there is an unauthorized client
connected (not configured by default). (p. 53)
■ VLAN-ID -- Configures VLAN where to keep port while there is an unauthorized client
connected (not configured by default). (VLAN-ID) (p. 54)
■ PORT-LIST -- Manage general port security features on the device port(s). ([ethernet] PORT-LIST)
(p. 43)
■ controlled-direction < both | in > -- Configure how traffic is controlled on non-authenticated
ports; in BOTH directions (ingress+egress) or IN only (ingress). (NUMBER) (p. 32)
■ supplicant -- Manage 802 ([ethernet] PORT-LIST) (p. 51)
■ auth-timeout < 1 to 300 > -- Set the challenge reception timeout (default 30sec.). (NUMBER)
(p. 30)
■ clear-statistics -- Clear the supplicant statistics. (p. 31)
■ held-period < 0 to 65535 > -- Set the held period (default 60sec.). (NUMBER) (p. 35)
■ identity -- Set the identity(user name) to be used by the supplicant. (ASCII-STR) (p. 35)
■ secret -- (p. 50)
■ initialize -- Reinitialize the supplicant state machine. (p. 35)
■ max-start < 1 to 10 > -- Define the maximum number of attempts taken to start
authentication (default 3). (NUMBER) (p. 40)
■ secret -- Trigger the command to ask user for a password for the supplicant to use. (p. 50)
■ start-period < 1 to 300 > -- Set a period of time between EAPOL-Start packet retransmission
(default 30sec.). (NUMBER) (p. 51)
■ web-based -- Configure web authentication based network authentication on the device or the
device's port(s) (p. 55)
■ dhcp-addr -- Set the base address / mask for the temporary pool used by DHCP (base address
default is 192.168.0.0, mask default is 24 - 255.255.255.0). (IP-ADDR/MASK-LENGTH) (p. 33)
■ dhcp-lease < 5 to 25 > -- Set the lease length of the IP address issued by DHCP (default 10).
(NUMBER) (p. 33)
■ ewa-server -- IP address or hostname of the enhanced web authentication server on the
device. (p. 34)
■ host-name -- Hostname of the enhanced web auth server. (ASCII-STR) (p. 35)
■ page-path -- Sets the path of the login pages to be found on the ewa server.
(ASCII-STR) (p. 42)
© 2009 Hewlett-Packard Development Company, L.P.
24
Command Line Interface Reference Guide
aaa
■ ip-addr -- IP address of the enahced web auth server. (IP-ADDR) (p. 35)
■ page-path -- Sets the path of the login pages to be found on the ewa server.
(ASCII-STR) (p. 42)
■ web-list1 -- Manage web authentication based network authentication on the device port(s).
([ethernet] PORT-LIST) (p. 57)
■ auth-vid -- Configures VLAN where to move port after successful authentication (not
configured by default). (p. 30)
■ web-authvid -- Configures VLAN where to move port after successful authentication
(not configured by default). (VLAN-ID) (p. 55)
■ client-limit < 1 to 32 > -- Set the port's maximum number of authenticated clients (default
1). (NUMBER) (p. 31)
■ client-moves -- Set whether the client can move between ports (default disabled - no
moves). (p. 31)
■ logoff-period < 1 to 9999999 > -- Set the period of time of inactivity that the switch
considers an implicit logoff (default 300 seconds). (NUMBER) (p. 36)
■ max-requests < 1 to 10 > -- Set maximum number of times the switch retransmits
authentication requests (default 3). (NUMBER) (p. 39)
■ max-retries < 1 to 10 > -- Set number of times a client can enter their credentials before
authentication is considered to have failed (default 3). (NUMBER) (p. 39)
■ quiet-period < 1 to 65535 > -- Set the period of time the switch does not try to
authenticate (default 60 seconds). (NUMBER) (p. 47)
■ reauthenticate -- Force re-authentication to happen. (p. 47)
■ reauth-period < 0 to 9999999 > -- Set the re-authentication timeout in seconds; set to
'0' to disable re-authentication (default 0). (NUMBER) (p. 47)
■ redirect-url -- Set the URL that the user should be redirected to after successful login
(default none), Specify url up to 103 characters length. (p. 48)
■ web-redirect-url -- Set the URL that the user should be redirected to after successful
login (default none), Specify url up to 103 characters length. (ASCII-STR) (p. 58)
■ server-timeout < 1 to 300 > -- Set the authentication server response timeout (default
30 seconds). (NUMBER) (p. 50)
■ ssl-login -- Set whether to enable SSL login (https on port 443) (default disabled). (p. 50)
■ unauth-vid -- Configures VLAN where to keep port while there is an unauthorized client
connected (not configured by default). (p. 53)
■ web-unauthvid -- Configures VLAN where to keep port while there is an unauthorized
client connected (not configured by default). (VLAN-ID) (p. 58)
COMMAND DETAILS
accounting (p. 26)
active (p. 27)
addr-format (p. 27)
addr-limit (p. 27)
addr-moves (p. 27)
authentication (p. 27)
authenticator (p. 28)
authorization (p. 30)
auth-timeout (p. 30)
auth-vid (p. 30)
clear-statistics (p. 31)
client-limit (p. 31)
client-moves (p. 31)
commands (p. 31)
console (p. 32)
identity (p. 35)
initialize (p. 35)
ip-addr (p. 35)
login (p. 36)
logoff-period (p. 36)
mac-based (p. 37)
mac-list1 (p. 39)
max-requests (p. 39)
max-retries (p. 39)
max-start (p. 40)
method (p. 40)
mode (p. 40)
network (p. 41)
null-username (p. 41)
num-attempts (p. 42)
© 2009 Hewlett-Packard Development Company, L.P.
reauth-period (p. 47)
redirect-url (p. 48)
secondary (p. 48)
secret (p. 50)
server-timeout (p. 50)
ssh (p. 50)
ssl-login (p. 50)
start-period (p. 51)
supplicant (p. 51)
supplicant-timeout (p. 52)
suppress (p. 52)
system (p. 52)
telnet (p. 52)
tx-period (p. 53)
unauth-period (p. 53)
25
Command Line Interface Reference Guide
control (p. 32)
controlled-direction (p. 32)
dhcp-addr (p. 33)
dhcp-lease (p. 33)
enable (p. 33)
ewa-server (p. 34)
exec (p. 34)
gvrp-vlans (p. 34)
held-period (p. 35)
host-name (p. 35)
aaa
NUMBER-OF-CLIENTS (p. 42)
page-path (p. 42)
periodic (p. 42)
port-access (p. 42)
PORT-LIST (p. 43)
primary (p. 44)
primary_method (p. 47)
privilege-mode (p. 47)
quiet-period (p. 47)
reauthenticate (p. 47)
unauth-vid (p. 53)
update (p. 54)
VLAN-ID (p. 54)
web (p. 54)
web-authvid (p. 55)
web-based (p. 55)
web-list1 (p. 57)
web-redirect-url (p. 58)
web-unauthvid (p. 58)
accounting
■ aaa accounting
Usage: [no] aaa accounting <exec|network|system|commands>
<start-stop|stop-only>
<radius>
[no] aaa accounting update periodic <number>
[no] aaa accounting suppress null-username
Description: Configure accounting parameters on the switch. The first form
of the command can be used to specify a type of accounting,
how accounting session will be started and ended, and the method
used for accounting. The second form can be used to indicate of
whether the send interim accounting records mechanism needs to be
activated and how to issue an update of accounting records.
The third form can be used to suppress accounting when an unknown
user with no username accesses the switch
Parameters:
o exec
- Provides information about user EXEC terminal
sessions (user shells) on the switch.
o network
- Provides information about 8021x sessions.
o system
- Provides information about all system-level events,
such as the system reboots or accounting turned
on/off.
o commands
- Provides information about commands executed on the
switch.
o start-stop - Send a start record accounting notice at the
beginning and a stop record notice at the end of the
accounting session. Do not wait for acknowledgement.
o stop-only - Send a stop record accounting notice at the end of
the accounting session.Do not wait for
acknowledgement.
o radius
- Use RADIUS as the accounting protocol
accounting information is available.
o update periodic <number> - Send accounting update records at
regular intervals given by 'number' (in minutes).
o suppress null-username - suppress accounting when a user with
no username accesses the switch
Next Available Options:
■ commands -- Configure 'commands' type of accounting(p. 31)
■ exec -- Configure 'exec' type of accounting(p. 34)
■ network -- Configure 'network' type of accounting(p. 41)
■ suppress -- Do not generate accounting records for a specific type of user. (p. 52)
■ system -- Configure 'system' type of accounting(p. 52)
■ update -- Configure update accounting records mechanism(p. 54)
© 2009 Hewlett-Packard Development Company, L.P.
26
Command Line Interface Reference Guide
aaa
active
■ [no] aaa port-access authenticator active
Activate/deactivate 802.1X authenticator.
addr-format
■ aaa port-access mac-based addr-format < no-delimiter | single-dash | multi-dash | ... >
Set the MAC address format to be used in the RADIUS request message (default
no-delimiter).
Supported Values:
■ no-delimiter -- no delimiter format: aabbccddeeff.
■ single-dash -- single dash format: aabbcc-ddeeff.
■ multi-dash -- multi-dash format: aa-bb-cc-dd-ee-ff.
■ multi-colon -- multi-colon format: aa:bb:cc:dd:ee:ff.
■ no-delimiter-uppercase -- no delimiter, uppercase format: AABBCCDDEEFF.
■ single-dash-uppercase -- single dash, uppercase format: AABBCC-DDEEFF.
■ multi-dash-uppercase -- multi-dash, uppercase format: AA-BB-CC-DD-EE-FF.
■ multi-colon-uppercase -- multi-colon, uppercase format: AA:BB:CC:DD:EE:FF.
addr-limit
■ aaa port-access mac-based [ETHERNET] PORT-LIST addr-limit < 1 to 32 >
Set the port's maximum number of authenticated MAC addresses (default 1).
Range: < 1 to 32 >
addr-moves
■ [no] aaa port-access mac-based [ETHERNET] PORT-LIST addr-moves
Set whether the MAC can move between ports (default disabled - no moves).
authentication
■ aaa authentication
Usage: aaa authentication ...
Description: Configure authentication parameters on the switch.
The command configures authentication mechanism used to
control access the switch resources. Use 'aaa authentication ?'
command to see a list of all possible configuration options.
Next Available Options:
■ console -- Configure authentication mechanism used to control access to the switch console(p.
32)
■ telnet -- Configure authentication mechanism used to control telnet access to the switch(p.
52)
■ web -- Configure authentication mechanism used to control web access to the switch(p. 54)
■ ssh -- Configure authentication mechanism used to control SSH access to the switch(p. 50)
■ port-access -- Configure authentication mechanism used to control access to the network(p.
42)
© 2009 Hewlett-Packard Development Company, L.P.
27
Command Line Interface Reference Guide
aaa
■ web-based -- Configure authentication mechanism used to control web-based port access to
the switch(p. 55)
■ mac-based -- Configure authentication mechanism used to control mac-based port access to
the switch(p. 37)
■ num-attempts < 1 to 10 > -- Specify the maximum number of login attempts allowed(p. 42)
■ login -- Specify that switch respects the authentication server's privilege level(p. 36)
authenticator
■ aaa port-access authenticator
Usage:
[no] aaa port-access authenticator active
[no] aaa port-access authenticator [ethernet] PORT-LIST
[control <authorized|auto|unauthorized> | quiet-period <0-65535> |
tx-period <1-65535> | supplicant-timeout <1-300> |
server-timeout <1-300> | max-requests <1-10> |
reauth-period <0-9999999> | auth-vid VLAN-ID | unauth-vid VLAN-ID |
unauth-period <0-255> | logoff-period <1-999999999> |
client-limit [<1-32>] |
initialize | reauthenticate mac-addr MAC-ADDRESS | clear-statistics]
Description: Configure 802.1X (Port Based Network Access) authentication
on the device or the device's port(s).
The first form of the command activates or deactivates
authentication on the device. By default, authentication is
deactivated. 802.1X authentication does not run on the switch
until you use this command to enable it.
The second form of the command enables, disables, or
configures authentication on the device's individual ports.
While authentication is deactivated, access to the network
is granted on all switch ports regardless of whether
802.1X is enabled on the port.
The 'no' keyword cannot be used with any of the optional
parameters that follow PORT-LIST.
802.1X must be enabled on a port before any of the following
optional parameters can be configured on the port.
o 'control' sets the authenticator to (Force) Authorized,
(Force) Unauthorized or Auto state (default 'Auto').
- Auto: Grants network access to a connected device that
supports 802.1X authentication and provides valid
credentials.
- Authorized: Grants access to any devices connected to
the port(s). In this case, the devices do not have
to provide 802.1X credentials or support 802.1X
authentication. (Also termed ''Force Authorized''.)
- Unauthorized: In this state, the port blocks access to
any connected device, regardless of whether the
device provides the correct credentials and has
802.1X support.
o 'quiet-period' sets the period of time during which the
© 2009 Hewlett-Packard Development Company, L.P.
28
Command Line Interface Reference Guide
aaa
switch does not try to acquire a supplicant after a failed
authentication attempt(default 60 seconds).
o 'tx-period' sets the period of time the switch waits to
retransmit the next EAPOL PDU during an authentication
session (default 30 seconds).
o 'server-timeout' sets the period of time after which the
switch assumes that authentication has timed out
(default 30 seconds).
o 'supp-timeout' sets the period of time after which the
switch decides that a supplicant has not responded to an EAP
request (default 30 seconds).
o 'max-requests' sets maximum number of times the switch
retransmits a request to the backend authentication system
(RADIUS server) before closing the current authentication
session (default 2).
o 'reauth-period' sets the period of time after which connected
clients must be re-authenticated. When the timeout
is set to 0 the re-authentication is disabled (default 0
seconds).
o 'auth-vid' configures the VLAN to which to move port after
successful authentication. RADIUS server can override the
value. Use 'no' form of the command to set this PVID to 0.
If the PVID set to 0 no PVID changes occure unless RADIUS
server requests. Changes take effect after client
reauthentication. The default is 0.
o 'unauth-vid' configures the VLAN to which to move port if
an unauthorized client has been connected on the port and
there is no other client on the port. The switch will wait
for the amount of time specified as the 'unauth-period'
before the port will be moved to this VLAN. If the port PVID
successfully set to the value configured, the port becomes
unblocked and the client can communicate to other members
of this VLAN. Use 'no' form of the command to set this PVID
to 0. Changes take effect immediately. The default is 0.
o 'unauth-period' sets period of time the switch waits for
authentication before assigning the 'unauth-vid' to the port
if an unauthenticated client has been detected on this port.
The default is 0 seconds.
o 'logoff-period' sets period of time after which a client will
be considered removed from the port for a lack of activity.
The default is 300 seconds.
o 'client-limit' sets the maximum number of clients to allow on
the port. This includes ALL clients (authenticated and
unauthenticated).
NOTE: No more than 32 unique client MAC addresses can be
authorized by both 802.1X and MAC/web-based
authentication together on the same port.
The 'no... client-limit' command allows unlimited number of
clients on the port. Authenticator makes no distinction between
clients and operates port as a single protocol entity with
© 2009 Hewlett-Packard Development Company, L.P.
29
Command Line Interface Reference Guide
aaa
no specific MAC address filter on the port.
The default is no client limit.
o 'initialize' re-initialize authentication on the specified
ports. That is, 'initialize' blocks inbound and outbound
traffic and restarts the authentication process on the
specified ports that are configured with 'control auto' (see
the 'control' parameter, described above) and actively
operating as authenticators.
o 'reauthenticate' forces re-authentication (unless the
authenticator is in 'HELD' state).
o 'mac-addr' allows to specify which client needs to be forced
o 'clear-statistics' clears authenticator statistics
counters.
Next Available Options:
■ PORT-LIST -- Manage 802.1X on the device port(s). ([ethernet] PORT-LIST) (p. 43)
■ active -- Activate/deactivate 802.1X authenticator.(p. 27)
authorization
■ aaa authorization
Usage: [no] aaa authorization <commands> <radius>
Description: Configure authorization parameters on the switch.
Next Available Option:
■ commands -- Configure exec (shell) commands authorization. (p. 31)
auth-timeout
■ aaa port-access supplicant [ETHERNET] PORT-LIST auth-timeout < 1 to 300 >
Set the challenge reception timeout (default 30sec.).
Range: < 1 to 300 >
auth-vid
■ [no] aaa port-access authenticator [ETHERNET] PORT-LIST auth-vid
Configures VLAN where to move port after successful authentication (not configured
by default).
Next Available Option:
■ VLAN-ID -- Configures VLAN where to move port after successful authentication (not configured
by default). (VLAN-ID) (p. 54)
■ [no] aaa port-access mac-based [ETHERNET] PORT-LIST auth-vid
Configures VLAN where to move port after successful authentication (not configured
by default).
© 2009 Hewlett-Packard Development Company, L.P.
30
Command Line Interface Reference Guide
aaa
Next Available Option:
■ VLAN-ID -- Configures VLAN where to move port after successful authentication (not configured
by default). (VLAN-ID) (p. 54)
■ [no] aaa port-access web-based [ETHERNET] PORT-LIST auth-vid
Configures VLAN where to move port after successful authentication (not configured
by default).
Next Available Option:
■ web-authvid -- Configures VLAN where to move port after successful authentication (not
configured by default). (VLAN-ID) (p. 55)
clear-statistics
■ aaa port-access authenticator [ETHERNET] PORT-LIST clear-statistics
Clear the authenticator statistics.
■ aaa port-access supplicant [ETHERNET] PORT-LIST clear-statistics
Clear the supplicant statistics.
client-limit
■ [no] aaa port-access authenticator [ETHERNET] PORT-LIST client-limit
Set the maximum number of clients to allow on the port.
Next Available Option:
■ NUMBER-OF-CLIENTS < 1 to 32 > -- Set the maximum number of clients to allow on the port.
(NUMBER) (p. 42)
■ aaa port-access web-based [ETHERNET] PORT-LIST client-limit < 1 to 32 >
Set the port's maximum number of authenticated clients (default 1).
Range: < 1 to 32 >
client-moves
■ [no] aaa port-access web-based [ETHERNET] PORT-LIST client-moves
Set whether the client can move between ports (default disabled - no moves).
commands
■ [no] aaa accounting commands
Usage: [no] aaa accounting commands <stop-only> <radius>
Description: Configure 'commands' type of accounting.
Parameters:
o stop-only - Send a record accounting notice after the execution
of command.
o radius
- Use RADIUS as the accounting protocol.
© 2009 Hewlett-Packard Development Company, L.P.
31
Command Line Interface Reference Guide
aaa
Next Available Option:
■ mode < stop-only > -- Specify how to initiate and terminate an accounting session. (p. 40)
■ [no] aaa authorization commands
Configure exec (shell) commands authorization.
Next Available Option:
■ primary_method < radius | none > -- (p. 47)
console
■ aaa authentication console
Usage: aaa authentication console <enable|login>
<primary-method> [<backup-method>]
Description: Configure authentication mechanism used to control access
to the switch console.
Parameters:
o enable
- Configure access to privileged mode.
o login
- Configure login access.
o <primary-method> - Specifies the primary authentication
method for access control. Use <TAB>
or <?> after you specify enable or login
to get a list of all available
primary authentication methods.
o <backup-method> - Specifies an authentication method
to use, if the primary authentication
method is not able to check user's
credentials.
Use <TAB> or <?> after you specify the
primary authentication method to get a list
of all available backup methods.
Next Available Options:
■ enable -- Configure access to the privileged mode commands.(p. 33)
■ login -- Configure login access to the switch.(p. 36)
control
■ aaa port-access authenticator [ETHERNET] PORT-LIST control < authorized | auto | unauthorized
>
Set the authenticator to Force Authorized, Force
Unauthorized or Auto state (default Auto).
Supported Values:
■ authorized -- Force authorized.
■ auto -- Auto.
■ unauthorized -- Force unauthorized.
controlled-direction
■ aaa port-access [ETHERNET] PORT-LIST controlled-direction < both | in >
© 2009 Hewlett-Packard Development Company, L.P.
32
Command Line Interface Reference Guide
aaa
Configure how traffic is controlled on non-authenticated ports; in
BOTH directions (ingress+egress) or IN only (ingress).
Supported Values:
■ both -- Exert control in both directions.
■ in -- Exert control on incoming packets.
dhcp-addr
■ aaa port-access web-based dhcp-addr IP-ADDR/MASK-LENGTH
Set the base address / mask for the temporary pool used by DHCP (base address default
is 192.168.0.0, mask default is 24 - 255.255.255.0).
dhcp-lease
■ aaa port-access web-based dhcp-lease < 5 to 25 >
Set the lease length of the IP address issued by DHCP (default 10).
Range: < 5 to 25 >
enable
■ aaa authentication console enable
Configure access to the privileged mode commands.
Next Available Option:
■ primary < local | tacacs | radius > -- Specify the primary authentication method for access
control.(p. 44)
■ aaa authentication telnet enable
Configure access to the privileged mode commands.
Next Available Option:
■ primary < local | tacacs | radius > -- Specify the primary authentication method for access
control.(p. 44)
■ aaa authentication web enable
Configure access to the privileged mode commands.
Next Available Option:
■ primary < local | radius > -- Specify the primary authentication method for access control.(p.
44)
■ aaa authentication ssh enable
Configure access to the privileged mode commands.
Next Available Option:
■ primary < local | tacacs | radius | ... > -- Specify the primary authentication method for access
control.(p. 44)
© 2009 Hewlett-Packard Development Company, L.P.
33
Command Line Interface Reference Guide
aaa
ewa-server
■ [no] aaa port-access web-based ewa-server
IP address or hostname of the enhanced web authentication server on the device.
Next Available Options:
■ ip-addr -- IP address of the enahced web auth server. (IP-ADDR) (p. 35)
■ host-name -- Hostname of the enhanced web auth server. (ASCII-STR) (p. 35)
exec
■ [no] aaa accounting exec
Usage: [no] aaa accounting exec <start-stop|stop-only>
<radius>
Description: Configure 'exec' type of accounting.
Parameters:
o start-stop - Send a start record accounting notice at the
beginning and a stop record notice at the end
of the accounting session. Do not wait for
acknowledgement.
o stop-only - Send a stop record accounting notice at the end
of the accounting session.Do not wait for
acknowledgement.
o radius
- Use RADIUS as the accounting protocol
Next Available Option:
■ mode < start-stop | stop-only > -- Specify how to initiate and terminate an accounting session.
(p. 40)
gvrp-vlans
■ [no] aaa port-access gvrp-vlans
Usage:
[no] aaa port-access gvrp-vlans
Description: Enables the use of dynamic VLANs (learned through GVRP) in the
temporary untagged VLAN assigned by a RADIUS server on an authenticated port
in an 802.1X, MAC, or Web authentication session.
Enter the no form of this command to disable the use of GVRP-learned VLANs
in an authentication session.
Notes:
1. If a port is assigned as a member of an untagged dynamic VLAN, the dynamic
VLAN configuration must exist at the time of authentication and GVRP for port-access
authentication must be enabled on the switch.
If the dynamic VLAN does not exist or if you have not enabled the use of a dynamic
VLAN for authentication sessions on the switch, the authentication fails.
2. After you enable dynamic VLAN assignment in an authentication session, it is
recommended that you use the interface unknown-vlans command on a per-port basis
to
prevent denial-of-service attacks. The interface unknown-vlans command allows you
to:
© 2009 Hewlett-Packard Development Company, L.P.
34
Command Line Interface Reference Guide
aaa
-Disable the port from sending advertisements of existing GVRP-created VLANs on
the switch.
-Drop all GVRP advertisements received on the port.
3. If you disable the use of dynamic VLANs in an authentication session using the
no aaa port-access gvrp-vlans command, client sessions that were authenticated
with a dynamic VLAN continue and are not deauthenticated. However, if a
RADIUS-configured dynamic VLAN used for an authentication session is deleted
from the switch through normal GVRP operation (for example, if no GVRP
advertisements for the VLAN are received on any switch port), authenticated clients
using this VLAN are deauthenticated.
held-period
■ aaa port-access supplicant [ETHERNET] PORT-LIST held-period < 0 to 65535 >
Set the held period (default 60sec.).
Range: < 0 to 65535 >
host-name
■ [no] aaa port-access web-based ewa-server HOST-NAME
Hostname of the enhanced web auth server.
Next Available Option:
■ page-path -- Sets the path of the login pages to be found on the ewa server. (ASCII-STR) (p.
42)
identity
■ aaa port-access supplicant [ETHERNET] PORT-LIST identity IDENTITY
Set the identity(user name) to be used by the supplicant.
Next Available Option:
■ secret -- (p. 50)
initialize
■ aaa port-access authenticator [ETHERNET] PORT-LIST initialize
Reinitialize the authenticator state machine.
■ aaa port-access supplicant [ETHERNET] PORT-LIST initialize
Reinitialize the supplicant state machine.
ip-addr
■ [no] aaa port-access web-based ewa-server IP-ADDR
IP address of the enahced web auth server.
© 2009 Hewlett-Packard Development Company, L.P.
35
Command Line Interface Reference Guide
aaa
Next Available Option:
■ page-path -- Sets the path of the login pages to be found on the ewa server. (ASCII-STR) (p.
42)
login
■ aaa authentication console login
Configure login access to the switch.
Next Available Option:
■ primary < local | tacacs | radius > -- Specify the primary authentication method for access
control.(p. 44)
■ aaa authentication telnet login
Configure login access to the switch.
Next Available Option:
■ primary < local | tacacs | radius > -- Specify the primary authentication method for access
control.(p. 44)
■ aaa authentication web login
Configure login access to the switch.
Next Available Option:
■ primary < local | radius > -- Specify the primary authentication method for access control.(p.
44)
■ aaa authentication ssh login
Configure login access to the switch.
Next Available Option:
■ primary < local | tacacs | radius | ... > -- Specify the primary authentication method for access
control.(p. 44)
■ aaa authentication login
Usage: [no] aaa authentication login privilege-mode
Description: Specify that switch respects the
authentication server's privilege level.
Next Available Option:
■ privilege-mode -- Specify that switch respects the authentication server's privilege level(p. 47)
logoff-period
■ aaa port-access authenticator [ETHERNET] PORT-LIST logoff-period < 1 to 999999999 >
© 2009 Hewlett-Packard Development Company, L.P.
36
Command Line Interface Reference Guide
aaa
Set period of time after which a client will be considered removed from the
port for a lack of activity.
Range: < 1 to 999999999 >
■ aaa port-access mac-based [ETHERNET] PORT-LIST logoff-period < 1 to 9999999 >
Set the period of time of inactivity that the switch considers an implicit logoff
(default 300 seconds).
Range: < 1 to 9999999 >
■ aaa port-access web-based [ETHERNET] PORT-LIST logoff-period < 1 to 9999999 >
Set the period of time of inactivity that the switch considers an implicit logoff
(default 300 seconds).
Range: < 1 to 9999999 >
mac-based
■ aaa authentication mac-based
Usage: aaa authentication mac-based <primary-method> [<backup-method>]
Description: Configure authentication mechanism used to control mac-based
port access to the switch.
Parameters:
o <primary-method> - Specifies the primary authentication
method for access control. Use <TAB>
or <?> after you specify enable or login
to get a list of all available
primary authentication methods.
o <backup-method> - Specifies an authentication method
to use, if the primary authentication
method is not able to check user's
credentials.
Use <TAB> or <?> after you specify the
primary authentication method to get a list
of all available backup methods.
Next Available Option:
■ primary < chap-radius | peap-mschapv2 > -- Specify the primary authentication method for
access control.(p. 44)
■ aaa port-access mac-based
Usage:
[no] aaa port-access mac-based
addr-format <no-delimiter | single-dash | multi-dash |
multi-colon | no-delimiter-uppercase | single-dash-uppercase |
multi-dash-uppercase | multi-colon-uppercase>
[no] aaa port-access mac-based [ethernet] PORT-LIST
[addr-limit <1-32> | addr-moves | quiet-period <1-65535> |
server-timeout <1-300> | max-requests <1-10> |
logoff-period <1-9999999> | reauth-period <0-9999999>
auth-vid VLAN-ID | unauth-vid VLAN-ID |
reauthenticate]
Description: Configure MAC address based network authentication
on the device or the device's port(s).
© 2009 Hewlett-Packard Development Company, L.P.
37
Command Line Interface Reference Guide
aaa
The first form of the command sets the
MAC address format which is common to all ports
The second form of the command enables, disables, or
configures authentication on the device's individual ports.
o 'addr-format' sets the MAC address format to be used in the
RADIUS request message (default no-delimiter).
o 'addr-limit' sets the maximum number of MAC addresses to
allow on the port. This includes ALL addresses (authenticated
and unauthenticated). The default is 1 MAC address.
NOTE: No more than 32 unique client MAC addresses can be
authorized by both 802.1X and MAC/web-based
authentication together on the same port.
o 'addr-moves' sets whether the MAC address can move
between ports that also have 'addr-moves' enabled
(default disabled - no moves allowed).
o 'quiet-period' sets the period of time during which the
switch does not try to authenticate after a failed
authentication attempt (default 60 seconds).
o 'server-timeout' sets the period of time after which the
switch assumes that authentication has timed out
(default 30 seconds).
o 'max-requests' sets the number of authentication attempts
that must time out before authentication fails (default 3).
o 'logoff-period' sets the period of time of inactivity that
the switch considers an implicit logoff (default 300).
o 'reauth-period' sets the period of time after which connected
MAC addresses must be re-authenticated. When set to 0
the re-authentication is disabled (default 0).
o 'auth-vid' configures the VLAN to which to move a port
after successful authentication. RADIUS server can
override the value. Use 'no' form of the command to set
this PVID to 0. If the PVID is set to 0 no PVID changes
occur unless RADIUS server requests. Changes take effect
immediately. All clients must immediately re-authenticate.
The default is 0.
o 'unauth-vid' configures the VLAN to which to move a port
after failed authentication. Use 'no' form of the command
to set this PVID to 0. Changes take effect immediately.
The default is 0.
o 'reauthenticate' forces re-authentication
of all clients present on a port.
Next Available Options:
■ mac-list1 -- Manage MAC address based network authentication on the device port(s). ([ethernet]
PORT-LIST) (p. 39)
© 2009 Hewlett-Packard Development Company, L.P.
38
Command Line Interface Reference Guide
aaa
■ addr-format < no-delimiter | single-dash | multi-dash | ... > -- Set the MAC address format to
be used in the RADIUS request message (default no-delimiter).(p. 27)
mac-list1
■ [no] aaa port-access mac-based [ETHERNET] PORT-LIST
Manage MAC address based network authentication on the device port(s).
Next Available Options:
■ addr-limit < 1 to 32 > -- Set the port's maximum number of authenticated MAC addresses
(default 1). (NUMBER) (p. 27)
■ addr-moves -- Set whether the MAC can move between ports (default disabled - no moves).(p.
27)
■ logoff-period < 1 to 9999999 > -- Set the period of time of inactivity that the switch considers
an implicit logoff (default 300 seconds). (NUMBER) (p. 36)
■ quiet-period < 1 to 65535 > -- Set the period of time the switch does not try to authenticate
(default 60 seconds). (NUMBER) (p. 47)
■ server-timeout < 1 to 300 > -- Set the authentication server response timeout (default 30
seconds). (NUMBER) (p. 50)
■ max-requests < 1 to 10 > -- Set maximum number of times the switch retransmits authentication
requests (default 3). (NUMBER) (p. 39)
■ reauth-period < 0 to 9999999 > -- Set the re-authentication timeout in seconds; set to '0' to
disable re-authentication (default 0). (NUMBER) (p. 47)
■ auth-vid -- Configures VLAN where to move port after successful authentication (not configured
by default).(p. 30)
■ unauth-vid -- Configures VLAN where to keep port while there is an unauthorized client
connected (not configured by default).(p. 53)
■ reauthenticate -- Force re-authentication to happen.(p. 47)
max-requests
■ aaa port-access authenticator [ETHERNET] PORT-LIST max-requests < 1 to 10 >
Set maximum number of times the switch retransmits
authentication requests (default 2).
Range: < 1 to 10 >
■ aaa port-access mac-based [ETHERNET] PORT-LIST max-requests < 1 to 10 >
Set maximum number of times the switch retransmits authentication requests (default
3).
Range: < 1 to 10 >
■ aaa port-access web-based [ETHERNET] PORT-LIST max-requests < 1 to 10 >
Set maximum number of times the switch retransmits authentication requests (default
3).
Range: < 1 to 10 >
max-retries
■ aaa port-access web-based [ETHERNET] PORT-LIST max-retries < 1 to 10 >
© 2009 Hewlett-Packard Development Company, L.P.
39
Command Line Interface Reference Guide
aaa
Set number of times a client can enter their credentials before authentication is
considered to have failed (default 3).
Range: < 1 to 10 >
max-start
■ aaa port-access supplicant [ETHERNET] PORT-LIST max-start < 1 to 10 >
Define the maximum number of attempts taken to start authentication
(default 3).
Range: < 1 to 10 >
method
■ aaa accounting commands < stop-only > < radius >
Specify which accounting method to use (radius)
Supported Values:
■ radius -- Use RADIUS protocol as accounting method.
■ aaa accounting exec < start-stop | stop-only > < radius >
Specify which accounting method to use (radius)
Supported Values:
■ radius -- Use RADIUS protocol as accounting method.
■ aaa accounting network < start-stop | stop-only > < radius >
Specify which accounting method to use (radius)
Supported Values:
■ radius -- Use RADIUS protocol as accounting method.
■ aaa accounting system < start-stop | stop-only > < radius >
Specify which accounting method to use (radius)
Supported Values:
■ radius -- Use RADIUS protocol as accounting method.
mode
■ aaa accounting commands < stop-only >
Specify how to initiate and terminate an accounting session.
Supported Values:
■ stop-only -- Send stop record accounting notice.
Next Available Option:
■ method < radius > -- Specify which accounting method to use (radius) (p. 40)
■ aaa accounting exec < start-stop | stop-only >
Specify how to initiate and terminate an accounting session.
Supported Values:
■ start-stop -- Send start and stop record accounting notice.
■ stop-only -- Send stop record accounting notice only.
© 2009 Hewlett-Packard Development Company, L.P.
40
Command Line Interface Reference Guide
aaa
Next Available Option:
■ method < radius > -- Specify which accounting method to use (radius) (p. 40)
■ aaa accounting network < start-stop | stop-only >
Specify how to initiate and terminate an accounting session.
Supported Values:
■ start-stop -- Send start and stop record accounting notice.
■ stop-only -- Send stop record accounting notice only.
Next Available Option:
■ method < radius > -- Specify which accounting method to use (radius) (p. 40)
■ aaa accounting system < start-stop | stop-only >
Specify how to initiate and terminate an accounting session.
Supported Values:
■ start-stop -- Send start and stop record accounting notice.
■ stop-only -- Send stop record accounting notice only.
Next Available Option:
■ method < radius > -- Specify which accounting method to use (radius) (p. 40)
network
■ [no] aaa accounting network
Usage: [no] aaa accounting network <start-stop|stop-only>
<radius>
Description: Configure 'network' type of accounting.
Parameters:
o start-stop - Send a start record accounting notice at the
beginning and a stop record notice at the end
of the accounting session. Do not wait for
acknowledgement.
o stop-only - Send a stop record accounting notice at the end
of the accounting session.Do not wait for
acknowledgement.
o radius
- Use RADIUS as the accounting protocol
Next Available Option:
■ mode < start-stop | stop-only > -- Specify how to initiate and terminate an accounting session.
(p. 40)
null-username
■ [no] aaa accounting suppress null-username
Do not generate accounting records for users with a null-username.
© 2009 Hewlett-Packard Development Company, L.P.
41
Command Line Interface Reference Guide
aaa
num-attempts
■ aaa authentication num-attempts < 1 to 10 >
Usage: aaa authentication num-attempts <1-10>
Description: Specify the maximum number of login attempts
allowed. The default value is 3.
Range: < 1 to 10 >
NUMBER-OF-CLIENTS
■ aaa port-access authenticator [ETHERNET] PORT-LIST client-limit < 1 to 32 >
Set the maximum number of clients to allow on the port.
Range: < 1 to 32 >
page-path
■ aaa port-access web-based ewa-server IP-ADDR PAGE-PATH
Sets the path of the login pages to be found on the ewa server.
■ aaa port-access web-based ewa-server HOST-NAME PAGE-PATH
Sets the path of the login pages to be found on the ewa server.
periodic
■ aaa accounting update periodic < 1 to 525600 >
Usage: [no] aaa accounting update periodic <number>
Description: Configure update accounting records mechanism.
Parameters:
periodic <number> - Send accounting update records at regular
intervals given by 'number' (in minutes).
Range: < 1 to 525600 >
port-access
■ aaa authentication port-access
Usage: aaa authentication port-access ...
Description: Configure authentication mechanism used to control access
to the network. The configured authentication method will.
be used to authenticate 802.1X (Port Based Network Access
Control Protocol) clients. The command should be followed
by a keyword identifying an authentication method
to use for Port Based Network Access Control Protocol clients
authentication. Use 'aaa authentication port-access ?'
to get a list of all available authentication methods.
Next Available Option:
■ primary < local | eap-radius | chap-radius > -- Specify the primary authentication method for
access control.(p. 44)
■ aaa port-access
© 2009 Hewlett-Packard Development Company, L.P.
42
Command Line Interface Reference Guide
aaa
Usage: [no] aaa port-access <authenticator ... | supplicant ...
web-based ... | mac-based ...>
Description: Configure 802.1X (Port Based Network Access),
MAC address based network access,
or web authentication based network access
on the device. You can configure authenticator,
supplicant, MAC address based, or web authentication based
network access on the device or device ports by specifying
a corresponding keyword.
See 'aaa port-access authenticator help', 'aaa port-access
supplicant help', 'aaa port-access mac-based help', and
'aaa port-access web-based help' for further details on
authenticator, supplicant, MAC address based, and
web authentication based network access configuration.
Next Available Options:
■ gvrp-vlans -- Enable/disable the use of RADIUS-assigned dynamic (GVRP) VLANs(p. 34)
■ authenticator -- Configure 802(p. 28)
■ supplicant -- Manage 802 ([ethernet] PORT-LIST) (p. 51)
■ mac-based -- Configure MAC address based network authentication on the device or the
device's port(s)(p. 37)
■ web-based -- Configure web authentication based network authentication on the device or the
device's port(s)(p. 55)
■ PORT-LIST -- Manage general port security features on the device port(s). ([ethernet] PORT-LIST)
(p. 43)
PORT-LIST
■ [no] aaa port-access authenticator [ETHERNET] PORT-LIST
Manage 802.1X on the device port(s).
Next Available Options:
■ control < authorized | auto | unauthorized > -- Set the authenticator to Force Authorized, Force
Unauthorized or Auto state (default Auto). (NUMBER) (p. 32)
■ quiet-period < 0 to 65535 > -- Set the period of time the switch does not try to acquire a
supplicant (default 60 sec.). (NUMBER) (p. 47)
■ tx-period < 1 to 65535 > -- Set the period of time the switch waits until retransmission of EAPOL
PDU (default 30 sec.). (NUMBER) (p. 53)
■ supplicant-timeout < 1 to 300 > -- Set the supplicant response timeout on an EAP request
(default 30 sec.). (NUMBER) (p. 52)
■ server-timeout < 1 to 300 > -- Set the authentication server response timeout (default 30sec.).
(NUMBER) (p. 50)
■ max-requests < 1 to 10 > -- Set maximum number of times the switch retransmits authentication
requests (default 2). (NUMBER) (p. 39)
■ reauth-period < 0 to 9999999 > -- Set the re-authentication timeout (in seconds, default 0); set
to '0' to disable re-authentication. (NUMBER) (p. 47)
■ auth-vid -- Configures VLAN where to move port after successful authentication (not configured
by default).(p. 30)
■ unauth-vid -- Configures VLAN where to keep port while there is an unauthenticated client
connected (not configured by default).(p. 53)
■ unauth-period < 0 to 255 > -- Set period of time the switch waits for authentication before
moving the port to the VLAN for unauthenticated clients. (NUMBER) (p. 53)
© 2009 Hewlett-Packard Development Company, L.P.
43
Command Line Interface Reference Guide
aaa
■ logoff-period < 1 to 999999999 > -- Set period of time after which a client will be considered
removed from the port for a lack of activity. (NUMBER) (p. 36)
■ client-limit -- Set the maximum number of clients to allow on the port.(p. 31)
■ initialize -- Reinitialize the authenticator state machine.(p. 35)
■ reauthenticate -- Force re-authentication to happen.(p. 47)
■ clear-statistics -- Clear the authenticator statistics.(p. 31)
■ aaa port-access [ETHERNET] PORT-LIST
Manage general port security features on the device port(s).
Next Available Option:
■ controlled-direction < both | in > -- Configure how traffic is controlled on non-authenticated
ports; in BOTH directions (ingress+egress) or IN only (ingress). (NUMBER) (p. 32)
primary
■ aaa authentication console enable < local | tacacs | radius >
Specify the primary authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ tacacs -- Use TACACS+ server.
■ radius -- Use RADIUS server.
Next Available Option:
■ secondary < local | none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication console login < local | tacacs | radius >
Specify the primary authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ tacacs -- Use TACACS+ server.
■ radius -- Use RADIUS server.
Next Available Option:
■ secondary < local | none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication telnet enable < local | tacacs | radius >
Specify the primary authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ tacacs -- Use TACACS+ server.
■ radius -- Use RADIUS server.
© 2009 Hewlett-Packard Development Company, L.P.
44
Command Line Interface Reference Guide
aaa
Next Available Option:
■ secondary < local | none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication telnet login < local | tacacs | radius >
Specify the primary authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ tacacs -- Use TACACS+ server.
■ radius -- Use RADIUS server.
Next Available Option:
■ secondary < local | none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication web enable < local | radius >
Specify the primary authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ radius -- Use RADIUS server.
Next Available Option:
■ secondary < local | none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication web login < local | radius >
Specify the primary authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ radius -- Use RADIUS server.
Next Available Option:
■ secondary < local | none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication ssh enable < local | tacacs | radius | ... >
Specify the primary authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ tacacs -- Use TACACS+ server.
■ radius -- Use RADIUS server.
■ public-key -- Use local switch public key authentication database.
© 2009 Hewlett-Packard Development Company, L.P.
45
Command Line Interface Reference Guide
aaa
Next Available Option:
■ secondary < local | none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication ssh login < local | tacacs | radius | ... >
Specify the primary authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ tacacs -- Use TACACS+ server.
■ radius -- Use RADIUS server.
■ public-key -- Use local switch public key authentication database.
Next Available Option:
■ secondary < local | none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication port-access < local | eap-radius | chap-radius >
Specify the primary authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ eap-radius -- Use EAP capable RADIUS server.
■ chap-radius -- Use CHAP (MD5) capable RADIUS server.
Next Available Option:
■ secondary < none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication web-based < chap-radius | peap-mschapv2 >
Specify the primary authentication method for access control.
Supported Values:
■ chap-radius -- Use RADIUS server with CHAP.
■ peap-mschapv2 -- Use RADIUS server with PEAP-MSChapv2.
Next Available Option:
■ secondary < none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
■ aaa authentication mac-based < chap-radius | peap-mschapv2 >
Specify the primary authentication method for access control.
Supported Values:
■ chap-radius -- Use RADIUS server with CHAP.
■ peap-mschapv2 -- Use RADIUS server with PEAP-MSChapv2.
© 2009 Hewlett-Packard Development Company, L.P.
46
Command Line Interface Reference Guide
aaa
Next Available Option:
■ secondary < none | authorized > -- Specify the backup authentication method for access
control.(p. 48)
primary_method
■ aaa authorization commands < radius | none >
Supported Values:
■ radius -- Use RADIUS protocol as the authorization method.
■ none -- No authorization (always succeeds).
privilege-mode
■ [no] aaa authentication login privilege-mode
Usage: [no] aaa authentication login privilege-mode
Description: Specify that switch respects the
authentication server's privilege level.
quiet-period
■ aaa port-access authenticator [ETHERNET] PORT-LIST quiet-period < 0 to 65535 >
Set the period of time the switch does not try to
acquire a supplicant (default 60 sec.).
Range: < 0 to 65535 >
■ aaa port-access mac-based [ETHERNET] PORT-LIST quiet-period < 1 to 65535 >
Set the period of time the switch does not try to authenticate (default 60 seconds).
Range: < 1 to 65535 >
■ aaa port-access web-based [ETHERNET] PORT-LIST quiet-period < 1 to 65535 >
Set the period of time the switch does not try to authenticate (default 60 seconds).
Range: < 1 to 65535 >
reauthenticate
■ aaa port-access authenticator [ETHERNET] PORT-LIST reauthenticate
Force re-authentication to happen.
■ aaa port-access mac-based [ETHERNET] PORT-LIST reauthenticate
Force re-authentication to happen.
■ aaa port-access web-based [ETHERNET] PORT-LIST reauthenticate
Force re-authentication to happen.
reauth-period
■ aaa port-access authenticator [ETHERNET] PORT-LIST reauth-period < 0 to 9999999 >
Set the re-authentication timeout (in seconds,
default 0); set to '0' to disable re-authentication.
© 2009 Hewlett-Packard Development Company, L.P.
47
Command Line Interface Reference Guide
aaa
Range: < 0 to 9999999 >
■ aaa port-access mac-based [ETHERNET] PORT-LIST reauth-period < 0 to 9999999 >
Set the re-authentication timeout in seconds; set to '0' to disable re-authentication
(default 0).
Range: < 0 to 9999999 >
■ aaa port-access web-based [ETHERNET] PORT-LIST reauth-period < 0 to 9999999 >
Set the re-authentication timeout in seconds; set to '0' to disable re-authentication
(default 0).
Range: < 0 to 9999999 >
redirect-url
■ [no] aaa port-access web-based [ETHERNET] PORT-LIST redirect-url
Set the URL that the user should be redirected to after successful login (default
none), Specify url up to 103 characters length.
Next Available Option:
■ web-redirect-url -- Set the URL that the user should be redirected to after successful login
(default none), Specify url up to 103 characters length. (ASCII-STR) (p. 58)
secondary
■ aaa authentication console enable < local | tacacs | radius > < local | none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication console login < local | tacacs | radius > < local | none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication telnet enable < local | tacacs | radius > < local | none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication telnet login < local | tacacs | radius > < local | none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
© 2009 Hewlett-Packard Development Company, L.P.
48
Command Line Interface Reference Guide
aaa
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication web enable < local | radius > < local | none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication web login < local | radius > < local | none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication ssh enable < local | tacacs | radius | ... > < local | none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication ssh login < local | tacacs | radius | ... > < local | none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ local -- Use local switch user/password database.
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication port-access < local | eap-radius | chap-radius > < none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication web-based < chap-radius | peap-mschapv2 > < none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
■ aaa authentication mac-based < chap-radius | peap-mschapv2 > < none | authorized >
Specify the backup authentication method for access control.
Supported Values:
■ none -- Do not use backup authentication methods.
■ authorized -- Allow access without authentication.
© 2009 Hewlett-Packard Development Company, L.P.
49
Command Line Interface Reference Guide
aaa
secret
■ aaa port-access supplicant [ETHERNET] PORT-LIST identity IDENTITY secret
■ aaa port-access supplicant [ETHERNET] PORT-LIST secret
Trigger the command to ask user for a password for the supplicant to use.
server-timeout
■ aaa port-access authenticator [ETHERNET] PORT-LIST server-timeout < 1 to 300 >
Set the authentication server response timeout (default 30sec.).
Range: < 1 to 300 >
■ aaa port-access mac-based [ETHERNET] PORT-LIST server-timeout < 1 to 300 >
Set the authentication server response timeout (default 30 seconds).
Range: < 1 to 300 >
■ aaa port-access web-based [ETHERNET] PORT-LIST server-timeout < 1 to 300 >
Set the authentication server response timeout (default 30 seconds).
Range: < 1 to 300 >
ssh
■ aaa authentication ssh
Usage: aaa authentication ssh <enable|login>
<primary-method> [<backup-method>]
Description: Configure authentication mechanism used to control SSH
access to the switch.
Parameters:
o enable
- Configure access to privileged mode.
o login
- Configure login access.
o <primary-method> - Specifies the primary authentication
method for access control. Use <TAB>
or <?> after you specify enable or login
to get a list of all available
primary authentication methods.
o <backup-method> - Specifies an authentication method
to use, if the primary authentication
method is not able to check user's
credentials.
Use <TAB> or <?> after you specify the
primary authentication method to get a list
of all available backup methods.
Next Available Options:
■ enable -- Configure access to the privileged mode commands.(p. 33)
■ login -- Configure login access to the switch.(p. 36)
ssl-login
■ [no] aaa port-access web-based [ETHERNET] PORT-LIST ssl-login
Set whether to enable SSL login (https on port 443) (default disabled).
© 2009 Hewlett-Packard Development Company, L.P.
50
Command Line Interface Reference Guide
aaa
start-period
■ aaa port-access supplicant [ETHERNET] PORT-LIST start-period < 1 to 300 >
Set a period of time between EAPOL-Start packet retransmission
(default 30sec.).
Range: < 1 to 300 >
supplicant
■ [no] aaa port-access supplicant [ETHERNET] PORT-LIST
Usage: [no] aaa port-access supplicant [ethernet] PORT-LIST
[auth-timeout <1-300> | held-period <0-65535> |
start-period <1-300> | max-start <1-10> |
identity <identity> [secret] | secret
initialize | reauthenticate | clear-statistics]
Description: Manage 802.1X (Port Based Network Access) supplicant
on the device ports. Called without the optional parameters
the command enables or disables (if 'no' is specified) the
supplicant functionality on the specified ports.
The 'no' keyword can not be used with any of the
optional parameters. All changes made by the command apply
to the specified PORT-LIST only.
o 'auth-timeout' sets the period of time the supplicant waits
to receive a challenge from the authenticator
(default 30sec.).
o 'held-period' sets a period of time the supplicant waits
after receiving a failure before trying to re-acquire the
authenticatior (default 60sec.).
o 'start-period' sets a period of time between transmitting
EAPOL-Start packets in Connecting state (default 30sec.).
o 'max-start' defines the maximum number of attempts to
start authentication before the supplicant assumes that
it has been authenticated (default 3).
o 'identity' sets the identity to be used by the port
supplicant when MD5 authentication request is received
from an authenticator.
o 'secret' sets the secret to be used by the port
supplicant when MD5 authentication request is received
from an authenticator. User will be prompted to enter
the secret after the command is invoked.
o 'initialize' reinitializes supplicant's state machine.
o 'clear-statistics' clears supplicant statistics counters.
Next Available Options:
■ auth-timeout < 1 to 300 > -- Set the challenge reception timeout (default 30sec.). (NUMBER)
(p. 30)
■ held-period < 0 to 65535 > -- Set the held period (default 60sec.). (NUMBER) (p. 35)
■ start-period < 1 to 300 > -- Set a period of time between EAPOL-Start packet retransmission
(default 30sec.). (NUMBER) (p. 51)
■ max-start < 1 to 10 > -- Define the maximum number of attempts taken to start authentication
(default 3). (NUMBER) (p. 40)
■ initialize -- Reinitialize the supplicant state machine.(p. 35)
■ identity -- Set the identity(user name) to be used by the supplicant. (ASCII-STR) (p. 35)
■ secret -- Trigger the command to ask user for a password for the supplicant to use.(p. 50)
■ clear-statistics -- Clear the supplicant statistics.(p. 31)
© 2009 Hewlett-Packard Development Company, L.P.
51
Command Line Interface Reference Guide
aaa
supplicant-timeout
■ aaa port-access authenticator [ETHERNET] PORT-LIST supplicant-timeout < 1 to 300 >
Set the supplicant response timeout on an EAP request
(default 30 sec.).
Range: < 1 to 300 >
suppress
■ [no] aaa accounting suppress
Do not generate accounting records for a specific type of user.
Next Available Option:
■ null-username -- Do not generate accounting records for users with a null-username. (p. 41)
system
■ [no] aaa accounting system
Usage: [no] aaa accounting system
<start-stop|stop-only>
<radius>
Description: Configure 'system' type of accounting.
Parameters:
o start-stop - Send a start record accounting notice at the
beginning and a stop record notice at the end
of the accounting session. Do not wait for
acknowledgement.
o stop-only - Send a stop record accounting notice at the end
of the accounting session.Do not wait for
acknowledgement.
o radius
- Use RADIUS as the accounting protocol
Next Available Option:
■ mode < start-stop | stop-only > -- Specify how to initiate and terminate an accounting session.
(p. 40)
telnet
■ aaa authentication telnet
Usage: aaa authentication telnet <enable|login>
<primary-method> [<backup-method>]
Description: Configure authentication mechanism used to control telnet
access to the switch.
Parameters:
o enable
- Configure access to privileged mode.
o login
- Configure login access.
o <primary-method> - Specifies the primary authentication
method for access control. Use <TAB>
or <?> after you specify enable or login
to get a list of all available
primary authentication methods.
© 2009 Hewlett-Packard Development Company, L.P.
52
Command Line Interface Reference Guide
o <backup-method> -
aaa
Specifies an authentication method
to use, if the primary authentication
method is not able to check user's
credentials.
Use <TAB> or <?> after you specify the
primary authentication method to get a list
of all available backup methods.
Next Available Options:
■ enable -- Configure access to the privileged mode commands.(p. 33)
■ login -- Configure login access to the switch.(p. 36)
tx-period
■ aaa port-access authenticator [ETHERNET] PORT-LIST tx-period < 1 to 65535 >
Set the period of time the switch waits until
retransmission of EAPOL PDU (default 30 sec.).
Range: < 1 to 65535 >
unauth-period
■ aaa port-access authenticator [ETHERNET] PORT-LIST unauth-period < 0 to 255 >
Set period of time the switch waits for authentication before moving the
port to the VLAN for unauthenticated clients.
Range: < 0 to 255 >
unauth-vid
■ [no] aaa port-access authenticator [ETHERNET] PORT-LIST unauth-vid
Configures VLAN where to keep port while there is an unauthenticated client connected
(not configured by default).
Next Available Option:
■ VLAN-ID -- Configures VLAN where to keep port while there is an unauthenticated client
connected (not configured by default). (VLAN-ID) (p. 54)
■ [no] aaa port-access mac-based [ETHERNET] PORT-LIST unauth-vid
Configures VLAN where to keep port while there is an unauthorized client connected
(not configured by default).
Next Available Option:
■ VLAN-ID -- Configures VLAN where to keep port while there is an unauthorized client connected
(not configured by default). (VLAN-ID) (p. 54)
■ [no] aaa port-access web-based [ETHERNET] PORT-LIST unauth-vid
Configures VLAN where to keep port while there is an unauthorized client connected
(not configured by default).
© 2009 Hewlett-Packard Development Company, L.P.
53
Command Line Interface Reference Guide
aaa
Next Available Option:
■ web-unauthvid -- Configures VLAN where to keep port while there is an unauthorized client
connected (not configured by default). (VLAN-ID) (p. 58)
update
■ [no] aaa accounting update
Usage: [no] aaa accounting update periodic <number>
Description: Configure update accounting records mechanism.
Parameters:
periodic <number> - Send accounting update records at regular
intervals given by 'number' (in minutes).
Next Available Option:
■ periodic < 1 to 525600 > -- Configure update accounting records mechanism(p. 42)
VLAN-ID
■ aaa port-access authenticator [ETHERNET] PORT-LIST auth-vid VLAN-ID
Configures VLAN where to move port after successful authentication (not configured
by default).
■ aaa port-access authenticator [ETHERNET] PORT-LIST unauth-vid VLAN-ID
Configures VLAN where to keep port while there is an unauthenticated client connected
(not configured by default).
■ aaa port-access mac-based [ETHERNET] PORT-LIST auth-vid VLAN-ID
Configures VLAN where to move port after successful authentication (not configured
by default).
■ aaa port-access mac-based [ETHERNET] PORT-LIST unauth-vid VLAN-ID
Configures VLAN where to keep port while there is an unauthorized client connected
(not configured by default).
web
■ aaa authentication web
Usage: aaa authentication web <enable|login>
<primary-method> [<backup-method>]
Description: Configure authentication mechanism used to control web
access to the switch.
Parameters:
o enable
- Configure access to privileged mode.
o login
- Configure login access.
o <primary-method> - Specifies the primary authentication
method for access control. Use <TAB>
or <?> after you specify enable or login
to get a list of all available
primary authentication methods.
o <backup-method> - Specifies an authentication method
© 2009 Hewlett-Packard Development Company, L.P.
54
Command Line Interface Reference Guide
aaa
to use, if the primary authentication
method is not able to check user's
credentials.
Use <TAB> or <?> after you specify the
primary authentication method to get a list
of all available backup methods.
Next Available Options:
■ enable -- Configure access to the privileged mode commands.(p. 33)
■ login -- Configure login access to the switch.(p. 36)
web-authvid
■ aaa port-access web-based [ETHERNET] PORT-LIST auth-vid VLAN-ID
Configures VLAN where to move port after successful authentication (not configured
by default).
web-based
■ aaa authentication web-based
Usage: aaa authentication web-based <primary-method> [<backup-method>]
Description: Configure authentication mechanism used to control web-based
port access to the switch.
Parameters:
o <primary-method> - Specifies the primary authentication
method for access control. Use <TAB>
or <?> after you specify enable or login
to get a list of all available
primary authentication methods.
o <backup-method> - Specifies an authentication method
to use, if the primary authentication
method is not able to check user's
credentials.
Use <TAB> or <?> after you specify the
primary authentication method to get a list
of all available backup methods.
Next Available Option:
■ primary < chap-radius | peap-mschapv2 > -- Specify the primary authentication method for
access control.(p. 44)
■ aaa port-access web-based
Usage:
[no] aaa port-access web-based
[dhcp-addr <base address / mask> | dhcp-lease <5-25> |
ewa-server <ip-addr | host-name> [page-path]]
[no] aaa port-access web-based [ethernet] PORT-LIST
[client-limit <1-32> | client-moves | ssl-login |
redirect-url <URL> | quiet-period <1-65535> |
server-timeout <1-300> | max-requests <1-10> |
max-retries <1-10> | logoff-period <1-9999999> |
reauth-period <0-9999999> | auth-vid VLAN-ID |
unauth-vid VLAN-ID | reauthenticate]
© 2009 Hewlett-Packard Development Company, L.P.
55
Command Line Interface Reference Guide
aaa
Description: Configure web authentication based network authentication
on the device or the device's port(s).
The first form of the command sets the dhcp address,
dhcp lease, or ewa server parameters
which are common to all ports
The second form of the command enables, disables, or
configures authentication on the device's individual ports.
o 'dhcp-addr' sets the base address / mask for the temporary
pool used by DHCP (base address default is 192.168.0.0,
mask default is 24 - 255.255.255.0)
o 'dhcp-lease' sets the lease length of the temporary
IP address issued by DHCP (default 10)
o 'ewa-server' sets the ip address or hostname
of the enhanced web auth server used to
serve custom login pages for web auth
o 'page-path' sets the path of the login pages
to be found on the ewa server
o 'client-limit' sets the maximum number of clients to allow on
the port. This includes ALL clients (authenticated and
unauthenticated). The default is 1 client.
NOTE: No more than 32 unique client MAC addresses can be
authorized by both 802.1X and MAC/web-based
authentication together on the same port.
o 'client-moves' sets whether the client can move
between ports that also have 'client-moves' enabled
(default disabled - no moves allowed).
o 'ssl-login' sets whether to enable SSL logins (https on
port 443). If enabled, logins to plaintext http (port 80)
are redirected to https port. The default is disabled.
o 'redirect-url' sets the URL that the user should be
redirected to after successful login (default none)
Specify url up to 103 characters length.
o 'quiet-period' sets the period of time during which the
switch does not try to authenticate after a failed
authentication attempt (default 60 seconds).
o 'server-timeout' sets the period of time after which the
switch assumes that authentication has timed out
(default 30 seconds).
o 'max-requests' sets the number of authentication attempts
that must time out before authentication fails (default 3)
o 'max-retries' sets number of times a client can enter
their credentials before authentication is considered
to have failed (default 3).
o 'logoff-period' sets the period of time of inactivity that
© 2009 Hewlett-Packard Development Company, L.P.
56
Command Line Interface Reference Guide
aaa
the switch considers an implicit logoff (default 300)
o 'reauth-period' sets the period of time after which connected
clients must be re-authenticated. When the timeout is set
to 0 the re-authentication is disabled (default 0).
o 'auth-vid' configures the VLAN to which to move a port
after successful authentication. RADIUS server can
override the value. Use 'no' form of the command to set
this PVID to 0. If the PVID is set to 0 no PVID changes
occur unless RADIUS server requests. Changes take effect
immediately. All clients must immediately re-authenticate.
The default is 0.
o 'unauth-vid' configures the VLAN to which to move a port
after failed authentication. Use 'no' form of the command
to set this PVID to 0. Changes take effect immediately.
The default is 0.
o 'reauthenticate' forces re-authentication
of all clients present on a port.
Next Available Options:
■ web-list1 -- Manage web authentication based network authentication on the device port(s).
([ethernet] PORT-LIST) (p. 57)
■ dhcp-addr -- Set the base address / mask for the temporary pool used by DHCP (base address
default is 192.168.0.0, mask default is 24 - 255.255.255.0). (IP-ADDR/MASK-LENGTH) (p. 33)
■ dhcp-lease < 5 to 25 > -- Set the lease length of the IP address issued by DHCP (default 10).
(NUMBER) (p. 33)
■ ewa-server -- IP address or hostname of the enhanced web authentication server on the device.
(p. 34)
web-list1
■ [no] aaa port-access web-based [ETHERNET] PORT-LIST
Manage web authentication based network authentication on the device port(s).
Next Available Options:
■ client-limit < 1 to 32 > -- Set the port's maximum number of authenticated clients (default 1).
(NUMBER) (p. 31)
■ client-moves -- Set whether the client can move between ports (default disabled - no moves).(p.
31)
■ ssl-login -- Set whether to enable SSL login (https on port 443) (default disabled).(p. 50)
■ redirect-url -- Set the URL that the user should be redirected to after successful login (default
none), Specify url up to 103 characters length.(p. 48)
■ max-retries < 1 to 10 > -- Set number of times a client can enter their credentials before
authentication is considered to have failed (default 3). (NUMBER) (p. 39)
■ logoff-period < 1 to 9999999 > -- Set the period of time of inactivity that the switch considers
an implicit logoff (default 300 seconds). (NUMBER) (p. 36)
■ quiet-period < 1 to 65535 > -- Set the period of time the switch does not try to authenticate
(default 60 seconds). (NUMBER) (p. 47)
■ server-timeout < 1 to 300 > -- Set the authentication server response timeout (default 30
seconds). (NUMBER) (p. 50)
© 2009 Hewlett-Packard Development Company, L.P.
57
Command Line Interface Reference Guide
aaa
■ max-requests < 1 to 10 > -- Set maximum number of times the switch retransmits authentication
requests (default 3). (NUMBER) (p. 39)
■ reauth-period < 0 to 9999999 > -- Set the re-authentication timeout in seconds; set to '0' to
disable re-authentication (default 0). (NUMBER) (p. 47)
■ auth-vid -- Configures VLAN where to move port after successful authentication (not configured
by default).(p. 30)
■ unauth-vid -- Configures VLAN where to keep port while there is an unauthorized client
connected (not configured by default).(p. 53)
■ reauthenticate -- Force re-authentication to happen.(p. 47)
web-redirect-url
■ aaa port-access web-based [ETHERNET] PORT-LIST redirect-url WEB-REDIRECT-URL
Set the URL that the user should be redirected to after successful login (default
none), Specify url up to 103 characters length.
web-unauthvid
■ aaa port-access web-based [ETHERNET] PORT-LIST unauth-vid VLAN-ID
Configures VLAN where to keep port while there is an unauthorized client connected
(not configured by default).
© 2009 Hewlett-Packard Development Company, L.P.
58
access-list
OVERVIEW FOR IPV4 ACLS
Category:
Primary context:
config
Related Commands
Note: This information is preliminary; the final detailed command list is coming soon.
Usage for commands:
access-list <number> remark <remark>
access-list <1-99> permit <ACL-IP-SPEC-SRC>
access-list <1-99> deny <ACL-IP-SPEC-SRC> [log]
access-list <100-199> permit <ip | <protocol>> <ACL-IP-SPEC-SRC>
<ACL-IP-SPEC-DST>
[precedence <precedence>] [tos <tos>]
access-list <100-199> deny <ip | <protocol>> <ACL-IP-SPEC-SRC>
<ACL-IP-SPEC-DST>
[precedence <precedence>] [tos <tos>] [log]
access-list <100-199> permit icmp <ACL-IP-SPEC-SRC> <ACL-IP-SPEC-DST>
[<icmp-type> [<icmp-code>] | <icmp-message>]
[precedence <precedence>] [tos <tos>] [log]
access-list <100-199> deny icmp <ACL-IP-SPEC-SRC> <ACL-IP-SPEC-DST>
[<icmp-type> [<icmp-code>] | <icmp-message>]
[precedence <precedence>] [tos <tos>] [log]
access-list <100-199> permit igmp <ACL-IP-SPEC-SRC> <ACL-IP-SPEC-DST>
[<igmp-type>] [precedence <precedence>]
[tos <tos>]
access-list <100-199> deny igmp <ACL-IP-SPEC-SRC> <ACL-IP-SPEC-DST>
[<igmp-type>] [precedence <precedence>]
[tos <tos>] [log]
access-list <100-199> permit tcp <ACL-IP-SPEC-SRC> [<ACL-PORT-SPEC-SRC>]
<ACL-IP-SPEC-DST> [<ACL-PORT-SPEC-DST>]
[established] [precedence <precedence>]
[tos <tos>]
access-list <100-199> deny tcp <ACL-IP-SPEC-SRC> [<ACL-PORT-SPEC-SRC>]
<ACL-IP-SPEC-DST> [<ACL-PORT-SPEC-DST>]
[established] [precedence <precedence>]
[tos <tos>] [log]
access-list <100-199> permit udp <ACL-IP-SPEC-SRC> [<ACL-PORT-SPEC-SRC>]
<ACL-IP-SPEC-DST> [<ACL-PORT-SPEC-DST>]
[precedence <precedence>] [tos <tos>]
access-list <100-199> deny udp <ACL-IP-SPEC-SRC> [<ACL-PORT-SPEC-SRC>]
<ACL-IP-SPEC-DST> [<ACL-PORT-SPEC-DST>]
[precedence <precedence>] [tos <tos>]
[log]
[no] access-list <number>
[no] access-list <number> remark <remark>
Description: Configure an entry in a standard (1-99) or extended (100-199)
access control list.
Parameters:
o <deny|permit> - specify action to take on a match.
© 2009 Hewlett-Packard Development Company, L.P.
59
Command Line Interface Reference Guide
access-list
o <ACL-IP-SPEC> - specify the source or destination IP addresses to
match. The following formats may be used to specify IP addresses:
* IP-ADDR MASK - match addresses defined by IP-ADDR using the bits
set to zero in MASK.
* IP-ADDR/MASK-LEN - the mask is one in which the high order MASK-LEN
bits are zeros, and the remaining bits are ones.
172.16.0.0/18 translates to 172.16.0.0 0.0.63.255
* host IP-ADDR - match a specific host; implies a mask of all zeros.
* any
- match any IP address.
o log - log all matches.
o <ip|tcp|udp> - specify protocol on which to match packets.
o <ACL-PORT-SPEC> - for tcp or udp entries, specify the ports on which
to match. Port numbers may be specified as integers in the range
1-65535, or by using protocol names for certain well-known ports.
The following port specifications may be used:
* eq <port> - match packets from (to) the specified port.
* neq <port> - match all packets except those from (to) the specified
port.
* lt <port> - match packets from (to) port numbers less than the
specified port.
* gt <port> - match packets from (to) port numbers greater than the
specified port.
* range <port> <port> - match packets from (to) port numbers between
the first and second ports, inclusive. The first port
specified must be less than the second port specified.
The following well-known ports may be referred to by name:
TCP: bgp, dns, ftp, http, imap4, ldap, nntp, pop2, pop3, smtp,
ssl, telnet
UDP: bootpc, bootps, dns, ntp, radius, radius-old, rip, snmp,
snmp-trap, tftp
OVERVIEW FOR IPV6 ACLS
Category:
Primary context:
config
Related Commands
Note: This information is preliminary; the final detailed command list is coming soon.
Usage for IPv6 ACL Commands
Create an IPv6 ACL or add an ACE to the end of an existing IPv6 ACL:
ProCurve(config)# ipv6 access-list <name-str>
ProCurve(config-ipv6-acl)# <deny|permit>
<ipv6|esp|ah|sctp|ipv6-protocol-nbr>
<any|host <SA>|SA/<prefix-length>>
<any|host <DA>|DA/<prefix-length>>
<tcp|upd>
<any|host <SA>|SA/<prefix-length>>
[comparison-operator <value>]
© 2009 Hewlett-Packard Development Company, L.P.
60
Command Line Interface Reference Guide
access-list
<any|host <DA>|DA/<prefix-length>>
[comparison-operator <value>]
[established]
[ack][fin][rst][syn]
<icmp>
<any|host <SA>|SA/<prefix-length>>
<any|host <DA>|DA/<prefix-length>>
[0-255 [0-255]|icmp-message]
[dscp <precedence|codepoint>]
[log]
Insert an ACE or a remark by assigning a sequence number:
ProCurve(config)# ipv6 access-list <name-str>
ProCurve(config-ipv6-acl)# <seq-#> <deny|permit|remark>
Note: The deny and permit keywords use the options show above
for "Create and IPv6 ACL".
Delete an ACE or a Remark (or both) by sequence number:
ProCurve(config)# ipv6 access-list <name-str>
ProCurve(config-ipv6-acl)# no <seq-#> [remark]
Note: You can also delete an ACE by entering no <permit|deny>
followed by the settings explicitly configured for that
ACE.
Resequence the ACEs in an ACL:
ProCurve(config)# ipv6 access-list resequence <name-str><starting-#>
<increment>
Enter a Remark:
ProCurve(config)# ipv6 access-list <name-str>
ProCurve(config-ipv6-acl)# remark <remark-str>
Remove a Remark:
Immediately after entry:
ProCurve(config-ipv6-acl)# no remark
After entry of an ACE:
ProCurve(config-ipv6-acl)# no <seq-#> remark
Delete an IPv6 ACL:
ProCurve(config)# no ipv6 access-list <name-str> vlan
Enable or Disable an IPv6 VACL:
ProCurve(config)# [no] vlan <vid> ipv6 access-group <name-str> vlan
Enable or Disable a Static Port ACL:
ProCurve(config)# [no] interface <port-list|trkx> ipv6 access-group <name-str> in
ProCurve(eth-<port-list|trkx>)# [no] ipv6 access-group <name-str> in
© 2009 Hewlett-Packard Development Company, L.P.
61
Command Line Interface Reference Guide
access-list
Displaying ACL Data:
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
show
show
show
show
show
show
show
access-list
access-list
access-list
access-list
access-list
access-list
access-list
<acl-name-str>[config]
config
ports <port-list>
vlan <vid>
radius <port-list|all>
resources
COMMAND STRUCTURE
© 2009 Hewlett-Packard Development Company, L.P.
62
alias
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] alias <NAME> <COMMAND> [COMMAND-OPTIONS]
Description: Configure/remove a NAME for the specified alias command and options.
COMMAND STRUCTURE
■ [no] alias name -- Name of alias. (ASCII-STR) (p. 63)
■ command -- Command to execute. (ASCII-STR) (p. 63)
EXAMPLES
Example: alias
An alias for the show interfaces custom command could be:
ProCurve(config)# alias sic “show int custom 1-4 port name:4 type vlan intrusion”
COMMAND DETAILS
command (p. 63)
name (p. 63)
command
■ alias NAME COMMAND
Command to execute.
name
■ [no] alias NAME
Name of alias.
Next Available Option:
■ command -- Command to execute. (ASCII-STR) (p. 63)
© 2009 Hewlett-Packard Development Company, L.P.
63
arp
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: no arp IP-ADDRESS
Description: Remove the specified IP-ADDRESS entry from the ARP cache
(note: the keyword 'no' must be specified).
o
IP-ADDRESS - ip address of the ARP cache entry to be removed.
COMMAND STRUCTURE
© 2009 Hewlett-Packard Development Company, L.P.
64
arp-protect
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] arp-protect [trust [ethernet] PORT-LIST|
validate <ip|destination-mac|src-mac>|
vlan VLAN-ID-RANGE]
Description: Configure Dynamic ARP Protection.
To Enable/disable ARP Protection on the switch execute the
[no] arp-protect command. Dynamic ARP Protection will not be
enabled on any VLAN if it is not enabled on the switch.
By default Dynamic ARP Protection is disabled.
To configure which VLANs are to be protected execute the
'arp-protect vlan' command. By default Dynamic ARP Protection
is disabled on all VLANs.
Dynamic ARP Protection divides ports into two categories:
untrusted and trusted. ARP packets received on trusted ports
are forwarded without validation.
ARP packets received on the untrusted ports of a protected VLAN
are intercepted and validated before being forwarded.
By default ports are untrusted.
Dynamic ARP Protection validates ARP packets based on the
IP-to-MAC binding database maintained by DHCP snooping. If DHCP
snooping is not enabled then a loss of connectivity will result
since the database will contain no bindings. For devices that do
not use DHCP to obtain their IP configuration static bindings can
be added manually to the database with the 'ip source-binding'
command.
Dynamic ARP Protection can also be configured to drop ARP packets
that contain invalid IP addresses or when the MAC addresses in the
body of the ARP packet do not match those in the ethernet header.
Parameters:
trust [ethernet] PORT-LIST
-- Configure ports as trusted or untrusted.
validate <ip|dest-mac|src-mac> -- Configure addiional ARP packet checks.
vlan VLAN-ID-RANGE
-- Enable/disable ARP Protection on VLANs
COMMAND STRUCTURE
■ [no] arp-protect trust -- Configure port(s) as trusted or untrusted. ([ethernet] PORT-LIST) (p. 66)
■ [no] arp-protect validate -- Configure additional ARP Protection validation checks. (p. 66)
■ dest-mac -- Drop any ARP response packet in which the destination MAC address in the ethernet
header does not match the target MAC address in the body of the packet. (p. 66)
■ ip -- Drop any ARP request with an invalid sender IP address. Drop any ARP response with an
invalid target IP address. Invalid IP addresses include 0.0.0.0, 255.255.255.255, all IP multicast
addresses, and all class E IP addresses. (p. 66)
© 2009 Hewlett-Packard Development Company, L.P.
65
Command Line Interface Reference Guide
arp-protect
■ src-mac -- Drop any ARP request or response packet in which the source MAC in the ethernet
header does not match the sender MAC address in the body of the packet. (p. 66)
■ [no] arp-protect vlan -- Enable/disable Dynamic ARP Protection on a VLAN(s). (p. 67)
■ vlan-list -- (VLAN-ID-RANGE) (p. 67)
COMMAND DETAILS
dest-mac (p. 66)
ip (p. 66)
src-mac (p. 66)
trust (p. 66)
validate (p. 66)
vlan (p. 67)
vlan-list (p. 67)
dest-mac
■ [no] arp-protect validate dest-mac
Drop any ARP response packet in which the destination MAC address in the
ethernet header does not match the target MAC address in the body of the
packet.
ip
■ [no] arp-protect validate ip
Drop any ARP request with an invalid sender IP address. Drop any ARP
response with an invalid target IP address. Invalid IP addresses include
0.0.0.0, 255.255.255.255, all IP multicast addresses, and all class E
IP addresses.
src-mac
■ [no] arp-protect validate src-mac
Drop any ARP request or response packet in which the source MAC in the
ethernet header does not match the sender MAC address in the body of
the packet.
trust
■ [no] arp-protect trust [ETHERNET] PORT-LIST
Configure port(s) as trusted or untrusted.
validate
■ [no] arp-protect validate
Configure additional ARP Protection validation checks.
Next Available Options:
■ src-mac -- Drop any ARP request or response packet in which the source MAC in the ethernet
header does not match the sender MAC address in the body of the packet. (p. 66)
■ dest-mac -- Drop any ARP response packet in which the destination MAC address in the ethernet
header does not match the target MAC address in the body of the packet. (p. 66)
■ ip -- Drop any ARP request with an invalid sender IP address. Drop any ARP response with an
invalid target IP address. Invalid IP addresses include 0.0.0.0, 255.255.255.255, all IP multicast
addresses, and all class E IP addresses. (p. 66)
© 2009 Hewlett-Packard Development Company, L.P.
66
Command Line Interface Reference Guide
arp-protect
vlan
■ [no] arp-protect vlan
Enable/disable Dynamic ARP Protection on a VLAN(s).
Next Available Option:
■ vlan-list -- (VLAN-ID-RANGE) (p. 67)
vlan-list
■ [no] arp-protect vlan VLAN-ID-RANGE
© 2009 Hewlett-Packard Development Company, L.P.
67
autorun
OVERVIEW
Category:
Primary context:
config
Related Commands
copy usb (page 133)
Usage:
[no] autorun ...
Description: Enable/Disable/Configure Autorun. Use the 'secure-mode' keyword
to enable/disable secure mode for autorun. Use the
'encryption-key' keyword to configure or remove an encryption key
(a base-64 encoded string). The encryption key is a prerequisite
for enabling autorun in secure-mode. Encryption is noted only when
the AutoRun file is also signed by an authentic source.
NOTES
Operating Notes
■ Autorun is enabled by default, until passords are set on the device.
■ Secure-mode and encryption-key are disabled by default.
■ If secure mode is disabled, the key-pair can be removed using the crypto-key zeroize
autorun command.
■ When installing the autorun certificate file and/or other key files, the files must be in PEM
format.
COMMAND STRUCTURE
■ [no] autorun encryption-key -- Configure or remove an AES 128 encryption-key for Autorun (p.
68)
■ key -- AES 128 encryption key string for Autorun (ASCII-STR) (p. 68)
■ [no] autorun secure-mode -- Enable or disable secure mode for Autorun. (p. 69)
COMMAND DETAILS
encryption-key (p. 68)
key (p. 68)
secure-mode (p. 69)
encryption-key
■ [no] autorun encryption-key
Configure or remove an AES 128 encryption-key for Autorun
Next Available Option:
■ key -- AES 128 encryption key string for Autorun (ASCII-STR) (p. 68)
key
■ autorun encryption-key KEY
© 2009 Hewlett-Packard Development Company, L.P.
68
Command Line Interface Reference Guide
autorun
AES 128 encryption key string for Autorun
secure-mode
■ [no] autorun secure-mode
Enable or disable secure mode for Autorun.
© 2009 Hewlett-Packard Development Company, L.P.
69
auto-tftp
OVERVIEW
Category:
File Transfer
Primary context:
config
Related Commands
the section called “client” (page 685)
Usage: [no] auto-tftp [<IPV4-ADDR | IPV6-ADDR> <FILENAME-STR>]
Description: Enable/disable automatic software image download via TFTP during
boot. The software image will be downloaded if it has a different
version from the software running on the switch. The command
requires the parameters to be specified when used without 'no'.
o IPV4-ADDR - specifies the TFTP server IPv4 address to download
a software image from.
o IPV6-ADDR - specifies the TFTP server IPv6 address to download
a software image from.
o FILENAME-STR - specifies the file-name to download.
COMMAND STRUCTURE
■ auto-tftp server-ip -- IPv4 address of the TFTP server to download a software image from. (IP-ADDR)
(p. 70)
■ filename -- The software image file-name. (ASCII-STR) (p. 70)
■ auto-tftp server-ipv6 -- IPv6 address of the TFTP server to download a software image from.
(IPV6-ADDR) (p. 71)
■ filename -- The software image file-name. (ASCII-STR) (p. 70)
EXAMPLES
Example: auto-tftp IP-ADDR FILENAME
Set the device to boot using image2 located on TFTP server 10.10.2.40, if the image version is different
from the one already on the switch:
ProCurve(config)# auto-tftp 10.10.2.40 image2
COMMAND DETAILS
filename (p. 70)
server-ip (p. 70)
server-ipv6 (p. 71)
filename
■ auto-tftp IP-ADDR FILENAME
The software image file-name.
■ auto-tftp IPV6-ADDR FILENAME
The software image file-name.
server-ip
■ auto-tftp IP-ADDR
© 2009 Hewlett-Packard Development Company, L.P.
70
Command Line Interface Reference Guide
auto-tftp
IPv4 address of the TFTP server to download a software image from.
Next Available Option:
■ filename -- The software image file-name. (ASCII-STR) (p. 70)
server-ipv6
■ auto-tftp IPV6-ADDR
IPv6 address of the TFTP server to download a software image from.
Next Available Option:
■ filename -- The software image file-name. (ASCII-STR) (p. 70)
© 2009 Hewlett-Packard Development Company, L.P.
71
banner
OVERVIEW
Category:
Switch Management
Primary context:
config
Related Commands
show (page 511)
Usage: [no] banner motd ASCII-STR
Description: Define a login banner. The banner will be displayed before
login on the console, telnet, ssh, and Web-UI sessions.
The banner can be a multi-line text up to 320 characters.
The banner text can contain any printable character except
the delimiting character and the ~ character.
COMMAND STRUCTURE
■ [no] banner motd -- Set message of the day banner (p. 72)
■ ascii -- Specify delimiting character for banner text (ASCII-STR) (p. 72)
COMMAND DETAILS
ascii (p. 72)
motd (p. 72)
ascii
■ banner motd ASCII
Specify delimiting character for banner text
motd
■ [no] banner motd
Set message of the day banner
Next Available Option:
■ ascii -- Specify delimiting character for banner text (ASCII-STR) (p. 72)
© 2009 Hewlett-Packard Development Company, L.P.
72
boot
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
reload (page 467)
Usage: boot
boot
boot
boot
[system [flash <primary|secondary>] [config FILENAME]]
set-default flash <primary|secondary>
active
standby
Description: Reboot the device. The primary or secondary software image
can be specified to be used during the boot process.
Optionally, a configuration file can be set for this boot.
Parameters:
o set-default- Sets the default flash boot image for next boot.
o active
- Causes switchover and reboots the active management
module, if redundancy is enabled and the other module
is present. Reboots the system if redundancy is disabled
or the module is not present.
o standby
- Reboots the standby management module.
NOTES
Italicized "config" Keywords
The italicized "config | config1" keywords correspond to the names selected for the config
files.
COMMAND STRUCTURE
■ boot active -- Reboot the active management module. (p. 73)
■ boot set-default -- Specify the default flash boot image. (p. 74)
■ flash < primary | secondary > -- Specify the default flash boot image. (p. 74)
■ boot standby -- Reboot the standby management module. (p. 74)
■ boot system -- Allows user to specify boot image to use after reboot. (p. 75)
■ flash < primary | secondary > -- Specify boot image to use after reboot. (p. 74)
■ config < config | config1 > -- Specify configuration file to use on boot. (p. 74)
COMMAND DETAILS
active (p. 73)
config (p. 74)
flash (p. 74)
set-default (p. 74)
standby (p. 74)
system (p. 75)
active
■ boot active
Note: This command applies to the 8212zl switch only.
Reboot the active management module. The switch starts to boot from the
default flash image. You can select which image to boot from during the
boot process itself. The switch will switchover to the standby management
© 2009 Hewlett-Packard Development Company, L.P.
73
Command Line Interface Reference Guide
boot
module. If a second management module is not present in the switch, the
system is rebooted.
config
■ boot system flash < primary | secondary > config < config | config1 >
Specify configuration file to use on boot.
Supported Values:
■ config
■ config1
flash
■ boot system flash < primary | secondary >
Specify boot image to use after reboot.
Supported Values:
■ primary -- Primary flash image.
■ secondary -- Secondary flash image.
Next Available Option:
■ config < config | config1 > -- Specify configuration file to use on boot.(p. 74)
■ boot set-default flash < primary | secondary >
Specify the default flash boot image.
Supported Values:
■ primary -- Primary flash image.
■ secondary -- Secondary flash image.
set-default
■ boot set-default
Specify the default flash boot image. Sets the default flash for the
next boot to primary or secondary. You will see this message:
“This command changes the location of the default boot. This command
will change the default flash image to boot from <flash chosen>.
Hereafter, ‘reload’ and ‘boot’ commands will boot from <flash chosen>.
Do you want to continue [y/n]?”
Next Available Option:
■ flash < primary | secondary > -- Specify the default flash boot image.(p. 74)
standby
■ boot standby
Reboot the standby management module. The switch does not switchover.
If the standby module is not present, this message displays: “The other
management module is not present.”
© 2009 Hewlett-Packard Development Company, L.P.
74
Command Line Interface Reference Guide
boot
system
■ boot system
Allows user to specify boot image to use after reboot.
Next Available Option:
■ flash < primary | secondary > -- Specify boot image to use after reboot.(p. 74)
© 2009 Hewlett-Packard Development Company, L.P.
75
cdp
OVERVIEW
Category:
Routing
Primary context:
config
Related Commands
the section called “cdp” (page 537)
Usage: [no] cdp ...
Description: Set various CDP (Cisco Discovery Protocol) parameters. Use
'cdp ?' to get a list of all possible options.
COMMAND STRUCTURE
■ [no] cdp enable -- Enable/disable CDP on particular device ports ([ethernet] PORT-LIST) (p. 76)
■ [no] cdp run -- Start and stop CDP on the device (p. 76)
EXAMPLES
Example: cdp enable PORT-LIST
Disable CDP on port A1 of a Series 5400zl switch:
ProCurve(config)# no cdp enable a1
Example: cdp run
Disable CDP on the switch:
ProCurve(config)# no cdp run
COMMAND DETAILS
enable (p. 76)
run (p. 76)
enable
■ [no] cdp enable [ETHERNET] PORT-LIST
Usage: [no] cdp enable [ethernet] PORT-LIST
Description: Enable/disable CDP on particular device ports.
run
■ [no] cdp run
Usage: [no] cdp run
Description: Start and stop CDP on the device.
© 2009 Hewlett-Packard Development Company, L.P.
76
chassislocate
OVERVIEW
Category:
Primary context:
operator
Related Commands
Usage: chassislocate <on|blink> [<1-1440>]
chassislocate off
Description: Control the chassis locate led.
Parameters:
o
o
o
o
on - Turn the led on.
off - Turn the led off.
blink - Make the led blink.
[<1-1440>] - Number of minutes the led is
to blink or be turned on (default is 30).
COMMAND STRUCTURE
■ chassislocate blink -- Blink the chassis locate led (default 30 minutes). (p. 77)
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 77)
■ chassislocate off -- Turn the chassis locate led off. (p. 78)
■ chassislocate on -- Turn the chassis locate led on (default 30 minutes). (p. 78)
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 77)
COMMAND DETAILS
blink (p. 77)
duration (p. 77)
off (p. 78)
on (p. 78)
blink
■ chassislocate blink
Blink the chassis locate led (default 30 minutes).
Next Available Option:
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 77)
duration
■ chassislocate on < 1 to 1440 >
Number of minutes duration (default 30).
Range: < 1 to 1440 >
■ chassislocate blink < 1 to 1440 >
Number of minutes duration (default 30).
Range: < 1 to 1440 >
© 2009 Hewlett-Packard Development Company, L.P.
77
Command Line Interface Reference Guide
chassislocate
off
■ chassislocate off
Turn the chassis locate led off.
on
■ chassislocate on
Turn the chassis locate led on (default 30 minutes).
Next Available Option:
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 77)
© 2009 Hewlett-Packard Development Company, L.P.
78
class
OVERVIEW
Category:
Primary context:
config
Related Commands
policy (page 398)
Usage:
[no] class <address-family> <name>
Description: Create a classifier class and enter the class context.
Parameters are address family(ipv4 or ipv6) and class name.
COMMAND STRUCTURE
■ [no] class ipv4 -- Enter ipv4 class name (ASCII-STR) (p. 80)
■ [no] class ipv6 -- Enter ipv6 class name (ASCII-STR) (p. 80)
■ class resequence -- Renumber the entries in the class. (p. 80)
■ ipv4 -- Enter ipv4 class name (ASCII-STR) (p. 80)
■ start-seq-num < 1 to 2147483647 > -- Specify the starting sequence number. (p. 80)
■ incr-num < 1 to 2147483646 > -- Specify the increment. (p. 80)
■ ipv6 -- Enter ipv6 class name (ASCII-STR) (p. 80)
■ start-seq-num < 1 to 2147483647 > -- Specify the starting sequence number. (p. 80)
■ incr-num < 1 to 2147483646 > -- Specify the increment. (p. 80)
EXAMPLES
Example: class
“AdminTraffic” selects the administrative traffic sent to, and received from, the IPv4 address of an
administrator’s PC:
ProCurve(config)# class
ProCurve(class-config)#
ProCurve(class-config)#
ProCurve(class-config)#
ipv4 AdminTraffic
match ip 15.29.16.1/10 any
match ip any 15.29.16.1/10
exit
Example: class
“http” selects HTTP traffic sent to TCP ports 80, 443, and 8080, and excludes HTTP traffic sent to, and
received from, TCP port 1214:
ProCurve(config)# class
ProCurve(class-config)#
ProCurve(class-config)#
ProCurve(class-config)#
ProCurve(class-config)#
ProCurve(class-config)#
ProCurve(class-config)#
ipv4 http
match tcp any any eq 80
match tcp any any eq 443
match tcp any any eq 8080
ignore tcp any eq 1214 any
ignore tcp any any eq 1214
exit
COMMAND DETAILS
incr-num (p. 80)
ipv4 (p. 80)
ipv6 (p. 80)
resequence (p. 80)
© 2009 Hewlett-Packard Development Company, L.P.
start-seq-num (p. 80)
79
Command Line Interface Reference Guide
class
incr-num
■ class resequence ipv4 IPV4 < 1 to 2147483647 > < 1 to 2147483646 >
Specify the increment.
Range: < 1 to 2147483646 >
■ class resequence ipv6 IPV6 < 1 to 2147483647 > < 1 to 2147483646 >
Specify the increment.
Range: < 1 to 2147483646 >
ipv4
■ [no] class ipv4 IPV4
Enter ipv4 class name
■ class resequence ipv4 IPV4
Enter ipv4 class name
Next Available Option:
■ start-seq-num < 1 to 2147483647 > -- Specify the starting sequence number. (p. 80)
ipv6
■ [no] class ipv6 IPV6
Enter ipv6 class name
■ class resequence ipv6 IPV6
Enter ipv6 class name
Next Available Option:
■ start-seq-num < 1 to 2147483647 > -- Specify the starting sequence number. (p. 80)
resequence
■ class resequence
Renumber the entries in the class.
Next Available Options:
■ ipv4 -- Enter ipv4 class name (ASCII-STR) (p. 80)
■ ipv6 -- Enter ipv6 class name (ASCII-STR) (p. 80)
start-seq-num
■ class resequence ipv4 IPV4 < 1 to 2147483647 >
Specify the starting sequence number.
Range: < 1 to 2147483647 >
© 2009 Hewlett-Packard Development Company, L.P.
80
Command Line Interface Reference Guide
class
Next Available Option:
■ incr-num < 1 to 2147483646 > -- Specify the increment. (p. 80)
■ class resequence ipv6 IPV6 < 1 to 2147483647 >
Specify the starting sequence number.
Range: < 1 to 2147483647 >
Next Available Option:
■ incr-num < 1 to 2147483646 > -- Specify the increment. (p. 80)
© 2009 Hewlett-Packard Development Company, L.P.
81
clear
OVERVIEW
Category:
Primary context:
manager
Related Commands
Usage: clear <arp|intrusion-log|logging|public-key|statistics
[ethernet] PORT-LIST |link-keepalive statistics>
Description: Clear table/statistics or authorized client public keys.
Parameters:
o arp - Flushes all non-permanent entries in the ARP cache.
o intrusion-log - Resets the Alert Flags and prepares
the switch to detect and log the next security intrusion.
o logging - Remove all event entries from the event log
o public-key - Removes currently loaded authorized client public keys
from active configuration.
o statistics PORT-LIST - Resets all port counters associated with
the ports specified.
o link-keepalive statistics - Resets the UDLD packets sent, UDLD
packets received, and Transition counters for all UDLD enabled ports.
COMMAND STRUCTURE
■ clear arp -- Flush all non-permanent entries in the ARP cache. (p. 83)
■ clear crypto -- Remove client public keys from active configuration. (p. 83)
■ client-public-key -- Remove client public keys from active configuration. (p. 83)
■ keyfile < manager | operator > -- Remove client public keys from active configuration. (p.
84)
■ keylist -- Remove client public keys from active configuration. (ASCII-STR) (p. 84)
■ clear intrusion-flags -- Reset the Alert Flag on all ports. (p. 83)
■ clear ip -- Clear all IP information. (p. 83)
■ ospf-statistics -- Usage: clear ip ospf-statistics [ <ip-address>] Clears OSPF interface statistics
If [<ip-address>] specified clears statistics for a given interface if the interface is OSPF enabled.
(p. 84)
■ if-ip -- specify ip-address whose statistics is to be cleared. (IP-ADDR) (p. 83)
■ clear ipv6 -- Clear all IPv6 information. (p. 84)
■ neighbors -- Delete all the neighbour discovery cache entries, except static entries. (p. 84)
■ clear link-keepalive -- Reset link-keepalive counters for all UDLD enabled ports. (p. 84)
■ statistics -- Reset link-keepalive counters for all UDLD enabled ports. (p. 85)
■ clear logging -- Remove all event entries from the event log. (p. 84)
■ clear statistics -- Reset all counters for the specified ports. ([ethernet] PORT-LIST) (p. 85)
© 2009 Hewlett-Packard Development Company, L.P.
82
Command Line Interface Reference Guide
clear
COMMAND DETAILS
arp (p. 83)
client-public-key (p. 83)
crypto (p. 83)
if-ip (p. 83)
intrusion-flags (p. 83)
ip (p. 83)
ipv6 (p. 84)
keyfile (p. 84)
keylist (p. 84)
link-keepalive (p. 84)
logging (p. 84)
neighbors (p. 84)
ospf-statistics (p. 84)
statistics (p. 85)
arp
■ clear arp
Flush all non-permanent entries in the ARP cache.
client-public-key
■ clear crypto client-public-key
Remove client public keys from active configuration.
Next Available Option:
■ keyfile < manager | operator > -- Remove client public keys from active configuration.(p. 84)
crypto
■ clear crypto
Remove client public keys from active configuration.
Next Available Option:
■ client-public-key -- Remove client public keys from active configuration.(p. 83)
if-ip
■ clear ip ospf-statistics IP-ADDR
specify ip-address whose statistics is to be cleared.
intrusion-flags
■ clear intrusion-flags
Reset the Alert Flag on all ports.
ip
■ clear ip
Clear all IP information.
Next Available Option:
■ ospf-statistics -- Usage: clear ip ospf-statistics [ <ip-address>] Clears OSPF interface statistics
If [<ip-address>] specified clears statistics for a given interface if the interface is OSPF enabled.
(p. 84)
© 2009 Hewlett-Packard Development Company, L.P.
83
Command Line Interface Reference Guide
clear
ipv6
■ clear ipv6
Clear all IPv6 information.
Next Available Option:
■ neighbors -- Delete all the neighbour discovery cache entries, except static entries.(p. 84)
keyfile
■ clear crypto client-public-key < manager | operator >
Remove client public keys from active configuration.
Supported Values:
■ manager -- Select manager public keys.
■ operator -- Select operator public keys.
Next Available Option:
■ keylist -- Remove client public keys from active configuration. (ASCII-STR) (p. 84)
keylist
■ clear crypto client-public-key < manager | operator > KEYLIST
Remove client public keys from active configuration.
link-keepalive
■ clear link-keepalive
Reset link-keepalive counters for all UDLD enabled ports.
Next Available Option:
■ statistics -- Reset link-keepalive counters for all UDLD enabled ports.(p. 85)
logging
■ clear logging
Remove all event entries from the event log.
neighbors
■ clear ipv6 neighbors
Delete all the neighbour discovery cache entries, except static entries.
ospf-statistics
■ clear ip ospf-statistics
Usage: clear ip ospf-statistics [ <ip-address>]
Clears OSPF interface statistics
© 2009 Hewlett-Packard Development Company, L.P.
84
Command Line Interface Reference Guide
clear
If [<ip-address>] specified clears statistics for a given interface
if the interface is OSPF enabled.
Next Available Option:
■ if-ip -- specify ip-address whose statistics is to be cleared. (IP-ADDR) (p. 83)
statistics
■ clear statistics [ETHERNET] PORT-LIST
Reset all counters for the specified ports.
■ clear link-keepalive statistics
Reset link-keepalive counters for all UDLD enabled ports.
© 2009 Hewlett-Packard Development Company, L.P.
85
clock
OVERVIEW
Category:
Switch Management
Primary context:
config
Related Commands
ip (page 290)
sntp (page 634)
time (page 686)
Usage: [no] clock [...]
Description: Display/set current time, date, and local time parameters.
Called without any parameters displays the information
mentioned above. Use 'clock ?' to see a list of all possible
configuration options.
COMMAND STRUCTURE
■ clock set -- Set current time and/or date (p. 87)
■ date -- Current date to set. (MM/DD[/[YY]YY]) (p. 86)
■ time -- Current time to set. (HH:MM[:SS]) (p. 88)
■ [no] clock summer-time -- Enable/disable daylight-saving time changes (p. 87)
■ clock timezone -- Set the number of hours your location is to the West(-) or East(+) of GMT (p. 88)
■ gmt < +14:00 | +13:00 | +12:00 | ... > -- Number of hours your timezone is to the West(-) or
East(+) of GMT. (p. 86)
■ us < alaska | aleutian | arizona | ... > -- Timezone for US locations. (p. 88)
COMMAND DETAILS
date (p. 86)
gmt (p. 86)
set (p. 87)
summer-time (p. 87)
time (p. 88)
timezone (p. 88)
us (p. 88)
date
■ clock set [DATE]
Current date to set.
gmt
■ clock timezone gmt < +14:00 | +13:00 | +12:00 | ... >
Number of hours your timezone is to the West(-) or East(+) of GMT.
Supported Values:
■ +14:00
■ +13:00
■ +12:00
■ +11:30
■ +11:00
■ +10:30
■ +10:00
© 2009 Hewlett-Packard Development Company, L.P.
86
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
clock
+9:30
+9:00
+8:00
+7:00
+6:30
+6:00
+5:30
+5:00
+4:30
+4:00
+3:30
+3:00
+2:00
+1:00
+0:00
-1:00
-2:00
-3:00
-3:30
-4:00
-5:00
-6:00
-7:00
-8:00
-8:30
-9:00
-9:30
-10:00
-11:00
-12:00
set
■ clock set
Usage: clock set <[MM/DD[/[YY]YY]] [HH:MM[:SS]]>
Description: Set current time and/or date.
o MM/DD[/[YY]YY]
- New date
o HH:MM[:SS]
- New time
Next Available Options:
■ date -- Current date to set. (MM/DD[/[YY]YY]) (p. 86)
■ time -- Current time to set. (HH:MM[:SS]) (p. 88)
summer-time
■ [no] clock summer-time
Usage: [no] clock summer-time
Description: Enable/disable daylight-saving time changes.
© 2009 Hewlett-Packard Development Company, L.P.
87
Command Line Interface Reference Guide
clock
time
■ clock set [TIME]
Current time to set.
timezone
■ clock timezone
Usage: clock timezone [gmt <-12:00 - +14:00>] |
[us <none|alaska|aleutian|arizona|central|
east-indiana|eastern|hawaii|michigan|mountain|
pacific|samoa>]
Description: Set the number of hours your location is to the
West(-) or East(+) of GMT. The number of hours can
be defined by specifying either an exact number
(see 'clock timezone gmt ?' for the list of all acceptable
values) or a US timezone. The default value is GMT 0.
Next Available Options:
■ gmt < +14:00 | +13:00 | +12:00 | ... > -- Number of hours your timezone is to the West(-) or East(+)
of GMT.(p. 86)
■ us < alaska | aleutian | arizona | ... > -- Timezone for US locations.(p. 88)
us
■ clock timezone us < alaska | aleutian | arizona | ... >
Timezone for US locations.
Supported Values:
■ alaska
■ aleutian
■ arizona
■ central
■ east_indiana
■ eastern
■ hawaii
■ michigan
■ mountain
■ pacific
■ samoa
© 2009 Hewlett-Packard Development Company, L.P.
88
configure
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
end (page 173)
exit (page 176)
enable (page 172)
Usage: configure [terminal]
Description: Enter the Configuration context.
COMMAND STRUCTURE
■ configure terminal -- Optional keyword of the configure command. Can be omitted. (p. 89)
EXAMPLES
Example: enable
ProCurve# configure
ProCurve(config)#
COMMAND DETAILS
terminal (p. 89)
terminal
■ configure terminal
Optional keyword of the configure command. Can be omitted.
© 2009 Hewlett-Packard Development Company, L.P.
89
connection-rate-filter
OVERVIEW
Category:
Troubleshooting
Primary context:
config
Related Commands
filter (page 185)
ip (page 290)
vlan (page 706)
show (page 511)
Usage:
connection-rate-filter unblock < host SRC-IP-ADDR | SRC-IP-ADDRESS/MASK >
[no] connection-rate-filter sensitivity <low|medium|high|aggressive>
Description: Re-enables access to a host or set of hosts that has been previously
blocked by the connection rate filter. Disabling or setting sensitivity
may have improved performance after rebooting the switch
COMMAND STRUCTURE
■ connection-rate-filter sensitivity -- Sets the level of filtering required (p. 91)
■ sensitive < low | medium | high | ... > -- (p. 90)
■ connection-rate-filter unblock -- Resets a host previously blocked by the connection rate filter (p.
91)
■ all -- Resets all previously blocked by the connection rate filter (p. 90)
■ host -- Match packets from the specified IP address. (IP-ADDR) (p. 90)
■ src-ip -- Match packets from the specified subnet. (IP-ADDR/MASK-LENGTH) (p. 91)
COMMAND DETAILS
all (p. 90)
host (p. 90)
sensitive (p. 90)
sensitivity (p. 91)
src-ip (p. 91)
unblock (p. 91)
all
■ connection-rate-filter unblock all
Resets all previously blocked by the connection rate filter
host
■ connection-rate-filter unblock host IP-ADDR
Match packets from the specified IP address.
sensitive
■ connection-rate-filter sensitivity < low | medium | high | ... >
Supported Values:
■ low -- Sets the level of connection rate filtering to low (most permissive)
■ medium -- Sets the level of connection rate filtering to medium (permissive)
■ high -- Sets the level of connection rate filtering to high (restrictive)
■ aggressive -- Sets the level of connection rate filtering to aggressive (most restrictive)
© 2009 Hewlett-Packard Development Company, L.P.
90
Command Line Interface Reference Guide
connection-rate-filter
sensitivity
■ connection-rate-filter sensitivity
Sets the level of filtering required
Next Available Option:
■ sensitive < low | medium | high | ... > -- (p. 90)
src-ip
■ connection-rate-filter unblock IP-ADDR/MASK-LENGTH
Match packets from the specified subnet.
unblock
■ connection-rate-filter unblock
Resets a host previously blocked by the connection rate filter
Next Available Options:
■ all -- Resets all previously blocked by the connection rate filter (p. 90)
■ host -- Match packets from the specified IP address. (IP-ADDR) (p. 90)
■ src-ip -- Match packets from the specified subnet. (IP-ADDR/MASK-LENGTH) (p. 91)
© 2009 Hewlett-Packard Development Company, L.P.
91
console
OVERVIEW
Category:
Switch Management
Primary context:
config
Related Commands
show (page 511)
repeat (page 470)
Usage: console ...
Description: Set various console parameters. Use 'console ?' to get a list
of all configurable parameters.
The non-configurable parameters and their default values are:
Data bits = 8; Parity = None; Stop bits = 1.
COMMAND STRUCTURE
■ console baud-rate < speed-sense | 1200 | 2400 | ... > -- Set the data transmission speed for the
device connect sessions initiated through the Console port (p. 93)
■ console events < None | Debug | All | ... > -- Set level of the events displayed in the device's Events
Log (p. 93)
■ console flow-control < XON/XOFF | None > -- Set the Flow Control Method; default is xon-xoff
(p. 93)
■ console inactivity-timer < 0 | 1 | 5 | ... > -- Set the number of minutes of no activity detected on
the Console port before the switch terminates a communication session (p. 94)
■ console local-terminal < VT100 | NONE | ANSI > -- Set type of terminal being used for the current
console or telnet session (default is vt100) (p. 94)
■ console screen-refresh < 1 | 3 | 5 | ... > -- Set default number of seconds before screen is refreshed
on the repeat command (p. 94)
■ console terminal < VT100 | NONE | ANSI > -- Set type of terminal being used for all console and
telnet sessions (default is vt100) (p. 95)
EXAMPLES
Example: console <...>
Configure the switch to use the following console settings:
■ VT100 operation
■ 19,200 baud
■ No flow control
■ 10-minute inactivity time
■ Critical log events
ProCurve(config)# console terminal vt100 baud-rate 19200 flow-control none
inactivity-timer 10 events
critical
Command will take effect after saving configuration and reboot.
© 2009 Hewlett-Packard Development Company, L.P.
92
Command Line Interface Reference Guide
console
ProCurve(config)# write memory
ProCurve(config)# reload
COMMAND DETAILS
baud-rate (p. 93)
events (p. 93)
flow-control (p. 93)
inactivity-timer (p. 94)
local-terminal (p. 94)
screen-refresh (p. 94)
terminal (p. 95)
baud-rate
■ console baud-rate < speed-sense | 1200 | 2400 | ... >
Usage: console baud-rate <speed-sense|1200|2400|4800|
9600|19200|38400|57600|115200>
Description: Set the data transmission speed for the device connect
sessions initiated through the Console port. The 'speed-sense'
is for automatic speed determination. Default is speed-sense.
Supported Values:
■ speed-sense
■ 1200
■ 2400
■ 4800
■ 9600
■ 19200
■ 38400
■ 57600
■ 115200
events
■ console events < None | Debug | All | ... >
Usage: console events <none|all|not-info|critical|debug>
Description: Set level of the events displayed in the device's Events Log.
all - display all;
none - display no events;
not-info - display all events except informational;
critical - display only critical-level events;
debug - reserved for Internal use.
Supported Values:
■ None
■ Debug
■ All
■ Not-INFO
■ Critical
flow-control
■ console flow-control < XON/XOFF | None >
Usage: console flow-control <xon/xoff|none>
Description: Set the Flow Control Method; default is xon-xoff.
Supported Values:
© 2009 Hewlett-Packard Development Company, L.P.
93
Command Line Interface Reference Guide
console
■ XON/XOFF
■ None
inactivity-timer
■ console inactivity-timer < 0 | 1 | 5 | ... >
Usage: console inactivity-timer <0|1|5|10|15|20|30|60|120>
Description: Set the number of minutes of no activity detected on the
Console port before the switch terminates a communication
session. '0' means disable inactivity timer.
Default is 0.
Supported Values:
■ 0
■ 1
■ 5
■ 10
■ 15
■ 20
■ 30
■ 60
■ 120
local-terminal
■ console local-terminal < VT100 | NONE | ANSI >
Usage: console local-terminal <vt100|ansi|none>
Description: Set type of terminal being used for the current
console or telnet session (default is vt100).
Takes effect immediately. Not saved in configuration.
Terminal type options are:
vt100 = use VT100 terminal escape sequences.
ansi = use ANSI terminal escape sequences.
none = use a raw mode with no terminal escape sequences. Useful
for scripting.
See also 'console terminal help'.
Supported Values:
■ VT100 -- VT-100 terminal compatible.
■ NONE -- Raw mode with terminal escape sequences removed.
■ ANSI -- ANSI terminal compatible.
screen-refresh
■ console screen-refresh < 1 | 3 | 5 | ... >
Usage: console screen-refresh <1|3|5|10|20|30|45|60>
Description: Set default number of seconds before screen is refreshed
on the repeat command. See 'repeat help' for details on
the 'repeat' command.
Supported Values:
■ 1
© 2009 Hewlett-Packard Development Company, L.P.
94
Command Line Interface Reference Guide
■
■
■
■
■
■
■
console
3
5
10
20
30
45
60
terminal
■ console terminal < VT100 | NONE | ANSI >
Usage: console terminal <vt100|ansi|none>
Description: Set type of terminal being used for all console
and telnet sessions (default is vt100). Saved in
configuration and requires reboot to take effect.
Terminal type options are:
vt100 = use VT100 terminal escape sequences.
ansi = use ANSI terminal escape sequences.
none = use a raw mode with no terminal escape sequences. Useful
for scripting.
See also 'console local-terminal help'.
Supported Values:
■ VT100 -- VT-100 terminal compatible.
■ NONE -- Raw mode with terminal escape sequences removed.
■ ANSI -- ANSI terminal compatible.
© 2009 Hewlett-Packard Development Company, L.P.
95
copy
OVERVIEW
Category:
Primary context:
manager
Related Commands
Usage: copy <source> <destination> [options]
Description: Copy datafiles to/from the switch.
<source> - specify source of data. It can be 'tftp', 'xmodem', 'command',
'flash', 'usb' or any of the following switch data files:
o config
o running-config
o startup-config
o crash-log [a|b|c|d|e|f|g|h|master]
o crash-data
o event-log
o command-output <command>
Note: When using 'command-output', place the desired CLI command in
double-quotes. i.e. "show system".
<destination> - specify the copy target. It can be also 'tftp', 'xmodem',
'usb' or one of the following switch data files:
o startup-config
o command-file
o flash
o show-tech
o config
o pub-key-file
o autorun-key-file
o autorun-cert-file
[options] - options are:
o IPv4 address - TFTP server IPv4 address.
Required for TFTP transfers.
o IPv6 address - TFTP server IPv6 address.
Required for TFTP transfers.
o append
- Add the key(s) for operator access.
o manager
- Replace the key(s) for manager access; follow
with the 'append' option to add the key(s).
o operator
- Replace the key(s) for operator access
(default); follow with the 'append' option to
add the key(s).
o filename
- File-name to upload/download.
Required for TFTP & USB transfers.
o unix
o pc
COMMAND STRUCTURE
■ copy command-output -- Specify a CLI command to copy output of. (ASCII-STR) (p. 106)
■ tftp -- Copy data to a TFTP server. (p. 124)
© 2009 Hewlett-Packard Development Company, L.P.
96
Command Line Interface Reference Guide
copy
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ copy config < config1 | config2 | config3 > -- Copy named configuration file. (p. 106)
■ config -- Copy data to specified configuration file. (ASCII-STR) (p. 106)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ copy crash-data -- Copy the switch crash data file. (p. 107)
■ card -- Enter single slot identifier. (SLOT-ID-RANGE) (p. 105)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ mm -- Copy from the management card. (p. 119)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
© 2009 Hewlett-Packard Development Company, L.P.
97
Command Line Interface Reference Guide
copy
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ copy crash-log -- Copy the switch log file. (p. 107)
■ card -- Enter single slot identifier. (SLOT-ID-RANGE) (p. 105)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ mm -- Copy from the management card. (p. 119)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ copy event-log -- Copy event log file. (p. 109)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ copy flash -- Copy the switch system image file. (p. 116)
■ flash < primary | secondary > -- Copy to primary/secondary flash. (p. 116)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ cv_out_flash < primary | secondary > -- Copy from primary/secondary flash. (p. 108)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ cv_out_flash < primary | secondary > -- Copy from primary/secondary flash. (p. 108)
■ usb -- Copy data to a USB flash drive. (p. 133)
© 2009 Hewlett-Packard Development Company, L.P.
98
Command Line Interface Reference Guide
copy
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ cv_out_flash < primary | secondary > -- Copy from primary/secondary flash. (p. 108)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ cv_out_flash < primary | secondary > -- Copy from primary/secondary flash. (p. 108)
■ copy running-config -- Copy running configuration file. (p. 123)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ copy startup-config -- Copy in-flash configuration file. (p. 123)
■ tftp -- Copy data to a TFTP server. (p. 124)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ usb -- Copy data to a USB flash drive. (p. 133)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ xmodem -- Use xmodem on the terminal as the data destination. (p. 135)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ copy tftp -- Copy data from a TFTP server. (p. 124)
■ autorun-cert-file -- Copy autorun trusted certificate to the switch. (p. 105)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ append -- Add the key(s) for operator access. (p. 102)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option
to add the key(s). (p. 117)
■ append -- Add the key(s) for access. (p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append'
option to add the key(s). (p. 119)
■ append -- Add the key(s) for access. (p. 102)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ append -- Add the key(s) for operator access. (p. 102)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option
to add the key(s). (p. 117)
■ append -- Add the key(s) for access. (p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append'
option to add the key(s). (p. 119)
© 2009 Hewlett-Packard Development Company, L.P.
99
Command Line Interface Reference Guide
copy
■ append -- Add the key(s) for access. (p. 102)
■ autorun-key-file -- Copy autorun key file to the switch. (p. 105)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ append -- Add the key(s) for operator access. (p. 102)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option
to add the key(s). (p. 117)
■ append -- Add the key(s) for access. (p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append'
option to add the key(s). (p. 119)
■ append -- Add the key(s) for access. (p. 102)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ append -- Add the key(s) for operator access. (p. 102)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option
to add the key(s). (p. 117)
■ append -- Add the key(s) for access. (p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append'
option to add the key(s). (p. 119)
■ append -- Add the key(s) for access. (p. 102)
■ command-file -- Copy command script to switch and execute. (p. 106)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ config -- Copy data to specified configuration file. (ASCII-STR) (p. 106)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ flash -- Copy data to the switch system image file. (p. 116)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ cv_flash < primary | secondary > -- Copy to primary/secondary flash. (p. 107)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ cv_flash < primary | secondary > -- Copy to primary/secondary flash. (p. 107)
■ pub-key-file -- Copy the public keys to the switch. (p. 122)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ append -- Add the key(s) for operator access. (p. 102)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option
to add the key(s). (p. 117)
■ append -- Add the key(s) for access. (p. 102)
© 2009 Hewlett-Packard Development Company, L.P.
100
Command Line Interface Reference Guide
copy
■ operator -- Replace the key(s) for operator access (default); follow with the 'append'
option to add the key(s). (p. 119)
■ append -- Add the key(s) for access. (p. 102)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ append -- Add the key(s) for operator access. (p. 102)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option
to add the key(s). (p. 117)
■ append -- Add the key(s) for access. (p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append'
option to add the key(s). (p. 119)
■ append -- Add the key(s) for access. (p. 102)
■ show-tech -- Copy custom show-tech script to switch. (p. 123)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ startup-config -- Copy data to the switch configuration file. (p. 123)
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ copy usb -- Copy data from a USB flash drive. (p. 133)
■ autorun-cert-file -- Copy autorun trusted certificate to the switch. (p. 105)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ append -- Add the key(s) for operator access. (p. 102)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to
add the key(s). (p. 117)
■ append -- Add the key(s) for access. (p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append'
option to add the key(s). (p. 119)
■ append -- Add the key(s) for access. (p. 102)
■ autorun-key-file -- Copy autorun key file to the switch. (p. 105)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ append -- Add the key(s) for operator access. (p. 102)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to
add the key(s). (p. 117)
■ append -- Add the key(s) for access. (p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append'
option to add the key(s). (p. 119)
■ append -- Add the key(s) for access. (p. 102)
■ command-file -- Copy command script to switch and execute. (p. 106)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
© 2009 Hewlett-Packard Development Company, L.P.
101
Command Line Interface Reference Guide
copy
■ flash -- Copy data to the switch system image file. (p. 116)
■ image-name -- Specify filename for the USB transfer. (ASCII-STR) (p. 117)
■ cv_flash < primary | secondary > -- Copy to primary/secondary flash. (p. 107)
■ pub-key-file -- Copy the public keys to the switch. (p. 122)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ append -- Add the key(s) for operator access. (p. 102)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to
add the key(s). (p. 117)
■ append -- Add the key(s) for access. (p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append'
option to add the key(s). (p. 119)
■ append -- Add the key(s) for access. (p. 102)
■ startup-config -- Copy data to the switch configuration file. (p. 123)
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy xmodem -- Use xmodem on the terminal as the data source. (p. 135)
■ command-file -- Copy command script to switch and execute. (p. 106)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ config -- Copy data to specified configuration file. (ASCII-STR) (p. 106)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
■ flash -- Copy to primary/secondary flash. (p. 116)
■ cv_flash < primary | secondary > -- Copy to primary/secondary flash. (p. 107)
■ startup-config -- Copy data to the switch configuration file. (p. 123)
■ pc -- Change CR/LF to PC style. (p. 120)
■ unix -- Change CR/LF to unix style. (p. 131)
COMMAND DETAILS
append (p. 102)
autorun-cert-file (p. 105)
autorun-key-file (p. 105)
card (p. 105)
command-file (p. 106)
command-output (p. 106)
config (p. 106)
crash-data (p. 107)
crash-log (p. 107)
cv_flash (p. 107)
cv_out_flash (p. 108)
event-log (p. 109)
filename (p. 109)
flash (p. 116)
image-name (p. 117)
manager (p. 117)
mm (p. 119)
operator (p. 119)
pc (p. 120)
pub-key-file (p. 122)
running-config (p. 123)
show-tech (p. 123)
startup-config (p. 123)
tftp (p. 124)
tftp-ip (p. 126)
tftp-ipv6 (p. 129)
unix (p. 131)
usb (p. 133)
xmodem (p. 135)
append
■ copy tftp pub-key-file IP-ADDR FILENAME append
Add the key(s) for operator access.
■ copy tftp pub-key-file IP-ADDR FILENAME operator append
Add the key(s) for access.
■ copy tftp pub-key-file IP-ADDR FILENAME manager append
Add the key(s) for access.
© 2009 Hewlett-Packard Development Company, L.P.
102
Command Line Interface Reference Guide
copy
■ copy tftp pub-key-file IPV6-ADDR FILENAME append
Add the key(s) for operator access.
■ copy tftp pub-key-file IPV6-ADDR FILENAME operator append
Add the key(s) for access.
■ copy tftp pub-key-file IPV6-ADDR FILENAME manager append
Add the key(s) for access.
■ copy tftp autorun-cert-file IP-ADDR FILENAME append
Add the key(s) for operator access.
■ copy tftp autorun-cert-file IP-ADDR FILENAME operator append
Add the key(s) for access.
■ copy tftp autorun-cert-file IP-ADDR FILENAME manager append
Add the key(s) for access.
■ copy tftp autorun-cert-file IPV6-ADDR FILENAME append
Add the key(s) for operator access.
■ copy tftp autorun-cert-file IPV6-ADDR FILENAME operator append
Add the key(s) for access.
■ copy tftp autorun-cert-file IPV6-ADDR FILENAME manager append
Add the key(s) for access.
■ copy tftp autorun-key-file IP-ADDR FILENAME append
Add the key(s) for operator access.
■ copy tftp autorun-key-file IP-ADDR FILENAME operator append
Add the key(s) for access.
■ copy tftp autorun-key-file IP-ADDR FILENAME manager append
Add the key(s) for access.
© 2009 Hewlett-Packard Development Company, L.P.
103
Command Line Interface Reference Guide
copy
■ copy tftp autorun-key-file IPV6-ADDR FILENAME append
Add the key(s) for operator access.
■ copy tftp autorun-key-file IPV6-ADDR FILENAME operator append
Add the key(s) for access.
■ copy tftp autorun-key-file IPV6-ADDR FILENAME manager append
Add the key(s) for access.
■ copy usb pub-key-file FILENAME append
Add the key(s) for operator access.
■ copy usb pub-key-file FILENAME operator append
Add the key(s) for access.
■ copy usb pub-key-file FILENAME manager append
Add the key(s) for access.
■ copy usb autorun-cert-file FILENAME append
Add the key(s) for operator access.
■ copy usb autorun-cert-file FILENAME operator append
Add the key(s) for access.
■ copy usb autorun-cert-file FILENAME manager append
Add the key(s) for access.
■ copy usb autorun-key-file FILENAME append
Add the key(s) for operator access.
■ copy usb autorun-key-file FILENAME operator append
Add the key(s) for access.
■ copy usb autorun-key-file FILENAME manager append
Add the key(s) for access.
© 2009 Hewlett-Packard Development Company, L.P.
104
Command Line Interface Reference Guide
copy
autorun-cert-file
■ copy tftp autorun-cert-file
Copy autorun trusted certificate to the switch.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy usb autorun-cert-file
Copy autorun trusted certificate to the switch.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
autorun-key-file
■ copy tftp autorun-key-file
Copy autorun key file to the switch.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy usb autorun-key-file
Copy autorun key file to the switch.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
card
■ copy crash-data SLOT-ID-RANGE
Enter single slot identifier.
Next Available Options:
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
■ copy crash-log SLOT-ID-RANGE
Enter single slot identifier.
Next Available Options:
■ tftp -- Copy data to a TFTP server.(p. 124)
© 2009 Hewlett-Packard Development Company, L.P.
105
Command Line Interface Reference Guide
copy
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
command-file
■ copy tftp command-file
Copy command script to switch and execute.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy xmodem command-file
Copy command script to switch and execute.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy usb command-file
Copy command script to switch and execute.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
command-output
■ copy command-output COMMAND-OUTPUT
Specify a CLI command to copy output of.
Next Available Options:
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
config
■ copy tftp config CONFIG
Copy data to specified configuration file.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy xmodem config CONFIG
© 2009 Hewlett-Packard Development Company, L.P.
106
Command Line Interface Reference Guide
copy
Copy data to specified configuration file.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy config < config1 | config2 | config3 >
Copy named configuration file.
Supported Values:
■ config1
■ config2
■ config3
Next Available Options:
■ config -- Copy data to specified configuration file. (ASCII-STR) (p. 106)
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ copy config < config1 | config2 | config3 > config CONFIG
Copy data to specified configuration file.
crash-data
■ copy crash-data
Copy the switch crash data file.
Next Available Options:
■ card -- Enter single slot identifier. (SLOT-ID-RANGE) (p. 105)
■ mm -- Copy from the management card.(p. 119)
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
crash-log
■ copy crash-log
Copy the switch log file.
Next Available Options:
■ card -- Enter single slot identifier. (SLOT-ID-RANGE) (p. 105)
■ mm -- Copy from the management card.(p. 119)
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
cv_flash
■ copy tftp flash IP-ADDR FILENAME < primary | secondary >
© 2009 Hewlett-Packard Development Company, L.P.
107
Command Line Interface Reference Guide
copy
Copy to primary/secondary flash.
Supported Values:
■ primary -- Copy to primary flash.
■ secondary -- Copy to secondary flash.
■ copy tftp flash IPV6-ADDR FILENAME < primary | secondary >
Copy to primary/secondary flash.
Supported Values:
■ primary -- Copy to primary flash.
■ secondary -- Copy to secondary flash.
■ copy xmodem flash < primary | secondary >
Copy to primary/secondary flash.
Supported Values:
■ primary -- Copy to primary flash.
■ secondary -- Copy to secondary flash.
■ copy usb flash IMAGE-NAME < primary | secondary >
Copy to primary/secondary flash.
Supported Values:
■ primary -- Copy to primary flash.
■ secondary -- Copy to secondary flash.
cv_out_flash
■ copy flash tftp IP-ADDR FILENAME < primary | secondary >
Copy from primary/secondary flash.
Supported Values:
■ primary -- Copy image primary flash.
■ secondary -- Copy image secondary flash.
■ copy flash tftp IPV6-ADDR FILENAME < primary | secondary >
Copy from primary/secondary flash.
Supported Values:
■ primary -- Copy image primary flash.
■ secondary -- Copy image secondary flash.
■ copy flash xmodem < primary | secondary >
Copy from primary/secondary flash.
© 2009 Hewlett-Packard Development Company, L.P.
108
Command Line Interface Reference Guide
copy
Supported Values:
■ primary -- Copy image primary flash.
■ secondary -- Copy image secondary flash.
■ copy flash usb FILENAME < primary | secondary >
Copy from primary/secondary flash.
Supported Values:
■ primary -- Copy image primary flash.
■ secondary -- Copy image secondary flash.
event-log
■ copy event-log
Copy event log file.
Next Available Options:
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
filename
■ copy tftp command-file IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy tftp command-file IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy tftp flash IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Option:
■ cv_flash < primary | secondary > -- Copy to primary/secondary flash.(p. 107)
■ copy tftp flash IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
© 2009 Hewlett-Packard Development Company, L.P.
109
Command Line Interface Reference Guide
copy
Next Available Option:
■ cv_flash < primary | secondary > -- Copy to primary/secondary flash.(p. 107)
■ copy tftp pub-key-file IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ append -- Add the key(s) for operator access.(p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).(p. 119)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).(p. 117)
■ copy tftp pub-key-file IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ append -- Add the key(s) for operator access.(p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).(p. 119)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).(p. 117)
■ copy tftp startup-config IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy tftp startup-config IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy tftp config CONFIG IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy tftp config CONFIG IPV6-ADDR FILENAME
© 2009 Hewlett-Packard Development Company, L.P.
110
Command Line Interface Reference Guide
copy
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy tftp autorun-cert-file IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ append -- Add the key(s) for operator access.(p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).(p. 119)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).(p. 117)
■ copy tftp autorun-cert-file IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ append -- Add the key(s) for operator access.(p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).(p. 119)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).(p. 117)
■ copy tftp autorun-key-file IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ append -- Add the key(s) for operator access.(p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).(p. 119)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).(p. 117)
■ copy tftp autorun-key-file IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ append -- Add the key(s) for operator access.(p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).(p. 119)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).(p. 117)
■ copy tftp show-tech IP-ADDR FILENAME
© 2009 Hewlett-Packard Development Company, L.P.
111
Command Line Interface Reference Guide
copy
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy tftp show-tech IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy usb startup-config FILENAME
Specify filename for the USB transfer.
■ copy usb command-file FILENAME
Specify filename for the USB transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy usb pub-key-file FILENAME
Specify filename for the USB transfer.
Next Available Options:
■ append -- Add the key(s) for operator access.(p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).(p. 119)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).(p. 117)
■ copy usb autorun-cert-file FILENAME
Specify filename for the USB transfer.
Next Available Options:
■ append -- Add the key(s) for operator access.(p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).(p. 119)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).(p. 117)
■ copy usb autorun-key-file FILENAME
Specify filename for the USB transfer.
© 2009 Hewlett-Packard Development Company, L.P.
112
Command Line Interface Reference Guide
copy
Next Available Options:
■ append -- Add the key(s) for operator access.(p. 102)
■ operator -- Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).(p. 119)
■ manager -- Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).(p. 117)
■ copy command-output COMMAND-OUTPUT tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy command-output COMMAND-OUTPUT tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy command-output COMMAND-OUTPUT usb FILENAME
Specify filename for the USB transfer.
■ copy config < config1 | config2 | config3 > tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy config < config1 | config2 | config3 > tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy crash-data SLOT-ID-RANGE tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-data SLOT-ID-RANGE tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
© 2009 Hewlett-Packard Development Company, L.P.
113
Command Line Interface Reference Guide
copy
■ copy crash-data SLOT-ID-RANGE usb FILENAME
Specify filename for the USB transfer.
■ copy crash-data mm tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-data mm tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-data mm usb FILENAME
Specify filename for the USB transfer.
■ copy crash-data tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-data tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-data usb FILENAME
Specify filename for the USB transfer.
■ copy crash-log SLOT-ID-RANGE tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-log SLOT-ID-RANGE tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-log SLOT-ID-RANGE usb FILENAME
Specify filename for the USB transfer.
■ copy crash-log mm tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-log mm tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-log mm usb FILENAME
Specify filename for the USB transfer.
■ copy crash-log tftp IP-ADDR FILENAME
© 2009 Hewlett-Packard Development Company, L.P.
114
Command Line Interface Reference Guide
copy
Specify filename for the TFTP transfer.
■ copy crash-log tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
■ copy crash-log usb FILENAME
Specify filename for the USB transfer.
■ copy flash tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Option:
■ cv_out_flash < primary | secondary > -- Copy from primary/secondary flash.(p. 108)
■ copy flash tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Option:
■ cv_out_flash < primary | secondary > -- Copy from primary/secondary flash.(p. 108)
■ copy flash usb FILENAME
Specify filename for the TFTP transfer.
Next Available Option:
■ cv_out_flash < primary | secondary > -- Copy from primary/secondary flash.(p. 108)
■ copy running-config tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy running-config tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy running-config usb FILENAME
Specify filename for the USB transfer.
■ copy startup-config tftp IP-ADDR FILENAME
© 2009 Hewlett-Packard Development Company, L.P.
115
Command Line Interface Reference Guide
copy
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy startup-config tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy startup-config usb FILENAME
Specify filename for the USB transfer.
■ copy event-log tftp IP-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy event-log tftp IPV6-ADDR FILENAME
Specify filename for the TFTP transfer.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy event-log usb FILENAME
Specify filename for the USB transfer.
flash
■ copy tftp flash
Copy data to the switch system image file.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy xmodem flash
Copy to primary/secondary flash.
© 2009 Hewlett-Packard Development Company, L.P.
116
Command Line Interface Reference Guide
copy
Next Available Option:
■ cv_flash < primary | secondary > -- Copy to primary/secondary flash.(p. 107)
■ copy usb flash
Copy data to the switch system image file.
Next Available Option:
■ image-name -- Specify filename for the USB transfer. (ASCII-STR) (p. 117)
■ copy flash
Copy the switch system image file.
Next Available Options:
■ flash < primary | secondary > -- Copy to primary/secondary flash.(p. 116)
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
■ copy flash flash < primary | secondary >
Copy to primary/secondary flash.
Supported Values:
■ primary -- Copy to primary flash.
■ secondary -- Copy to secondary flash.
image-name
■ copy usb flash IMAGE-NAME
Specify filename for the USB transfer.
Next Available Option:
■ cv_flash < primary | secondary > -- Copy to primary/secondary flash.(p. 107)
manager
■ copy tftp pub-key-file IP-ADDR FILENAME manager
Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy tftp pub-key-file IPV6-ADDR FILENAME manager
Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
© 2009 Hewlett-Packard Development Company, L.P.
117
Command Line Interface Reference Guide
copy
■ copy tftp autorun-cert-file IP-ADDR FILENAME manager
Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy tftp autorun-cert-file IPV6-ADDR FILENAME manager
Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy tftp autorun-key-file IP-ADDR FILENAME manager
Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy tftp autorun-key-file IPV6-ADDR FILENAME manager
Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy usb pub-key-file FILENAME manager
Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy usb autorun-cert-file FILENAME manager
Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy usb autorun-key-file FILENAME manager
Replace the key(s) for manager access; follow with the 'append' option to add the
key(s).
© 2009 Hewlett-Packard Development Company, L.P.
118
Command Line Interface Reference Guide
copy
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
mm
■ copy crash-data mm
Copy from the management card.
Next Available Options:
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
■ copy crash-log mm
Copy from the management card.
Next Available Options:
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
operator
■ copy tftp pub-key-file IP-ADDR FILENAME operator
Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy tftp pub-key-file IPV6-ADDR FILENAME operator
Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy tftp autorun-cert-file IP-ADDR FILENAME operator
Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy tftp autorun-cert-file IPV6-ADDR FILENAME operator
© 2009 Hewlett-Packard Development Company, L.P.
119
Command Line Interface Reference Guide
copy
Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy tftp autorun-key-file IP-ADDR FILENAME operator
Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy tftp autorun-key-file IPV6-ADDR FILENAME operator
Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy usb pub-key-file FILENAME operator
Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy usb autorun-cert-file FILENAME operator
Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
■ copy usb autorun-key-file FILENAME operator
Replace the key(s) for operator access (default); follow with the 'append' option to
add the key(s).
Next Available Option:
■ append -- Add the key(s) for access.(p. 102)
pc
■ copy tftp command-file IP-ADDR FILENAME pc
Change CR/LF to PC style.
© 2009 Hewlett-Packard Development Company, L.P.
120
Command Line Interface Reference Guide
copy
■ copy tftp command-file IPV6-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy tftp startup-config IP-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy tftp startup-config IPV6-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy tftp config CONFIG IP-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy tftp config CONFIG IPV6-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy tftp show-tech IP-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy tftp show-tech IPV6-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy xmodem startup-config pc
Change CR/LF to PC style.
■ copy xmodem command-file pc
Change CR/LF to PC style.
■ copy xmodem config CONFIG pc
Change CR/LF to PC style.
■ copy usb command-file FILENAME pc
Change CR/LF to PC style.
■ copy command-output COMMAND-OUTPUT tftp IP-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy command-output COMMAND-OUTPUT tftp IPV6-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy command-output COMMAND-OUTPUT xmodem pc
Change CR/LF to PC style.
■ copy config < config1 | config2 | config3 > tftp IP-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy config < config1 | config2 | config3 > tftp IPV6-ADDR FILENAME pc
Change CR/LF to PC style.
© 2009 Hewlett-Packard Development Company, L.P.
121
Command Line Interface Reference Guide
copy
■ copy config < config1 | config2 | config3 > xmodem pc
Change CR/LF to PC style.
■ copy running-config tftp IP-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy running-config tftp IPV6-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy running-config xmodem pc
Change CR/LF to PC style.
■ copy startup-config tftp IP-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy startup-config tftp IPV6-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy startup-config xmodem pc
Change CR/LF to PC style.
■ copy event-log tftp IP-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy event-log tftp IPV6-ADDR FILENAME pc
Change CR/LF to PC style.
■ copy event-log xmodem pc
Change CR/LF to PC style.
pub-key-file
■ copy tftp pub-key-file
Copy the public keys to the switch.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy usb pub-key-file
Copy the public keys to the switch.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
© 2009 Hewlett-Packard Development Company, L.P.
122
Command Line Interface Reference Guide
copy
running-config
■ copy running-config
Copy running configuration file.
Next Available Options:
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
■ usb -- Copy data to a USB flash drive.(p. 133)
show-tech
■ copy tftp show-tech
Copy custom show-tech script to switch.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
startup-config
■ copy tftp startup-config
Copy data to the switch configuration file.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy xmodem startup-config
Copy data to the switch configuration file.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy usb startup-config
Copy data to the switch configuration file.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy startup-config
Copy in-flash configuration file.
Next Available Options:
■ tftp -- Copy data to a TFTP server.(p. 124)
■ xmodem -- Use xmodem on the terminal as the data destination.(p. 135)
© 2009 Hewlett-Packard Development Company, L.P.
123
Command Line Interface Reference Guide
copy
■ usb -- Copy data to a USB flash drive.(p. 133)
tftp
■ copy tftp
Copy data from a TFTP server.
Next Available Options:
■ command-file -- Copy command script to switch and execute.(p. 106)
■ flash -- Copy data to the switch system image file.(p. 116)
■ pub-key-file -- Copy the public keys to the switch.(p. 122)
■ startup-config -- Copy data to the switch configuration file.(p. 123)
■ config -- Copy data to specified configuration file. (ASCII-STR) (p. 106)
■ autorun-cert-file -- Copy autorun trusted certificate to the switch.(p. 105)
■ autorun-key-file -- Copy autorun key file to the switch.(p. 105)
■ show-tech -- Copy custom show-tech script to switch.(p. 123)
■ copy command-output COMMAND-OUTPUT tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy config < config1 | config2 | config3 > tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy crash-data SLOT-ID-RANGE tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy crash-data mm tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy crash-data tftp
© 2009 Hewlett-Packard Development Company, L.P.
124
Command Line Interface Reference Guide
copy
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy crash-log SLOT-ID-RANGE tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy crash-log mm tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy crash-log tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy flash tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy running-config tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy startup-config tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
© 2009 Hewlett-Packard Development Company, L.P.
125
Command Line Interface Reference Guide
copy
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
■ copy event-log tftp
Copy data to a TFTP server.
Next Available Options:
■ tftp-ip -- Specify TFTP server IPv4 address. (IP-ADDR) (p. 126)
■ tftp-ipv6 -- Specify TFTP server IPv6 address. (IPV6-ADDR) (p. 129)
tftp-ip
■ copy tftp command-file IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp flash IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp pub-key-file IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp startup-config IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp config CONFIG IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp autorun-cert-file IP-ADDR
Specify TFTP server IPv4 address.
© 2009 Hewlett-Packard Development Company, L.P.
126
Command Line Interface Reference Guide
copy
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp autorun-key-file IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp show-tech IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy command-output COMMAND-OUTPUT tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy config < config1 | config2 | config3 > tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-data SLOT-ID-RANGE tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-data mm tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-data tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
© 2009 Hewlett-Packard Development Company, L.P.
127
Command Line Interface Reference Guide
copy
■ copy crash-log SLOT-ID-RANGE tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-log mm tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-log tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy flash tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy running-config tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy startup-config tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy event-log tftp IP-ADDR
Specify TFTP server IPv4 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
© 2009 Hewlett-Packard Development Company, L.P.
128
Command Line Interface Reference Guide
copy
tftp-ipv6
■ copy tftp command-file IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp flash IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp pub-key-file IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp startup-config IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp config CONFIG IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp autorun-cert-file IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp autorun-key-file IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy tftp show-tech IPV6-ADDR
© 2009 Hewlett-Packard Development Company, L.P.
129
Command Line Interface Reference Guide
copy
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy command-output COMMAND-OUTPUT tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy config < config1 | config2 | config3 > tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-data SLOT-ID-RANGE tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-data mm tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-data tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-log SLOT-ID-RANGE tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-log mm tftp IPV6-ADDR
Specify TFTP server IPv6 address.
© 2009 Hewlett-Packard Development Company, L.P.
130
Command Line Interface Reference Guide
copy
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy crash-log tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy flash tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy running-config tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy startup-config tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy event-log tftp IPV6-ADDR
Specify TFTP server IPv6 address.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
unix
■ copy tftp command-file IP-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy tftp command-file IPV6-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy tftp startup-config IP-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy tftp startup-config IPV6-ADDR FILENAME unix
© 2009 Hewlett-Packard Development Company, L.P.
131
Command Line Interface Reference Guide
copy
Change CR/LF to unix style.
■ copy tftp config CONFIG IP-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy tftp config CONFIG IPV6-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy tftp show-tech IP-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy tftp show-tech IPV6-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy xmodem startup-config unix
Change CR/LF to unix style.
■ copy xmodem command-file unix
Change CR/LF to unix style.
■ copy xmodem config CONFIG unix
Change CR/LF to unix style.
■ copy usb command-file FILENAME unix
Change CR/LF to unix style.
■ copy command-output COMMAND-OUTPUT tftp IP-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy command-output COMMAND-OUTPUT tftp IPV6-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy command-output COMMAND-OUTPUT xmodem unix
Change CR/LF to unix style.
■ copy config < config1 | config2 | config3 > tftp IP-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy config < config1 | config2 | config3 > tftp IPV6-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy config < config1 | config2 | config3 > xmodem unix
Change CR/LF to unix style.
■ copy running-config tftp IP-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy running-config tftp IPV6-ADDR FILENAME unix
© 2009 Hewlett-Packard Development Company, L.P.
132
Command Line Interface Reference Guide
copy
Change CR/LF to unix style.
■ copy running-config xmodem unix
Change CR/LF to unix style.
■ copy startup-config tftp IP-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy startup-config tftp IPV6-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy startup-config xmodem unix
Change CR/LF to unix style.
■ copy event-log tftp IP-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy event-log tftp IPV6-ADDR FILENAME unix
Change CR/LF to unix style.
■ copy event-log xmodem unix
Change CR/LF to unix style.
usb
■ copy usb
Copy data from a USB flash drive.
Next Available Options:
■ startup-config -- Copy data to the switch configuration file.(p. 123)
■ flash -- Copy data to the switch system image file.(p. 116)
■ command-file -- Copy command script to switch and execute.(p. 106)
■ pub-key-file -- Copy the public keys to the switch.(p. 122)
■ autorun-cert-file -- Copy autorun trusted certificate to the switch.(p. 105)
■ autorun-key-file -- Copy autorun key file to the switch.(p. 105)
■ copy command-output COMMAND-OUTPUT usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy crash-data SLOT-ID-RANGE usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
© 2009 Hewlett-Packard Development Company, L.P.
133
Command Line Interface Reference Guide
copy
■ copy crash-data mm usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy crash-data usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy crash-log SLOT-ID-RANGE usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy crash-log mm usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy crash-log usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy flash usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the TFTP transfer. (ASCII-STR) (p. 109)
■ copy running-config usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy startup-config usb
© 2009 Hewlett-Packard Development Company, L.P.
134
Command Line Interface Reference Guide
copy
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
■ copy event-log usb
Copy data to a USB flash drive.
Next Available Option:
■ filename -- Specify filename for the USB transfer. (ASCII-STR) (p. 109)
xmodem
■ copy xmodem
Use xmodem on the terminal as the data source.
Next Available Options:
■ flash -- Copy to primary/secondary flash.(p. 116)
■ startup-config -- Copy data to the switch configuration file.(p. 123)
■ command-file -- Copy command script to switch and execute.(p. 106)
■ config -- Copy data to specified configuration file. (ASCII-STR) (p. 106)
■ copy command-output COMMAND-OUTPUT xmodem
Use xmodem on the terminal as the data destination.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy config < config1 | config2 | config3 > xmodem
Use xmodem on the terminal as the data destination.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy crash-data SLOT-ID-RANGE xmodem
Use xmodem on the terminal as the data destination.
■ copy crash-data mm xmodem
Use xmodem on the terminal as the data destination.
■ copy crash-data xmodem
Use xmodem on the terminal as the data destination.
© 2009 Hewlett-Packard Development Company, L.P.
135
Command Line Interface Reference Guide
copy
■ copy crash-log SLOT-ID-RANGE xmodem
Use xmodem on the terminal as the data destination.
■ copy crash-log mm xmodem
Use xmodem on the terminal as the data destination.
■ copy crash-log xmodem
Use xmodem on the terminal as the data destination.
■ copy flash xmodem
Use xmodem on the terminal as the data destination.
Next Available Option:
■ cv_out_flash < primary | secondary > -- Copy from primary/secondary flash.(p. 108)
■ copy running-config xmodem
Use xmodem on the terminal as the data destination.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy startup-config xmodem
Use xmodem on the terminal as the data destination.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
■ copy event-log xmodem
Use xmodem on the terminal as the data destination.
Next Available Options:
■ unix -- Change CR/LF to unix style.(p. 131)
■ pc -- Change CR/LF to PC style.(p. 120)
© 2009 Hewlett-Packard Development Company, L.P.
136
core-dump
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] core-dump [management-module | interface-module]
Description: Enable/disable core-dump on management-module
or interface-module.
COMMAND STRUCTURE
■ [no] core-dump interface-module -- Enable/disable core-dump on interface-module (p. 137)
■ [no] core-dump management-module -- Enable/disable core-dump on management-module (p.
137)
EXAMPLES
Example: core-dump
ProCurve(config)# no core-dump management-module
COMMAND DETAILS
interface-module (p. 137)
management-module (p. 137)
interface-module
■ [no] core-dump interface-module
Enable/disable core-dump on interface-module
management-module
■ [no] core-dump management-module
Enable/disable core-dump on management-module
© 2009 Hewlett-Packard Development Company, L.P.
137
crypto
OVERVIEW
Category:
SSH
Primary context:
config
Related Commands
the section called “crypto” (page 544)
autorun (page 68)
Usage: crypto host-cert generate self-signed [START END CNAME OU ORG
CITY STATE COUNTRY]
crypto host-cert zeroize
crypto key generate <ssh [rsa] | cert [rsa] KEYSIZE | autorun-key [rsa]>
crypto key zeroize <ssh | cert | autorun>
Description: Install or remove authentication files for ssh or https server
or for autorun
Parameters:
o host-cert - operation on the https host certificate file. The host
certificate file cannot be created before the certificate
rsa key file has been created.
o key - operation on an ssh or https rsa key file.
o generate - install new key or self-signed certificate.
Note: installing a new key may be very slow in the first few
minutes after booting the device.
o zeroize - remove an existing key or certificate file.
o
o
o
o
o
o
o
o
o
self-signed - install new self-signed certificate.
START - certificate will be valid beginning on this date.
END - certificate will be valid until this date.
CNAME - the name (IP address) of this device.
OU - organizational unit or department.
ORG - organization name.
CITY - city or location.
STATE - state or region.
COUNTRY - two character ISO country code. Typing 'x<TAB>' will
provide a list of all valid country codes beginning with
the letter x.
o
o
o
o
o
ssh - Install/remove host key for ssh server.
cert - Install/remove rsa key for https certificate.
autorun-key - Install/remove rsa key for autorun.
rsa - optional keyword indicating key type (only rsa is available).
KEYSIZE - for a certificate key, the size of the key desired.
Certificate keys may be 512, 768, or 1024 bits. (Ssh host
keys are always 896 bits.)
COMMAND STRUCTURE
■ crypto host-cert -- Install/remove self-signed certificate for https. (p. 146)
■ generate -- Create a self-signed certificate for the https server. (p. 146)
■ self-signed -- Create a self-signed certificate for the https server. (p. 148)
■ start-date -- Validity start date for certificate. (MM/DD[/[YY]YY]) (p. 148)
■ end-date -- Validity end date for certificate. (MM/DD[/[YY]YY]) (p. 146)
© 2009 Hewlett-Packard Development Company, L.P.
138
Command Line Interface Reference Guide
crypto
■ cname -- Common name [e.g., IP address of device]. (ASCII-STR) (p. 140)
■ org-unit -- Organizational unit [Department]. (ASCII-STR) (p. 147)
■ organization -- Organization name. (ASCII-STR) (p. 147)
■ additional options available...
■ zeroize -- Delete an existing certificate. (p. 149)
■ crypto key -- Install/remove RSA key file for ssh or https server. (p. 146)
■ generate -- Generate a new key. (p. 146)
■ autorun-key -- Install RSA key file for autorun (p. 139)
■ rsa -- Install RSA host key. (p. 147)
■ cert -- Install RSA key file for https certificate. (p. 140)
■ key-size < 512 | 768 | 1024 > -- (p. 147)
■ rsa -- Install RSA host key. (p. 147)
■ key-size < 512 | 768 | 1024 > -- (p. 147)
■ ssh -- Install host key file for ssh server. (p. 148)
■ dsa -- Install DSA host key. (p. 146)
■ bits -- Specify bitsize for key. (p. 140)
■ bits < 1024 > -- (p. 140)
■ rsa -- Install RSA host key. (p. 147)
■ bits -- Specify bitsize for key. (p. 140)
■ bits < 1024 | 2048 | 3072 > -- (p. 140)
■ zeroize -- Delete existing key. (p. 149)
■ autorun -- Remove RSA key file for autorun (p. 139)
■ rsa -- Install RSA host key. (p. 147)
■ cert -- Remove RSA key file for https certificate. (p. 140)
■ ssh -- Remove host key file for ssh server. (p. 148)
COMMAND DETAILS
autorun (p. 139)
autorun-key (p. 139)
bits (p. 140)
cert (p. 140)
city (p. 140)
cname (p. 140)
country (p. 141)
dsa (p. 146)
end-date (p. 146)
generate (p. 146)
host-cert (p. 146)
key (p. 146)
key-size (p. 147)
organization (p. 147)
org-unit (p. 147)
rsa (p. 147)
self-signed (p. 148)
ssh (p. 148)
start-date (p. 148)
state (p. 148)
zeroize (p. 149)
autorun
■ crypto key zeroize autorun
Remove RSA key file for autorun
Next Available Option:
■ rsa -- Install RSA host key.(p. 147)
autorun-key
■ crypto key generate autorun-key
Install RSA key file for autorun
Next Available Option:
■ rsa -- Install RSA host key.(p. 147)
© 2009 Hewlett-Packard Development Company, L.P.
139
Command Line Interface Reference Guide
crypto
bits
■ crypto key generate ssh rsa bits
Specify bitsize for key.
Next Available Option:
■ bits < 1024 | 2048 | 3072 > -- (p. 140)
■ crypto key generate ssh rsa bits < 1024 | 2048 | 3072 >
Supported Values:
■ 1024
■ 2048
■ 3072
■ crypto key generate ssh dsa bits
Specify bitsize for key.
Next Available Option:
■ bits < 1024 > -- (p. 140)
■ crypto key generate ssh dsa bits < 1024 >
Supported Values:
■ 1024
cert
■ crypto key generate cert
Install RSA key file for https certificate.
Next Available Options:
■ rsa -- Install RSA host key.(p. 147)
■ key-size < 512 | 768 | 1024 > -- (p. 147)
■ crypto key zeroize cert
Remove RSA key file for https certificate.
city
■ crypto host-cert generate self-signed [DATE: START-DATE] [DATE: END-DATE] CNAME ORG-UNIT
ORGANIZATION CITY
City or location.
Next Available Option:
■ state -- State or region. (ASCII-STR) (p. 148)
cname
■ crypto host-cert generate self-signed [DATE: START-DATE] [DATE: END-DATE] CNAME
© 2009 Hewlett-Packard Development Company, L.P.
140
Command Line Interface Reference Guide
crypto
Common name [e.g., IP address of device].
Next Available Option:
■ org-unit -- Organizational unit [Department]. (ASCII-STR) (p. 147)
country
■ crypto host-cert generate self-signed [DATE: START-DATE] [DATE: END-DATE] CNAME ORG-UNIT
ORGANIZATION CITY STATE < AD | AE | AF | ... >
Country code (2 character ISO code).
Supported Values:
■ AD -- Andorra
■ AE -- United Arab Emirates
■ AF -- Afghanistan
■ AG -- Antigua and Barbuda
■ AI -- Anguilla
■ AL -- Albania
■ AM -- Armenia
■ AN -- Netherlands Antilles
■ AO -- Angola
■ AQ -- Antarctica
■ AR -- Argentina
■ AS -- American Samoa
■ AT -- Austria
■ AU -- Australia
■ AW -- Aruba
■ AX -- Aland Islands
■ AZ -- Azerbaijan
■ BA -- Bosnia and Herzegovina
■ BB -- Barbados
■ BD -- Bangladesh
■ BE -- Belgium
■ BF -- Burkina Faso
■ BG -- Bulgaria
■ BH -- Bahrain
■ BI -- Burundi
■ BJ -- Benin
■ BM -- Bermuda
■ BN -- Brunei Darussalam
■ BO -- Bolivia
■ BR -- Brazil
■ BS -- Bahamas
■ BT -- Bhutan
■ BV -- Bouvet Island
■ BW -- Botswana
■ BY -- Belarus
■ BZ -- Belize
■ CA -- Canada
■ CC -- Cocos (Keeling) Islands
■ CD -- Congo, Democratic Republic of the
■ CF -- Central African Republic
© 2009 Hewlett-Packard Development Company, L.P.
141
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
crypto
CG -- Congo
CH -- Switzerland
CI -- Cote D'Ivoire (Ivory Coast)
CK -- Cook Islands
CL -- Chile
CM -- Cameroon
CN -- China
CO -- Colombia
CR -- Costa Rica
CS -- Czechoslovakia (former)
CU -- Cuba
CV -- Cape Verde
CX -- Christmas Island
CY -- Cyprus
CZ -- Czech Republic
DE -- Germany
DJ -- Djibouti
DK -- Denmark
DM -- Dominica
DO -- Dominican Republic
DZ -- Algeria
EC -- Ecuador
EE -- Estonia
EG -- Egypt
EH -- Western Sahara
ER -- Eritrea
ES -- Spain
ET -- Ethiopia
FI -- Finland
FJ -- Fiji
FK -- Falkland Islands (Malvinas)
FM -- Micronesia
FO -- Faroe Islands
FR -- France
FX -- France, Metropolitan
GA -- Gabon
GB -- Great Britain (UK)
GD -- Grenada
GE -- Georgia
GF -- French Guiana
GG -- Guernsey
GH -- Ghana
GI -- Gibraltar
GL -- Greenland
GM -- Gambia
GN -- Guinea
GP -- Guadeloupe
GQ -- Equatorial Guinea
GR -- Greece
GS -- S. Georgia and S. Sandwich Isls.
GT -- Guatemala
GU -- Guam
© 2009 Hewlett-Packard Development Company, L.P.
142
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
crypto
GW -- Guinea-Bissau
GY -- Guyanav
HK -- Hong Kong
HM -- Heard and McDonald Islands
HN -- Honduras
HR -- Croatia (Hrvatska)
HT -- Haiti
HU -- Hungary
ID -- Indonesia
IE -- Ireland
IL -- Israel
IM -- Isle of Man
IN -- India
IO -- British Indian Ocean Territory
IQ -- Iraq
IR -- Iran
IS -- Iceland
IT -- Italy
JE -- Jersey
JM -- Jamaica
JO -- Jordan
JP -- Japan
KE -- Kenya
KG -- Kyrgyzstan
KH -- Cambodia
KI -- Kiribati
KM -- Comoros
KN -- Saint Kitts and Nevis
KP -- Korea (North)
KR -- Korea (South)
KW -- Kuwait
KY -- Cayman Islands
KZ -- Kazakhstan
LA -- Laos
LB -- Lebanon
LC -- Saint Lucia
LI -- Liechtenstein
LK -- Sri Lanka
LR -- Liberia
LS -- Lesotho
LT -- Lithuania
LU -- Luxembourg
LV -- Latvia
LY -- Libya
MA -- Morocco
MC -- Monaco
MD -- Moldova
ME -- Montenegro
MG -- Madagascar
MH -- Marshall Islands
MK -- Macedonia
ML -- Mali
© 2009 Hewlett-Packard Development Company, L.P.
143
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
crypto
MM -- Myanmar
MN -- Mongolia
MO -- Macau
MP -- Northern Mariana Islands
MQ -- Martinique
MR -- Mauritania
MS -- Montserrat
MT -- Malta
MU -- Mauritius
MV -- Maldives
MW -- Malawi
MX -- Mexico
MY -- Malaysia
MZ -- Mozambique
NA -- Namibia
NC -- New Caledonia
NE -- Niger
NF -- Norfolk Island
NG -- Nigeria
NI -- Nicaragua
NL -- Netherlands
NO -- Norway
NP -- Nepal
NR -- Nauru
NT -- Neutral Zone
NU -- Niue
NZ -- New Zealand (Aotearoa)
OM -- Oman
PA -- Panama
PE -- Peru
PF -- French Polynesia
PG -- Papua New Guinea
PH -- Philippines
PK -- Pakistan
PL -- Poland
PM -- St. Pierre and Miquelon
PN -- Pitcairn
PR -- Puerto Rico
PS -- Palestinian Territory
PT -- Portugal
PW -- Palau
PY -- Paraguay
QA -- Qatar
RE -- Reunion
RO -- Romania
RS -- Serbia
RU -- Russian Federation
RW -- Rwanda
SA -- Saudi Arabia
Sb -- Solomon Islands
SC -- Seychelles
SD -- Sudan
© 2009 Hewlett-Packard Development Company, L.P.
144
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
crypto
SE -- Sweden
SG -- Singapore
SH -- St. Helena
SI -- Slovenia
SJ -- Svalbard and Jan Mayen Islands
SK -- Slovak Republic
SL -- Sierra Leone
SM -- San Marino
SN -- Senegal
SO -- Somalia
SR -- Suriname
ST -- Sao Tome and Principe
SU -- USSR (former)
SV -- El Salvador
SY -- Syria
SZ -- Swaziland
TC -- Turks and Caicos Islands
TD -- Chad
TF -- French Southern Territories
TG -- Togo
TH -- Thailand
TJ -- Tajikistan
TK -- Tokelau
TM -- Turkmenistan
TN -- Tunisia
TO -- Tonga
TP -- East Timor
TR -- Turkey
TT -- Trinidad and Tobago
TV -- Tuvalu
TW -- Taiwan
TZ -- Tanzania
UA -- Ukraine
UG -- Uganda
UK -- United Kingdom
UM -- US Minor Outlying Islands
US -- United States
UY -- Uruguay
UZ -- Uzbekistan
VA -- Vatican City State (Holy See)
VC -- Saint Vincent and the Grenadines
VE -- Venezuela
VG -- Virgin Islands (British)
VI -- Virgin Islands (U.S.)
VN -- Viet Nam
VU -- Vanuatu
WF -- Wallis and Futuna Islands
WS -- Samoa
YE -- Yemen
YT -- Mayotte
YU -- Yugoslavia
ZA -- South Africa
© 2009 Hewlett-Packard Development Company, L.P.
145
Command Line Interface Reference Guide
crypto
■ ZM -- Zambia
■ ZR -- Zaire
■ ZW -- Zimbabwe
dsa
■ crypto key generate ssh dsa
Install DSA host key.
Next Available Option:
■ bits -- Specify bitsize for key.(p. 140)
end-date
■ crypto host-cert generate self-signed [DATE: START-DATE] [DATE: END-DATE]
Validity end date for certificate.
Next Available Option:
■ cname -- Common name [e.g., IP address of device]. (ASCII-STR) (p. 140)
generate
■ crypto host-cert generate
Create a self-signed certificate for the https server.
Next Available Option:
■ self-signed -- Create a self-signed certificate for the https server.(p. 148)
■ crypto key generate
Generate a new key.
Next Available Options:
■ cert -- Install RSA key file for https certificate.(p. 140)
■ ssh -- Install host key file for ssh server.(p. 148)
■ autorun-key -- Install RSA key file for autorun(p. 139)
host-cert
■ crypto host-cert
Install/remove self-signed certificate for https.
Next Available Options:
■ generate -- Create a self-signed certificate for the https server.(p. 146)
■ zeroize -- Delete an existing certificate.(p. 149)
key
■ crypto key
© 2009 Hewlett-Packard Development Company, L.P.
146
Command Line Interface Reference Guide
crypto
Install/remove RSA key file for ssh or https server.
Next Available Options:
■ generate -- Generate a new key.(p. 146)
■ zeroize -- Delete existing key.(p. 149)
key-size
■ crypto key generate cert rsa < 512 | 768 | 1024 >
Supported Values:
■ 512 -- Install 512-bit RSA key.
■ 768 -- Install 768-bit RSA key.
■ 1024 -- Install 1024-bit RSA key.
■ crypto key generate cert < 512 | 768 | 1024 >
Supported Values:
■ 512 -- Install 512-bit RSA key.
■ 768 -- Install 768-bit RSA key.
■ 1024 -- Install 1024-bit RSA key.
organization
■ crypto host-cert generate self-signed [DATE: START-DATE] [DATE: END-DATE] CNAME ORG-UNIT
ORGANIZATION
Organization name.
Next Available Option:
■ city -- City or location. (ASCII-STR) (p. 140)
org-unit
■ crypto host-cert generate self-signed [DATE: START-DATE] [DATE: END-DATE] CNAME ORG-UNIT
Organizational unit [Department].
Next Available Option:
■ organization -- Organization name. (ASCII-STR) (p. 147)
rsa
■ crypto key generate cert rsa
Install RSA host key.
Next Available Option:
■ key-size < 512 | 768 | 1024 > -- (p. 147)
■ crypto key generate ssh rsa
Install RSA host key.
© 2009 Hewlett-Packard Development Company, L.P.
147
Command Line Interface Reference Guide
crypto
Next Available Option:
■ bits -- Specify bitsize for key.(p. 140)
■ crypto key generate autorun-key rsa
Install RSA host key.
■ crypto key zeroize autorun rsa
Install RSA host key.
self-signed
■ crypto host-cert generate self-signed
Create a self-signed certificate for the https server.
Next Available Option:
■ start-date -- Validity start date for certificate. (MM/DD[/[YY]YY]) (p. 148)
ssh
■ crypto key generate ssh
Install host key file for ssh server.
Next Available Options:
■ rsa -- Install RSA host key.(p. 147)
■ dsa -- Install DSA host key.(p. 146)
■ crypto key zeroize ssh
Remove host key file for ssh server.
start-date
■ crypto host-cert generate self-signed [DATE: START-DATE]
Validity start date for certificate.
Next Available Option:
■ end-date -- Validity end date for certificate. (MM/DD[/[YY]YY]) (p. 146)
state
■ crypto host-cert generate self-signed [DATE: START-DATE] [DATE: END-DATE] CNAME ORG-UNIT
ORGANIZATION CITY STATE
State or region.
Next Available Option:
■ country < AD | AE | AF | ... > -- Country code (2 character ISO code).(p. 141)
© 2009 Hewlett-Packard Development Company, L.P.
148
Command Line Interface Reference Guide
crypto
zeroize
■ crypto host-cert zeroize
Delete an existing certificate.
■ crypto key zeroize
Delete existing key.
Next Available Options:
■ cert -- Remove RSA key file for https certificate.(p. 140)
■ ssh -- Remove host key file for ssh server.(p. 148)
■ autorun -- Remove RSA key file for autorun(p. 139)
© 2009 Hewlett-Packard Development Company, L.P.
149
debug
OVERVIEW
Category:
Primary context:
manager
Related Commands
log (page 361)
show logging (page 567)
show debug (page 545)
Usage: [no] debug destination <logging|session|buffer>
[no] debug <all|DEBUG_TYPE>
Description: Enable/disable debug logging.
Parameters:
o destination - Enable or disable a debug destination. (Multiple
destinations can be configured)
o logging - Send the debug messages to a remote device via the syslog
facility. System logging must first be enabled with the
'logging' command.
o session - Debug messages will be displayed on the current console,
telnet, or ssh session.
o buffer - Debug messages will be stored in a limited size in-memory
buffer, and be available using "show debug buffer".
o Debug types
o all - Display messages for all debug types.
o DEBUG_TYPE - Display debug messages of the specified type. Use
<TAB> to see a list of available types and sub-types.
COMMAND STRUCTURE
■
■
■
■
■
■
■
■
[no] debug acl -- Display debug messages on access control lists. (p. 151)
[no] debug all -- Display all debug messages. (p. 152)
[no] debug arp-protect -- Display Dynamic ARP Protection messages. (p. 152)
[no] debug destination < logging | session | buffer | ... > -- Select destination for debug messages.
(p. 152)
[no] debug dhcp-snooping -- Display all DHCP Snooping messages. (p. 152)
■ agent -- Display DHCP Snooping agent messages. (p. 152)
■ event -- Display DHCP Snooping event messages. (p. 153)
■ packet -- Display DHCP Snooping packet messages. (p. 155)
[no] debug dynamic-ip-lockdown -- Display Dynamic IP Lockdown messages. (p. 153)
[no] debug event -- Display event log messages. (p. 153)
[no] debug ip -- Display debug messages for IPv4. (p. 154)
■ fib -- Display IP Forwarding Information Base debug messages. (p. 153)
■ forwarding -- Display IPv4 forwarding messages. (p. 153)
■ ospf -- Display all OSPF routing messages. (p. 155)
■ adj -- Display adjacency changes. (p. 151)
■ event -- Display OSPF events. (p. 153)
■ flood -- Display information on flood messages. (p. 153)
■ lsa-generation -- Display new LSAs added to database. (p. 154)
■ packet -- Display packets sent/received. (p. 155)
© 2009 Hewlett-Packard Development Company, L.P.
150
Command Line Interface Reference Guide
■
■
■
■
■
■
debug
■ DD -- Display DD packets sent/received. (p. 152)
■ Hello -- Display Hello packets sent/received. (p. 153)
■ LSA -- Display LSA packets sent/received. (p. 154)
■ LSR -- Display LSR packets sent/received. (p. 155)
■ LSU -- Display LSU packets sent/received. (p. 155)
■ retransmission -- Display retransmission timer messages. (p. 156)
■ spf -- Display path recalculation messages. (p. 156)
■ packet -- Display IPv4 packet messages. (p. 155)
■ rip -- Display all RIP routing messages. (p. 156)
■ database -- Display database changes. (p. 152)
■ event -- Display RIP events. (p. 153)
■ trigger -- Display trigger messages. (p. 156)
[no] debug ipv6 -- Display debug messages for IPv6. (p. 154)
■ dhcpv6-client -- Display DHCPv6 client debug messages. (p. 152)
■ events -- Display DHCPv6 client events. (p. 153)
■ packet -- Display DHCPv6 client packets. (p. 155)
■ forwarding -- Display IPv6 forwarding messages. (p. 153)
■ nd -- Display debug messages for IPv6 neighbor discovery. (p. 155)
■ packet -- Display IPv6 packet messages. (p. 155)
[no] debug lldp -- Display LLDP information. (p. 154)
[no] debug services -- Display debug messages on services module. (SLOT-ID-RANGE) (p. 156)
[no] debug ssh -- Display SSH debug messages at specified verbosity. (p. 156)
■ loglevel < fatal | error | info | ... > -- (p. 154)
[no] debug vrrp -- Display VRRP debug messages. (p. 156)
[no] debug wireless-services -- Display debug messages on wireless-services module.
(SLOT-ID-RANGE) (p. 157)
COMMAND DETAILS
acl (p. 151)
adj (p. 151)
agent (p. 152)
all (p. 152)
arp-protect (p. 152)
database (p. 152)
DD (p. 152)
destination (p. 152)
dhcp-snooping (p. 152)
dhcpv6-client (p. 152)
dynamic-ip-lockdown (p. 153)
event (p. 153)
events (p. 153)
fib (p. 153)
flood (p. 153)
forwarding (p. 153)
Hello (p. 153)
ip (p. 154)
ipv6 (p. 154)
lldp (p. 154)
loglevel (p. 154)
LSA (p. 154)
lsa-generation (p. 154)
LSR (p. 155)
LSU (p. 155)
nd (p. 155)
ospf (p. 155)
packet (p. 155)
retransmission (p. 156)
rip (p. 156)
services (p. 156)
spf (p. 156)
ssh (p. 156)
trigger (p. 156)
vrrp (p. 156)
wireless-services (p. 157)
acl
■ [no] debug acl
Display debug messages on access control lists.
adj
■ [no] debug ip ospf adj
Display adjacency changes.
© 2009 Hewlett-Packard Development Company, L.P.
151
Command Line Interface Reference Guide
debug
agent
■ [no] debug dhcp-snooping agent
Display DHCP Snooping agent messages.
all
■ [no] debug all
Display all debug messages.
arp-protect
■ [no] debug arp-protect
Display Dynamic ARP Protection messages.
database
■ [no] debug ip rip database
Display database changes.
DD
■ [no] debug ip ospf packet DD
Display DD packets sent/received.
destination
■ [no] debug destination < logging | session | buffer | ... >
Select destination for debug messages.
Supported Values:
■ logging -- Send debug messages to syslog server.
■ session -- Print debug messages to terminal.
■ buffer -- Print debug messages to a buffer in memory.
■ debug-console -- printf() debug messages to debug console.
dhcp-snooping
■ [no] debug dhcp-snooping
Display all DHCP Snooping messages.
Next Available Options:
■ agent -- Display DHCP Snooping agent messages.(p. 152)
■ event -- Display DHCP Snooping event messages.(p. 153)
■ packet -- Display DHCP Snooping packet messages.(p. 155)
dhcpv6-client
■ [no] debug ipv6 dhcpv6-client
Display DHCPv6 client debug messages.
© 2009 Hewlett-Packard Development Company, L.P.
152
Command Line Interface Reference Guide
debug
Next Available Options:
■ events -- Display DHCPv6 client events.(p. 153)
■ packet -- Display DHCPv6 client packets.(p. 155)
dynamic-ip-lockdown
■ [no] debug dynamic-ip-lockdown
Display Dynamic IP Lockdown messages.
event
■ [no] debug dhcp-snooping event
Display DHCP Snooping event messages.
■ [no] debug event
Display event log messages.
■ [no] debug ip ospf event
Display OSPF events.
■ [no] debug ip rip event
Display RIP events.
events
■ [no] debug ipv6 dhcpv6-client events
Display DHCPv6 client events.
fib
■ [no] debug ip fib
Display IP Forwarding Information Base debug messages.
flood
■ [no] debug ip ospf flood
Display information on flood messages.
forwarding
■ [no] debug ip forwarding
Display IPv4 forwarding messages.
■ [no] debug ipv6 forwarding
Display IPv6 forwarding messages.
Hello
■ [no] debug ip ospf packet Hello
© 2009 Hewlett-Packard Development Company, L.P.
153
Command Line Interface Reference Guide
debug
Display Hello packets sent/received.
ip
■ [no] debug ip
Display debug messages for IPv4.
Next Available Options:
■ forwarding -- Display IPv4 forwarding messages.(p. 153)
■ packet -- Display IPv4 packet messages.(p. 155)
■ fib -- Display IP Forwarding Information Base debug messages.(p. 153)
■ ospf -- Display all OSPF routing messages.(p. 155)
■ rip -- Display all RIP routing messages.(p. 156)
ipv6
■ [no] debug ipv6
Display debug messages for IPv6.
Next Available Options:
■ dhcpv6-client -- Display DHCPv6 client debug messages.(p. 152)
■ forwarding -- Display IPv6 forwarding messages.(p. 153)
■ nd -- Display debug messages for IPv6 neighbor discovery.(p. 155)
■ packet -- Display IPv6 packet messages.(p. 155)
lldp
■ [no] debug lldp
Display LLDP information.
loglevel
■ debug ssh < fatal | error | info | ... >
Supported Values:
■ fatal
■ error
■ info
■ verbose
■ debug
■ debug2
■ debug3
LSA
■ [no] debug ip ospf packet LSA
Display LSA packets sent/received.
lsa-generation
■ [no] debug ip ospf lsa-generation
© 2009 Hewlett-Packard Development Company, L.P.
154
Command Line Interface Reference Guide
debug
Display new LSAs added to database.
LSR
■ [no] debug ip ospf packet LSR
Display LSR packets sent/received.
LSU
■ [no] debug ip ospf packet LSU
Display LSU packets sent/received.
nd
■ [no] debug ipv6 nd
Display debug messages for IPv6 neighbor discovery.
ospf
■ [no] debug ip ospf
Display all OSPF routing messages.
Next Available Options:
■ adj -- Display adjacency changes.(p. 151)
■ event -- Display OSPF events.(p. 153)
■ flood -- Display information on flood messages.(p. 153)
■ lsa-generation -- Display new LSAs added to database.(p. 154)
■ packet -- Display packets sent/received.(p. 155)
■ retransmission -- Display retransmission timer messages.(p. 156)
■ spf -- Display path recalculation messages.(p. 156)
packet
■ [no] debug dhcp-snooping packet
Display DHCP Snooping packet messages.
■ [no] debug ip packet
Display IPv4 packet messages.
■ [no] debug ip ospf packet
Display packets sent/received.
Next Available Options:
■ Hello -- Display Hello packets sent/received.(p. 153)
■ DD -- Display DD packets sent/received.(p. 152)
■ LSR -- Display LSR packets sent/received.(p. 155)
■ LSU -- Display LSU packets sent/received.(p. 155)
■ LSA -- Display LSA packets sent/received.(p. 154)
© 2009 Hewlett-Packard Development Company, L.P.
155
Command Line Interface Reference Guide
debug
■ [no] debug ipv6 dhcpv6-client packet
Display DHCPv6 client packets.
■ [no] debug ipv6 packet
Display IPv6 packet messages.
retransmission
■ [no] debug ip ospf retransmission
Display retransmission timer messages.
rip
■ [no] debug ip rip
Display all RIP routing messages.
Next Available Options:
■ database -- Display database changes.(p. 152)
■ event -- Display RIP events.(p. 153)
■ trigger -- Display trigger messages.(p. 156)
services
■ [no] debug services SLOT-ID-RANGE
Display debug messages on services module.
spf
■ [no] debug ip ospf spf
Display path recalculation messages.
ssh
■ [no] debug ssh
Display SSH debug messages at specified verbosity.
Next Available Option:
■ loglevel < fatal | error | info | ... > -- (p. 154)
trigger
■ [no] debug ip rip trigger
Display trigger messages.
vrrp
■ [no] debug vrrp
Display VRRP debug messages.
© 2009 Hewlett-Packard Development Company, L.P.
156
Command Line Interface Reference Guide
debug
wireless-services
■ [no] debug wireless-services SLOT-ID-RANGE
Display debug messages on wireless-services module.
© 2009 Hewlett-Packard Development Company, L.P.
157
dhcp
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] dhcp config-file-update
Description: Argument(s) to Control DHCP Client
COMMAND STRUCTURE
■ [no] dhcp config-file-update -- Argument to dhcp-client to specify whether to process option 66
& 67 (p. 158)
COMMAND DETAILS
config-file-update (p. 158)
config-file-update
■ [no] dhcp config-file-update
Argument to dhcp-client to specify whether to process option 66 & 67
© 2009 Hewlett-Packard Development Company, L.P.
158
dhcp-relay
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] dhcp-relay
[no] dhcp-relay [hop-count-increment]
dhcp-relay [option 82 append[validate]|replace[validate]
|drop[validate]|keep [mac|ip]]
[no] dhcp-relay [option 82 [validate]]
Description: Enable/disable DHCP relay agent on the device.
hop-count-increment --- optional argument to 'dhcp-relay' command used to
enable/disable increment of hop-count. By default it is
enabled.
option 82
--- optional argument to 'dhcp-relay' command used to specify
the operational status (enable/disable) of option 82.
append|replace|keep|drop --argument to 'option 82' command used to
specify the policy to apply to client DHCP packets. There
is no default option 82 policy defined for the switch.
validate
--- optional argument to 'option 82' append, replace, and drop
sub-arguments used to specify that a validation of the
server response packets such that at least one option 82
field matches the remote ID of the current switch (multiple
option 82 fields may exist, if relay agent is configured
using the append policy).
If validation fails, the response is considered invalid and
thrown away.
mac
--- Sets the remote ID to be the MAC address of the switch.
This is the default value.
ip
--- Sets the remote ID to be the IP address of the VLAN on
which the client request was received.
COMMAND STRUCTURE
■ [no] dhcp-relay hop-count-increment -- Optional argument to dhcp-agent used to enable/disable
increment of DHCP hop-count field. (p. 162)
■ [no] dhcp-relay option -- Optional argument to dhcp-agent used to specify operational status for
DHCP options. (p. 164)
■ 82 -- Optional argument to dhcp-agent used to specify the operational status for option 82. (p.
161)
■ append -- Specifies that the option 82 field should be appended to client DHCP packet. (p.
161)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received. (p. 162)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.
(p. 163)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN. (p. 163)
■ validate -- Specifies the validation for server response. (p. 165)
■ drop -- Specifies that the DHCP packet will be dropped unconditionally, if option 82 field(s)
already exists in the client DHCP packet. (p. 161)
© 2009 Hewlett-Packard Development Company, L.P.
159
Command Line Interface Reference Guide
dhcp-relay
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received. (p. 162)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.
(p. 163)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN. (p. 163)
■ validate -- Specifies the validation for server response. (p. 165)
■ keep -- Specifies that no option 82 field will be added or replaced, if option 82 field(s) already
exists in the client DHCP packet. (p. 163)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received. (p. 162)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.
(p. 163)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN. (p. 163)
■ replace -- Specifies that any existing option 82 fields will be replaced with switch option 82
field for client DHCP packet. (p. 164)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received. (p. 162)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.
(p. 163)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN. (p. 163)
■ validate -- Specifies the validation for server response. (p. 165)
■ validate -- Specifies the validation for server response. (p. 165)
■ append -- Specifies that the option 82 field should be appended to client DHCP packet.
(p. 161)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request
was received. (p. 162)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default
value. (p. 163)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN. (p.
163)
■ drop -- Specifies that the DHCP packet will be dropped unconditionally, if option 82
field(s) already exists in the client DHCP packet. (p. 161)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request
was received. (p. 162)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default
value. (p. 163)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN. (p.
163)
■ replace -- Specifies that any existing option 82 fields will be replaced with switch option
82 field for client DHCP packet. (p. 164)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request
was received. (p. 162)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default
value. (p. 163)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN. (p.
163)
COMMAND DETAILS
82 (p. 161)
append (p. 161)
drop (p. 161)
hop-count-increment (p. 162)
ip (p. 162)
keep (p. 163)
mac (p. 163)
mgmt-vlan (p. 163)
© 2009 Hewlett-Packard Development Company, L.P.
option (p. 164)
replace (p. 164)
validate (p. 165)
160
Command Line Interface Reference Guide
dhcp-relay
82
■ [no] dhcp-relay option 82
Optional argument to dhcp-agent used to specify the operational status
for option 82.
Next Available Options:
■ append -- Specifies that the option 82 field should be appended to client DHCP packet.(p. 161)
■ replace -- Specifies that any existing option 82 fields will be replaced with switch option 82
field for client DHCP packet.(p. 164)
■ keep -- Specifies that no option 82 field will be added or replaced, if option 82 field(s) already
exists in the client DHCP packet.(p. 163)
■ drop -- Specifies that the DHCP packet will be dropped unconditionally, if option 82 field(s)
already exists in the client DHCP packet.(p. 161)
■ validate -- Specifies the validation for server response.(p. 165)
append
■ dhcp-relay option 82 append
Specifies that the option 82 field should be appended to client DHCP
packet.
Next Available Options:
■ validate -- Specifies the validation for server response.(p. 165)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.(p. 163)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received.(p. 162)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN.(p. 163)
■ dhcp-relay option 82 validate append
Specifies that the option 82 field should be appended to client DHCP
packet.
Next Available Options:
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.(p. 163)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received.(p. 162)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN.(p. 163)
drop
■ dhcp-relay option 82 drop
Specifies that the DHCP packet will be dropped unconditionally, if
option 82 field(s) already exists in the client DHCP packet.
Next Available Options:
■ validate -- Specifies the validation for server response.(p. 165)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.(p. 163)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received.(p. 162)
© 2009 Hewlett-Packard Development Company, L.P.
161
Command Line Interface Reference Guide
dhcp-relay
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN.(p. 163)
■ dhcp-relay option 82 validate drop
Specifies that the DHCP packet will be dropped unconditionally, if
option 82 field(s) already exists in the client DHCP packet.
Next Available Options:
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.(p. 163)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received.(p. 162)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN.(p. 163)
hop-count-increment
■ [no] dhcp-relay hop-count-increment
Optional argument to dhcp-agent used to enable/disable increment of
DHCP hop-count field.
ip
■ dhcp-relay option 82 append ip
Sets the remote id to be the IP address of the VLAN on which the client
request was received.
■ dhcp-relay option 82 replace ip
Sets the remote id to be the IP address of the VLAN on which the client
request was received.
■ dhcp-relay option 82 keep ip
Sets the remote id to be the IP address of the VLAN on which the client
request was received.
■ dhcp-relay option 82 drop ip
Sets the remote id to be the IP address of the VLAN on which the client
request was received.
■ dhcp-relay option 82 validate append ip
Sets the remote id to be the IP address of the VLAN on which the client
request was received.
■ dhcp-relay option 82 validate replace ip
Sets the remote id to be the IP address of the VLAN on which the client
request was received.
■ dhcp-relay option 82 validate drop ip
Sets the remote id to be the IP address of the VLAN on which the client
request was received.
© 2009 Hewlett-Packard Development Company, L.P.
162
Command Line Interface Reference Guide
dhcp-relay
keep
■ dhcp-relay option 82 keep
Specifies that no option 82 field will be added or replaced, if option 82
field(s) already exists in the client DHCP packet.
Next Available Options:
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.(p. 163)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received.(p. 162)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN.(p. 163)
mac
■ dhcp-relay option 82 append mac
Sets the remote id to be the MAC address of the switch. This is the
default value.
■ dhcp-relay option 82 replace mac
Sets the remote id to be the MAC address of the switch. This is the
default value.
■ dhcp-relay option 82 keep mac
Sets the remote id to be the MAC address of the switch. This is the
default value.
■ dhcp-relay option 82 drop mac
Sets the remote id to be the MAC address of the switch. This is the
default value.
■ dhcp-relay option 82 validate append mac
Sets the remote id to be the MAC address of the switch. This is the
default value.
■ dhcp-relay option 82 validate replace mac
Sets the remote id to be the MAC address of the switch. This is the
default value.
■ dhcp-relay option 82 validate drop mac
Sets the remote id to be the MAC address of the switch. This is the
default value.
mgmt-vlan
■ dhcp-relay option 82 append mgmt-vlan
Sets the remote id to be the IP address of the Management VLAN.
■ dhcp-relay option 82 replace mgmt-vlan
Sets the remote id to be the IP address of the Management VLAN.
© 2009 Hewlett-Packard Development Company, L.P.
163
Command Line Interface Reference Guide
dhcp-relay
■ dhcp-relay option 82 keep mgmt-vlan
Sets the remote id to be the IP address of the Management VLAN.
■ dhcp-relay option 82 drop mgmt-vlan
Sets the remote id to be the IP address of the Management VLAN.
■ dhcp-relay option 82 validate append mgmt-vlan
Sets the remote id to be the IP address of the Management VLAN.
■ dhcp-relay option 82 validate replace mgmt-vlan
Sets the remote id to be the IP address of the Management VLAN.
■ dhcp-relay option 82 validate drop mgmt-vlan
Sets the remote id to be the IP address of the Management VLAN.
option
■ [no] dhcp-relay option
Optional argument to dhcp-agent used to specify operational status for
DHCP options.
Next Available Option:
■ 82 -- Optional argument to dhcp-agent used to specify the operational status for option 82.(p.
161)
replace
■ dhcp-relay option 82 replace
Specifies that any existing option 82 fields will be replaced with
switch option 82 field for client DHCP packet.
Next Available Options:
■ validate -- Specifies the validation for server response.(p. 165)
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.(p. 163)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received.(p. 162)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN.(p. 163)
■ dhcp-relay option 82 validate replace
Specifies that any existing option 82 fields will be replaced with
switch option 82 field for client DHCP packet.
Next Available Options:
■ mac -- Sets the remote id to be the MAC address of the switch. This is the default value.(p. 163)
■ ip -- Sets the remote id to be the IP address of the VLAN on which the client request was
received.(p. 162)
■ mgmt-vlan -- Sets the remote id to be the IP address of the Management VLAN.(p. 163)
© 2009 Hewlett-Packard Development Company, L.P.
164
Command Line Interface Reference Guide
dhcp-relay
validate
■ dhcp-relay option 82 append validate
Specifies the validation for server response.
■ dhcp-relay option 82 replace validate
Specifies the validation for server response.
■ dhcp-relay option 82 drop validate
Specifies the validation for server response.
■ [no] dhcp-relay option 82 validate
Specifies the validation for server response.
Next Available Options:
■ append -- Specifies that the option 82 field should be appended to client DHCP packet.(p. 161)
■ replace -- Specifies that any existing option 82 fields will be replaced with switch option 82
field for client DHCP packet.(p. 164)
■ drop -- Specifies that the DHCP packet will be dropped unconditionally, if option 82 field(s)
already exists in the client DHCP packet.(p. 161)
© 2009 Hewlett-Packard Development Company, L.P.
165
dhcp-snooping
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] dhcp-snooping
Description: Enable/Disable the global administrative status of
DHCP snooping. No snooping will be performed on
any VLAN if the global administrative status is disabled.
The default state is disabled.
COMMAND STRUCTURE
■ [no] dhcp-snooping authorized-server -- Configure valid DHCP Servers (p. 167)
■ NONAME2 -- DHCP Server address. (IP-ADDR) (p. 168)
■ [no] dhcp-snooping database -- Configure lease database transfer options (p. 167)
■ delay < 15 to 86400 > -- Seconds to delay writing to the lease database file. (p. 168)
■ file -- URL Format: "tftp://<ip-address>/<filename>". (ASCII-STR) (p. 168)
■ timeout < 0 to 86400 > -- Seconds to wait for the transfer before failing. (p. 169)
■ [no] dhcp-snooping option -- Configure DHCP snooping operational behavior (p. 168)
■ 82 -- (p. 166)
■ remote-id < mac | subnet-ip | mgmt-ip > -- Set relay information option remote-id value to
use. (NUMBER) (p. 169)
■ untrusted-policy < drop | keep | replace > -- Policy for DHCP packets received on untrusted
ports thatcontain option 82. (NUMBER) (p. 169)
■ [no] dhcp-snooping trust -- Configure trusted interfaces (p. 169)
■ port-list -- ([ethernet] PORT-LIST) (p. 169)
■ [no] dhcp-snooping verify -- Enable/Disable DHCP packet validation (p. 169)
■ mac -- Verify DHCP header client hardware address. (p. 168)
■ dhcp-snooping vlan -- Enable/Disable snooping on a VLAN (VLAN-ID-RANGE) (p. 170)
■ vlan-list -- (VLAN-ID-RANGE) (p. 170)
COMMAND DETAILS
82 (p. 166)
authorized-server (p. 167)
database (p. 167)
delay (p. 168)
file (p. 168)
mac (p. 168)
NONAME2 (p. 168)
option (p. 168)
port-list (p. 169)
remote-id (p. 169)
timeout (p. 169)
trust (p. 169)
untrusted-policy (p. 169)
verify (p. 169)
vlan (p. 170)
vlan-list (p. 170)
82
■ [no] dhcp-snooping option 82
Next Available Options:
■ untrusted-policy < drop | keep | replace > -- Policy for DHCP packets received on untrusted
ports thatcontain option 82. (NUMBER) (p. 169)
© 2009 Hewlett-Packard Development Company, L.P.
166
Command Line Interface Reference Guide
dhcp-snooping
■ remote-id < mac | subnet-ip | mgmt-ip > -- Set relay information option remote-id value to use.
(NUMBER) (p. 169)
authorized-server
■ [no] dhcp-snooping authorized-server
Usage: [no] dhcp-snooping authorized-server <IP-ADDR>
Description: Configure valid DHCP Servers.
For DHCP Snooping to allow a server to client packet
to be forwarded, it must be received on a trusted port
from a valid server. If no authorized servers are configured
all server addresses are valid. A maximum of 20 authorized
servers are supported.
Parameters:
o IP-ADDR - The Address of a trusted DHCP Server.
Next Available Option:
■ NONAME2 -- DHCP Server address. (IP-ADDR) (p. 168)
database
■ [no] dhcp-snooping database
Usage: [no] dhcp-snooping database [file ASCII-STR] [delay
[timeout <0-86400>]
<15-86400>]
Description: Configure lease database transfer options.
No additional parameters are required when 'no' is specified.
Parameters:
o [file ASCI-STR] - File name in the form of a Universal Resource Locator.
The URL must be "tftp://IP-ADDR/ASCII-STR".
The max filename length is 63 characters.
o [delay
<15-86400>]
o [timeout <0-86400>]
- Number of seconds to delay writing the database.
The default delay is 300 seconds
- Number of seconds to wait for the database file
transfer to finish before declaring an error.
A value of 0 means retry indefinitely.
The default timeout is 300 seconds
Next Available Options:
■ file -- URL Format: "tftp://<ip-address>/<filename>". (ASCII-STR) (p. 168)
■ delay < 15 to 86400 > -- Seconds to delay writing to the lease database file.(p. 168)
■ timeout < 0 to 86400 > -- Seconds to wait for the transfer before failing.(p. 169)
© 2009 Hewlett-Packard Development Company, L.P.
167
Command Line Interface Reference Guide
dhcp-snooping
delay
■ dhcp-snooping database delay < 15 to 86400 >
Seconds to delay writing to the lease database file.
Range: < 15 to 86400 >
file
■ dhcp-snooping database file FILE
URL Format: "tftp://<ip-address>/<filename>".
mac
■ [no] dhcp-snooping verify mac
Verify DHCP header client hardware address.
NONAME2
■ [no] dhcp-snooping authorized-server IP-ADDR
DHCP Server address.
option
■ [no] dhcp-snooping option
Usage: [no] dhcp-snooping option 82 [remote-id <mac|subnet-ip|mgmt-ip>]
[untrusted-policy <drop|keep|replace>]
Description: Configure DHCP snooping operational behavior.
Parameters:
o 82 - Add relay information option to DHCP client packets
that are being forwarded out trusted ports. When 'no'
is specified, relay information is not inserted.
The default is to insert relay information.
o [remote-id <mac|mgmt-ip|subnet-ip>]
- Set the value used for the remote-id field of the
relay information option. If 'mac' is specified,
the switch mac address is used. If 'mgmt-ip' is
specified, the management vlan ip address is used.
If 'subnet-ip' is specified, the ip address of the
VLAN the packet was received on is used. Note that
when the specified value is 'subnet-ip' or 'mgmt-ip'
and that value is not set, then the switch mac address
will be used. The default remote-id is the switch mac.
o [untrusted-policy <drop|keep|replace>]
- Configures snooping behavior when forwarding a DHCP
packet from an untrusted port that has a DHCP relay
information option present. If 'drop' is specified, the
packet is dropped. If 'keep' is specified, the packet
is forwarded without replacing the option. If 'replace'
is specified the existing option is replaced with one
generated by this switch. The default is to drop.
© 2009 Hewlett-Packard Development Company, L.P.
168
Command Line Interface Reference Guide
dhcp-snooping
Next Available Option:
■ 82 -- (p. 166)
port-list
■ [no] dhcp-snooping trust [ETHERNET] PORT-LIST
remote-id
■ dhcp-snooping option 82 remote-id < mac | subnet-ip | mgmt-ip >
Set relay information option remote-id value to use.
Supported Values:
■ mac -- switch MAC address.
■ subnet-ip -- subnet VLAN IP address.
■ mgmt-ip -- management VLAN IP address.
timeout
■ dhcp-snooping database timeout < 0 to 86400 >
Seconds to wait for the transfer before failing.
Range: < 0 to 86400 >
trust
■ [no] dhcp-snooping trust
Usage: [no] dhcp-snooping trust PORT-LIST
Description: Configure trusted interfaces. Only server packets received
on trusted interfaces will be forwarded. When 'no' is
specified the interfaces are marked as untrusted.
The default port state is untrusted.
Parameters:
o PORT-LIST - Port list on which to configure trust status.
Next Available Option:
■ port-list -- ([ethernet] PORT-LIST) (p. 169)
untrusted-policy
■ dhcp-snooping option 82 untrusted-policy < drop | keep | replace >
Policy for DHCP packets received on untrusted ports thatcontain option 82.
Supported Values:
■ drop -- drop the packet.
■ keep -- forward the packet unchanged.
■ replace -- generate new option.
verify
■ [no] dhcp-snooping verify
© 2009 Hewlett-Packard Development Company, L.P.
169
Command Line Interface Reference Guide
dhcp-snooping
Usage: [no] dhcp-snooping verify <mac>
Description: Enable/Disable DHCP packet validation.
Parameters:
o <mac> - Verify DHCP header client hardware address field
and the source mac address match for packets received
on untrusted ports. If 'no' is specified this check is
omitted. The default is to verify the macs.
Next Available Option:
■ mac -- Verify DHCP header client hardware address.(p. 168)
vlan
■ dhcp-snooping vlan
Usage: [no] dhcp-snooping vlan [VLAN-ID-RANGE ...]
Description: Enable/Disable snooping on a VLAN.
Note that DHCP snooping must also be globally
enabled with the 'dhcp-snooping' command for
snooping to performed on any VLAN. The default state
is disabled.
Parameters:
o VLAN-ID-RANGE - VLAN list on which to enable/disable snooping.
Next Available Option:
■ vlan-list -- (VLAN-ID-RANGE) (p. 170)
vlan-list
■ [no] dhcp-snooping vlan VLAN-ID-RANGE
© 2009 Hewlett-Packard Development Company, L.P.
170
dir
OVERVIEW
Category:
Primary context:
operator
Related Commands
Usage: dir [<pathname>]
Description: Display a list of the files and subdirectories in a
directory on a USB device.
COMMAND STRUCTURE
■ dir pathname -- Display a list of the files and subdirectories in a directory on a USB device
(ASCII-STR) (p. 171)
COMMAND DETAILS
pathname (p. 171)
pathname
■ dir PATHNAME
Usage: dir [<pathname>]
Description: Display a list of the files and subdirectories in a
directory on a USB device.
© 2009 Hewlett-Packard Development Company, L.P.
171
enable
OVERVIEW
Category:
Switch Management
Primary context:
operator
Related Commands
exit (page 176)
end (page 173)
Usage: enable
Description: Enter the Manager Exec context.
COMMAND STRUCTURE
EXAMPLES
Example: enable
Enter the Manager user name and password to access the Manager Exec context of the CLI:
ProCurve> enable
Username: admin1
Password: ########
ProCurve#
© 2009 Hewlett-Packard Development Company, L.P.
172
end
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
exit (page 176)
enable (page 172)
Usage: end
Description: Return to the Manager Exec context.
COMMAND STRUCTURE
© 2009 Hewlett-Packard Development Company, L.P.
173
erase
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
the section called “config” (page 540)
the section called “port-access” (page 577)
Usage: erase <startup-config |
flash <primary|secondary> |
config FILENAME |
core-dump FILENAME>
Description: Erase stored files.
Parameters:
o startup-config - erase the configuration file loaded
at the most recent boot. This will cause an immediate
reboot with a factory-default configuration.
o flash <primary|secondary> - erase the specified software image.
o config FILENAME - erase the specified configuration file. If
the config file erased is the one loaded at the most
recent boot, this will cause an immediate reboot with
a factory-default configuration.
o core-dump FILENAME - erase the specified core-dump file.
specify the core-dump file as displayed with
'show boot-history'
NOTES
Italicized "config" Keywords
The italicized "config | config1" keywords correspond to the names selected for the config
files.
COMMAND STRUCTURE
■
■
■
■
erase config < config | config1 > -- Erase the named configuration file (p. 175)
erase core-dump -- Erase the named core file (ASCII-STR) (p. 175)
erase flash < primary | secondary > -- Erase the primary or secondary flash image (p. 175)
erase startup-config -- Erase configuration file. (p. 175)
EXAMPLES
Example: erase startup-config
Erase the configuration file used at startup and reset the device to its factory-default configuration:
ProCurve(config)# erase startup-config
Configuration will be deleted and device rebooted, continue [y/n]?
COMMAND DETAILS
config (p. 175)
flash (p. 175)
© 2009 Hewlett-Packard Development Company, L.P.
174
Command Line Interface Reference Guide
core-dump (p. 175)
erase
startup-config (p. 175)
config
■ erase config < config | config1 >
Usage: erase config FILENAME
Description: Erase the named configuration file.
Supported Values:
■ config
■ config1
core-dump
■ erase core-dump CORE-DUMP
Usage: erase core-dump FILENAME
Description: Erase the named core file.
flash
■ erase flash < primary | secondary >
Usage: erase flash <primary|secondary>
Description: Erase the primary or secondary flash image.
Supported Values:
■ primary -- Primary flash image.
■ secondary -- Secondary flash image.
startup-config
■ erase startup-config
Erase configuration file.
© 2009 Hewlett-Packard Development Company, L.P.
175
exit
OVERVIEW
Category:
Switch Management
Primary context:
operator
Related Commands
end (page 173)
enable (page 172)
Usage: exit
Description: Return to the previous context or terminate current
console/telnet session if you are in the Operator context
level.
COMMAND STRUCTURE
EXAMPLES
Example: exit
Exit from the interface configuration context to the global configuration context:
ProCurve(eth-A4)# exit
ProCurve(config)#
© 2009 Hewlett-Packard Development Company, L.P.
176
fastboot
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] fastboot
Description: Enable/disable fastboot on switch.
COMMAND STRUCTURE
© 2009 Hewlett-Packard Development Company, L.P.
177
fault-finder
OVERVIEW
Category:
Primary context:
config
Related Commands
interface (page 204)
the section called “fault-finder” (page 551)
Usage: [no] fault-finder <all|bad-driver|bad-transceiver|bad-cable|
too-long-cable|over-bandwidth|broadcast-storm|
loss-of-link>
[sensitivity <low|medium|high>]
Description: Enable/disable fault finder and set sensitivity.
Default is 'sensitivity medium'.
COMMAND STRUCTURE
■ [no] fault-finder fault-finder < all | bad-driver | bad-transceiver | ... > -- Enable/disable fault finder
and set sensitivity (p. 178)
■ fault-finder sensitivity < low | medium | high > -- Define fault finder sensitivity to events. (p. 178)
COMMAND DETAILS
fault-finder (p. 178)
sensitivity (p. 178)
fault-finder
■ [no] fault-finder < all | bad-driver | bad-transceiver | ... >
Usage: [no] fault-finder <all|bad-driver|bad-transceiver|bad-cable|
too-long-cable|over-bandwidth|broadcast-storm|
loss-of-link>
[sensitivity <low|medium|high>]
Description: Enable/disable fault finder and set sensitivity.
Default is 'sensitivity medium'.
Supported Values:
■ all -- All fault types.
■ bad-driver -- Too many undersized/giant packets.
■ bad-transceiver -- Excessive jabbering.
■ bad-cable -- Excessive CRC/alignment errors.
■ too-long-cable -- Excessive late collisions.
■ over-bandwidth -- High collision or drop rate.
■ broadcast-storm -- Excessive broadcasts.
■ loss-of-link -- Link lost detected.
■ duplex-mismatch-HDx -- Duplex Mismatch. Reconfig port to Full Duplex.
■ duplex-mismatch-FDx -- Duplex Mismatch. Reconfig port to Auto.
sensitivity
■ fault-finder sensitivity < low | medium | high >
Define fault finder sensitivity to events.
© 2009 Hewlett-Packard Development Company, L.P.
178
Command Line Interface Reference Guide
fault-finder
Supported Values:
■ low -- Low sensitivity.
■ medium -- Medium sensitivity.
■ high -- High sensitivity.
© 2009 Hewlett-Packard Development Company, L.P.
179
feature-coordinator
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage:
[no] feature-coordinator name <'name'> block policy interface
<port-list>|vlan <vid-list> message <'msg-text'>
[expires expiration-policy].
'policy' can be 'ip-address','vlan_deletion' for vlans and
'port-security' for interfaces'
A list of vlan(s) of the form 3-5,10 can be specified for vid-list
A list of port(s) of the form A12,A15-A25 can be specified for
port-list.
The expiration policy can be 'slot-down', 'app-down' or 'reboot'
Mention a valid slot or application name
'message' is the friendly error message to be displayed
when overriding a restriction.
eg : The TMZ module is protecting this vlan and configuring
ip-address on this vlan is restricted.
Description: Configure feature restrictions for feature coordination
on ports or vlans specified
COMMAND STRUCTURE
■ [no] feature-coordinator name -- Enter an ascii string for name Max-len 32 characters (ASCII-STR)
(p. 183)
■ block -- Feature to block Press <tab> for options (p. 181)
■ ip-address -- block ip-address configuration (p. 182)
■ vlan -- Mention the vlan(s)on which to block the features ([vlan]VLAN-ID-LIST) (p. 184)
■ message -- Friendly error message to be displayed when overriding a restriction
(ASCII-STR) (p. 182)
■ expires -- Expiration policy for the features Press <tab> for options (p. 181)
■ app-down -- Expire on application failure Mention a valid application name
(ASCII-STR) (p. 181)
■ reboot -- Expire on reboot (p. 183)
■ slot-down -- Expire on slot-down.Mention slot. (SLOT-ID) (p. 184)
■ port-security -- block port-security configuration (p. 183)
■ interface -- Mention the port(s) on which to block the features. ([ethernet] PORT-LIST)
(p. 182)
■ message -- Friendly error message to be displayed when overriding a restriction
(ASCII-STR) (p. 182)
■ expires -- Expiration policy for the features Press <tab> for options (p. 181)
■ app-down -- Expire on application failure Mention a valid application name
(ASCII-STR) (p. 181)
■ reboot -- Expire on reboot (p. 183)
■ slot-down -- Expire on slot-down.Mention slot. (SLOT-ID) (p. 184)
■ vlan-deletion -- block deletion of vlan (p. 184)
■ vlan -- Mention the vlan(s)on which to block the features ([vlan]VLAN-ID-LIST) (p. 184)
© 2009 Hewlett-Packard Development Company, L.P.
180
Command Line Interface Reference Guide
feature-coordinator
■ message -- Friendly error message to be displayed when overriding a restriction
(ASCII-STR) (p. 182)
■ expires -- Expiration policy for the features Press <tab> for options (p. 181)
■ app-down -- Expire on application failure Mention a valid application name
(ASCII-STR) (p. 181)
■ reboot -- Expire on reboot (p. 183)
■ slot-down -- Expire on slot-down.Mention slot. (SLOT-ID) (p. 184)
COMMAND DETAILS
app-down (p. 181)
block (p. 181)
expires (p. 181)
interface (p. 182)
ip-address (p. 182)
message (p. 182)
name (p. 183)
port-security (p. 183)
reboot (p. 183)
slot-down (p. 184)
vlan (p. 184)
vlan-deletion (p. 184)
app-down
■ feature-coordinator name NAME block ip-address vlan [VLAN]VLAN-ID-LIST message MESSAGE
expires app-down APP-DOWN
Expire on application failure
Mention a valid application name
■ feature-coordinator name NAME block vlan-deletion vlan [VLAN]VLAN-ID-LIST message MESSAGE
expires app-down APP-DOWN
Expire on application failure
Mention a valid application name
■ feature-coordinator name NAME block port-security interface [ETHERNET] PORT-LIST message
MESSAGE expires app-down APP-DOWN
Expire on application failure
Mention a valid application name
block
■ [no] feature-coordinator name NAME block
Feature to block
Press <tab> for options
Next Available Options:
■ ip-address -- block ip-address configuration (p. 182)
■ vlan-deletion -- block deletion of vlan (p. 184)
■ port-security -- block port-security configuration (p. 183)
expires
■ feature-coordinator name NAME block ip-address vlan [VLAN]VLAN-ID-LIST message MESSAGE
expires
Expiration policy for the features
Press <tab> for options
Next Available Options:
■ slot-down -- Expire on slot-down.Mention slot. (SLOT-ID) (p. 184)
© 2009 Hewlett-Packard Development Company, L.P.
181
Command Line Interface Reference Guide
feature-coordinator
■ app-down -- Expire on application failure Mention a valid application name (ASCII-STR) (p. 181)
■ reboot -- Expire on reboot (p. 183)
■ feature-coordinator name NAME block vlan-deletion vlan [VLAN]VLAN-ID-LIST message MESSAGE
expires
Expiration policy for the features
Press <tab> for options
Next Available Options:
■ slot-down -- Expire on slot-down.Mention slot. (SLOT-ID) (p. 184)
■ app-down -- Expire on application failure Mention a valid application name (ASCII-STR) (p. 181)
■ reboot -- Expire on reboot (p. 183)
■ feature-coordinator name NAME block port-security interface [ETHERNET] PORT-LIST message
MESSAGE expires
Expiration policy for the features
Press <tab> for options
Next Available Options:
■ slot-down -- Expire on slot-down.Mention slot. (SLOT-ID) (p. 184)
■ app-down -- Expire on application failure Mention a valid application name (ASCII-STR) (p. 181)
■ reboot -- Expire on reboot (p. 183)
interface
■ [no] feature-coordinator name NAME block port-security interface [ETHERNET] PORT-LIST
Mention the port(s) on which to block the features.
Next Available Option:
■ message -- Friendly error message to be displayed when overriding a restriction (ASCII-STR)
(p. 182)
ip-address
■ [no] feature-coordinator name NAME block ip-address
block ip-address configuration
Next Available Option:
■ vlan -- Mention the vlan(s)on which to block the features ([vlan]VLAN-ID-LIST) (p. 184)
message
■ feature-coordinator name NAME block ip-address vlan [VLAN]VLAN-ID-LIST message MESSAGE
Friendly error message to be displayed when overriding
© 2009 Hewlett-Packard Development Company, L.P.
a restriction
182
Command Line Interface Reference Guide
feature-coordinator
Next Available Option:
■ expires -- Expiration policy for the features Press <tab> for options (p. 181)
■ feature-coordinator name NAME block vlan-deletion vlan [VLAN]VLAN-ID-LIST message MESSAGE
Friendly error message to be displayed when overriding
a restriction
Next Available Option:
■ expires -- Expiration policy for the features Press <tab> for options (p. 181)
■ feature-coordinator name NAME block port-security interface [ETHERNET] PORT-LIST message
MESSAGE
Friendly error message to be displayed when overriding
a restriction
Next Available Option:
■ expires -- Expiration policy for the features Press <tab> for options (p. 181)
name
■ [no] feature-coordinator name NAME
Enter an ascii string for name
Max-len 32 characters
Next Available Option:
■ block -- Feature to block Press <tab> for options (p. 181)
port-security
■ [no] feature-coordinator name NAME block port-security
block port-security configuration
Next Available Option:
■ interface -- Mention the port(s) on which to block the features. ([ethernet] PORT-LIST) (p. 182)
reboot
■ feature-coordinator name NAME block ip-address vlan [VLAN]VLAN-ID-LIST message MESSAGE
expires reboot
Expire on reboot
■ feature-coordinator name NAME block vlan-deletion vlan [VLAN]VLAN-ID-LIST message MESSAGE
expires reboot
Expire on reboot
■ feature-coordinator name NAME block port-security interface [ETHERNET] PORT-LIST message
MESSAGE expires reboot
© 2009 Hewlett-Packard Development Company, L.P.
183
Command Line Interface Reference Guide
feature-coordinator
Expire on reboot
slot-down
■ feature-coordinator name NAME block ip-address vlan [VLAN]VLAN-ID-LIST message MESSAGE
expires slot-down SLOT-ID
Expire on slot-down.Mention slot.
■ feature-coordinator name NAME block vlan-deletion vlan [VLAN]VLAN-ID-LIST message MESSAGE
expires slot-down SLOT-ID
Expire on slot-down.Mention slot.
■ feature-coordinator name NAME block port-security interface [ETHERNET] PORT-LIST message
MESSAGE expires slot-down SLOT-ID
Expire on slot-down.Mention slot.
vlan
■ [no] feature-coordinator name NAME block ip-address vlan [VLAN]VLAN-ID-LIST
Mention the vlan(s)on which to block the features
Next Available Option:
■ message -- Friendly error message to be displayed when overriding a restriction (ASCII-STR)
(p. 182)
■ [no] feature-coordinator name NAME block vlan-deletion vlan [VLAN]VLAN-ID-LIST
Mention the vlan(s)on which to block the features
Next Available Option:
■ message -- Friendly error message to be displayed when overriding a restriction (ASCII-STR)
(p. 182)
vlan-deletion
■ [no] feature-coordinator name NAME block vlan-deletion
block deletion of vlan
Next Available Option:
■ vlan -- Mention the vlan(s)on which to block the features ([vlan]VLAN-ID-LIST) (p. 184)
© 2009 Hewlett-Packard Development Company, L.P.
184
filter
OVERVIEW
Category:
Troubleshooting
Primary context:
config
Related Commands
connection-rate-filter (page 90)
ip (page 290)
show (page 511)
show (page 511)
Usage: [no] filter ...
Description: Set or edit traffic/security filters.
The command allows you to set conditional filters and
correspondent actions to apply to the incoming traffic
satisfying to the specified conditions.
Use 'filter ?' to get a list of all available
filter types.
COMMAND STRUCTURE
■ [no] filter connection-rate -- Selects behavior for port(s) when a host is filtered (p. 186)
■ connection-rate-portlist -- ([ethernet] PORT-LIST) (p. 186)
■ filter-action < block | notify-only | throttle > -- (p. 187)
■ [no] filter multicast -- Specify multicast filter to manage (MAC-ADDR) (p. 187)
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted. ([ethernet]
PORT-LIST) (p. 186)
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted. ([ethernet]
PORT-LIST) (p. 187)
■ [no] filter protocol < ip | ipx | arp | ... > -- Specify protocol filter to manage (p. 188)
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted. ([ethernet]
PORT-LIST) (p. 186)
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted. ([ethernet]
PORT-LIST) (p. 187)
■ [no] filter source-port -- Specify source-port filter to manage (p. 189)
■ named-filter -- Set the filter name. (p. 188)
■ ascii -- Set the filter name. (ASCII-STR) (p. 186)
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted.
([ethernet] PORT-LIST) (p. 186)
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted.
([ethernet] PORT-LIST) (p. 187)
■ port-list -- Set the list of source port filters. ([ethernet] PORT-LIST) (p. 188)
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted. ([ethernet]
PORT-LIST) (p. 186)
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted.
([ethernet] PORT-LIST) (p. 187)
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted. ([ethernet]
PORT-LIST) (p. 187)
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted.
([ethernet] PORT-LIST) (p. 186)
■ named-filter -- Set the filter name. (ASCII-STR) (p. 188)
© 2009 Hewlett-Packard Development Company, L.P.
185
Command Line Interface Reference Guide
filter
COMMAND DETAILS
ascii (p. 186)
connection-rate (p. 186)
connection-rate-portlist (p. 186)
drop (p. 186)
filter-action (p. 187)
forward (p. 187)
multicast (p. 187)
named-filter (p. 188)
port-list (p. 188)
protocol (p. 188)
source-port (p. 189)
ascii
■ [no] filter source-port named-filter ASCII
Set the filter name.
Next Available Options:
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted. ([ethernet]
PORT-LIST) (p. 187)
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted. ([ethernet]
PORT-LIST) (p. 186)
connection-rate
■ [no] filter connection-rate
Usage: [no] filter connection-rate port-list
< notify-only | throttle | block>
Description: Selects behavior for port(s) when a host is filtered.
Block will disable the host until an administrator explicitly
re-enables access. Throttle will deny network access for a
specific penalty period before automatically re-enabling
access. Notify will simply log a message/send a SNMP
trap when the filter is tripped.
Next Available Option:
■ connection-rate-portlist -- ([ethernet] PORT-LIST) (p. 186)
connection-rate-portlist
■ [no] filter connection-rate [ETHERNET] PORT-LIST
Next Available Option:
■ filter-action < block | notify-only | throttle > -- (p. 187)
drop
■ filter source-port named-filter ASCII drop [ETHERNET] PORT-LIST
Set a list of ports to which forwarding of filtered packets is not permitted.
■ filter source-port [ETHERNET] PORT-LIST forward [ETHERNET] PORT-LIST drop [ETHERNET]
PORT-LIST
Set a list of ports to which forwarding of filtered packets is not permitted.
■ filter source-port [ETHERNET] PORT-LIST drop [ETHERNET] PORT-LIST
Set a list of ports to which forwarding of filtered packets is not permitted.
© 2009 Hewlett-Packard Development Company, L.P.
186
Command Line Interface Reference Guide
filter
Next Available Option:
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted. ([ethernet]
PORT-LIST) (p. 187)
■ filter multicast MAC-ADDR drop [ETHERNET] PORT-LIST
Set a list of ports to which forwarding of filtered packets is not permitted.
■ filter protocol < ip | ipx | arp | ... > drop [ETHERNET] PORT-LIST
Set a list of ports to which forwarding of filtered packets is not permitted.
filter-action
■ filter connection-rate [ETHERNET] PORT-LIST < block | notify-only | throttle >
Supported Values:
■ block -- Disable the host until an administrator explicitly re-enables access.
■ notify-only -- Log a message/send a SNMP trap when the filter is tripped.
■ throttle -- Deny network access for a period before automatically re-enabling access.
forward
■ filter source-port named-filter ASCII forward [ETHERNET] PORT-LIST
Set a list of ports to which forwarding of filtered packets is permitted.
■ filter source-port [ETHERNET] PORT-LIST forward [ETHERNET] PORT-LIST
Set a list of ports to which forwarding of filtered packets is permitted.
Next Available Option:
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted. ([ethernet]
PORT-LIST) (p. 186)
■ filter source-port [ETHERNET] PORT-LIST drop [ETHERNET] PORT-LIST forward [ETHERNET]
PORT-LIST
Set a list of ports to which forwarding of filtered packets is permitted.
■ filter multicast MAC-ADDR forward [ETHERNET] PORT-LIST
Set a list of ports to which forwarding of filtered packets is permitted.
■ filter protocol < ip | ipx | arp | ... > forward [ETHERNET] PORT-LIST
Set a list of ports to which forwarding of filtered packets is permitted.
multicast
■ [no] filter multicast MAC-ADDR
Usage: [no] filter multicast MAC-ADDR [...]
Description: Specify multicast filter to manage.
If preceded by 'no' the command deletes the filter specified.
Otherwise, the filter is added to the system, if
it is not already there. Also, an action to apply to the
© 2009 Hewlett-Packard Development Company, L.P.
187
Command Line Interface Reference Guide
filter
packets satisfying to the filter condition can be set.
The packets satisfying to the filter condition are all
packets destined to the MAC-ADDR specified. Use
'filter source-port [ethernet] PORT-NUM ?' to get a list
of all possible actions that could be applied to the packets.
Next Available Options:
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted. ([ethernet]
PORT-LIST) (p. 187)
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted. ([ethernet]
PORT-LIST) (p. 186)
named-filter
■ [no] filter source-port named-filter
Set the filter name.
Next Available Option:
■ ascii -- Set the filter name. (ASCII-STR) (p. 186)
■ filter source-port [ETHERNET] PORT-LIST named-filter NAMED-FILTER
Set the filter name.
port-list
■ [no] filter source-port [ETHERNET] PORT-LIST
Set the list of source port filters.
Next Available Options:
■ named-filter -- Set the filter name. (ASCII-STR) (p. 188)
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted. ([ethernet]
PORT-LIST) (p. 187)
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted. ([ethernet]
PORT-LIST) (p. 186)
protocol
■ [no] filter protocol < ip | ipx | arp | ... >
Usage: [no] filter protocol <ip|ipx|arp|appletalk|sna|netbeui> [...]
Description: Specify protocol filter to manage.
If preceded by 'no' the command deletes the filter specified.
Otherwise, the filter is added to the system, if
it is not already there. Also, an action to apply to the
packets satisfying to the filter condition can be set.
The packets satisfying to the filter condition are all
packets of the protocol specified. Use 'filter source-port
[ethernet] PORT-NUM ?' to get a list of all possible actions
that could be applied to the packets.
Supported Values:
© 2009 Hewlett-Packard Development Company, L.P.
188
Command Line Interface Reference Guide
■
■
■
■
■
■
filter
ip
ipx
arp
appletalk
sna
netbeui
Next Available Options:
■ forward -- Set a list of ports to which forwarding of filtered packets is permitted. ([ethernet]
PORT-LIST) (p. 187)
■ drop -- Set a list of ports to which forwarding of filtered packets is not permitted. ([ethernet]
PORT-LIST) (p. 186)
source-port
■ [no] filter source-port
Usage: [no] filter source-port [...]
Description: Specify source-port filter to manage.
Create a named filter,associate source port-list to a
named-filter and apply actions.The named filter can only be 20
charactres long.If source port filter is not named,then
portname is considered as a filter name, and apply actions to
received packet on port. If preceded by 'no' the command
deletes the filter specified.To delete a named-filter use
no filter source-port named-filter <filter-name> explicitly.
Next Available Options:
■ named-filter -- Set the filter name.(p. 188)
■ port-list -- Set the list of source port filters. ([ethernet] PORT-LIST) (p. 188)
© 2009 Hewlett-Packard Development Company, L.P.
189
front-panel-security
OVERVIEW
Category:
Switch Security
Primary context:
config
Related Commands
Usage: [no] front_panel_security
<password-clear [reset-on-clear] |
factory-reset |
password-recovery>
Description: Enable/disable the ability to clear the password(s) and/or
configuration via the front panel buttons. If 'password-clear' is
disabled, the password(s) cannot be reset using the clear button on
the front panel of the device. If 'factory-reset' is disabled, the
configuration/password(s) can not be reset using the clear and
reset button combination at boot time. With 'password-recovery'
enabled (and the front panel buttons disabled), a lost password can
be recovered by contacting HP customer support. With 'passwordrecovery' disabled, there is no way to access a device after losing
a password with the front panel buttons disabled.
COMMAND STRUCTURE
■ [no] front-panel-security factory-reset -- Enable/Disable factory-reset ability (p. 190)
■ [no] front-panel-security password-clear -- Enable/Disable password clear (p. 191)
■ reset-on-clear -- Reset switch on password clear (p. 191)
■ [no] front-panel-security password-recovery -- Enable/Disable password recovery (p. 191)
EXAMPLES
Example: no front-panel-security password-recovery
Disable the password-recovery option:
ProCurve(config)# no front-panel-security password-recovery
***CAUTION***
Disabling the clear button without password recovery prevents switch passwords
from being reset. If the switch password is lost, restoring the default factory
configuration will be required to regain access!
Continue with disabling password recovery [y/n]? y
COMMAND DETAILS
factory-reset (p. 190)
password-clear (p. 191)
password-recovery (p. 191)
reset-on-clear (p. 191)
factory-reset
■ [no] front-panel-security factory-reset
Enable/Disable factory-reset ability
© 2009 Hewlett-Packard Development Company, L.P.
190
Command Line Interface Reference Guide
front-panel-security
password-clear
■ [no] front-panel-security password-clear
Enable/Disable password clear
Next Available Option:
■ reset-on-clear -- Reset switch on password clear (p. 191)
password-recovery
■ [no] front-panel-security password-recovery
Usage: [no] front-panel-security password-recovery
Description: Enable/Disable password recovery. To disable 'password-recovery'
physical access to the front-pannel is required, and within 60 secs
of pressing the clear button, execute the 'no' form of the command.
reset-on-clear
■ [no] front-panel-security password-clear reset-on-clear
Reset switch on password clear
© 2009 Hewlett-Packard Development Company, L.P.
191
getMIB
OVERVIEW
Category:
manager
Primary context:
manager
Related Commands
walkMIB (page 754)
setMIB (page 504)
Usage: getmib OBJECT-STR [OBJECT-STR ...]
Description: Retrieve and display the value of the MIB objects specified.
COMMAND STRUCTURE
■ getMIB object -- Name and instance of the MIB variable to retrieve. (ASCII-STR) (p. 192)
COMMAND DETAILS
object (p. 192)
object
■ getMIB OBJECT
Name and instance of the MIB variable to retrieve.
© 2009 Hewlett-Packard Development Company, L.P.
192
gvrp
OVERVIEW
Category:
config
Primary context:
config
Related Commands
interface (page 204)
show (page 511)
Usage: [no] gvrp
Description: Enable/disable GARP VLAN Registration Protocol (GVRP).
COMMAND STRUCTURE
© 2009 Hewlett-Packard Development Company, L.P.
193
hostname
OVERVIEW
Category:
config
Primary context:
config
Related Commands
snmp-server (page 612)
Usage: hostname ASCII-STR
Description: Specify the device name for administrative purposes. The
ASCII-STR defines the device name. It can be up to 30
characters. Use quotes if your device name contains
spaces.
COMMAND STRUCTURE
EXAMPLES
Example: hostname
Name the switch "Blue" with "Next-4474" as the system contact, and "North-Data-Room" as the
location:
ProCurve(config)# hostname Blue
Blue(config)# snmp-server contact Ext-4474 location North-Data-Room
Blue(config)# show system-information
Status and Counters - General System Information
System Name
System Contact
System Location
: Blue
: Ext-4474
: North-Data-Room
MAC Age Time(sec)
: 300
Time Zone
: 0
Daylight Time Rule : None
Firware revision
ROM Version
: K.14.XX
: K.14.XX
Base MAC Addr
Serial Number
: 0001e7-a0ec00
: S000394041
Up Time
CPU Util (%)
: 14 mins
: 1
Memory
: 25, 038,312
: 20,087,448
IP Mgmt
- Pkts Rx : 0
Pkts TX : 0
© 2009 Hewlett-Packard Development Company, L.P.
- Total
Free
Packet - Total
Buffers
Free
Lowest
: 832
: 783
: 768
194
igmp
OVERVIEW
Category:
IGMP
Primary context:
config
Related Commands
the section called “igmp” (page 556)
Usage: igmp ...
Description: Configure various global IGMP parameters for the switch. The
'igmp' command must be followed by a feature-specific keyword.
Use 'igmp ?' to get a list of all possible options.
COMMAND STRUCTURE
■ igmp delayed-flush < 0 to 255 > -- Configures the number of seconds an empty IGMP Multicast
Group filter will persist in hardware after the last group member leaves (p. 195)
COMMAND DETAILS
delayed-flush (p. 195)
delayed-flush
■ igmp delayed-flush < 0 to 255 >
Usage: igmp delayed-flush <0..255>
Description: Configures the number of seconds an empty IGMP Multicast
Group filter will persist in hardware after the last group
member leaves. This Delayed Group Flush will drop any further
'stale' traffic for that group until the timer expires. A
value of 0 (the default behavior) indicates that the feature
is disabled.
Range: < 0 to 255 >
© 2009 Hewlett-Packard Development Company, L.P.
195
igmp-proxy-domain
OVERVIEW
Category:
IGMP
Primary context:
config
Related Commands
show (page 511)
vlan (page 706)
Usage: [no] igmp-proxy-domain DOMAIN-NAME [BORDER-ROUTER-IP-ADDR
<MCAST-LOW-IP-ADDR MCAST-HIGH-IP-ADDR|all>]
Description: Configure an IGMP proxy domain.
If the 'no' keyword is used:
The DOMAIN-NAME must be specified, All other parameters
are optional (they will be verified if they are
specified). The specified domain will be deleted if
no VLAN associations exist for it.
If the 'no' keyword is not used:
If the DOMAIN-NAME matches the domain name of an
existing domain, the respective domain will be updated
to reflect the other parameters. Pre-existing proxy
entries that are inconsistent after the update will be
removed.
If the DOMAIN-NAME does not match the domain name of an
existing domain, a new domain will be created.
MCAST-LOW-IP-ADDR and MCAST-HIGH-IP-ADDR
refer to the low and high inclusive multicast bounds
respectively. If the keyword 'all' is specified,
224.0.1.0-239.255.255.255 is used for the inclusive
multicast bounds.
COMMAND STRUCTURE
■ [no] igmp-proxy-domain domain-name -- Specify the igmp proxy domain name to be
added/deleted/updated. (ASCII-STR) (p. 197)
■ border-ip -- Specify the igmp proxy border ip address. (IP-ADDR) (p. 197)
■ all -- Specify ALL if the multicast range 224.0.1.0-239.255.255.255 is desired. (p. 196)
■ mcast-low-ip -- Specify the igmp proxy multicast low bound (inclusive) ip address. (IP-ADDR)
(p. 197)
■ mcast-high-ip -- Specify the igmp proxy multicast high bound (inclusive) ip address.
(IP-ADDR) (p. 197)
COMMAND DETAILS
all (p. 196)
border-ip (p. 197)
domain-name (p. 197)
mcast-high-ip (p. 197)
mcast-low-ip (p. 197)
all
■ [no] igmp-proxy-domain DOMAIN-NAME IP-ADDR all
Specify ALL if the multicast range 224.0.1.0-239.255.255.255 is desired.
© 2009 Hewlett-Packard Development Company, L.P.
196
Command Line Interface Reference Guide
igmp-proxy-domain
border-ip
■ [no] igmp-proxy-domain DOMAIN-NAME IP-ADDR
Specify the igmp proxy border ip address.
Next Available Options:
■ mcast-low-ip -- Specify the igmp proxy multicast low bound (inclusive) ip address. (IP-ADDR)
(p. 197)
■ all -- Specify ALL if the multicast range 224.0.1.0-239.255.255.255 is desired. (p. 196)
domain-name
■ [no] igmp-proxy-domain DOMAIN-NAME
Specify the igmp proxy domain name to be added/deleted/updated.
Next Available Option:
■ border-ip -- Specify the igmp proxy border ip address. (IP-ADDR) (p. 197)
mcast-high-ip
■ [no] igmp-proxy-domain DOMAIN-NAME IP-ADDR IP-ADDR IP-ADDR
Specify the igmp proxy multicast high bound (inclusive) ip address.
mcast-low-ip
■ [no] igmp-proxy-domain DOMAIN-NAME IP-ADDR IP-ADDR
Specify the igmp proxy multicast low bound (inclusive) ip address.
Next Available Option:
■ mcast-high-ip -- Specify the igmp proxy multicast high bound (inclusive) ip address. (IP-ADDR)
(p. 197)
© 2009 Hewlett-Packard Development Company, L.P.
197
include-credentials
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] include-credentials
Description: Enable/disable including passwords and credentials in config.
NOTES
Benefits
After making changes to security parameters in the running configuration, you can experiment
with the new configuration and, if necessary, view the new security settings during the session.
After verifying the configuration, you can then save it permanently by writing the settings to
the startup-config file.
By permanently saving a switch’s security credentials in a configuration file, you can upload
the file to a TFTP server or Xmodem host, and later download the file to the ProCurve switches
on which you want to use the same security settings without having to manually configure
the settings (except for SNMPv3 user parameters) on each switch.
By storing different security settings in different files, you can test different security
configurations when you first download a new software version that supports multiple
configuration files, by changing the configuration file used when you reboot the switch.
COMMAND STRUCTURE
© 2009 Hewlett-Packard Development Company, L.P.
198
instrumentation
OVERVIEW
Category:
config
Primary context:
config
Related Commands
Usage: [no] instrumentation monitor [ [<all|arp-requests|ip-address-count|
learn-discards|login-failures|mac-moves|
mac-address-count|pkts-to-closed-ports|
port-auth-failures|system-resource-usage|
system-delay> [<low|med|high|limitValue>]] ]
[no] instrumentation monitor [trap]
[no] instrumentation monitor [log]
Description: Enables/Disables instrumentation monitoring.
The first version of the command enables/disables instrumentation
monitoring and sets threshold value. By default instrumentation
monitoring for all parameter is disabled. The command
'instrumentation monitor all' sets the threshold of each parameter
to their medium values. The single command 'instrumentation monitor'
enables/disables instrumentation monitoring for all parameters
and also enables/disables instrumentation monitoring log.
The second version of the command enables/disables
SNMP trap generation. By default SNMP trap generation is disabled.
Traps are generated if SNMP trap is enabled and counter value
of the monitoring parameter exceeds the threshold value.
The third version of the command enables/disables
instrumentation monitoring log. By default instrumentation
monitoring log is disabled.
Parameters:
o all - Enables/Disables instrumentation monitoring for all parameters.
o arp-requests - Number of ARP requests received.
o ip-address-count - Number of destination IP addresses learned in the
IP forwarding table.
o learn-discards - Number of MAC address learn events per minute
discarded to help free CPU resources when busy.
o login-failures - The count of failed CLI login attempts or
SNMP management authentication failures.
o mac-moves - The average number of MAC address moves from one port
to another per minute.
o mac-address-count - Number of MAC addresses learned in the
forwarding table.
o pkts-to-closed-ports - This could indicate a port scan, in which
an attacker is attempting to expose a vulnerability in the switch.
o port-auth-failures - The count of times a client has been unsuccessful
logging into the network.
o system-resource-usage - Percentage of system resources in use.
o system-delay - The response time of the CPU to new network events.
o low - Preconfigured low threshold value.
o med - Preconfigured medium threshold value.
© 2009 Hewlett-Packard Development Company, L.P.
199
Command Line Interface Reference Guide
instrumentation
o high - Preconfigured high threshold value.
o limitValue - User configured threshold value.
COMMAND STRUCTURE
■ [no] instrumentation collection -- (p. 200)
■ instrumentation memory -- Sets the maximum size in MB which may be used by instrumentation
(p. 200)
■ sizeInMB < 1 to 255 > -- Sets the maximum size in MB which may be used by instrumentation
(NUMBER) (p. 203)
■ [no] instrumentation monitor -- Enables/Disables instrumentation monitoring (p. 201)
■ log -- Enables/Disables instrumenation monitoring log. (p. 200)
■ monitor < all | arp-requests | ip-address-count | ... > -- Enables/Disables instrumentation
monitoring (p. 201)
■ limitValue < 1 to 2147483647 > -- Set the threshold Value. (NUMBER) (p. 200)
■ threshold-value < low | med | high > -- Set the threshold Value. (p. 203)
■ trap -- Enables/Disables SNMP trap generation. (p. 203)
COMMAND DETAILS
collection (p. 200)
limitValue (p. 200)
log (p. 200)
memory (p. 200)
monitor (p. 201)
sizeInMB (p. 203)
threshold-value (p. 203)
trap (p. 203)
collection
■ [no] instrumentation collection
limitValue
■ instrumentation monitor < all | arp-requests | ip-address-count | ... > < 1 to 2147483647 >
Set the threshold Value.
Range: < 1 to 2147483647 >
log
■ [no] instrumentation monitor log
Enables/Disables instrumenation monitoring log.
memory
■ instrumentation memory
Usage: instrumentation memory <sizeInMB>
Description: Sets the maximum size in MB which may be used by
instrumentation. Decreasing the size will result in the loss
of previuosly collected data.
Next Available Option:
■ sizeInMB < 1 to 255 > -- Sets the maximum size in MB which may be used by instrumentation
(NUMBER) (p. 203)
© 2009 Hewlett-Packard Development Company, L.P.
200
Command Line Interface Reference Guide
instrumentation
monitor
■ [no] instrumentation monitor
Usage: [no] instrumentation monitor [ [<all|arp-requests|ip-address-count|
learn-discards|login-failures|mac-moves|
mac-address-count|pkts-to-closed-ports|
port-auth-failures|system-resource-usage|
system-delay> [<low|med|high|limitValue>]] ]
[no] instrumentation monitor [trap]
[no] instrumentation monitor [log]
Description: Enables/Disables instrumentation monitoring.
The first version of the command enables/disables instrumentation
monitoring and sets threshold value. By default instrumentation
monitoring for all parameter is disabled. The command
'instrumentation monitor all' sets the threshold of each parameter
to their medium values. The single command 'instrumentation monitor'
enables/disables instrumentation monitoring for all parameters
and also enables/disables instrumentation monitoring log.
The second version of the command enables/disables
SNMP trap generation. By default SNMP trap generation is disabled.
Traps are generated if SNMP trap is enabled and counter value
of the monitoring parameter exceeds the threshold value.
The third version of the command enables/disables
instrumentation monitoring log. By default instrumentation
monitoring log is disabled.
Parameters:
o all - Enables/Disables instrumentation monitoring for all parameters.
o arp-requests - Number of ARP requests received.
o ip-address-count - Number of destination IP addresses learned in the
IP forwarding table.
o learn-discards - Number of MAC address learn events per minute
discarded to help free CPU resources when busy.
o login-failures - The count of failed CLI login attempts or
SNMP management authentication failures.
o mac-moves - The average number of MAC address moves from one port
to another per minute.
o mac-address-count - Number of MAC addresses learned in the
forwarding table.
o pkts-to-closed-ports - This could indicate a port scan, in which
an attacker is attempting to expose a vulnerability in the switch.
o port-auth-failures - The count of times a client has been unsuccessful
logging into the network.
o system-resource-usage - Percentage of system resources in use.
o system-delay - The response time of the CPU to new network events.
o
o
o
o
low - Preconfigured low threshold value.
med - Preconfigured medium threshold value.
high - Preconfigured high threshold value.
limitValue - User configured threshold value.
Next Available Options:
■ monitor < all | arp-requests | ip-address-count | ... > -- Enables/Disables instrumentation
monitoring(p. 201)
■ trap -- Enables/Disables SNMP trap generation. (p. 203)
■ log -- Enables/Disables instrumenation monitoring log. (p. 200)
© 2009 Hewlett-Packard Development Company, L.P.
201
Command Line Interface Reference Guide
instrumentation
■ [no] instrumentation monitor < all | arp-requests | ip-address-count | ... >
Usage: [no] instrumentation monitor [ [<all|arp-requests|ip-address-count|
learn-discards|login-failures|mac-moves|
mac-address-count|pkts-to-closed-ports|
port-auth-failures|system-resource-usage|
system-delay> [<low|med|high|limitValue>]] ]
[no] instrumentation monitor [trap]
[no] instrumentation monitor [log]
Description: Enables/Disables instrumentation monitoring.
The first version of the command enables/disables instrumentation
monitoring and sets threshold value. By default instrumentation
monitoring for all parameter is disabled. The command
'instrumentation monitor all' sets the threshold of each parameter
to their medium values. The single command 'instrumentation monitor'
enables/disables instrumentation monitoring for all parameters
and also enables/disables instrumentation monitoring log.
The second version of the command enables/disables
SNMP trap generation. By default SNMP trap generation is disabled.
Traps are generated if SNMP trap is enabled and counter value
of the monitoring parameter exceeds the threshold value.
The third version of the command enables/disables
instrumentation monitoring log. By default instrumentation
monitoring log is disabled.
Parameters:
o all - Enables/Disables instrumentation monitoring for all parameters.
o arp-requests - Number of ARP requests received.
o ip-address-count - Number of destination IP addresses learned in the
IP forwarding table.
o learn-discards - Number of MAC address learn events per minute
discarded to help free CPU resources when busy.
o login-failures - The count of failed CLI login attempts or
SNMP management authentication failures.
o mac-moves - The average number of MAC address moves from one port
to another per minute.
o mac-address-count - Number of MAC addresses learned in the
forwarding table.
o pkts-to-closed-ports - This could indicate a port scan, in which
an attacker is attempting to expose a vulnerability in the switch.
o port-auth-failures - The count of times a client has been unsuccessful
logging into the network.
o system-resource-usage - Percentage of system resources in use.
o system-delay - The response time of the CPU to new network events.
o
o
o
o
low - Preconfigured low threshold value.
med - Preconfigured medium threshold value.
high - Preconfigured high threshold value.
limitValue - User configured threshold value.
Supported Values:
■ all -- All counter types.
■ arp-requests -- ARP requests received.
■ ip-address-count -- IP address count.
■ learn-discards -- Learn Discards.
■ login-failures -- Login failures.
© 2009 Hewlett-Packard Development Company, L.P.
202
Command Line Interface Reference Guide
■
■
■
■
■
■
instrumentation
mac-address-count -- Mac address count.
mac-moves -- MAC Moves.
pkts-to-closed-ports -- Packets to closed TCP/UDP ports.
port-auth-failures -- Port authentication failures.
system-resource-usage -- System resource usage.
system-delay -- System Delay.
Next Available Options:
■ threshold-value < low | med | high > -- Set the threshold Value. (p. 203)
■ limitValue < 1 to 2147483647 > -- Set the threshold Value. (NUMBER) (p. 200)
sizeInMB
■ instrumentation memory < 1 to 255 >
Usage: instrumentation memory <sizeInMB>
Description: Sets the maximum size in MB which may be used by
instrumentation. Decreasing the size will result in the loss
of previuosly collected data.
Range: < 1 to 255 >
threshold-value
■ instrumentation monitor < all | arp-requests | ip-address-count | ... > < low | med | high >
Set the threshold Value.
Supported Values:
■ low -- Low threshold.
■ med -- Medium threshold.
■ high -- High threshold.
trap
■ [no] instrumentation monitor trap
Enables/Disables SNMP trap generation.
© 2009 Hewlett-Packard Development Company, L.P.
203
interface
OVERVIEW
Category:
Primary context:
config
Related Commands
show interfaces (page 560)
Usage: [no] interface < [ethernet] PORT-LIST [...] | loopback <num> >
Description: Enter the Interface Configuration Level, or execute one
command for that level. Without optional parameters
specified, the 'interface' command changes the context to
the Interface Configuration Context Level for execution of
configuration changes to the port or ports in the PORT-LIST
or with loopback keywork it will change context to loopback
mode. Use 'interface ?' to get a list of all valid commands.
COMMAND STRUCTURE
■ [no] interface loopback < 0 to 7 > -- Enter the loopback Configuration Level (p. 248)
■ ip -- Configure various IP parameters for the Loopback (p. 240)
■ address -- Set IP parameters for communication within an IP network (p. 216)
■ ip-addr -- Interface IP address. (IP-ADDR) (p. 241)
■ ospf -- configure Open Shortest Path First (OSPF) protocol parameters on the interface (p.
256)
■ all -- Process the request for all IP addresses. (p. 219)
■ area -- Specify an OSPF area. (p. 221)
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p.
222)
■ backbone -- The backbone area (the same as 0.0.0.0). (p. 226)
■ cost < 1 to 65535 > -- Set metric of this interface. (p. 229)
■ ip-addr -- Specify the IP address the request is for. (IP-ADDR) (p. 241)
■ area -- Specify an OSPF area. (p. 221)
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p.
222)
■ backbone -- The backbone area (the same as 0.0.0.0). (p. 226)
■ cost < 1 to 65535 > -- Set metric of this interface. (p. 229)
■ interface port-list -- Enter the Interface Configuration Level, or execute one command for that
level ([ethernet] PORT-LIST) (p. 262)
■ arp-protect -- Configure the port as trusted or untrusted (p. 223)
■ trust -- (p. 279)
■ bandwidth-min -- Enable/disable and configure guaranteed minimum bandwidth settings for
outgoing traffic on the port(s) (p. 226)
■ output -- Enable/disable and configure guaranteed minimum bandwidth for outgoing traffic.
(p. 258)
■ queue1 < 0 to 100 > -- Specify min. bandwidth percentage for queue one outgoing traffic.
(p. 270)
■ queue2 < 0 to 100 > -- Specify min. bandwidth percentage for queue two outgoing
traffic. (p. 270)
■ queue3 < 0 to 100 > -- Specify min. bandwidth percentage for queue three outgoing
traffic. (p. 270)
© 2009 Hewlett-Packard Development Company, L.P.
204
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
interface
■ queue4 < 0 to 100 > -- Specify min. bandwidth percentage for queue four
outgoing traffic. (p. 270)
■ queue5 < 0 to 100 > -- Specify min. bandwidth percentage for queue five
outgoing traffic. (p. 270)
■ additional options available...
broadcast-limit < 0 to 99 > -- Set a broadcast traffic percentage limit (p. 228)
dhcp-snooping -- Configure the port as trusted or untrusted (p. 230)
■ trust -- Configure trusted interfaces (p. 279)
disable -- Disable port(s) (p. 231)
enable -- Enable port(s) (p. 232)
flow-control -- Enable/disable flow control on the port(s) (p. 233)
gvrp -- Set the GVRP timers on the port (hundredths of a second) (p. 235)
■ join-timer < 20 to 75 > -- Set join timer value (centiseconds; default 20). (p. 246)
■ leaveall-timer < 500 to 3000 > -- Set leaveall timer value (centiseconds; default 1000). (p.
248)
■ leave-timer < 40 to 300 > -- Set leave timer value (centiseconds; default 300). (p. 248)
ip -- Apply the specified access control list to inbound packets on this INTERFACE list (p. 240)
■ access-group -- Apply the specified access control list to inbound packets on this INTERFACE
list (ASCII-STR) (p. 214)
■ direction < in > -- (p. 231)
■ source-lockdown -- Enable/disable IP source lockdown in global configuration mode (p. 276)
ipv6 -- Configure various IP parameters for the VLAN (p. 244)
■ access-group -- Apply a IPV6 ACl on the interface (ASCII-STR) (p. 214)
■ in -- Match inbound packets. (p. 238)
lacp -- Define whether LACP is enabled on the port, and whether it is in active or passive mode
when enabled (p. 247)
■ mode < Active | Passive > -- Define whether LACP is enabled on the port, and whether it
is in active or passive mode when enabled (p. 252)
link-keepalive -- Configure UDLD on port(s) (p. 248)
■ vlan -- Set vlan-id for tagged UDLD control packets. (VLAN-ID) (p. 282)
mdix-mode < mdi | mdix | autoMDIX > -- Set port MDI/MDIX mode (default: auto). (p. 250)
monitor -- Define either the port is to be monitored or not (p. 252)
■ all < In | Out | Both > -- Monitor all traffic. (p. 219)
■ mirror -- Mirror destination. (p. 251)
■ mirror_session_name -- Mirror destination name. (p. 251)
■ monitor_mirror_session_id < 1 to 4 > -- Mirror destination number. (p. 254)
■ no-tag-added -- Don't add VLAN tag for this untagged-port (p. 256)
name -- Set/unset a name for the port(s) (p. 254)
■ port-name -- Specify a port name up to 64 characters length. (ASCII-STR) (p. 263)
poe-allocate-by -- Control manual power over ethernet allocation (p. 261)
■ allocate_by < usage | class | value > -- Control manual power over ethernet allocation (p.
221)
poe-lldp-detect -- Enabling this feature causes the port to allocate power based on the
link-partner's capabilities via LLDP (p. 261)
■ poe_lldp_detect < disabled | enabled > -- Enabling this feature causes the port to allocate
power based on the link-partner's capabilities via LLDP (p. 260)
poe-value -- Maximum PoE allocation specified with a value in watts (p. 261)
■ poe_value < 1 | 2 | 3 | ... > -- Maximum PoE allocation specified with a value in watts (p. 260)
power-over-ethernet -- Enable/Disable per-port power distribution (p. 263)
■ priority < critical | high | low > -- Enable/Disable per-port power distribution (p. 265)
qinq -- Configure a port's type as customer-network or provider-network (p. 268)
■ port-type -- Configure qinq port-type (p. 263)
■ customer-network -- Configure qinq port-type as customer-network (p. 229)
© 2009 Hewlett-Packard Development Company, L.P.
205
Command Line Interface Reference Guide
interface
■ provider-network -- Configure qinq port-type as provider-network (p. 267)
■ qos -- Set port-based priority (p. 268)
■ dscp -- Specify DSCP policy to use. (p. 231)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 227)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 239)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 285)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 265)
■ rate-limit -- Enable/disable and configure rate-limiting for all traffic (or for incoming ICMP
traffic) on the port(s) (p. 271)
■ all -- Set limits for all traffic. (p. 219)
■ in -- Set limits for all inbound traffic. (p. 238)
■ kbps < 0 to 10000000 > -- Specify limit of allowed inbound or outbound traffic in
kilobits-per-second on the specified port(s). Actual limits are in steps of 100Kbps to
100Mbps (granularity is 1% of the lowest related media speed). (p. 246)
■ percent < 0 to 100 > -- Specify limit as percent of inbound or outbound traffic. (p.
258)
■ out -- Set limits for all outbound traffic. (p. 257)
■ kbps < 0 to 10000000 > -- Specify limit of allowed inbound or outbound traffic in
kilobits-per-second on the specified port(s). Actual limits are in steps of 100Kbps to
100Mbps (granularity is 1% of the lowest related media speed). (p. 246)
■ percent < 0 to 100 > -- Specify limit as percent of inbound or outbound traffic. (p.
258)
■ bcast -- Set limits for broadcast traffic. (p. 227)
■ in -- Set limits for inbound broadcast trafic. (p. 238)
■ percent < 0 to 100 > -- (p. 258)
■ icmp -- Set limits for ICMP traffic only. (p. 237)
■ kbps < 0 to 10000000 > -- Specify kilobits-per-second limit of allowed ICMP traffic (values
should be at least 13Kbps, or max-length ICMP packets will fail.) (p. 246)
■ percent < 0 to 100 > -- Specify limit as percent of inbound or outbound traffic. (p. 258)
■ mcast -- Set limits for multicast traffic. (p. 249)
■ in -- Set limits for inbound multicast trafic (p. 238)
■ percent < 0 to 100 > -- (p. 258)
■ service-policy -- Apply the QoS/Mirror policy on the interface (ASCII-STR) (p. 275)
■ in -- Apply policy on inbound packets. (p. 238)
■ speed-duplex < 10-half | 100-half | 10-full | ... > -- Define mode of operation for the port(s) (p.
276)
■ type < Trunk | | | ... > -- (p. 280)
■ unknown-vlans < Learn | Block | Disable > -- Configure GVRP on the port(s) (p. 281)
■ [no] interface svlan -- Add, delete, edit SVLAN configuration or enter a SVLAN context (VLAN-ID)
(p. 277)
■ auto -- Cause each port identified in the port list to learn its VLAN membership using the GARP
VLAN Registration Protocol (GVRP) ([ethernet] PORT-LIST) (p. 225)
■ connection-rate-filter -- Re-enables access to a host or set of hosts that has been previously
blocked by the connection rate filter (p. 228)
■ unblock -- Resets a host previously blocked by the connection rate filter (p. 281)
■ all -- Resets all previously blocked by the connection rate filter (p. 219)
■ host -- Match packets from the specified IP address. (IP-ADDR) (p. 237)
■ src-ip -- Match packets from the specified subnet. (IP-ADDR/mask-LENGTH) (p. 277)
■ dhcp-snooping -- (p. 230)
■ forbid -- Prevent ports from becoming a member of the current VLAN ([ethernet] PORT-LIST)
(p. 234)
■ ip -- Configure various IP parameters for the VLAN (p. 240)
© 2009 Hewlett-Packard Development Company, L.P.
206
Command Line Interface Reference Guide
interface
■ access-group -- Apply the specified access control list on this VLAN interface (ASCII-STR)
(p. 214)
■ direction < in | out | connection-rate-filter | ... > -- (p. 231)
■ address -- Set IP parameters for communication within an IP network (p. 216)
■ dhcp-bootp -- Configure the interface to use DHCP/Bootp server to acquire parameters.
(p. 230)
■ ip-addr -- Interface IP address/mask. (IP-ADDR/mask-LENGTH) (p. 241)
■ ipv6 -- Configure various IP parameters for the VLAN (p. 244)
■ address -- Set IPv6 parameters for communication within an IP network (p. 216)
■ autoconfig -- Automatic address configuration. (p. 225)
■ dhcp -- Configure a DHCPv6 client. (p. 230)
■ full -- Obtain IPv6 address & Configuration information from DHCPv6 server. (p. 235)
■ rapid-commit -- Obtain IPv6 address quickly from DHCPv6 server. (p. 271)
■ ipv6-addr -- Configure a link-local IPv6 address. (IPV6-ADDR) (p. 245)
■ link-local -- Configure a link-local IPv6 address. (p. 248)
■ ipv6-addr/mask -- Configure IPv6 address represented in CIDR notation.
(IPV6-ADDR/PREFIX-LEN) (p. 245)
■ anycast -- Address that is assigned to a set of interfaces that typically belong to
different nodes (p. 221)
■ eui-64 -- An IPv6 EUI-64 address that can be automatically configured on any interface
(p. 232)
■ enable -- Enable IPv6 on an interface and configures an automatically generated link-local
addr. (p. 232)
■ jumbo -- Labels this VLAN as a Jumbo VLAN, allowing you to pass packets up to 9220 bytes
in size (p. 246)
■ monitor -- Define either the VLAN is to be monitored or not (p. 252)
■ all < In | Out | Both > -- Monitor all traffic. (p. 219)
■ mirror -- Mirror destination. (p. 251)
■ mirror_session_name -- Mirror destination name. (p. 251)
■ monitor_mirror_session_id < 1 to 4 > -- Mirror destination number. (p. 254)
■ name -- Set the VLAN's name (ASCII-STR) (p. 254)
■ protocol -- Set a predefined protocol for the current VLAN. (p. 266)
■ protocol-group -- Enter a list of protocols for the current VLAN delimited by commas.
(ASCII-STR) (p. 267)
■ protocols < IPX | IPv4 | IPv6 | ... > -- Set a predefined protocol for the current VLAN. (p. 267)
■ qos -- Set VLAN-based priority (p. 268)
■ dscp -- Specify DSCP policy to use. (p. 231)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 227)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 239)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 285)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 265)
■ tagged -- Assign ports to current VLAN as tagged ([ethernet] PORT-LIST) (p. 278)
■ untagged -- Assign ports to current VLAN as untagged ([ethernet] PORT-LIST) (p. 282)
■ voice -- Labels this VLAN as a Voice VLAN, allowing you to separate, prioritize, and authenticate
voice traffic moving through your network (p. 283)
■ [no] interface vlan -- Add, delete, edit VLAN configuration or enter a VLAN context (VLAN-ID) (p.
282)
■ auto -- Cause each port identified in the port list to learn its VLAN membership using the GARP
VLAN Registration Protocol (GVRP) ([ethernet] PORT-LIST) (p. 225)
■ connection-rate-filter -- Re-enables access to a host or set of hosts that has been previously
blocked by the connection rate filter (p. 228)
■ unblock -- Resets a host previously blocked by the connection rate filter (p. 281)
© 2009 Hewlett-Packard Development Company, L.P.
207
Command Line Interface Reference Guide
■
■
■
■
interface
■ all -- Resets all previously blocked by the connection rate filter (p. 219)
■ host -- Match packets from the specified IP address. (IP-ADDR) (p. 237)
■ src-ip -- Match packets from the specified subnet. (IP-ADDR/mask-LENGTH) (p. 277)
dhcp-snooping -- (p. 230)
forbid -- Prevent ports from becoming a member of the current VLAN ([ethernet] PORT-LIST)
(p. 234)
igmp-proxy -- Associate an IGMP proxy domain with a VLAN (p. 238)
■ domain-name < END OF PRINTABLE > -- Specify the domain name to associate/disassociate
with the VLAN. (ASCII-STR) (p. 231)
ip -- Configure various IP parameters for the VLAN (p. 240)
■ access-group -- Apply the specified access control list on this VLAN interface (ASCII-STR)
(p. 214)
■ direction < in | out | connection-rate-filter | ... > -- (p. 231)
■ address -- Set IP parameters for communication within an IP network (p. 216)
■ dhcp-bootp -- Configure the interface to use DHCP/Bootp server to acquire parameters.
(p. 230)
■ ip-addr -- Interface IP address/mask. (IP-ADDR/mask-LENGTH) (p. 241)
■ bootp-gateway -- Add or remove the gateway address to be used for stamping incoming
DHCP requests (p. 228)
■ ip-addr -- IPv4 address of the BOOTP gateway. (IP-ADDR) (p. 241)
■ forward-protocol -- Add or remove a UDP server address for the VLAN (p. 235)
■ udp -- Add or remove a UDP server address for the VLAN (p. 280)
■ ip-addr -- IP address of the protocol server. (IP-ADDR) (p. 241)
■ port-name < dns | ntp | netbios-ns | ... > -- (NUMBER) (p. 263)
■ port-num -- UDP port number of the server. (TCP/UDP-PORT) (p. 263)
■ helper-address -- Add or remove a DHCP server IP address for the VLAN (IP-ADDR) (p. 237)
■ igmp -- Enable/disable/configure IP Multicast Group Protocol (IGMP) feature on a VLAN (p.
238)
■ auto -- Instruct the device to monitor incoming multicast traffic on the specified ports
(this is the default behavior) ([ethernet] PORT-LIST) (p. 225)
■ blocked -- Instruct the device to drop incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 227)
■ fastleave -- Enables or disables IGMP Fast Leaves ([ethernet] PORT-LIST) (p. 233)
■ forcedfastleave -- When enabled, this feature forces IGMP Fast Leaves to occur even
when the port is cascaded ([ethernet] PORT-LIST) (p. 234)
■ forward -- Instruct the device to forward incoming multicast packets received on the
specified ports ([ethernet] PORT-LIST) (p. 234)
■ high-priority-forward -- Enable/disable the high priority forwarding of traffic for subscribed
IP Multicast groups (p. 237)
■ querier -- Specify querier/non-querier capability for the VLAN (p. 269)
■ interval < 5 to 300 > -- Sets the interval in seconds between IGMP queries (default:
125) (p. 240)
■ irdp -- Configure ICMP Router Discovery Protocol (IRDP) (p. 246)
■ advert-address < multicast | broadcast > -- Specify the destination address to be used
for router advertisements (p. 219)
■ holdtime < 4 to 9000 > -- Set the lifetime (in seconds) of the router advertisements sent
on this interface (p. 237)
■ maxadvertinterval < 4 to 1800 > -- Set the maximum time (in seconds) allowed between
sending unsolicited router advertisements (p. 249)
■ minadvertinterval < 3 to 1800 > -- Set the minimum time (in seconds) allowed between
sending unsolicited router advertisements (p. 250)
■ preference -- The preferability of the router as a default router, relative to the other
routers on the same subnet (p. 264)
© 2009 Hewlett-Packard Development Company, L.P.
208
Command Line Interface Reference Guide
interface
■ no-default -- Indicates that the router should never be used as a default by its
neighbors. (p. 255)
■ number < -2147483647 to 2147483647 > -- The router preferability number. Higher
values are more preferable. (p. 256)
■ local-proxy-arp -- Enable/disable local proxy ARP (p. 248)
■ mroute -- Configure IP Multicast Routing parameters on the VLAN interface (p. 254)
■ ttl-threshold < 0 to 255 > -- Set the multicast datagram TTL threshold for the interface
(p. 279)
■ ospf -- Enable/disable/configure Open Shortest Path First (OSPF) protocol on the VLAN
interface (p. 256)
■ all -- Process the request for all IP addresses. (p. 219)
■ area -- Specify an OSPF area. (p. 221)
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p.
222)
■ backbone -- The backbone area (the same as 0.0.0.0). (p. 226)
■ authentication -- Disable authentication. (p. 223)
■ authentication-key -- Set simple authentication method and key. (p. 223)
■ authentication-key -- OSPF authentication key (maximum 8 characters).
(OCTET-STR) (p. 223)
■ cost < 1 to 65535 > -- Set metric of this interface. (p. 229)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40. (p. 229)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10. (p. 236)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain. (p. 250)
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p.
228)
■ passive -- Configures an ospf interface as passive. (p. 258)
■ priority < 0 to 255 > -- Set priority of this router as a designated router. (p. 265)
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is
5. (p. 273)
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1. (p. 279)
■ area -- Specify an OSPF area. (p. 221)
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p. 222)
■ backbone -- The backbone area (the same as 0.0.0.0). (p. 226)
■ authentication -- Disable authentication. (p. 223)
■ authentication-key -- Set simple authentication method and key. (p. 223)
■ authentication-key -- OSPF authentication key (maximum 8 characters). (OCTET-STR)
(p. 223)
■ cost < 1 to 65535 > -- Set metric of this interface. (p. 229)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40. (p. 229)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10. (p. 236)
■ ip-addr -- Specify the IP address the request is for. (IP-ADDR) (p. 241)
■ area -- Specify an OSPF area. (p. 221)
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p.
222)
■ backbone -- The backbone area (the same as 0.0.0.0). (p. 226)
■ authentication -- Disable authentication. (p. 223)
■ authentication-key -- Set simple authentication method and key. (p. 223)
■ authentication-key -- OSPF authentication key (maximum 8 characters).
(OCTET-STR) (p. 223)
■ cost < 1 to 65535 > -- Set metric of this interface. (p. 229)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40. (p. 229)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10. (p. 236)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain. (p. 250)
© 2009 Hewlett-Packard Development Company, L.P.
209
Command Line Interface Reference Guide
interface
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p.
228)
■ passive -- Configures an ospf interface as passive. (p. 258)
■ priority < 0 to 255 > -- Set priority of this router as a designated router. (p. 265)
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is
5. (p. 273)
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1. (p. 279)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain. (p. 250)
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p. 228)
■ passive -- Configures an ospf interface as passive. (p. 258)
■ priority < 0 to 255 > -- Set priority of this router as a designated router. (p. 265)
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is 5.
(p. 273)
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1. (p. 279)
■ pim-dense -- Enable/disable/configure PIM-DM protocol on the VLAN interface (p. 259)
■ graft-retry-interval < 1 to 10 > -- Set the interval a PIM router waits for a Graft Ack before
resending a Graft on this interface (p. 235)
■ hello-delay < 0 to 5 > -- Set the maximum time before a triggered PIM Hello message
is transmitted on this interface (p. 236)
■ hello-interval < 5 to 300 > -- Set the frequency at which PIM Hello messages are
transmitted on this interface (p. 236)
■ ip-addr -- Set the source IP address for the PIM-DM packets sent out on this interface (p.
241)
■ any -- Dynamically determine IP address. (p. 221)
■ ip-addr -- Specify IP address. (IP-ADDR) (p. 241)
■ lan-prune-delay -- Turn on/off the LAN Prune Delay Option on this interface (p. 247)
■ max-graft-retries < 1 to 10 > -- Set the maximum number of times this router will resend
a Graft on this interface (p. 249)
■ override-interval < 500 to 6000 > -- Set the value inserted into the Override Interval field
of a LAN Prune Delay option on this interface (p. 258)
■ propagation-delay < 250 to 2000 > -- Set the value inserted into the LAN Prune Delay
field of a LAN Prune Delay option on this interface (p. 266)
■ ttl-threshold < 0 to 255 > -- Set the Time To Live in a PIM-DM State Refresh message
at which it is not forwarded on this interface (p. 279)
■ pim-sparse -- Enable/disable/configure PIM-SM protocol on the VLAN interface (p. 259)
■ dr-priority -- Set the priority value to use on the interface in the Designated Router
election process (p. 231)
■ hello-delay < 0 to 5 > -- Set the maximum time before a triggered PIM Hello message
is transmitted on this interface (p. 236)
■ hello-interval < 5 to 300 > -- Set the frequency at which PIM Hello messages are
transmitted on this interface (p. 236)
■ ip-addr -- Set the source IP address for the PIM-SM packets sent out on this interface (p.
241)
■ any -- Dynamically determine IP address. (p. 221)
■ ip-addr -- Specify IP address. (IP-ADDR) (p. 241)
■ lan-prune-delay -- Turn on/off the LAN Prune Delay Option on this interface (p. 247)
■ nbr-timeout < 60 to 8000 > -- Set the neighbour loss time interval for this interface (p.
255)
■ override-interval < 500 to 6000 > -- Set the value inserted into the Override Interval field
of a LAN Prune Delay option on this interface (p. 258)
■ propagation-delay < 250 to 2000 > -- Set the value inserted into the LAN Prune Delay
field of a LAN Prune Delay option on this interface (p. 266)
■ proxy-arp -- Enable/disable proxy ARP (p. 268)
© 2009 Hewlett-Packard Development Company, L.P.
210
Command Line Interface Reference Guide
interface
■ rip -- Enable/disable/configure Routing Internet Protocol (RIP) on the VLAN interface (p. 274)
■ all -- Process the request for all IP addresses. (p. 219)
■ authentication-key -- Set RIP authentication key (maximum 16 characters). (p. 223)
■ auth-key-text -- Set RIP authentication key (maximum 16 characters). (OCTET-STR)
(p. 225)
■ authentication-type < none | text > -- Set authentication type used on this interface.
(p. 224)
■ metric < 1 to 15 > -- Set metric for this interface. (p. 250)
■ poison-reverse -- Enable/disable poison reverse on this interface. (p. 262)
■ receive < V1-only | V2-only | V1-or-V2 | ... > -- Define RIP version for incoming packets.
(p. 273)
■ rip-compatible < V1-only | V2-only | V1-or-V2 > -- Define RIP version for incoming
and outgoing packets. (p. 274)
■ send < disabled | V1-only | V1-compatible-V2 | ... > -- Define RIP version for outgoing
packets. (p. 275)
■ authentication-key -- Set RIP authentication key (maximum 16 characters). (p. 223)
■ auth-key-text -- Set RIP authentication key (maximum 16 characters). (OCTET-STR)
(p. 225)
■ authentication-type < none | text > -- Set authentication type used on this interface. (p.
224)
■ ip-addr -- Specify the IP address the request is for. (IP-ADDR) (p. 241)
■ authentication-key -- Set RIP authentication key (maximum 16 characters). (p. 223)
■ auth-key-text -- Set RIP authentication key (maximum 16 characters). (OCTET-STR)
(p. 225)
■ authentication-type < none | text > -- Set authentication type used on this interface.
(p. 224)
■ metric < 1 to 15 > -- Set metric for this interface. (p. 250)
■ poison-reverse -- Enable/disable poison reverse on this interface. (p. 262)
■ receive < V1-only | V2-only | V1-or-V2 | ... > -- Define RIP version for incoming packets.
(p. 273)
■ rip-compatible < V1-only | V2-only | V1-or-V2 > -- Define RIP version for incoming
and outgoing packets. (p. 274)
■ send < disabled | V1-only | V1-compatible-V2 | ... > -- Define RIP version for outgoing
packets. (p. 275)
■ metric < 1 to 15 > -- Set metric for this interface. (p. 250)
■ poison-reverse -- Enable/disable poison reverse on this interface. (p. 262)
■ receive < V1-only | V2-only | V1-or-V2 | ... > -- Define RIP version for incoming packets.
(p. 273)
■ rip-compatible < V1-only | V2-only | V1-or-V2 > -- Define RIP version for incoming and
outgoing packets. (p. 274)
■ send < disabled | V1-only | V1-compatible-V2 | ... > -- Define RIP version for outgoing
packets. (p. 275)
■ ip-recv-mac-address -- Associates a L3-mac-address with a VLAN (p. 243)
■ mac-address -- The L3-mac-address to be associated with a VLAN. (MAC-ADDR) (p. 249)
■ interval -- Specify the L3-Mac-Address timeout interval. (p. 240)
■ timer-interval < 1 to 255 > -- Timeout interval in seconds <1-255>. (p. 278)
■ ipv6 -- Configure various IP parameters for the VLAN (p. 244)
■ access-group -- Apply a IPV6 ACl on a VLAN (ASCII-STR) (p. 214)
■ vlan -- VLAN acl. (p. 282)
■ address -- Set IPv6 parameters for communication within an IP network (p. 216)
■ autoconfig -- Automatic address configuration. (p. 225)
■ dhcp -- Configure a DHCPv6 client. (p. 230)
■ full -- Obtain IPv6 address & Configuration information from DHCPv6 server. (p. 235)
© 2009 Hewlett-Packard Development Company, L.P.
211
Command Line Interface Reference Guide
■
■
■
■
■
interface
■ rapid-commit -- Obtain IPv6 address quickly from DHCPv6 server. (p. 271)
■ ipv6-addr -- Configure a link-local IPv6 address. (IPV6-ADDR) (p. 245)
■ link-local -- Configure a link-local IPv6 address. (p. 248)
■ ipv6-addr/mask -- Configure IPv6 address represented in CIDR notation.
(IPV6-ADDR/PREFIX-LEN) (p. 245)
■ anycast -- Address that is assigned to a set of interfaces that typically belong to
different nodes (p. 221)
■ eui-64 -- An IPv6 EUI-64 address that can be automatically configured on any interface
(p. 232)
■ enable -- Enable IPv6 on an interface and configures an automatically generated link-local
addr. (p. 232)
■ mld -- Enable/disable/configure IPv6 Multicast Listener Discovery (MLD) feature on a VLAN
(p. 251)
■ auto -- Instruct the device to monitor incoming multicast traffic on the specified ports
(this is the default behavior) ([ethernet] PORT-LIST) (p. 225)
■ blocked -- Instruct the device to drop incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 227)
■ fastleave -- Enables MLD fast-leaves on the specified ports in the selected VLAN
([ethernet] PORT-LIST) (p. 233)
■ forcedfastleave -- Enables MLD Forced Fast-Leave on the specified ports in the selected
VLAN, even if they are cascaded ([ethernet] PORT-LIST) (p. 234)
■ forward -- Instruct the device to forward incoming multicast packets received on the
specified ports ([ethernet] PORT-LIST) (p. 234)
■ querier -- This command disables or re-enables the ability for the switch to become
querier if necessary (p. 269)
■ nd -- IPv6 nodes on the same link use Neighbor Discovery to discover each other's presence,
link-layer addresses, routers and to maintain reachability information about the paths to
active neighbors (p. 255)
■ ns-interval -- Configures the neighbor discovery time between neighbor solicitation
requests sent for an unresolved destination, or between duplicate address detection
neighbor solicitation requests (p. 256)
■ number < 1000 to 3600000 > -- Configures the neighbor discovery time between
neighbor solicitation requests sent for an unresolved destination, or between duplicate
address detection neighbor solicitation requests (p. 256)
■ reachable-time -- Configures the length of time neighbors are considered reachable after
being confirmed as reachable via the neighbor unreachability detection algorithm (p.
273)
■ number < 1000 to 3600000 > -- Configures the router lifetime sent in router
advertisements (p. 256)
jumbo -- Labels this VLAN as a Jumbo VLAN, allowing you to pass packets up to 9220 bytes
in size (p. 246)
monitor -- Define either the VLAN is to be monitored or not (p. 252)
■ all < In | Out | Both > -- Monitor all traffic. (p. 219)
■ mirror -- Mirror destination. (p. 251)
■ mirror_session_name -- Mirror destination name. (p. 251)
■ monitor_mirror_session_id < 1 to 4 > -- Mirror destination number. (p. 254)
name -- Set the VLAN's name (ASCII-STR) (p. 254)
protocol -- Set a predefined protocol for the current VLAN. (p. 266)
■ protocol-group -- Enter a list of protocols for the current VLAN delimited by commas.
(ASCII-STR) (p. 267)
■ protocols < IPX | IPv4 | IPv6 | ... > -- Set a predefined protocol for the current VLAN. (p. 267)
qos -- Set VLAN-based priority (p. 268)
■ dscp -- Specify DSCP policy to use. (p. 231)
© 2009 Hewlett-Packard Development Company, L.P.
212
Command Line Interface Reference Guide
■
■
■
■
■
interface
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 227)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 239)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 285)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 265)
service-policy -- Apply the QoS/Mirror policy on the vlan (ASCII-STR) (p. 275)
■ in -- Apply policy on inbound packets. (p. 238)
tagged -- Assign ports to current VLAN as tagged ([ethernet] PORT-LIST) (p. 278)
untagged -- Assign ports to current VLAN as untagged ([ethernet] PORT-LIST) (p. 282)
voice -- Labels this VLAN as a Voice VLAN, allowing you to separate, prioritize, and authenticate
voice traffic moving through your network (p. 283)
vrrp -- Enable/disable/configure VRRP operation on the VLAN (p. 284)
■ vrid < 1 to 255 > -- Configure a virtual router instance for the VLAN (p. 284)
■ advertise-interval < 1 to 255 > -- Set time interval (in seconds) between sending VRRP
advertisement messages (p. 219)
■ backup -- Designate the virtual router instance as a Backup (p. 226)
■ enable -- Enable/disable operation of the virtual router instance (p. 232)
■ failback -- Trigger VR to failback to its configured priority value (p. 233)
■ failover -- Trigger VR to failover to a peer (p. 233)
■ with-monitoring -- Trigger VR to failover and continue montior of master VR (p. 289)
■ owner -- Designate the virtual router instance as an Owner (Master) (p. 258)
■ preempt-delay-time < 1 to 600 > -- Enable the pre-emptive delay timer for the virtual
router instance (p. 264)
■ preempt-mode -- Enable/disable preempt mode for the virtual router instance (p. 264)
■ primary-ip-address -- Specify IP address the virtual router instance will use as a source
in VRRP advertisement messages (p. 264)
■ ip-addr -- Specify IP address. (IP-ADDR) (p. 241)
■ lowest -- Dynamically determine lowest IP address. (p. 249)
■ priority < 1 to 255 > -- Configure priority for the virtual router instance (p. 265)
■ track -- Enable/disable tracking for VR (p. 278)
■ interface -- Enable/disable tracking of logical ports for VR (p. 239)
■ lport-list -- Enable/disable tracking of specified logical ports for VR ([ethernet]
PORT-LIST) (p. 249)
■ vlan -- Enable/disable tracking of VLANs for VR (p. 282)
■ vlan-id-range -- Enable/disable tracking of specified VLANs for VR
(VLAN-ID-RANGE) (p. 283)
■ virtual-ip-address -- Specify IP address to be supported by the virtual router instance (p.
282)
■ ip-addr -- Specify IP address/mask. (IP-ADDR/mask-LENGTH) (p. 241)
COMMAND DETAILS
access-group (p. 214)
address (p. 216)
advert-address (p. 219)
advertise-interval (p. 219)
all (p. 219)
allocate_by (p. 221)
any (p. 221)
anycast (p. 221)
area (p. 221)
area-id (p. 222)
arp-protect (p. 223)
in (p. 238)
integer-range (p. 239)
interface (p. 239)
interval (p. 240)
ip (p. 240)
ip-addr (p. 241)
ip-recv-mac-address (p. 243)
ipv6 (p. 244)
ipv6-addr (p. 245)
ipv6-addr/mask (p. 245)
irdp (p. 246)
© 2009 Hewlett-Packard Development Company, L.P.
poison-reverse (p. 262)
port-list (p. 262)
port-name (p. 263)
port-num (p. 263)
port-type (p. 263)
power-over-ethernet (p. 263)
preempt-delay-time (p. 264)
preempt-mode (p. 264)
preference (p. 264)
primary-ip-address (p. 264)
priority (p. 265)
213
Command Line Interface Reference Guide
authentication (p. 223)
authentication-key (p. 223)
authentication-type (p. 224)
auth-key-text (p. 225)
auto (p. 225)
autoconfig (p. 225)
backbone (p. 226)
backup (p. 226)
bandwidth-min (p. 226)
bcast (p. 227)
binary-range (p. 227)
blocked (p. 227)
bootp-gateway (p. 228)
broadcast-limit (p. 228)
chain-name (p. 228)
connection-rate-filter (p. 228)
cost (p. 229)
customer-network (p. 229)
dead-interval (p. 229)
dhcp (p. 230)
dhcp-bootp (p. 230)
dhcp-snooping (p. 230)
direction (p. 231)
disable (p. 231)
domain-name (p. 231)
dr-priority (p. 231)
dscp (p. 231)
enable (p. 232)
eui-64 (p. 232)
failback (p. 233)
failover (p. 233)
fastleave (p. 233)
flow-control (p. 233)
forbid (p. 234)
forcedfastleave (p. 234)
forward (p. 234)
forward-protocol (p. 235)
full (p. 235)
graft-retry-interval (p. 235)
gvrp (p. 235)
hello-delay (p. 236)
hello-interval (p. 236)
helper-address (p. 237)
high-priority-forward (p. 237)
holdtime (p. 237)
host (p. 237)
icmp (p. 237)
igmp (p. 238)
igmp-proxy (p. 238)
interface
join-timer (p. 246)
jumbo (p. 246)
kbps (p. 246)
lacp (p. 247)
lan-prune-delay (p. 247)
leaveall-timer (p. 248)
leave-timer (p. 248)
link-keepalive (p. 248)
link-local (p. 248)
local-proxy-arp (p. 248)
loopback (p. 248)
lowest (p. 249)
lport-list (p. 249)
mac-address (p. 249)
maxadvertinterval (p. 249)
max-graft-retries (p. 249)
mcast (p. 249)
md5-auth-key-chain (p. 250)
mdix-mode (p. 250)
metric (p. 250)
minadvertinterval (p. 250)
mirror (p. 251)
mirror_session_name (p. 251)
mld (p. 251)
mode (p. 252)
monitor (p. 252)
monitor_mirror_session_id (p.
254)
mroute (p. 254)
name (p. 254)
nbr-timeout (p. 255)
nd (p. 255)
no-default (p. 255)
no-tag-added (p. 256)
ns-interval (p. 256)
number (p. 256)
ospf (p. 256)
out (p. 257)
output (p. 258)
override-interval (p. 258)
owner (p. 258)
passive (p. 258)
percent (p. 258)
pim-dense (p. 259)
pim-sparse (p. 259)
poe_lldp_detect (p. 260)
poe_value (p. 260)
poe-allocate-by (p. 261)
poe-lldp-detect (p. 261)
poe-value (p. 261)
propagation-delay (p. 266)
protocol (p. 266)
protocol-group (p. 267)
protocols (p. 267)
provider-network (p. 267)
proxy-arp (p. 268)
qinq (p. 268)
qos (p. 268)
querier (p. 269)
queue1 (p. 270)
queue2 (p. 270)
queue3 (p. 270)
queue4 (p. 270)
queue5 (p. 270)
queue6 (p. 271)
queue7 (p. 271)
queue8 (p. 271)
rapid-commit (p. 271)
rate-limit (p. 271)
reachable-time (p. 273)
receive (p. 273)
retransmit-interval (p. 273)
rip (p. 274)
rip-compatible (p. 274)
send (p. 275)
service-policy (p. 275)
source-lockdown (p. 276)
speed-duplex (p. 276)
src-ip (p. 277)
svlan (p. 277)
tagged (p. 278)
timer-interval (p. 278)
track (p. 278)
transit-delay (p. 279)
trust (p. 279)
ttl-threshold (p. 279)
type (p. 280)
udp (p. 280)
unblock (p. 281)
unknown-vlans (p. 281)
untagged (p. 282)
virtual-ip-address (p. 282)
vlan (p. 282)
vlan-id-range (p. 283)
voice (p. 283)
vrid (p. 284)
vrrp (p. 284)
well-defined (p. 285)
with-monitoring (p. 289)
access-group
■ [no] interface [ETHERNET] PORT-LIST ip access-group ACCESS-GROUP
© 2009 Hewlett-Packard Development Company, L.P.
214
Command Line Interface Reference Guide
interface
Usage: [no] ip access-group <ACL-ID> in
Description: Apply the specified access control list to inbound
packets on this INTERFACE list. The access
control list ACL-ID must be defined before it can be applied.
Connection rate filter ACLs cannot be applied on this
INTERFACE list.
Next Available Option:
■ direction < in > -- (p. 231)
■ interface [ETHERNET] PORT-LIST ipv6 access-group ACCESS-GROUP
Usage: [no] ipv6 access-group <name> in
Description: Apply a IPV6 ACl on the interface .
Parameters:
o name - ipv6 acl name.
o in - Apply the ipv6 acl as inbound.
Next Available Option:
■ in -- Match inbound packets. (p. 238)
■ [no] interface vlan VLAN-ID ip access-group ACCESS-GROUP
Usage: [no] ip access-group <ACL-ID> <in|out>
in
out
vlan
connection-rate-filter
Match packets this device will route to another VLAN
Match packets this device will route onto this VLAN
Match packets that originate within this VLAN
Manage new conection rates originating in this VLAN
Description: Apply the specified access control list on this VLAN interface.
The ACL can match either packets that are routed from this VLAN
to another VLAN, packets that will be routed from another VLAN
to this VLAN, packets that originate on this VLAN, or it can
manage new connection rates for virus throttling.Connection rate
filter ACLs should be applied as connection-rate-filter only.
Next Available Option:
■ direction < in | out | connection-rate-filter | ... > -- (p. 231)
■ [no] interface vlan VLAN-ID ipv6 access-group ACCESS-GROUP
Usage: [no] ipv6 access-group <name> vlan
Description: Apply a IPV6 ACl on a VLAN.
Parameters:
o name - ipv6 acl name.
o vlan - Apply the ipv6 acl as VLAN acl.
Next Available Option:
■ vlan -- VLAN acl. (p. 282)
■ [no] interface svlan VLAN-ID ip access-group ACCESS-GROUP
© 2009 Hewlett-Packard Development Company, L.P.
215
Command Line Interface Reference Guide
interface
Usage: [no] ip access-group <ACL-ID> <in|out>
in
out
vlan
connection-rate-filter
Match packets this device will route to another VLAN
Match packets this device will route onto this VLAN
Match packets that originate within this VLAN
Manage new conection rates originating in this VLAN
Description: Apply the specified access control list on this VLAN interface.
The ACL can match either packets that are routed from this VLAN
to another VLAN, packets that will be routed from another VLAN
to this VLAN, packets that originate on this VLAN, or it can
manage new connection rates for virus throttling.Connection rate
filter ACLs should be applied as connection-rate-filter only.
Next Available Option:
■ direction < in | out | connection-rate-filter | ... > -- (p. 231)
address
■ [no] interface loopback < 0 to 7 > ip address
Usage: [no] ip address [IP-ADDR]
Description: Set IP parameters for communication within an IP network.
Each loopback Interface represents an IP interface having
its own unique configuration. The loopback interface
for which the configuration is applied can be specified
implicitly by preceding the phrase 'ip address' with the
'interface loopback <num>' keyword and argument. It
can also be called explicitly when called directly from a
Loopback context. In the latter case the command
affects the interface identified by the context.
Parameters:
o IP-ADDR- Assign an IP address to the loopback interface.
Multiple addresses may be configured on a single loopback interface.
Next Available Option:
■ ip-addr -- Interface IP address. (IP-ADDR) (p. 241)
■ [no] interface vlan VLAN-ID ip address
Usage: [no] ip address [dhcp-bootp|IP-ADDR/mask-LENGTH]
Description: Set IP parameters for communication within an IP network.
Each VLAN represents an IP interface having its own unique
configuration. The VLAN for which the configuration is
applied can be specified implicitly by preceding the
phrase 'ip address' with the 'vlan VLAN-ID' keyword and
argument. It can also be called explicitly when called
directly from a VLAN context. In the latter case the
command affects the VLAN identified by the context.
Parameters:
o dhcp-bootp - The switch attempts to get its configuration from a
© 2009 Hewlett-Packard Development Company, L.P.
216
Command Line Interface Reference Guide
interface
DHCP/Bootp server.
o IP-ADDR/mask-LENGTH - Assign an IP address to the switch or VLAN.
The IP-ADDR/mask-LENGTH may be specified in two ways using the
following syntax:
ip address 192.32.36.87/24
ip address 192.32.36.87 255.255.255.0
Both of the statements above would have the same effect.
Multiple addresses may be configured on a single VLAN.
Next Available Options:
■ ip-addr -- Interface IP address/mask. (IP-ADDR/mask-LENGTH) (p. 241)
■ dhcp-bootp -- Configure the interface to use DHCP/Bootp server to acquire parameters.(p. 230)
■ [no] interface vlan VLAN-ID ipv6 address
Usage: [no] ipv6 address [dhcp|autoconfig|IPv6-ADDR/PREFIX-LEN]
Description: Set IPv6 parameters for communication within an IP network.
Each VLAN represents an IPv6 interface having its own unique
configuration. The VLAN for which the configuration is
applied can be specified implicitly by preceding the
phrase 'ipv6 address' with the 'vlan VLAN-ID' keyword and
argument. It can also be called explicitly when called
directly from a VLAN context. In the latter case the
command affects the VLAN identified by the context.
Parameters:
o autoconfig - Enables automatic address configuration of IPv6
addresses using stateless configuration of an interface .
o dhcp - The switch attempts to get its configuration from a
DHCPv6 server.
o IPv6-ADDR/PREFIX-LEN-Assign an IPv6 address to the switch or VLAN.
The IPv6-ADDR/PREFIX-LEN may be specified in four ways using the
following syntax:
ipv6 address 1234:abcd::5678/40
ipv6 address 2001:0db8:1:1:ffff:ffff:ffff:fffe/64 anycast
ipv6 address 2001:0db8:0:1::/64 eui-64
Only link-local addreses are configured without PREFIX-LEN as below:
ipv6 address FE80:0:0:0:0123:0456:0789:0abc link-local
Multiple addresses may be configured on a single VLAN.
Next Available Options:
■ autoconfig -- Automatic address configuration.(p. 225)
■ dhcp -- Configure a DHCPv6 client.(p. 230)
■ ipv6-addr -- Configure a link-local IPv6 address. (IPV6-ADDR) (p. 245)
■ ipv6-addr/mask -- Configure IPv6 address represented in CIDR notation.
(IPV6-ADDR/PREFIX-LEN) (p. 245)
■ [no] interface svlan VLAN-ID ip address
Usage: [no] ip address [dhcp-bootp|IP-ADDR/mask-LENGTH]
Description: Set IP parameters for communication within an IP network.
Each VLAN represents an IP interface having its own unique
© 2009 Hewlett-Packard Development Company, L.P.
217
Command Line Interface Reference Guide
interface
configuration. The VLAN for which the configuration is
applied can be specified implicitly by preceding the
phrase 'ip address' with the 'vlan VLAN-ID' keyword and
argument. It can also be called explicitly when called
directly from a VLAN context. In the latter case the
command affects the VLAN identified by the context.
Parameters:
o dhcp-bootp - The switch attempts to get its configuration from a
DHCP/Bootp server.
o IP-ADDR/mask-LENGTH - Assign an IP address to the switch or VLAN.
The IP-ADDR/mask-LENGTH may be specified in two ways using the
following syntax:
ip address 192.32.36.87/24
ip address 192.32.36.87 255.255.255.0
Both of the statements above would have the same effect.
Multiple addresses may be configured on a single VLAN.
Next Available Options:
■ ip-addr -- Interface IP address/mask. (IP-ADDR/mask-LENGTH) (p. 241)
■ dhcp-bootp -- Configure the interface to use DHCP/Bootp server to acquire parameters.(p. 230)
■ [no] interface svlan VLAN-ID ipv6 address
Usage: [no] ipv6 address [dhcp|autoconfig|IPv6-ADDR/PREFIX-LEN]
Description: Set IPv6 parameters for communication within an IP network.
Each VLAN represents an IPv6 interface having its own unique
configuration. The VLAN for which the configuration is
applied can be specified implicitly by preceding the
phrase 'ipv6 address' with the 'vlan VLAN-ID' keyword and
argument. It can also be called explicitly when called
directly from a VLAN context. In the latter case the
command affects the VLAN identified by the context.
Parameters:
o autoconfig - Enables automatic address configuration of IPv6
addresses using stateless configuration of an interface .
o dhcp - The switch attempts to get its configuration from a
DHCPv6 server.
o IPv6-ADDR/PREFIX-LEN-Assign an IPv6 address to the switch or VLAN.
The IPv6-ADDR/PREFIX-LEN may be specified in four ways using the
following syntax:
ipv6 address 1234:abcd::5678/40
ipv6 address 2001:0db8:1:1:ffff:ffff:ffff:fffe/64 anycast
ipv6 address 2001:0db8:0:1::/64 eui-64
Only link-local addreses are configured without PREFIX-LEN as below:
ipv6 address FE80:0:0:0:0123:0456:0789:0abc link-local
Multiple addresses may be configured on a single VLAN.
Next Available Options:
■ autoconfig -- Automatic address configuration.(p. 225)
■ dhcp -- Configure a DHCPv6 client.(p. 230)
■ ipv6-addr -- Configure a link-local IPv6 address. (IPV6-ADDR) (p. 245)
© 2009 Hewlett-Packard Development Company, L.P.
218
Command Line Interface Reference Guide
interface
■ ipv6-addr/mask -- Configure IPv6 address represented in CIDR notation.
(IPV6-ADDR/PREFIX-LEN) (p. 245)
advert-address
■ interface vlan VLAN-ID ip irdp < multicast | broadcast >
Usage: [no] ip irdp <multicast|broadcast>
Description: Specify the destination address to be used for router
advertisements.
It has to be either multicast or broadcast. If the value
of this object is 'multicast' (the default), router
advertisements will be sent to the all-hosts multicast
address, 224.0.0.1. If the value of this object is 'broadcast',
router advertisements sent on this interface will be sent to
the limitied broadcast address, 255.255.255.255.
Supported Values:
■ multicast -- Send advertisements to all-hosts multicast address.
■ broadcast -- Send advertisements to broadcast address.
advertise-interval
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > advertise-interval < 1 to 255 >
Usage: vrrp vrid <VRID> advertise-interval <1-255>
Description: Set time interval (in seconds) between sending VRRP advertisement
messages. The default value is one second.
Range: < 1 to 255 >
all
■ [no] interface [ETHERNET] PORT-LIST monitor all < In | Out | Both >
Monitor all traffic.
Supported Values:
■ In -- Monitor all inbound traffic
■ Out -- Monitor all outbound traffic
■ Both -- Monitor all inbound and outbound traffic
Next Available Option:
■ mirror -- Mirror destination.(p. 251)
■ [no] interface [ETHERNET] PORT-LIST rate-limit all
Set limits for all traffic.
Next Available Options:
■ in -- Set limits for all inbound traffic.(p. 238)
■ out -- Set limits for all outbound traffic.(p. 257)
■ [no] interface loopback < 0 to 7 > ip ospf all
© 2009 Hewlett-Packard Development Company, L.P.
219
Command Line Interface Reference Guide
interface
Process the request for all IP addresses.
Next Available Options:
■ area -- Specify an OSPF area.(p. 221)
■ cost < 1 to 65535 > -- Set metric of this interface.(p. 229)
■ [no] interface vlan VLAN-ID ip ospf all
Process the request for all IP addresses.
Next Available Options:
■ passive -- Configures an ospf interface as passive. (p. 258)
■ area -- Specify an OSPF area.(p. 221)
■ authentication-key -- Set simple authentication method and key.(p. 223)
■ authentication -- Disable authentication.(p. 223)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain.(p. 250)
■ cost < 1 to 65535 > -- Set metric of this interface.(p. 229)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40.(p. 229)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10.(p. 236)
■ priority < 0 to 255 > -- Set priority of this router as a designated router.(p. 265)
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is 5.(p. 273)
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1.(p. 279)
■ [no] interface vlan VLAN-ID ip rip all
Process the request for all IP addresses.
Next Available Options:
■ authentication-type < none | text > -- Set authentication type used on this interface.(p. 224)
■ authentication-key -- Set RIP authentication key (maximum 16 characters).(p. 223)
■ metric < 1 to 15 > -- Set metric for this interface.(p. 250)
■ poison-reverse -- Enable/disable poison reverse on this interface.(p. 262)
■ receive < V1-only | V2-only | V1-or-V2 | ... > -- Define RIP version for incoming packets.(p. 273)
■ send < disabled | V1-only | V1-compatible-V2 | ... > -- Define RIP version for outgoing packets.(p.
275)
■ rip-compatible < V1-only | V2-only | V1-or-V2 > -- Define RIP version for incoming and outgoing
packets.(p. 274)
■ interface vlan VLAN-ID connection-rate-filter unblock all
Resets all previously blocked by the connection rate filter
■ interface vlan VLAN-ID monitor all < In | Out | Both >
Monitor all traffic.
Supported Values:
■ In -- Monitor all inbound traffic
■ Out -- Monitor all outbound traffic
■ Both -- Monitor all inbound and outbound traffic
Next Available Option:
■ mirror -- Mirror destination.(p. 251)
© 2009 Hewlett-Packard Development Company, L.P.
220
Command Line Interface Reference Guide
interface
■ interface svlan VLAN-ID connection-rate-filter unblock all
Resets all previously blocked by the connection rate filter
■ interface svlan VLAN-ID monitor all < In | Out | Both >
Monitor all traffic.
Supported Values:
■ In -- Monitor all inbound traffic
■ Out -- Monitor all outbound traffic
■ Both -- Monitor all inbound and outbound traffic
Next Available Option:
■ mirror -- Mirror destination.(p. 251)
allocate_by
■ interface [ETHERNET] PORT-LIST poe-allocate-by < usage | class | value >
Usage: poe-allocate-by [usage|class|value]
Description: Control manual power over ethernet allocation.
By default, power-over-ethernet allocation is automatic by
usage of the powered device. This can be overriden by manually
specifying how much power this port should be allocated by
either its class or a user-defined value.
Supported Values:
■ usage
■ class
■ value
any
■ interface vlan VLAN-ID ip pim-dense ip-addr any
Dynamically determine IP address.
■ interface vlan VLAN-ID ip pim-sparse ip-addr any
Dynamically determine IP address.
anycast
■ [no] interface vlan VLAN-ID ipv6 address IPV6-ADDR/PREFIX-LEN anycast
Address that is assigned to a set of interfaces that typically belong to different
nodes
■ [no] interface svlan VLAN-ID ipv6 address IPV6-ADDR/PREFIX-LEN anycast
Address that is assigned to a set of interfaces that typically belong to different
nodes
area
■ interface loopback < 0 to 7 > ip ospf IP-ADDR area
© 2009 Hewlett-Packard Development Company, L.P.
221
Command Line Interface Reference Guide
interface
Specify an OSPF area.
Next Available Options:
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p. 222)
■ backbone -- The backbone area (the same as 0.0.0.0).(p. 226)
■ interface loopback < 0 to 7 > ip ospf all area
Specify an OSPF area.
Next Available Options:
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p. 222)
■ backbone -- The backbone area (the same as 0.0.0.0).(p. 226)
■ interface vlan VLAN-ID ip ospf area
Specify an OSPF area.
Next Available Options:
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p. 222)
■ backbone -- The backbone area (the same as 0.0.0.0).(p. 226)
■ interface vlan VLAN-ID ip ospf IP-ADDR area
Specify an OSPF area.
Next Available Options:
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p. 222)
■ backbone -- The backbone area (the same as 0.0.0.0).(p. 226)
■ interface vlan VLAN-ID ip ospf all area
Specify an OSPF area.
Next Available Options:
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p. 222)
■ backbone -- The backbone area (the same as 0.0.0.0).(p. 226)
area-id
■ interface loopback < 0 to 7 > ip ospf IP-ADDR area OSPF-AREA-ID
Single integer or IP address style dotted decimal.
■ interface loopback < 0 to 7 > ip ospf all area OSPF-AREA-ID
Single integer or IP address style dotted decimal.
■ interface vlan VLAN-ID ip ospf area OSPF-AREA-ID
Single integer or IP address style dotted decimal.
■ interface vlan VLAN-ID ip ospf IP-ADDR area OSPF-AREA-ID
© 2009 Hewlett-Packard Development Company, L.P.
222
Command Line Interface Reference Guide
interface
Single integer or IP address style dotted decimal.
■ interface vlan VLAN-ID ip ospf all area OSPF-AREA-ID
Single integer or IP address style dotted decimal.
arp-protect
■ interface [ETHERNET] PORT-LIST arp-protect
Usage: [no] arp-protect trust
Description: Configure the port as trusted or untrusted. ARP traffic received
on the untrusted interfaces of ARP Protection enabled VLANs
are validated against the set of known IP-to-MAC bindings
maintained by DHCP snooping. By specifying 'no' the port will
be configured as untrusted. The default state is untrusted.
Next Available Option:
■ trust -- (p. 279)
authentication
■ no interface vlan VLAN-ID ip ospf authentication
Disable authentication.
■ no interface vlan VLAN-ID ip ospf IP-ADDR authentication
Disable authentication.
■ no interface vlan VLAN-ID ip ospf all authentication
Disable authentication.
authentication-key
■ interface vlan VLAN-ID ip ospf authentication-key
Set simple authentication method and key.
Next Available Option:
■ authentication-key -- OSPF authentication key (maximum 8 characters). (OCTET-STR) (p. 223)
■ interface vlan VLAN-ID ip ospf authentication-key OCTET-STR
OSPF authentication key (maximum 8 characters).
■ interface vlan VLAN-ID ip ospf IP-ADDR authentication-key
Set simple authentication method and key.
Next Available Option:
■ authentication-key -- OSPF authentication key (maximum 8 characters). (OCTET-STR) (p. 223)
■ interface vlan VLAN-ID ip ospf IP-ADDR authentication-key OCTET-STR
© 2009 Hewlett-Packard Development Company, L.P.
223
Command Line Interface Reference Guide
interface
OSPF authentication key (maximum 8 characters).
■ interface vlan VLAN-ID ip ospf all authentication-key
Set simple authentication method and key.
Next Available Option:
■ authentication-key -- OSPF authentication key (maximum 8 characters). (OCTET-STR) (p. 223)
■ interface vlan VLAN-ID ip ospf all authentication-key OCTET-STR
OSPF authentication key (maximum 8 characters).
■ [no] interface vlan VLAN-ID ip rip authentication-key
Set RIP authentication key (maximum 16 characters).
Next Available Option:
■ auth-key-text -- Set RIP authentication key (maximum 16 characters). (OCTET-STR) (p. 225)
■ [no] interface vlan VLAN-ID ip rip IP-ADDR authentication-key
Set RIP authentication key (maximum 16 characters).
Next Available Option:
■ auth-key-text -- Set RIP authentication key (maximum 16 characters). (OCTET-STR) (p. 225)
■ [no] interface vlan VLAN-ID ip rip all authentication-key
Set RIP authentication key (maximum 16 characters).
Next Available Option:
■ auth-key-text -- Set RIP authentication key (maximum 16 characters). (OCTET-STR) (p. 225)
authentication-type
■ interface vlan VLAN-ID ip rip authentication-type < none | text >
Set authentication type used on this interface.
Supported Values:
■ none -- Do not use authentication.
■ text -- Use simple password.
■ interface vlan VLAN-ID ip rip IP-ADDR authentication-type < none | text >
Set authentication type used on this interface.
Supported Values:
■ none -- Do not use authentication.
■ text -- Use simple password.
■ interface vlan VLAN-ID ip rip all authentication-type < none | text >
Set authentication type used on this interface.
Supported Values:
© 2009 Hewlett-Packard Development Company, L.P.
224
Command Line Interface Reference Guide
interface
■ none -- Do not use authentication.
■ text -- Use simple password.
auth-key-text
■ interface vlan VLAN-ID ip rip authentication-key OCTET-STR
Set RIP authentication key (maximum 16 characters).
■ interface vlan VLAN-ID ip rip IP-ADDR authentication-key OCTET-STR
Set RIP authentication key (maximum 16 characters).
■ interface vlan VLAN-ID ip rip all authentication-key OCTET-STR
Set RIP authentication key (maximum 16 characters).
auto
■ interface vlan VLAN-ID auto [ETHERNET] PORT-LIST
Usage: [no] auto [ethernet] PORT-LIST
Description: Cause each port identified in the port list to learn its
VLAN membership using the GARP VLAN Registration Protocol
(GVRP). This command is only valid when GVRP is enabled.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
■ interface vlan VLAN-ID ip igmp auto [ETHERNET] PORT-LIST
Usage: ip igmp auto [ethernet] PORT-LIST
Description: Instruct the device to monitor incoming multicast traffic
on the specified ports (this is the default behavior). This
feature is configured on a per-VLAN basis.
■ interface vlan VLAN-ID ipv6 mld auto [ETHERNET] PORT-LIST
Usage: vlan < vid > ipv6 mld auto < port-list >
Description: Instruct the device to monitor incoming multicast traffic
on the specified ports (this is the default behavior). This
feature is configured on a per-VLAN basis.
■ interface svlan VLAN-ID auto [ETHERNET] PORT-LIST
Usage: [no] auto [ethernet] PORT-LIST
Description: Cause each port identified in the port list to learn its
VLAN membership using the GARP VLAN Registration Protocol
(GVRP). This command is only valid when GVRP is enabled.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
autoconfig
■ [no] interface vlan VLAN-ID ipv6 address autoconfig
© 2009 Hewlett-Packard Development Company, L.P.
225
Command Line Interface Reference Guide
interface
Automatic address configuration.
■ [no] interface svlan VLAN-ID ipv6 address autoconfig
Automatic address configuration.
backbone
■ interface loopback < 0 to 7 > ip ospf IP-ADDR area backbone
The backbone area (the same as 0.0.0.0).
■ interface loopback < 0 to 7 > ip ospf all area backbone
The backbone area (the same as 0.0.0.0).
■ interface vlan VLAN-ID ip ospf area backbone
The backbone area (the same as 0.0.0.0).
■ interface vlan VLAN-ID ip ospf IP-ADDR area backbone
The backbone area (the same as 0.0.0.0).
■ interface vlan VLAN-ID ip ospf all area backbone
The backbone area (the same as 0.0.0.0).
backup
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > backup
Usage: vrrp vrid <VRID> backup
Description: Designate the virtual router instance as a Backup.
There is no default value.
bandwidth-min
■ interface [ETHERNET] PORT-LIST bandwidth-min
Usage: bandwidth-min output <0-100> <0-100> <0-100> <0-100>
<0-100> <0-100> <0-100> <0-100>
no bandwidth-min output
Description: Enable/disable and configure guaranteed minimum bandwidth
settings for outgoing traffic on the port(s). By default,
guaranteed minimum bandwidth is configured with a recommended
profile for outgoing traffic that prevents higher-priority
queues from starving lower-priority traffic.
When the feature is enabled, the value for each of the
queues indicates the minimum percentage of port throughput that
will be guaranteed for that queue. If a given queue does not
require its guaranteed minimum in a given service window, any
extra bandwidth is allocated to the other queues, beginning
with the highest-priority queue.
The actual number of queues could be 2, 4 or 8, depending on
system default and command 'qos queue-config N-queues'.
The sum of all configured queue values must not exceed 100%.
Per-queue values must be specified starting with queue one
being the lowest priority and queue eight being the highest
© 2009 Hewlett-Packard Development Company, L.P.
226
Command Line Interface Reference Guide
interface
priority.
If no guaranteed minimum bandwidth is configured (i.e., the
settings for all queues are 0), the traffic is serviced
strictly by priority. In practice, this may cause complete
starvation of some or all lower-priority queues during any
periods where the output port traffic is over-subscribed.
This is an Interface context command. It can be called directly
from the interface context, or following the
'interface [ethernet] PORT-LIST' command.
Next Available Option:
■ output -- Enable/disable and configure guaranteed minimum bandwidth for outgoing traffic.(p.
258)
bcast
■ [no] interface [ETHERNET] PORT-LIST rate-limit bcast
Set limits for broadcast traffic.
Next Available Option:
■ in -- Set limits for inbound broadcast trafic.(p. 238)
binary-range
■ interface [ETHERNET] PORT-LIST qos dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ interface vlan VLAN-ID qos dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ interface svlan VLAN-ID qos dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
blocked
■ interface vlan VLAN-ID ip igmp blocked [ETHERNET] PORT-LIST
Usage: ip igmp blocked [ethernet] PORT-LIST
Description: Instruct the device to drop incoming multicast packets
received on the specified ports. This feature is
configured on a per-VLAN basis.
■ interface vlan VLAN-ID ipv6 mld blocked [ETHERNET] PORT-LIST
Usage: vlan < vid > ipv6 mld blocked < port-list >
Description: Instruct the device to drop incoming multicast packets
received on the specified ports. This feature is
configured on a per-VLAN basis.
© 2009 Hewlett-Packard Development Company, L.P.
227
Command Line Interface Reference Guide
interface
bootp-gateway
■ [no] interface vlan VLAN-ID ip bootp-gateway
Usage: [no] ip bootp-gateway [IP-ADDR]
Description: Add or remove the gateway address to be used for stamping
incoming DHCP requests.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Option:
■ ip-addr -- IPv4 address of the BOOTP gateway. (IP-ADDR) (p. 241)
broadcast-limit
■ interface [ETHERNET] PORT-LIST broadcast-limit < 0 to 99 >
Usage: broadcast-limit <0-99>
Description: Set a broadcast traffic percentage limit.
This command sets the theoretical maximum of network
bandwidth in percentage that can be used for broadcast
traffic. Any broadcast traffic exceeding that limit will be
dropped. '0' means the feature is disabled.
For 1000 Mbps and higher speed ports, the percentage of broadcast
traffic configured is that percentage applied to the theoretical
maximum broadcast throughput for a 100 Mbps port. This is to
allow finer resolution of control for high-speed links.
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
Range: < 0 to 99 >
chain-name
■ interface vlan VLAN-ID ip ospf md5-auth-key-chain CHAIN-NAME
Specify key chain to use for MD5 authentication.
■ interface vlan VLAN-ID ip ospf IP-ADDR md5-auth-key-chain CHAIN-NAME
Specify key chain to use for MD5 authentication.
■ interface vlan VLAN-ID ip ospf all md5-auth-key-chain CHAIN-NAME
Specify key chain to use for MD5 authentication.
connection-rate-filter
■ interface vlan VLAN-ID connection-rate-filter
Usage:
>
connection-rate-filter unblock < host SRC-IP-ADDR | SRC-IP-ADDRESS/mask
[no] connection-rate-filter sensitivity <low|medium|high|aggressive>
Description: Re-enables access to a host or set of hosts that has been previously
blocked by the connection rate filter. Disabling or setting sensitivity
© 2009 Hewlett-Packard Development Company, L.P.
228
Command Line Interface Reference Guide
interface
may have improved performance after rebooting the switch
Next Available Option:
■ unblock -- Resets a host previously blocked by the connection rate filter (p. 281)
■ interface svlan VLAN-ID connection-rate-filter
Usage:
>
connection-rate-filter unblock < host SRC-IP-ADDR | SRC-IP-ADDRESS/mask
[no] connection-rate-filter sensitivity <low|medium|high|aggressive>
Description: Re-enables access to a host or set of hosts that has been previously
blocked by the connection rate filter. Disabling or setting sensitivity
may have improved performance after rebooting the switch
Next Available Option:
■ unblock -- Resets a host previously blocked by the connection rate filter (p. 281)
cost
■ interface loopback < 0 to 7 > ip ospf IP-ADDR cost < 1 to 65535 >
Set metric of this interface.
Range: < 1 to 65535 >
■ interface loopback < 0 to 7 > ip ospf all cost < 1 to 65535 >
Set metric of this interface.
Range: < 1 to 65535 >
■ interface vlan VLAN-ID ip ospf cost < 1 to 65535 >
Set metric of this interface.
Range: < 1 to 65535 >
■ interface vlan VLAN-ID ip ospf IP-ADDR cost < 1 to 65535 >
Set metric of this interface.
Range: < 1 to 65535 >
■ interface vlan VLAN-ID ip ospf all cost < 1 to 65535 >
Set metric of this interface.
Range: < 1 to 65535 >
customer-network
■ interface [ETHERNET] PORT-LIST qinq port-type customer-network
Configure qinq port-type as customer-network
dead-interval
■ interface vlan VLAN-ID ip ospf dead-interval < 1 to 65535 >
© 2009 Hewlett-Packard Development Company, L.P.
229
Command Line Interface Reference Guide
interface
Set dead interval in seconds; the default is 40.
Range: < 1 to 65535 >
■ interface vlan VLAN-ID ip ospf IP-ADDR dead-interval < 1 to 65535 >
Set dead interval in seconds; the default is 40.
Range: < 1 to 65535 >
■ interface vlan VLAN-ID ip ospf all dead-interval < 1 to 65535 >
Set dead interval in seconds; the default is 40.
Range: < 1 to 65535 >
dhcp
■ [no] interface vlan VLAN-ID ipv6 address dhcp
Configure a DHCPv6 client.
Next Available Option:
■ full -- Obtain IPv6 address & Configuration information from DHCPv6 server.(p. 235)
■ [no] interface svlan VLAN-ID ipv6 address dhcp
Configure a DHCPv6 client.
Next Available Option:
■ full -- Obtain IPv6 address & Configuration information from DHCPv6 server.(p. 235)
dhcp-bootp
■ interface vlan VLAN-ID ip address dhcp-bootp
Configure the interface to use DHCP/Bootp server to acquire parameters.
■ interface svlan VLAN-ID ip address dhcp-bootp
Configure the interface to use DHCP/Bootp server to acquire parameters.
dhcp-snooping
■ interface [ETHERNET] PORT-LIST dhcp-snooping
Usage: [no] dhcp-snooping trust
Description: Configure the port as trusted or untrusted. Only DHCP server
packets received on trusted interfaces will be forwarded.
By specifying 'no' the port will be configured as untrusted.
The default state is untrusted.
Next Available Option:
■ trust -- Configure trusted interfaces(p. 279)
■ [no] interface vlan VLAN-ID dhcp-snooping
■ [no] interface svlan VLAN-ID dhcp-snooping
© 2009 Hewlett-Packard Development Company, L.P.
230
Command Line Interface Reference Guide
interface
direction
■ [no] interface [ETHERNET] PORT-LIST ip access-group ACCESS-GROUP < in >
Supported Values:
■ in -- Match inbound packets
■ [no] interface vlan VLAN-ID ip access-group ACCESS-GROUP < in | out | connection-rate-filter |
... >
Supported Values:
■ in -- Match inbound packets
■ out -- Match outbound packets
■ connection-rate-filter -- Manage packet rates
■ vlan -- VLAN acl
■ [no] interface svlan VLAN-ID ip access-group ACCESS-GROUP < in | out | connection-rate-filter
| ... >
Supported Values:
■ in -- Match inbound packets
■ out -- Match outbound packets
■ connection-rate-filter -- Manage packet rates
■ vlan -- VLAN acl
disable
■ interface [ETHERNET] PORT-LIST disable
Usage: disable
Description: Disable port(s).
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
domain-name
■ [no] interface vlan VLAN-ID igmp-proxy < END OF PRINTABLE >
Specify the domain name to associate/disassociate with the VLAN.
Supported Values:
■ END OF PRINTABLE
dr-priority
■ interface vlan VLAN-ID ip pim-sparse dr-priority INTEGER
Usage: ip pim-sparse dr-priority <0-2147483647>
Description: Set the priority value to use on the interface in the Designated
Router election process. Default is 1.
dscp
■ interface [ETHERNET] PORT-LIST qos dscp
Specify DSCP policy to use.
© 2009 Hewlett-Packard Development Company, L.P.
231
Command Line Interface Reference Guide
interface
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 239)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 227)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 285)
■ interface vlan VLAN-ID qos dscp
Specify DSCP policy to use.
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 239)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 227)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 285)
■ interface svlan VLAN-ID qos dscp
Specify DSCP policy to use.
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 239)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 227)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 285)
enable
■ interface [ETHERNET] PORT-LIST enable
Usage: enable
Description: Enable port(s).
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
■ [no] interface vlan VLAN-ID ipv6 enable
Enable IPv6 on an interface and configures an automatically generated link-local addr.
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > enable
Usage: [no] vrrp vrid <VRID> enable
Description: Enable/disable operation of the virtual router instance.
The default value is 'disabled'.
■ [no] interface svlan VLAN-ID ipv6 enable
Enable IPv6 on an interface and configures an automatically generated link-local addr.
eui-64
■ [no] interface vlan VLAN-ID ipv6 address IPV6-ADDR/PREFIX-LEN eui-64
© 2009 Hewlett-Packard Development Company, L.P.
232
Command Line Interface Reference Guide
interface
An IPv6 EUI-64 address that can be automatically configured on any interface
■ [no] interface svlan VLAN-ID ipv6 address IPV6-ADDR/PREFIX-LEN eui-64
An IPv6 EUI-64 address that can be automatically configured on any interface
failback
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > failback
Usage: vrrp vrid <VRID> failback
Description: Trigger VR to failback to its configured priority value.
failover
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > failover
Usage: vrrp vrid <VRID> failover [with-monitoring]
Description: Trigger VR to failover to a peer.
If keyword 'with-monitoring' is specified, VR continues
to monitor master VR.
Next Available Option:
■ with-monitoring -- Trigger VR to failover and continue montior of master VR(p. 289)
fastleave
■ [no] interface vlan VLAN-ID ip igmp fastleave [ETHERNET] PORT-LIST
Usage: [no] ip igmp fastleave [ethernet] PORT-LIST
Description: Enables or disables IGMP Fast Leaves. When enabled, as soon as
an IGMP Group Leave has been received on a non-cascaded port,
the switch stops forwarding multicast traffic for that group
to that port.
Does not apply to cascaded ports (see ip igmp forcedfastleave).
When disabled, or when the port is cascaded, the regular IGMP
leave time is used (up to 10 seconds when the switch is not
the IGMP Querier).
The default behavior is for IGMP FastLeaves to be enabled.
This feature is configured for ports on a per-VLAN basis.
■ [no] interface vlan VLAN-ID ipv6 mld fastleave [ETHERNET] PORT-LIST
Usage:
[no] ipv6 mld fastleave < port-list >
Description: Enables MLD fast-leaves on the specified ports in the selected VLAN.
The no form of the command disables MLD fast-leave on the specified
ports in the selected VLAN.
flow-control
■ [no] interface [ETHERNET] PORT-LIST flow-control
Usage: [no] flow-control
Description: Enable/disable flow control on the port(s). By default,
© 2009 Hewlett-Packard Development Company, L.P.
233
Command Line Interface Reference Guide
interface
flow control is disabled. Flow Control is enabled on both
transmit and receive or auto negotiated if port Mode is set
to Auto.
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
forbid
■ [no] interface vlan VLAN-ID forbid [ETHERNET] PORT-LIST
Usage: [no] forbid [ethernet] PORT-LIST
Description: Prevent ports from becoming a member of the current VLAN.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
■ [no] interface svlan VLAN-ID forbid [ETHERNET] PORT-LIST
Usage: [no] forbid [ethernet] PORT-LIST
Description: Prevent ports from becoming a member of the current VLAN.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
forcedfastleave
■ [no] interface vlan VLAN-ID ip igmp forcedfastleave [ETHERNET] PORT-LIST
Usage: [no] ip igmp forcedfastleave [ethernet] PORT-LIST
Description: When enabled, this feature forces IGMP Fast Leaves to occur
even when the port is cascaded. See 'ip igmp fastleave' for
more information. The default behavior is for IGMP Forced
FastLeaves to be disabled.
This feature is configured for ports on a per-VLAN basis.
■ [no] interface vlan VLAN-ID ipv6 mld forcedfastleave [ETHERNET] PORT-LIST
Usage: [no] vlan < vid > ipv6 mld forcedfastleave <port-list>
Description: Enables MLD Forced Fast-Leave on the specified ports in the selected
VLAN,
even if they are cascaded. (Default: Disabled.) The no form of the
command
disables Forced Fast-Leave on the specified ports in the selected VLAN
forward
■ interface vlan VLAN-ID ip igmp forward [ETHERNET] PORT-LIST
Usage: ip igmp forward [ethernet] PORT-LIST
Description: Instruct the device to forward incoming multicast packets
received on the specified ports. This feature is
configured on a per-VLAN basis.
■ interface vlan VLAN-ID ipv6 mld forward [ETHERNET] PORT-LIST
© 2009 Hewlett-Packard Development Company, L.P.
234
Command Line Interface Reference Guide
interface
Usage: vlan < vid > ipv6 mld forward < port-list >
Description: Instruct the device to forward incoming multicast packets
received on the specified ports. This feature is
configured on a per-VLAN basis.
forward-protocol
■ interface vlan VLAN-ID ip forward-protocol
Usage: [no] ip forward-protocol udp IP-ADDR PORT-NUM|PORT-NAME
Description: Add or remove a UDP server address for the VLAN. The
broadcast packets received by the switch on this VLAN are to
be forwarded to the specified application server.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Option:
■ udp -- Add or remove a UDP server address for the VLAN(p. 280)
full
■ [no] interface vlan VLAN-ID ipv6 address dhcp full
Obtain IPv6 address & Configuration information from DHCPv6 server.
Next Available Option:
■ rapid-commit -- Obtain IPv6 address quickly from DHCPv6 server.(p. 271)
■ [no] interface svlan VLAN-ID ipv6 address dhcp full
Obtain IPv6 address & Configuration information from DHCPv6 server.
Next Available Option:
■ rapid-commit -- Obtain IPv6 address quickly from DHCPv6 server.(p. 271)
graft-retry-interval
■ interface vlan VLAN-ID ip pim-dense graft-retry-interval < 1 to 10 >
Usage: ip pim-dense graft-retry-interval <1-10>
Description: Set the interval a PIM router waits for a Graft Ack before
resending a Graft on this interface. Default value is 3
seconds.
Range: < 1 to 10 >
gvrp
■ interface [ETHERNET] PORT-LIST gvrp
Usage: gvrp [join-timer <n>][leave-timer <n>][leaveall-timer <n>]
Description: Set the GVRP timers on the port (hundredths of a second).
© 2009 Hewlett-Packard Development Company, L.P.
235
Command Line Interface Reference Guide
interface
The timers must follow the constraints
2 * join-timer <= leave-timer < leaveall-timer
Next Available Options:
■ join-timer < 20 to 75 > -- Set join timer value (centiseconds; default 20).(p. 246)
■ leave-timer < 40 to 300 > -- Set leave timer value (centiseconds; default 300).(p. 248)
■ leaveall-timer < 500 to 3000 > -- Set leaveall timer value (centiseconds; default 1000).(p. 248)
hello-delay
■ interface vlan VLAN-ID ip pim-dense hello-delay < 0 to 5 >
Usage: ip pim-dense hello-delay <0-5>
Description: Set the maximum time before a triggered PIM Hello message is
transmitted on this interface. Default value is 5 seconds.
Range: < 0 to 5 >
■ interface vlan VLAN-ID ip pim-sparse hello-delay < 0 to 5 >
Usage: ip pim-sparse hello-delay <0-5>
Description: Set the maximum time before a triggered PIM Hello message is
transmitted on this interface. Default value is 5 seconds.
Range: < 0 to 5 >
hello-interval
■ interface vlan VLAN-ID ip ospf hello-interval < 1 to 65535 >
Set hello interval in seconds; the default is 10.
Range: < 1 to 65535 >
■ interface vlan VLAN-ID ip ospf IP-ADDR hello-interval < 1 to 65535 >
Set hello interval in seconds; the default is 10.
Range: < 1 to 65535 >
■ interface vlan VLAN-ID ip ospf all hello-interval < 1 to 65535 >
Set hello interval in seconds; the default is 10.
Range: < 1 to 65535 >
■ interface vlan VLAN-ID ip pim-dense hello-interval < 5 to 300 >
Usage: ip pim-dense hello-interval <5-300>
Description: Set the frequency at which PIM Hello messages are transmitted
on this interface. Default value is 30 seconds.
Range: < 5 to 300 >
■ interface vlan VLAN-ID ip pim-sparse hello-interval < 5 to 300 >
Usage: ip pim-sparse hello-interval <5-300>
Description: Set the frequency at which PIM Hello messages are transmitted
on this interface. Default value is 30 seconds.
© 2009 Hewlett-Packard Development Company, L.P.
236
Command Line Interface Reference Guide
interface
Range: < 5 to 300 >
helper-address
■ [no] interface vlan VLAN-ID ip helper-address IP-ADDR
Usage: [no] ip helper-address IP-ADDR
Description: Add or remove a DHCP server IP address for the VLAN. The
DHCP requests received by the switch on this VLAN are to
be relayed to the specified DHCP server.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
high-priority-forward
■ [no] interface vlan VLAN-ID ip igmp high-priority-forward
Usage: [no] ip igmp high-priority-forward
Description: Enable/disable the high priority forwarding of traffic for
subscribed IP Multicast groups. This feature is configured on
a per-VLAN basis.
holdtime
■ interface vlan VLAN-ID ip irdp holdtime < 4 to 9000 >
Usage: [no] ip irdp holdtime <4-9000>
Description: Set the lifetime (in seconds) of the router advertisements sent
on this interface. Must be no less than the maximum time
allowed between sending unsolicited router advertisements.
Range: < 4 to 9000 >
host
■ interface vlan VLAN-ID connection-rate-filter unblock host IP-ADDR
Match packets from the specified IP address.
■ interface svlan VLAN-ID connection-rate-filter unblock host IP-ADDR
Match packets from the specified IP address.
icmp
■ [no] interface [ETHERNET] PORT-LIST rate-limit icmp
Set limits for ICMP traffic only.
Next Available Options:
■ percent < 0 to 100 > -- Specify limit as percent of inbound or outbound traffic.(p. 258)
■ kbps < 0 to 10000000 > -- Specify kilobits-per-second limit of allowed ICMP traffic (values should
be at least 13Kbps, or max-length ICMP packets will fail.) (p. 246)
© 2009 Hewlett-Packard Development Company, L.P.
237
Command Line Interface Reference Guide
interface
igmp
■ [no] interface vlan VLAN-ID ip igmp
Usage: [no] ip igmp [...]
Description: Enable/disable/configure IP Multicast Group Protocol (IGMP)
feature on a VLAN. This command enables, disables or
configures the IGMP feature for IGMP communication between
Multicast Routers, Multicast Servers, and Multicast Clients
connected to the device. This is a VLAN context command. It
can be called directly from the VLAN context or may follow
the 'vlan VLAN-ID' command prefix. If not preceded by 'no',
the command accepts a variety of configuration parameters. To
get a list of all available parameters use 'ip igmp ?'. To
get detailed help for a parameter follow it with 'help'
keyword.
Next Available Options:
■ querier -- Specify querier/non-querier capability for the VLAN(p. 269)
■ high-priority-forward -- Enable/disable the high priority forwarding of traffic for subscribed IP
Multicast groups(p. 237)
■ auto -- Instruct the device to monitor incoming multicast traffic on the specified ports (this is
the default behavior) ([ethernet] PORT-LIST) (p. 225)
■ blocked -- Instruct the device to drop incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 227)
■ fastleave -- Enables or disables IGMP Fast Leaves ([ethernet] PORT-LIST) (p. 233)
■ forcedfastleave -- When enabled, this feature forces IGMP Fast Leaves to occur even when the
port is cascaded ([ethernet] PORT-LIST) (p. 234)
■ forward -- Instruct the device to forward incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 234)
igmp-proxy
■ [no] interface vlan VLAN-ID igmp-proxy
Usage: [no] igmp-proxy DOMAIN-NAME
Description: Associate an IGMP proxy domain with a VLAN.
If the 'no' keyword is used:
If the DOMAIN-NAME is left blank, all the domains
associated with the respective VLAN will be disassociated.
If a DOMAIN-NAME is specified, The specified domain will
be disassociated from the respecive VLAN.
If the 'no' keyword is not used:
If the DOMAIN-NAME matches the domain name of an
existing domain, the respective domain will be associated
with the respective VLAN.
Next Available Option:
■ domain-name < END OF PRINTABLE > -- Specify the domain name to associate/disassociate
with the VLAN. (ASCII-STR) (p. 231)
in
■ [no] interface [ETHERNET] PORT-LIST rate-limit all in
© 2009 Hewlett-Packard Development Company, L.P.
238
Command Line Interface Reference Guide
interface
Set limits for all inbound traffic.
Next Available Options:
■ percent < 0 to 100 > -- Specify limit as percent of inbound or outbound traffic.(p. 258)
■ kbps < 0 to 10000000 > -- Specify limit of allowed inbound or outbound traffic in
kilobits-per-second on the specified port(s). Actual limits are in steps of 100Kbps to 100Mbps
(granularity is 1% of the lowest related media speed). (p. 246)
■ [no] interface [ETHERNET] PORT-LIST rate-limit bcast in
Set limits for inbound broadcast trafic.
Next Available Option:
■ percent < 0 to 100 > -- (p. 258)
■ [no] interface [ETHERNET] PORT-LIST rate-limit mcast in
Set limits for inbound multicast trafic
Next Available Option:
■ percent < 0 to 100 > -- (p. 258)
■ [no] interface [ETHERNET] PORT-LIST ipv6 access-group ACCESS-GROUP in
Match inbound packets.
■ [no] interface [ETHERNET] PORT-LIST service-policy SERVICE-POLICY in
Apply policy on inbound packets.
■ [no] interface vlan VLAN-ID service-policy SERVICE-POLICY in
Apply policy on inbound packets.
integer-range
■ interface [ETHERNET] PORT-LIST qos dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ interface vlan VLAN-ID qos dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ interface svlan VLAN-ID qos dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
interface
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > track interface
© 2009 Hewlett-Packard Development Company, L.P.
239
Command Line Interface Reference Guide
interface
Usage: [no] vrrp vrid <VRID> track interface <LPORT-LIST>
Description: Enable/disable tracking of logical ports for VR.
Next Available Option:
■ lport-list -- Enable/disable tracking of specified logical ports for VR ([ethernet] PORT-LIST) (p.
249)
interval
■ interface vlan VLAN-ID ip igmp querier interval < 5 to 300 >
Sets the interval in seconds between IGMP queries
(default: 125)
Range: < 5 to 300 >
■ interface vlan VLAN-ID ip-recv-mac-address MAC-ADDR interval
Specify the L3-Mac-Address timeout interval.
Next Available Option:
■ timer-interval < 1 to 255 > -- Timeout interval in seconds <1-255>. (p. 278)
ip
■ [no] interface [ETHERNET] PORT-LIST ip
Usage: [no] ip access-group <ACL-ID> in
Description: Apply the specified access control list to inbound
packets on this INTERFACE list. The access
control list ACL-ID must be defined before it can be applied.
Connection rate filter ACLs cannot be applied on this
INTERFACE list.
Next Available Options:
■ access-group -- Apply the specified access control list to inbound packets on this INTERFACE
list (ASCII-STR) (p. 214)
■ source-lockdown -- Enable/disable IP source lockdown in global configuration mode(p. 276)
■ [no] interface loopback < 0 to 7 > ip
Usage: [no] ip ...
Description: Configure various IP parameters for the Loopback. The 'ip'
command must be followed by a feature-specific keyword.
Use 'ip ?' to get a list of all possible options.
This is a Loopback context command. It can be called directly
from the Loopback context or follow the 'interface loopback
<num>' command.
Next Available Options:
■ address -- Set IP parameters for communication within an IP network(p. 216)
■ ospf -- configure Open Shortest Path First (OSPF) protocol parameters on the interface(p. 256)
© 2009 Hewlett-Packard Development Company, L.P.
240
Command Line Interface Reference Guide
interface
■ interface vlan VLAN-ID ip
Usage: [no] ip ...
Description: Configure various IP parameters for the VLAN. The 'ip'
command must be followed by a feature-specific keyword.
Use 'ip ?' to get a list of all possible options.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Options:
■ access-group -- Apply the specified access control list on this VLAN interface (ASCII-STR) (p.
214)
■ address -- Set IP parameters for communication within an IP network(p. 216)
■ proxy-arp -- Enable/disable proxy ARP(p. 268)
■ local-proxy-arp -- Enable/disable local proxy ARP(p. 248)
■ bootp-gateway -- Add or remove the gateway address to be used for stamping incoming DHCP
requests(p. 228)
■ helper-address -- Add or remove a DHCP server IP address for the VLAN (IP-ADDR) (p. 237)
■ forward-protocol -- Add or remove a UDP server address for the VLAN(p. 235)
■ igmp -- Enable/disable/configure IP Multicast Group Protocol (IGMP) feature on a VLAN(p. 238)
■ irdp -- Configure ICMP Router Discovery Protocol (IRDP)(p. 246)
■ ospf -- Enable/disable/configure Open Shortest Path First (OSPF) protocol on the VLAN
interface(p. 256)
■ rip -- Enable/disable/configure Routing Internet Protocol (RIP) on the VLAN interface(p. 274)
■ pim-dense -- Enable/disable/configure PIM-DM protocol on the VLAN interface(p. 259)
■ pim-sparse -- Enable/disable/configure PIM-SM protocol on the VLAN interface(p. 259)
■ mroute -- Configure IP Multicast Routing parameters on the VLAN interface(p. 254)
■ interface svlan VLAN-ID ip
Usage: [no] ip ...
Description: Configure various IP parameters for the VLAN. The 'ip'
command must be followed by a feature-specific keyword.
Use 'ip ?' to get a list of all possible options.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Options:
■ access-group -- Apply the specified access control list on this VLAN interface (ASCII-STR) (p.
214)
■ address -- Set IP parameters for communication within an IP network(p. 216)
ip-addr
■ [no] interface loopback < 0 to 7 > ip address IP-ADDR
Interface IP address.
■ [no] interface loopback < 0 to 7 > ip ospf IP-ADDR
© 2009 Hewlett-Packard Development Company, L.P.
241
Command Line Interface Reference Guide
interface
Specify the IP address the request is for.
Next Available Options:
■ area -- Specify an OSPF area.(p. 221)
■ cost < 1 to 65535 > -- Set metric of this interface.(p. 229)
■ [no] interface vlan VLAN-ID ip address IP-ADDR/mask-LENGTH
Interface IP address/mask.
■ [no] interface vlan VLAN-ID ip bootp-gateway IP-ADDR
IPv4 address of the BOOTP gateway.
■ [no] interface vlan VLAN-ID ip forward-protocol udp IP-ADDR
IP address of the protocol server.
Next Available Options:
■ port-num -- UDP port number of the server. (TCP/UDP-PORT) (p. 263)
■ port-name < dns | ntp | netbios-ns | ... > -- (NUMBER) (p. 263)
■ [no] interface vlan VLAN-ID ip ospf IP-ADDR
Specify the IP address the request is for.
Next Available Options:
■ passive -- Configures an ospf interface as passive. (p. 258)
■ area -- Specify an OSPF area.(p. 221)
■ authentication-key -- Set simple authentication method and key.(p. 223)
■ authentication -- Disable authentication.(p. 223)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain.(p. 250)
■ cost < 1 to 65535 > -- Set metric of this interface.(p. 229)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40.(p. 229)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10.(p. 236)
■ priority < 0 to 255 > -- Set priority of this router as a designated router.(p. 265)
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is 5.(p. 273)
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1.(p. 279)
■ [no] interface vlan VLAN-ID ip rip IP-ADDR
Specify the IP address the request is for.
Next Available Options:
■ authentication-type < none | text > -- Set authentication type used on this interface.(p. 224)
■ authentication-key -- Set RIP authentication key (maximum 16 characters).(p. 223)
■ metric < 1 to 15 > -- Set metric for this interface.(p. 250)
■ poison-reverse -- Enable/disable poison reverse on this interface.(p. 262)
■ receive < V1-only | V2-only | V1-or-V2 | ... > -- Define RIP version for incoming packets.(p. 273)
■ send < disabled | V1-only | V1-compatible-V2 | ... > -- Define RIP version for outgoing packets.(p.
275)
■ rip-compatible < V1-only | V2-only | V1-or-V2 > -- Define RIP version for incoming and outgoing
packets.(p. 274)
© 2009 Hewlett-Packard Development Company, L.P.
242
Command Line Interface Reference Guide
interface
■ interface vlan VLAN-ID ip pim-dense ip-addr
Usage: ip pim-dense [ip-addr IP-ADDR|any]
Description: Set the source IP address for the PIM-DM packets sent out on this
interface. You can either explicitly specify one of the existing
VLAN's IP addresses or use 'any' option to dynamically determine
it from the VLAN's current IP configuration. The default is 'any'.
This command also enable the PIM-DM protocol on the VLAN interface.
Next Available Options:
■ ip-addr -- Specify IP address. (IP-ADDR) (p. 241)
■ any -- Dynamically determine IP address.(p. 221)
■ interface vlan VLAN-ID ip pim-dense ip-addr IP-ADDR
Specify IP address.
■ interface vlan VLAN-ID ip pim-sparse ip-addr
Usage: ip pim-sparse [ip-addr IP-ADDR|any]
Description: Set the source IP address for the PIM-SM packets sent out on this
interface. You can either explicitly specify one of the existing
VLAN's IP addresses or use 'any' option to dynamically determine
it from the VLAN's current IP configuration. The default is 'any'.
This command also enable the PIM-SM protocol on the VLAN interface.
Next Available Options:
■ ip-addr -- Specify IP address. (IP-ADDR) (p. 241)
■ any -- Dynamically determine IP address.(p. 221)
■ interface vlan VLAN-ID ip pim-sparse ip-addr IP-ADDR
Specify IP address.
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > virtual-ip-address IP-ADDR/mask-LENGTH
Specify IP address/mask.
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > primary-ip-address IP-ADDR
Specify IP address.
■ [no] interface svlan VLAN-ID ip address IP-ADDR/mask-LENGTH
Interface IP address/mask.
ip-recv-mac-address
■ [no] interface vlan VLAN-ID ip-recv-mac-address
Usage: [no] ip-recv-mac-address <macaddress> interval <1-255>
Description: Associates a L3-mac-address with a VLAN.
To associate L3-Mac-Address for a VLAN.
ip-recv-mac-address <mac-address> interval <1-255>
© 2009 Hewlett-Packard Development Company, L.P.
243
Command Line Interface Reference Guide
interface
To associate L3-Mac-Address with a VLAN with default
timeout interval of 60s.
ip-recv-mac-address <mac-address>
To disassociate L3-Mac_address with a VLAN.
no ip-recv-mac-address
Parameters:
<mac-address> - The L3-mac-address to be associated with a VLAN.
interval
- Specify L3-Mac-Address timeout interval.
<1-255>
- Timeout interval in seconds <1-255>.
Next Available Option:
■ mac-address -- The L3-mac-address to be associated with a VLAN. (MAC-ADDR) (p. 249)
ipv6
■ [no] interface [ETHERNET] PORT-LIST ipv6
Usage: [no] ipv6 ...
Description: Configure various IP parameters for the VLAN. The 'ipv6'
command must be followed by a feature-specific keyword.
Use 'ipv6 ?' to get a list of all possible options.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Option:
■ access-group -- Apply a IPV6 ACl on the interface (ASCII-STR) (p. 214)
■ interface vlan VLAN-ID ipv6
Usage: [no] ipv6 ...
Description: Configure various IP parameters for the VLAN. The 'ipv6'
command must be followed by a feature-specific keyword.
Use 'ipv6 ?' to get a list of all possible options.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Options:
■ enable -- Enable IPv6 on an interface and configures an automatically generated link-local
addr.(p. 232)
■ address -- Set IPv6 parameters for communication within an IP network(p. 216)
■ mld -- Enable/disable/configure IPv6 Multicast Listener Discovery (MLD) feature on a VLAN(p.
251)
■ access-group -- Apply a IPV6 ACl on a VLAN (ASCII-STR) (p. 214)
■ nd -- IPv6 nodes on the same link use Neighbor Discovery to discover each other's presence,
link-layer addresses, routers and to maintain reachability information about the paths to active
neighbors(p. 255)
■ interface svlan VLAN-ID ipv6
© 2009 Hewlett-Packard Development Company, L.P.
244
Command Line Interface Reference Guide
interface
Usage: [no] ipv6 ...
Description: Configure various IP parameters for the VLAN. The 'ipv6'
command must be followed by a feature-specific keyword.
Use 'ipv6 ?' to get a list of all possible options.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Options:
■ enable -- Enable IPv6 on an interface and configures an automatically generated link-local
addr.(p. 232)
■ address -- Set IPv6 parameters for communication within an IP network(p. 216)
ipv6-addr
■ [no] interface vlan VLAN-ID ipv6 address IPV6-ADDR
Configure a link-local IPv6 address.
Next Available Option:
■ link-local -- Configure a link-local IPv6 address.(p. 248)
■ [no] interface svlan VLAN-ID ipv6 address IPV6-ADDR
Configure a link-local IPv6 address.
Next Available Option:
■ link-local -- Configure a link-local IPv6 address.(p. 248)
ipv6-addr/mask
■ [no] interface vlan VLAN-ID ipv6 address IPV6-ADDR/PREFIX-LEN
Configure IPv6 address represented in CIDR notation.
Next Available Options:
■ anycast -- Address that is assigned to a set of interfaces that typically belong to different
nodes(p. 221)
■ eui-64 -- An IPv6 EUI-64 address that can be automatically configured on any interface(p. 232)
■ [no] interface svlan VLAN-ID ipv6 address IPV6-ADDR/PREFIX-LEN
Configure IPv6 address represented in CIDR notation.
Next Available Options:
■ anycast -- Address that is assigned to a set of interfaces that typically belong to different
nodes(p. 221)
■ eui-64 -- An IPv6 EUI-64 address that can be automatically configured on any interface(p. 232)
© 2009 Hewlett-Packard Development Company, L.P.
245
Command Line Interface Reference Guide
interface
irdp
■ [no] interface vlan VLAN-ID ip irdp
Usage: [no] ip irdp [...]
Description: Configure ICMP Router Discovery Protocol (IRDP). This is
a VLAN context command. It can be called directly from the VLAN
context or may follow the 'vlan VLAN-ID' command prefix.
Called without parameters the command enables or disables (if
preceded by 'no') the protocol on the VLAN specified, or
identified by the current VLAN context. Use 'ip irdp ?' to get
a list of all possible configurable parameters.
Next Available Options:
■ advert-address < multicast | broadcast > -- Specify the destination address to be used for router
advertisements(p. 219)
■ holdtime < 4 to 9000 > -- Set the lifetime (in seconds) of the router advertisements sent on this
interface(p. 237)
■ maxadvertinterval < 4 to 1800 > -- Set the maximum time (in seconds) allowed between sending
unsolicited router advertisements(p. 249)
■ minadvertinterval < 3 to 1800 > -- Set the minimum time (in seconds) allowed between sending
unsolicited router advertisements(p. 250)
■ preference -- The preferability of the router as a default router, relative to the other routers on
the same subnet(p. 264)
join-timer
■ interface [ETHERNET] PORT-LIST gvrp join-timer < 20 to 75 >
Set join timer value (centiseconds; default 20).
Range: < 20 to 75 >
jumbo
■ [no] interface vlan VLAN-ID jumbo
Usage: [no] jumbo
Description: Labels this VLAN as a Jumbo VLAN, allowing you to pass
packets up to 9220 bytes in size.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
■ [no] interface svlan VLAN-ID jumbo
Usage: [no] jumbo
Description: Labels this VLAN as a Jumbo VLAN, allowing you to pass
packets up to 9220 bytes in size.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
kbps
■ interface [ETHERNET] PORT-LIST rate-limit icmp kbps < 0 to 10000000 >
© 2009 Hewlett-Packard Development Company, L.P.
246
Command Line Interface Reference Guide
interface
Specify kilobits-per-second limit of allowed ICMP traffic (values should be at least
13Kbps, or max-length ICMP packets will fail.)
Range: < 0 to 10000000 >
■ interface [ETHERNET] PORT-LIST rate-limit all in kbps < 0 to 10000000 >
Specify limit of allowed inbound or outbound traffic in kilobits-per-second on the
specified port(s). Actual limits are in steps of 100Kbps to 100Mbps (granularity is
1% of the lowest related media speed).
Range: < 0 to 10000000 >
■ interface [ETHERNET] PORT-LIST rate-limit all out kbps < 0 to 10000000 >
Specify limit of allowed inbound or outbound traffic in kilobits-per-second on the
specified port(s). Actual limits are in steps of 100Kbps to 100Mbps (granularity is
1% of the lowest related media speed).
Range: < 0 to 10000000 >
lacp
■ [no] interface [ETHERNET] PORT-LIST lacp
Usage: [no] lacp [active|passive]
Description: Define whether LACP is enabled on the port, and whether it is in
active or passive mode when enabled.
When LACP is enabled and active, the port will both send LACP
packets and listen to them.
When LACP is enabled and passive, the port will send LACP packets
only if it is spoken to.
When LACP is disabled, the port will ignore LACP packets.
If 'lacp' command is issued without a mode parameter, 'active' is
assumed.
With 'no lacp' the mode parameter is not allowed.
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
Next Available Option:
■ mode < Active | Passive > -- Define whether LACP is enabled on the port, and whether it is in
active or passive mode when enabled(p. 252)
lan-prune-delay
■ [no] interface vlan VLAN-ID ip pim-dense lan-prune-delay
Usage: [no] ip pim-dense lan-prune-delay
Description: Turn on/off the LAN Prune Delay Option on this interface.
Default is 'on'.
■ [no] interface vlan VLAN-ID ip pim-sparse lan-prune-delay
Usage: [no] ip pim-sparse lan-prune-delay
Description: Turn on/off the LAN Prune Delay Option on this interface.
Default is 'on'.
© 2009 Hewlett-Packard Development Company, L.P.
247
Command Line Interface Reference Guide
interface
leaveall-timer
■ interface [ETHERNET] PORT-LIST gvrp leaveall-timer < 500 to 3000 >
Set leaveall timer value (centiseconds; default 1000).
Range: < 500 to 3000 >
leave-timer
■ interface [ETHERNET] PORT-LIST gvrp leave-timer < 40 to 300 >
Set leave timer value (centiseconds; default 300).
Range: < 40 to 300 >
link-keepalive
■ [no] interface [ETHERNET] PORT-LIST link-keepalive
Usage: [no]link-keepalive [vlan <vlan-id>]
Description: Configure UDLD on port(s).
The command enables/disables UDLD on particular port/port-list
By default UDLD control packets are untagged.
The user has to give vlan-id for tagged UDLD control packets.
Next Available Option:
■ vlan -- Set vlan-id for tagged UDLD control packets. (VLAN-ID) (p. 282)
link-local
■ [no] interface vlan VLAN-ID ipv6 address IPV6-ADDR link-local
Configure a link-local IPv6 address.
■ [no] interface svlan VLAN-ID ipv6 address IPV6-ADDR link-local
Configure a link-local IPv6 address.
local-proxy-arp
■ [no] interface vlan VLAN-ID ip local-proxy-arp
Usage: [no] ip local-proxy-arp
Description: Enable/disable local proxy ARP. This is a VLAN context command.
It can be called directly from the VLAN context or may follow
the 'vlan VLAN-ID' command prefix. When local proxy ARP is
enabled on a VLAN, the device responds to all ARP requests
received on the VLAN ports with it's own hardware address.
loopback
■ [no] interface loopback < 0 to 7 >
Usage: [no] interface loopback <num>
Description: Enter the loopback Configuration Level.
Range: < 0 to 7 >
© 2009 Hewlett-Packard Development Company, L.P.
248
Command Line Interface Reference Guide
interface
Next Available Option:
■ ip -- Configure various IP parameters for the Loopback(p. 240)
lowest
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > primary-ip-address lowest
Dynamically determine lowest IP address.
lport-list
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > track interface [ETHERNET] PORT-LIST
Usage: [no] vrrp vrid <VRID> track interface <LPORT-LIST>
Description: Enable/disable tracking of specified logical ports for VR.
mac-address
■ interface vlan VLAN-ID ip-recv-mac-address MAC-ADDR
The L3-mac-address to be associated with a VLAN.
Next Available Option:
■ interval -- Specify the L3-Mac-Address timeout interval. (p. 240)
maxadvertinterval
■ interface vlan VLAN-ID ip irdp maxadvertinterval < 4 to 1800 >
Usage: [no] ip irdp maxadvertinterval <4-1800>
Description: Set the maximum time (in seconds) allowed between sending
unsolicited router advertisements.
Range: < 4 to 1800 >
max-graft-retries
■ interface vlan VLAN-ID ip pim-dense max-graft-retries < 1 to 10 >
Usage: ip pim-dense max-graft-retries <1-10>
Description: Set the maximum number of times this router will resend a
Graft on this interface. Default is 2.
Range: < 1 to 10 >
mcast
■ [no] interface [ETHERNET] PORT-LIST rate-limit mcast
Set limits for multicast traffic.
Next Available Option:
■ in -- Set limits for inbound multicast trafic(p. 238)
© 2009 Hewlett-Packard Development Company, L.P.
249
Command Line Interface Reference Guide
interface
md5-auth-key-chain
■ interface vlan VLAN-ID ip ospf md5-auth-key-chain
Set MD5 authentication method and key chain.
Next Available Option:
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p. 228)
■ interface vlan VLAN-ID ip ospf IP-ADDR md5-auth-key-chain
Set MD5 authentication method and key chain.
Next Available Option:
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p. 228)
■ interface vlan VLAN-ID ip ospf all md5-auth-key-chain
Set MD5 authentication method and key chain.
Next Available Option:
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p. 228)
mdix-mode
■ interface [ETHERNET] PORT-LIST mdix-mode < mdi | mdix | autoMDIX >
Set port MDI/MDIX mode (default: auto).
Supported Values:
■ mdi -- Configures port for connecting a PC with a crossover cable
■ mdix -- Configures port for connecting a PC with a straight-through cable
■ autoMDIX -- Configures port for automatic detection of the cable
metric
■ interface vlan VLAN-ID ip rip metric < 1 to 15 >
Set metric for this interface.
Range: < 1 to 15 >
■ interface vlan VLAN-ID ip rip IP-ADDR metric < 1 to 15 >
Set metric for this interface.
Range: < 1 to 15 >
■ interface vlan VLAN-ID ip rip all metric < 1 to 15 >
Set metric for this interface.
Range: < 1 to 15 >
minadvertinterval
■ interface vlan VLAN-ID ip irdp minadvertinterval < 3 to 1800 >
Usage: [no] ip irdp minadvertinterval <3-1800>
© 2009 Hewlett-Packard Development Company, L.P.
250
Command Line Interface Reference Guide
interface
Description: Set the minimum time (in seconds) allowed between sending
unsolicited router advertisements. Must be no greater than the
maximum time between sending unsolicited router advertisements.
Range: < 3 to 1800 >
mirror
■ interface [ETHERNET] PORT-LIST monitor all < In | Out | Both > mirror
Mirror destination.
Next Available Options:
■ monitor_mirror_session_id < 1 to 4 > -- Mirror destination number.(p. 254)
■ mirror_session_name -- Mirror destination name.(p. 251)
■ interface vlan VLAN-ID monitor all < In | Out | Both > mirror
Mirror destination.
Next Available Options:
■ monitor_mirror_session_id < 1 to 4 > -- Mirror destination number.(p. 254)
■ mirror_session_name -- Mirror destination name.(p. 251)
■ interface svlan VLAN-ID monitor all < In | Out | Both > mirror
Mirror destination.
Next Available Options:
■ monitor_mirror_session_id < 1 to 4 > -- Mirror destination number.(p. 254)
■ mirror_session_name -- Mirror destination name.(p. 251)
mirror_session_name
■ [no] interface [ETHERNET] PORT-LIST monitor all < In | Out | Both > mirror
Mirror destination name.
■ [no] interface vlan VLAN-ID monitor all < In | Out | Both > mirror
Mirror destination name.
■ [no] interface svlan VLAN-ID monitor all < In | Out | Both > mirror
Mirror destination name.
mld
■ [no] interface vlan VLAN-ID ipv6 mld
Usage: [no] ipv6 mld [...]
Description: Enable/disable/configure IPv6 Multicast Listener Discovery (MLD)
feature on a VLAN. This command enables, disables or
configures the MLD feature for MLD communication between
Multicast Routers, Multicast Servers, and Multicast Clients
connected to the device. This is a VLAN context command.
© 2009 Hewlett-Packard Development Company, L.P.
251
Command Line Interface Reference Guide
interface
If not preceded by 'no',
the command accepts a variety of configuration parameters. To
get a list of all available parameters use 'ipv6 mld ?'. To
get detailed help for a parameter follow it with 'help'
keyword.
Next Available Options:
■ querier -- This command disables or re-enables the ability for the switch to become querier if
necessary(p. 269)
■ auto -- Instruct the device to monitor incoming multicast traffic on the specified ports (this is
the default behavior) ([ethernet] PORT-LIST) (p. 225)
■ blocked -- Instruct the device to drop incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 227)
■ forward -- Instruct the device to forward incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 234)
■ fastleave -- Enables MLD fast-leaves on the specified ports in the selected VLAN ([ethernet]
PORT-LIST) (p. 233)
■ forcedfastleave -- Enables MLD Forced Fast-Leave on the specified ports in the selected VLAN,
even if they are cascaded ([ethernet] PORT-LIST) (p. 234)
mode
■ interface [ETHERNET] PORT-LIST lacp < Active | Passive >
Usage: [no] lacp [active|passive]
Description: Define whether LACP is enabled on the port, and whether it is in
active or passive mode when enabled.
When LACP is enabled and active, the port will both send LACP
packets and listen to them.
When LACP is enabled and passive, the port will send LACP packets
only if it is spoken to.
When LACP is disabled, the port will ignore LACP packets.
If 'lacp' command is issued without a mode parameter, 'active' is
assumed.
With 'no lacp' the mode parameter is not allowed.
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
Supported Values:
■ Active -- Enable active LACP.
■ Passive -- Enable passive LACP.
monitor
■ [no] interface [ETHERNET] PORT-LIST monitor
Usage: 1) [no] monitor all <in|out|both> mirror <1-4 | NAME-STR>
[1-4 | NAME-STR]...
[no] monitor ip access-group <ACL-NAME> <in> mirror
<1-4 | NAME-STR> [1-4 | NAME-STR]...
Description: Define either the port is to be monitored or not.
The network traffic seen by the monitored ports is copied to
the Mirroring Destination to which a network analyzer can be
attached.
Note: When mirroring multiple ports in a busy network,
© 2009 Hewlett-Packard Development Company, L.P.
252
Command Line Interface Reference Guide
interface
some frames may not be copied to the mirroring port.
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
Parameters:
o 1-4 - Mirror destination number
o NAME-STR - Friendly name associated with the mirror
destination number.
o ACL-NAME - Standard or Extended Access Control List number.
o <in|out|both> direction of the traffic to be monitored.
Next Available Option:
■ all < In | Out | Both > -- Monitor all traffic.(p. 219)
■ [no] interface vlan VLAN-ID monitor
Usage: 1) [no] monitor all <in|out|both> mirror <1-4 | NAME-STR>
[1-4 | NAME-STR]...
2) [no] monitor ip access-group <ACL-NAME> <in> mirror
<1-4 | NAME-STR> [1-4 | NAME-STR]...
Description: Define either the VLAN is to be monitored or not.
The network traffic seen by the monitored VLAN is copied to
the Mirroring Destination to which a network analyzer can be
attached.
Note: When mirroring a VLAN in a busy network,
some frames may not be copied to the mirroring port.
This is an VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID command.
Parameters:
o 1-4 - Mirror destination number
o NAME-STR - Friendly name associated with the mirror
destination number.
o ACL-NAME - Standard or Extended Access Control List number.
o <in|out|both> direction of the traffic to be monitored.
Next Available Option:
■ all < In | Out | Both > -- Monitor all traffic.(p. 219)
■ [no] interface svlan VLAN-ID monitor
Usage: 1) [no] monitor all <in|out|both> mirror <1-4 | NAME-STR>
[1-4 | NAME-STR]...
2) [no] monitor ip access-group <ACL-NAME> <in> mirror
<1-4 | NAME-STR> [1-4 | NAME-STR]...
Description: Define either the VLAN is to be monitored or not.
The network traffic seen by the monitored VLAN is copied to
the Mirroring Destination to which a network analyzer can be
attached.
Note: When mirroring a VLAN in a busy network,
some frames may not be copied to the mirroring port.
This is an VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID command.
Parameters:
o 1-4 - Mirror destination number
o NAME-STR - Friendly name associated with the mirror
© 2009 Hewlett-Packard Development Company, L.P.
253
Command Line Interface Reference Guide
interface
destination number.
o ACL-NAME - Standard or Extended Access Control List number.
o <in|out|both> direction of the traffic to be monitored.
Next Available Option:
■ all < In | Out | Both > -- Monitor all traffic.(p. 219)
monitor_mirror_session_id
■ [no] interface [ETHERNET] PORT-LIST monitor all < In | Out | Both > mirror < 1 to 4 >
Mirror destination number.
Range: < 1 to 4 >
Next Available Option:
■ no-tag-added -- Don't add VLAN tag for this untagged-port(p. 256)
■ [no] interface vlan VLAN-ID monitor all < In | Out | Both > mirror < 1 to 4 >
Mirror destination number.
Range: < 1 to 4 >
■ [no] interface svlan VLAN-ID monitor all < In | Out | Both > mirror < 1 to 4 >
Mirror destination number.
Range: < 1 to 4 >
mroute
■ interface vlan VLAN-ID ip mroute
Usage: ip mroute ...
Description: Configure IP Multicast Routing parameters on the VLAN
interface. The command must be followed by a parameter.
Use 'ip mroute ?' to get a list of all possible parameters.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Option:
■ ttl-threshold < 0 to 255 > -- Set the multicast datagram TTL threshold for the interface(p. 279)
name
■ [no] interface [ETHERNET] PORT-LIST name
Usage:
name PORT-NAME-STR
no name
Description: Set/unset a name for the port(s).
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
© 2009 Hewlett-Packard Development Company, L.P.
254
Command Line Interface Reference Guide
interface
Next Available Option:
■ port-name -- Specify a port name up to 64 characters length. (ASCII-STR) (p. 263)
■ interface vlan VLAN-ID name NAME
Usage: name ASCII-STR
Description: Set the VLAN's name.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
■ interface svlan VLAN-ID name NAME
Usage: name ASCII-STR
Description: Set the VLAN's name.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
nbr-timeout
■ interface vlan VLAN-ID ip pim-sparse nbr-timeout < 60 to 8000 >
Usage: ip pim-sparse nbr-timeout <60-8000>
Description: Set the neighbour loss time interval for this interface.
Default is 180 seconds.
Range: < 60 to 8000 >
nd
■ [no] interface vlan VLAN-ID ipv6 nd
Usage: [no] ipv6 nd <parameter>
Description: IPv6 nodes on the same link use Neighbor Discovery to
discover each other's presence, link-layer addresses,
routers and to maintain reachability information about the
paths to active neighbors.
<parameter> - Configure various Neighbors Discovery parameters.
o ns-interval
o reachable-time
Next Available Options:
■ ns-interval -- Configures the neighbor discovery time between neighbor solicitation requests
sent for an unresolved destination, or between duplicate address detection neighbor solicitation
requests(p. 256)
■ reachable-time -- Configures the length of time neighbors are considered reachable after being
confirmed as reachable via the neighbor unreachability detection algorithm(p. 273)
no-default
■ interface vlan VLAN-ID ip irdp preference no-default
© 2009 Hewlett-Packard Development Company, L.P.
255
Command Line Interface Reference Guide
interface
Indicates that the router should never be used as a default by its neighbors.
no-tag-added
■ [no] interface [ETHERNET] PORT-LIST monitor all < In | Out | Both > mirror < 1 to 4 >
no-tag-added
Don't add VLAN tag for this untagged-port
ns-interval
■ [no] interface vlan VLAN-ID ipv6 nd ns-interval
Usage: [no] ipv6 nd ns-interval <milliseconds>
Description: Configures the neighbor discovery time between neighbor
solicitation requests sent for an unresolved destination,
or between duplicate address detection neighbor solicitation
requests. When set to a non-default value, this is included in
router advertisements as the ra-retranstime value.
Next Available Option:
■ number < 1000 to 3600000 > -- Configures the neighbor discovery time between neighbor
solicitation requests sent for an unresolved destination, or between duplicate address detection
neighbor solicitation requests(p. 256)
number
■ interface vlan VLAN-ID ip irdp preference < -2147483647 to 2147483647 >
The router preferability number. Higher values are more preferable.
Range: < -2147483647 to 2147483647 >
■ interface vlan VLAN-ID ipv6 nd ns-interval < 1000 to 3600000 >
Usage: [no] ipv6 nd ns-interval <milliseconds>
Description: Configures the neighbor discovery time between neighbor
solicitation requests sent for an unresolved destination,
or between duplicate address detection neighbor solicitation
requests. When set to a non-default value, this is included in
router advertisements as the ra-retranstime value.
Range: < 1000 to 3600000 >
■ interface vlan VLAN-ID ipv6 nd reachable-time < 1000 to 3600000 >
Usage: [no] ipv6 nd ra-lifetime <seconds>
Description: Configures the router lifetime sent in router advertisements.
A value of 0 tells hosts on the interface to not use this
router as a default router.
Range: < 1000 to 3600000 >
ospf
■ [no] interface loopback < 0 to 7 > ip ospf
© 2009 Hewlett-Packard Development Company, L.P.
256
Command Line Interface Reference Guide
interface
Usage: [no] ip ospf [...]
Description: configure Open Shortest Path First (OSPF)
protocol parameters on the interface.
Called without 'no', the command configures OSPF parameter on
interface. Otherwise ('no' is specified), the command remove
specified ospf parameter on the interface. Use 'ip ospf ?' to
get a list of all possible options.
Next Available Options:
■ ip-addr -- Specify the IP address the request is for. (IP-ADDR) (p. 241)
■ all -- Process the request for all IP addresses.(p. 219)
■ [no] interface vlan VLAN-ID ip ospf
Usage: [no] ip ospf [...]
Description: Enable/disable/configure Open Shortest Path First (OSPF)
protocol on the VLAN interface.
Called without 'no', the command enables OSPF on the interface.
Otherwise ('no' is specified), the command disables OSPF on the
interface. The command can be followed by an OSPF configuration
command. Use 'ip ospf ?' to get a list of all possible options.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Options:
■ passive -- Configures an ospf interface as passive. (p. 258)
■ area -- Specify an OSPF area.(p. 221)
■ authentication-key -- Set simple authentication method and key.(p. 223)
■ authentication -- Disable authentication.(p. 223)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain.(p. 250)
■ cost < 1 to 65535 > -- Set metric of this interface.(p. 229)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40.(p. 229)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10.(p. 236)
■ priority < 0 to 255 > -- Set priority of this router as a designated router.(p. 265)
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is 5.(p. 273)
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1.(p. 279)
■ ip-addr -- Specify the IP address the request is for. (IP-ADDR) (p. 241)
■ all -- Process the request for all IP addresses.(p. 219)
out
■ [no] interface [ETHERNET] PORT-LIST rate-limit all out
Set limits for all outbound traffic.
Next Available Options:
■ percent < 0 to 100 > -- Specify limit as percent of inbound or outbound traffic.(p. 258)
■ kbps < 0 to 10000000 > -- Specify limit of allowed inbound or outbound traffic in
kilobits-per-second on the specified port(s). Actual limits are in steps of 100Kbps to 100Mbps
(granularity is 1% of the lowest related media speed). (p. 246)
© 2009 Hewlett-Packard Development Company, L.P.
257
Command Line Interface Reference Guide
interface
output
■ [no] interface [ETHERNET] PORT-LIST bandwidth-min output
Enable/disable and configure guaranteed minimum bandwidth for outgoing traffic.
Next Available Option:
■ queue1 < 0 to 100 > -- Specify min. bandwidth percentage for queue one outgoing traffic.(p.
270)
override-interval
■ interface vlan VLAN-ID ip pim-dense override-interval < 500 to 6000 >
Usage: ip pim-dense override-interval <500-6000>
Description: Set the value inserted into the Override Interval field of
a LAN Prune Delay option on this interface. Default is 2500
milliseconds.
Range: < 500 to 6000 >
■ interface vlan VLAN-ID ip pim-sparse override-interval < 500 to 6000 >
Usage: ip pim-sparse override-interval <500-6000>
Description: Set the value inserted into the Override Interval field of
a LAN Prune Delay option on this interface. Default is 2500
milliseconds.
Range: < 500 to 6000 >
owner
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > owner
Usage: vrrp vrid <VRID> owner
Description: Designate the virtual router instance as an Owner (Master).
There is no default value.
passive
■ [no] interface vlan VLAN-ID ip ospf passive
Configures an ospf interface as passive.
■ [no] interface vlan VLAN-ID ip ospf IP-ADDR passive
Configures an ospf interface as passive.
■ [no] interface vlan VLAN-ID ip ospf all passive
Configures an ospf interface as passive.
percent
■ interface [ETHERNET] PORT-LIST rate-limit icmp percent < 0 to 100 >
Specify limit as percent of inbound or outbound traffic.
© 2009 Hewlett-Packard Development Company, L.P.
258
Command Line Interface Reference Guide
interface
Range: < 0 to 100 >
■ interface [ETHERNET] PORT-LIST rate-limit all in percent < 0 to 100 >
Specify limit as percent of inbound or outbound traffic.
Range: < 0 to 100 >
■ interface [ETHERNET] PORT-LIST rate-limit all out percent < 0 to 100 >
Specify limit as percent of inbound or outbound traffic.
Range: < 0 to 100 >
■ interface [ETHERNET] PORT-LIST rate-limit bcast in percent < 0 to 100 >
Range: < 0 to 100 >
■ interface [ETHERNET] PORT-LIST rate-limit mcast in percent < 0 to 100 >
Range: < 0 to 100 >
pim-dense
■ [no] interface vlan VLAN-ID ip pim-dense
Usage: [no] ip pim-dense [...]
Description: Enable/disable/configure PIM-DM protocol on the VLAN interface.
Use direct and 'no' versions of the command to enable/disable
PIM-DM on the interface. Use 'ip pim-dense ?' to get the list
of all configuration options. This command can be used in the
VLAN context or in the global context with the 'vlan <VLAN-ID>'
prefix.
Next Available Options:
■ ip-addr -- Set the source IP address for the PIM-DM packets sent out on this interface(p. 241)
■ lan-prune-delay -- Turn on/off the LAN Prune Delay Option on this interface(p. 247)
■ hello-interval < 5 to 300 > -- Set the frequency at which PIM Hello messages are transmitted
on this interface(p. 236)
■ hello-delay < 0 to 5 > -- Set the maximum time before a triggered PIM Hello message is
transmitted on this interface(p. 236)
■ graft-retry-interval < 1 to 10 > -- Set the interval a PIM router waits for a Graft Ack before
resending a Graft on this interface(p. 235)
■ max-graft-retries < 1 to 10 > -- Set the maximum number of times this router will resend a
Graft on this interface(p. 249)
■ override-interval < 500 to 6000 > -- Set the value inserted into the Override Interval field of a
LAN Prune Delay option on this interface(p. 258)
■ propagation-delay < 250 to 2000 > -- Set the value inserted into the LAN Prune Delay field of
a LAN Prune Delay option on this interface(p. 266)
■ ttl-threshold < 0 to 255 > -- Set the Time To Live in a PIM-DM State Refresh message at which
it is not forwarded on this interface(p. 279)
pim-sparse
■ [no] interface vlan VLAN-ID ip pim-sparse
Usage: [no] ip pim-sparse [...]
Description: Enable/disable/configure PIM-SM protocol on the VLAN interface.
Use direct and 'no' versions of the command to enable/disable
© 2009 Hewlett-Packard Development Company, L.P.
259
Command Line Interface Reference Guide
interface
PIM-SM on the interface. Use 'ip pim-sparse ?' to get the list
of all configuration options. This command can be used in the
VLAN context or in the global context with the 'vlan <VLAN-ID>'
prefix.
Next Available Options:
■ ip-addr -- Set the source IP address for the PIM-SM packets sent out on this interface(p. 241)
■ lan-prune-delay -- Turn on/off the LAN Prune Delay Option on this interface(p. 247)
■ hello-interval < 5 to 300 > -- Set the frequency at which PIM Hello messages are transmitted
on this interface(p. 236)
■ hello-delay < 0 to 5 > -- Set the maximum time before a triggered PIM Hello message is
transmitted on this interface(p. 236)
■ override-interval < 500 to 6000 > -- Set the value inserted into the Override Interval field of a
LAN Prune Delay option on this interface(p. 258)
■ propagation-delay < 250 to 2000 > -- Set the value inserted into the LAN Prune Delay field of
a LAN Prune Delay option on this interface(p. 266)
■ dr-priority -- Set the priority value to use on the interface in the Designated Router election
process(p. 231)
■ nbr-timeout < 60 to 8000 > -- Set the neighbour loss time interval for this interface(p. 255)
poe_lldp_detect
■ interface [ETHERNET] PORT-LIST poe-lldp-detect < disabled | enabled >
Usage: poe-lldp-detect [disabled|enabled]
Description: Enabling this feature causes the port to allocate power
based on the link-partner's capabilities via LLDP.
By default, poe information detected though LLDP
are ignored as not all PoE devices properly support LLDP.
Supported Values:
■ disabled
■ enabled
poe_value
■ interface [ETHERNET] PORT-LIST poe-value < 1 | 2 | 3 | ... >
Usage: poe-value [1-17]
Description: Maximum PoE allocation specified with a value in watts.
By default, power-over-ethernet allocation is automatic by
usage of the powered device with a maximum set at 17W
This can be changed so the POE allocation is fixed at
whatever poe-value is set to and by setting the port
allocation to be by value using: poe-allocate-by value.
Supported Values:
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
© 2009 Hewlett-Packard Development Company, L.P.
260
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
interface
8
9
10
11
12
13
14
15
16
17
poe-allocate-by
■ interface [ETHERNET] PORT-LIST poe-allocate-by
Usage: poe-allocate-by [usage|class|value]
Description: Control manual power over ethernet allocation.
By default, power-over-ethernet allocation is automatic by
usage of the powered device. This can be overriden by manually
specifying how much power this port should be allocated by
either its class or a user-defined value.
Next Available Option:
■ allocate_by < usage | class | value > -- Control manual power over ethernet allocation(p. 221)
poe-lldp-detect
■ interface [ETHERNET] PORT-LIST poe-lldp-detect
Usage: poe-lldp-detect [disabled|enabled]
Description: Enabling this feature causes the port to allocate power
based on the link-partner's capabilities via LLDP.
By default, poe information detected though LLDP
are ignored as not all PoE devices properly support LLDP.
Next Available Option:
■ poe_lldp_detect < disabled | enabled > -- Enabling this feature causes the port to allocate power
based on the link-partner's capabilities via LLDP(p. 260)
poe-value
■ interface [ETHERNET] PORT-LIST poe-value
Usage: poe-value [1-17]
Description: Maximum PoE allocation specified with a value in watts.
By default, power-over-ethernet allocation is automatic by
usage of the powered device with a maximum set at 17W
This can be changed so the POE allocation is fixed at
whatever poe-value is set to and by setting the port
allocation to be by value using: poe-allocate-by value.
Next Available Option:
■ poe_value < 1 | 2 | 3 | ... > -- Maximum PoE allocation specified with a value in watts(p. 260)
© 2009 Hewlett-Packard Development Company, L.P.
261
Command Line Interface Reference Guide
interface
poison-reverse
■ [no] interface vlan VLAN-ID ip rip poison-reverse
Enable/disable poison reverse on this interface.
■ [no] interface vlan VLAN-ID ip rip IP-ADDR poison-reverse
Enable/disable poison reverse on this interface.
■ [no] interface vlan VLAN-ID ip rip all poison-reverse
Enable/disable poison reverse on this interface.
port-list
■ interface [ETHERNET] PORT-LIST
Usage: [no] interface [ethernet] PORT-LIST [...]
Description: Enter the Interface Configuration Level, or execute one
command for that level. Without optional parameters
specified, the 'interface' command changes the context to
the Interface Configuration Context Level for execution of
configuration changes to the port or ports in the PORT-LIST.
The 'interface [ethernet] PORT-LIST' can be followed by any
command from the Interface Configuration Context Level in the
same command line. In this case the context level is not
changed, but the command is also executed for the port or ports
in the PORT-LIST. Use 'interface [ethernet] PORT-LIST ?'
to get a list of all valid commands.
Next Available Options:
■ ip -- Apply the specified access control list to inbound packets on this INTERFACE list(p. 240)
■ broadcast-limit < 0 to 99 > -- Set a broadcast traffic percentage limit(p. 228)
■ dhcp-snooping -- Configure the port as trusted or untrusted(p. 230)
■ disable -- Disable port(s)(p. 231)
■ enable -- Enable port(s)(p. 232)
■ flow-control -- Enable/disable flow control on the port(s)(p. 233)
■ gvrp -- Set the GVRP timers on the port (hundredths of a second)(p. 235)
■ lacp -- Define whether LACP is enabled on the port, and whether it is in active or passive mode
when enabled(p. 247)
■ mdix-mode < mdi | mdix | autoMDIX > -- Set port MDI/MDIX mode (default: auto).(p. 250)
■ monitor -- Define either the port is to be monitored or not(p. 252)
■ name -- Set/unset a name for the port(s)(p. 254)
■ power-over-ethernet -- Enable/Disable per-port power distribution(p. 263)
■ poe-allocate-by -- Control manual power over ethernet allocation(p. 261)
■ poe-value -- Maximum PoE allocation specified with a value in watts(p. 261)
■ poe-lldp-detect -- Enabling this feature causes the port to allocate power based on the
link-partner's capabilities via LLDP(p. 261)
■ qos -- Set port-based priority(p. 268)
■ speed-duplex < 10-half | 100-half | 10-full | ... > -- Define mode of operation for the port(s)(p.
276)
■ type < Trunk | | | ... > -- (p. 280)
■ unknown-vlans < Learn | Block | Disable > -- Configure GVRP on the port(s)(p. 281)
© 2009 Hewlett-Packard Development Company, L.P.
262
Command Line Interface Reference Guide
interface
■ bandwidth-min -- Enable/disable and configure guaranteed minimum bandwidth settings for
outgoing traffic on the port(s)(p. 226)
■ rate-limit -- Enable/disable and configure rate-limiting for all traffic (or for incoming ICMP
traffic) on the port(s)(p. 271)
■ link-keepalive -- Configure UDLD on port(s)(p. 248)
■ arp-protect -- Configure the port as trusted or untrusted(p. 223)
■ qinq -- Configure a port's type as customer-network or provider-network(p. 268)
■ ipv6 -- Configure various IP parameters for the VLAN(p. 244)
■ service-policy -- Apply the QoS/Mirror policy on the interface (ASCII-STR) (p. 275)
port-name
■ interface [ETHERNET] PORT-LIST name PORT-NAME
Specify a port name up to 64 characters length.
■ [no] interface vlan VLAN-ID ip forward-protocol udp IP-ADDR < dns | ntp | netbios-ns | ... >
Supported Values:
■ dns -- Domain Name Service (53)
■ ntp -- Network Time Protocol (123)
■ netbios-ns -- NetBIOS Name Service (137)
■ netbios-dgm -- NetBIOS Datagram Service (138)
■ radius -- Remote Authentication Dial-In User Service (1812)
■ radius-old -- Remote Authentication Dial-In User Service (1645)
■ rip -- Routing Information Protocol (520)
■ snmp -- Simple Network Management Protocol (161)
■ snmp-trap -- Simple Network Management Protocol (162)
■ tftp -- Trivial File Transfer Protocol (69)
■ timep -- Time Protocol (37)
port-num
■ [no] interface vlan VLAN-ID ip forward-protocol udp IP-ADDR TCP/UDP-PORT
UDP port number of the server.
port-type
■ interface [ETHERNET] PORT-LIST qinq port-type
Configure qinq port-type
Next Available Options:
■ customer-network -- Configure qinq port-type as customer-network(p. 229)
■ provider-network -- Configure qinq port-type as provider-network(p. 267)
power-over-ethernet
■ [no] interface [ETHERNET] PORT-LIST power-over-ethernet
Usage: [no] power-over-ethernet [critical|high|low]
Description: Enable/Disable per-port power distribution. Specifying critical,
high, or low indicates the priority of the port to get power in
© 2009 Hewlett-Packard Development Company, L.P.
263
Command Line Interface Reference Guide
interface
the event of power over-subscription. Per-port power is enabled
by default. The default priority is low.
Note: Lower numbered ports have precedence over higher numbered
ports of the same priority.
Next Available Option:
■ priority < critical | high | low > -- Enable/Disable per-port power distribution(p. 265)
preempt-delay-time
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > preempt-delay-time < 1 to 600 >
Usage: [no] vrrp vrid <VRID> preempt-delay-time <1-600>
Description: Enable the pre-emptive delay timer for the virtual router
instance.
[no] may be used to disable the pre-emptive delay timer.
Parameters:
o preempt-delay-time <1-600> - The number of seconds to delay.
Range: < 1 to 600 >
preempt-mode
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > preempt-mode
Usage: [no] vrrp vrid <VRID> preempt-mode
Description: Enable/disable preempt mode for the virtual router instance.
The default value is 'enabled'.
preference
■ interface vlan VLAN-ID ip irdp preference
Usage: [no] ip irdp preference <no-default|<-2147483647-2147483647>>
Description: The preferability of the router as a default
router, relative to the other routers on the same
subnet. Higher values are more preferable.
Next Available Options:
■ number < -2147483647 to 2147483647 > -- The router preferability number. Higher values are
more preferable.(p. 256)
■ no-default -- Indicates that the router should never be used as a default by its neighbors.(p.
255)
primary-ip-address
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > primary-ip-address
Usage: [no] vrrp vrid <VRID> primary-ip-address <IP-ADDR | lowest>
Description: Specify IP address the virtual router instance will use as
a source in VRRP advertisement messages. If not set (i.e. is
© 2009 Hewlett-Packard Development Company, L.P.
264
Command Line Interface Reference Guide
interface
'0.0.0.0') the virtual router uses numerically lowest IP address
of the VLAN. The default value is 'lowest'.
Next Available Options:
■ ip-addr -- Specify IP address. (IP-ADDR) (p. 241)
■ lowest -- Dynamically determine lowest IP address.(p. 249)
priority
■ interface [ETHERNET] PORT-LIST power-over-ethernet < critical | high | low >
Usage: [no] power-over-ethernet [critical|high|low]
Description: Enable/Disable per-port power distribution. Specifying critical,
high, or low indicates the priority of the port to get power in
the event of power over-subscription. Per-port power is enabled
by default. The default priority is low.
Note: Lower numbered ports have precedence over higher numbered
ports of the same priority.
Supported Values:
■ critical
■ high
■ low
■ interface [ETHERNET] PORT-LIST qos priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ interface vlan VLAN-ID ip ospf priority < 0 to 255 >
Set priority of this router as a designated router.
Range: < 0 to 255 >
■ interface vlan VLAN-ID ip ospf IP-ADDR priority < 0 to 255 >
Set priority of this router as a designated router.
Range: < 0 to 255 >
■ interface vlan VLAN-ID ip ospf all priority < 0 to 255 >
Set priority of this router as a designated router.
Range: < 0 to 255 >
■ interface vlan VLAN-ID qos priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
© 2009 Hewlett-Packard Development Company, L.P.
265
Command Line Interface Reference Guide
interface
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > priority < 1 to 255 >
Usage: vrrp vrid <VRID> priority <1-255>
Description: Configure priority for the virtual router instance.
The default value is '100'.
Range: < 1 to 255 >
■ interface svlan VLAN-ID qos priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
propagation-delay
■ interface vlan VLAN-ID ip pim-dense propagation-delay < 250 to 2000 >
Usage: ip pim-dense propagation-delay <250-2000>
Description: Set the value inserted into the LAN Prune Delay field of a
LAN Prune Delay option on this interface. Default is 500
milliseconds.
Range: < 250 to 2000 >
■ interface vlan VLAN-ID ip pim-sparse propagation-delay < 250 to 2000 >
Usage: ip pim-sparse propagation-delay <250-2000>
Description: Set the value inserted into the LAN Prune Delay field of a
LAN Prune Delay option on this interface. Default is 500
milliseconds.
Range: < 250 to 2000 >
protocol
■ interface vlan VLAN-ID protocol
Set a predefined protocol for the current VLAN.
Next Available Options:
■ protocols < IPX | IPv4 | IPv6 | ... > -- Set a predefined protocol for the current VLAN. (p. 267)
© 2009 Hewlett-Packard Development Company, L.P.
266
Command Line Interface Reference Guide
interface
■ protocol-group -- Enter a list of protocols for the current VLAN delimited by commas.
(ASCII-STR) (p. 267)
■ interface svlan VLAN-ID protocol
Set a predefined protocol for the current VLAN.
Next Available Options:
■ protocols < IPX | IPv4 | IPv6 | ... > -- Set a predefined protocol for the current VLAN. (p. 267)
■ protocol-group -- Enter a list of protocols for the current VLAN delimited by commas.
(ASCII-STR) (p. 267)
protocol-group
■ [no] interface vlan VLAN-ID protocol PROTOCOL-GROUP
Enter a list of protocols for the current VLAN delimited by commas.
■ [no] interface svlan VLAN-ID protocol PROTOCOL-GROUP
Enter a list of protocols for the current VLAN delimited by commas.
protocols
■ [no] interface vlan VLAN-ID protocol < IPX | IPv4 | IPv6 | ... >
Set a predefined protocol for the current VLAN.
Supported Values:
■ IPX -- IPX Protocol Group
■ IPv4 -- IP version 4 Protocol Group
■ IPv6 -- IP version 6 Protocol Group
■ ARP -- Address Resolution Protocol Group
■ Appletalk -- Appletalk Protocol Group
■ SNA -- System Network Architecture Protocol Group
■ NetBEUI -- Network BIOS Enhanced User Interface Protocol Group
■ [no] interface svlan VLAN-ID protocol < IPX | IPv4 | IPv6 | ... >
Set a predefined protocol for the current VLAN.
Supported Values:
■ IPX -- IPX Protocol Group
■ IPv4 -- IP version 4 Protocol Group
■ IPv6 -- IP version 6 Protocol Group
■ ARP -- Address Resolution Protocol Group
■ Appletalk -- Appletalk Protocol Group
■ SNA -- System Network Architecture Protocol Group
■ NetBEUI -- Network BIOS Enhanced User Interface Protocol Group
provider-network
■ interface [ETHERNET] PORT-LIST qinq port-type provider-network
Configure qinq port-type as provider-network
© 2009 Hewlett-Packard Development Company, L.P.
267
Command Line Interface Reference Guide
interface
proxy-arp
■ [no] interface vlan VLAN-ID ip proxy-arp
Usage: [no] ip proxy-arp
Description: Enable/disable proxy ARP. This is a VLAN context command.
It can be called directly from the VLAN context or may follow
the 'vlan VLAN-ID' command prefix. When proxy ARP is enabled on
a VLAN, the device responds to ARP requests received on the
VLAN ports when the device knows a route to the requested IP
addresses.
qinq
■ interface [ETHERNET] PORT-LIST qinq
Usage: qinq port-type <cn-customer-network-port|pn-provider-network-port>
Description: Configure a port's type as customer-network or provider-network.
In svlan mode, the default port type is 'provider-network'. In
mixedvlan mode, default for SVLAN ports is 'provider-network'.
Configuring a port as either customer-network or provider-network
is applicable only if the device is configured in either svlan or
mixedvlan mode.
Next Available Option:
■ port-type -- Configure qinq port-type(p. 263)
qos
■ [no] interface [ETHERNET] PORT-LIST qos
Usage: [no] qos [dscp <0..63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001..111111> |
priority <0-7>]
Description: Set port-based priority. The 'dscp' or 'priority' must be
specified if 'no' is not used. Using 'no' configures the device
not to apply a source-port priority to this port's packets.
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
Next Available Options:
■ dscp -- Specify DSCP policy to use. (p. 231)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 265)
■ [no] interface vlan VLAN-ID qos
Usage: [no] qos [dscp <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111> |
priority <0-7>]
Description: Set VLAN-based priority. The 'dscp' or 'priority' must
be specified if 'no' is not used. Using 'no' configures
the switch not to apply a VLAN priority override to this
VLAN's packets.
© 2009 Hewlett-Packard Development Company, L.P.
268
Command Line Interface Reference Guide
interface
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Options:
■ dscp -- Specify DSCP policy to use. (p. 231)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 265)
■ [no] interface svlan VLAN-ID qos
Usage: [no] qos [dscp <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111> |
priority <0-7>]
Description: Set VLAN-based priority. The 'dscp' or 'priority' must
be specified if 'no' is not used. Using 'no' configures
the switch not to apply a VLAN priority override to this
VLAN's packets.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Options:
■ dscp -- Specify DSCP policy to use. (p. 231)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 265)
querier
■ [no] interface vlan VLAN-ID ip igmp querier
Usage: [no] ip igmp querier [interval <seconds>]
Description: Specify querier/non-querier capability for the VLAN. IGMP
queries are not sent when the mode is disabled. When
enabled, the device cannot become Querier for the subnet
unless the VLAN has an IP Address (use the 'show ip' command
to determine this). Each subnet must have at least one IGMP
Querier-capable device in order for IGMP to function
properly. The querier interval setting modifies the time (in
seconds) between IGMP queries.
Next Available Option:
■ interval < 5 to 300 > -- Sets the interval in seconds between IGMP queries (default: 125) (p. 240)
■ [no] interface vlan VLAN-ID ipv6 mld querier
Usage: [no] vlan < vid > ipv6 mld querier
Description: This command disables or re-enables the ability for the switch
to become querier if necessary. The no version of the command
disables the querier function on the switch.
The show ipv6 mld config command displays the current querier
command. (Default Querier Capability: Enabled.)
© 2009 Hewlett-Packard Development Company, L.P.
269
Command Line Interface Reference Guide
interface
queue1
■ interface [ETHERNET] PORT-LIST bandwidth-min output < 0 to 100 >
Specify min. bandwidth percentage for queue one outgoing traffic.
Range: < 0 to 100 >
Next Available Option:
■ queue2 < 0 to 100 > -- Specify min. bandwidth percentage for queue two outgoing traffic.(p.
270)
queue2
■ interface [ETHERNET] PORT-LIST bandwidth-min output < 0 to 100 > < 0 to 100 >
Specify min. bandwidth percentage for queue two outgoing traffic.
Range: < 0 to 100 >
Next Available Option:
■ queue3 < 0 to 100 > -- Specify min. bandwidth percentage for queue three outgoing traffic.(p.
270)
queue3
■ interface [ETHERNET] PORT-LIST bandwidth-min output < 0 to 100 > < 0 to 100 > < 0 to 100 >
Specify min. bandwidth percentage for queue three outgoing traffic.
Range: < 0 to 100 >
Next Available Option:
■ queue4 < 0 to 100 > -- Specify min. bandwidth percentage for queue four outgoing traffic.(p.
270)
queue4
■ interface [ETHERNET] PORT-LIST bandwidth-min output < 0 to 100 > < 0 to 100 > < 0 to 100 >
< 0 to 100 >
Specify min. bandwidth percentage for queue four outgoing traffic.
Range: < 0 to 100 >
Next Available Option:
■ queue5 < 0 to 100 > -- Specify min. bandwidth percentage for queue five outgoing traffic.(p.
270)
queue5
■ interface [ETHERNET] PORT-LIST bandwidth-min output < 0 to 100 > < 0 to 100 > < 0 to 100 >
< 0 to 100 > < 0 to 100 >
Specify min. bandwidth percentage for queue five outgoing traffic.
© 2009 Hewlett-Packard Development Company, L.P.
270
Command Line Interface Reference Guide
interface
Range: < 0 to 100 >
Next Available Option:
■ queue6 < 0 to 100 > -- Specify min. bandwidth percentage for queue six outgoing traffic.(p. 271)
queue6
■ interface [ETHERNET] PORT-LIST bandwidth-min output < 0 to 100 > < 0 to 100 > < 0 to 100 >
< 0 to 100 > < 0 to 100 > < 0 to 100 >
Specify min. bandwidth percentage for queue six outgoing traffic.
Range: < 0 to 100 >
Next Available Option:
■ queue7 < 0 to 100 > -- Specify min. bandwidth percentage for queue seven outgoing traffic.(p.
271)
queue7
■ interface [ETHERNET] PORT-LIST bandwidth-min output < 0 to 100 > < 0 to 100 > < 0 to 100 >
< 0 to 100 > < 0 to 100 > < 0 to 100 > < 0 to 100 >
Specify min. bandwidth percentage for queue seven outgoing traffic.
Range: < 0 to 100 >
Next Available Option:
■ queue8 < 0 to 100 > -- Specify min. bandwidth percentage for queue eight outgoing traffic.(p.
271)
queue8
■ interface [ETHERNET] PORT-LIST bandwidth-min output < 0 to 100 > < 0 to 100 > < 0 to 100 >
< 0 to 100 > < 0 to 100 > < 0 to 100 > < 0 to 100 > < 0 to 100 >
Specify min. bandwidth percentage for queue eight outgoing traffic.
Range: < 0 to 100 >
rapid-commit
■ [no] interface vlan VLAN-ID ipv6 address dhcp full rapid-commit
Obtain IPv6 address quickly from DHCPv6 server.
■ [no] interface svlan VLAN-ID ipv6 address dhcp full rapid-commit
Obtain IPv6 address quickly from DHCPv6 server.
rate-limit
■ interface [ETHERNET] PORT-LIST rate-limit
Usage: rate-limit icmp <percent <0-100> | kbps <0-10000000>>
rate-limit all <in|out> <percent <0-100> | kbps <0-10000000>>
© 2009 Hewlett-Packard Development Company, L.P.
271
Command Line Interface Reference Guide
interface
rate-limit ip access-group <acl-name> in kbps <0-10000000>
no rate-limit <icmp | all <in|out> | ip <access-group>>
rate-limit bcast in percent <0-100>
no rate-limit bcast in
rate-limit mcast in percent <0-100>
no rate-limit mcast in
Description: Enable/disable and configure rate-limiting for all traffic
(or for incoming ICMP traffic) on the port(s). By default,
rate-limiting is disabled on all ports. When a port is
configured to rate-limit traffic, it forwards only that
specified amount of traffic (percentage, bits-per-second, or
kilobits-per-second). The remaining over-profile traffic of the
type being rate-limited is then discarded.
Rate-Limiting works on inbound ICMP traffic, or on inbound or
outbound traffic in general. The rate-limit reflects the
permitted forwarding rate of the traffic type. It is visible as
the average rate of the outbound traffic (or outbound ICMP
traffic) originating from the rate-limited port (when in inbound
mode), or as the average rate of the outbound traffic from an
outbound rate-limited port.
Rate-limiting of all traffic is primarily used for end-node
connections (i.e., at the network edge). It is not recommended
for use on links to servers, routers, switches, or the network
backbone or core.
(Rate-limiting all traffic on such links can interfere with
important network functions.)
ICMP rate-limiting is primarily used for throttling worm or viruslike behavior, and should NOT be used to remove all ICMP traffic
from the network, as this protocol is necessary for routing
functions.
Broadcast rate-limiting is used for inbound broadcast traffic
control to prevent switch from being disrupted by a broadcast
traffic storm if occurred on the port.
Multicast rate-limiting is used for inbound multicast traffic
control to prevent switch from being disrupted by a multicast
traffic storm if occurred on the port.
For more detailed information on rate-limiting, please consult
the product manual.
This is an Interface context command. It can be called directly
from the interface context, or following the
'interface [ethernet] PORT-LIST' command.
Next Available Options:
■ icmp -- Set limits for ICMP traffic only.(p. 237)
■ all -- Set limits for all traffic.(p. 219)
■ bcast -- Set limits for broadcast traffic.(p. 227)
■ mcast -- Set limits for multicast traffic.(p. 249)
© 2009 Hewlett-Packard Development Company, L.P.
272
Command Line Interface Reference Guide
interface
reachable-time
■ [no] interface vlan VLAN-ID ipv6 nd reachable-time
Usage: [no] ipv6 nd reachable-time
<milliseconds>
Description: Configures the length of time neighbors are considered
reachable after being confirmed as reachable via the
neighbor unreachability detection algorithm. This value
appears in router advertisements sent on this interface and
is also used to manage the neighbor table entries on this node.
Next Available Option:
■ number < 1000 to 3600000 > -- Configures the router lifetime sent in router advertisements(p.
256)
receive
■ interface vlan VLAN-ID ip rip receive < V1-only | V2-only | V1-or-V2 | ... >
Define RIP version for incoming packets.
Supported Values:
■ V1-only -- Accept RIP version 1 updates only.
■ V2-only -- Accept RIP version 2 updates only.
■ V1-or-V2 -- Accept both RIP 1 and RIP 2 updates.
■ disabled -- Do not accept RIP updates.
■ interface vlan VLAN-ID ip rip IP-ADDR receive < V1-only | V2-only | V1-or-V2 | ... >
Define RIP version for incoming packets.
Supported Values:
■ V1-only -- Accept RIP version 1 updates only.
■ V2-only -- Accept RIP version 2 updates only.
■ V1-or-V2 -- Accept both RIP 1 and RIP 2 updates.
■ disabled -- Do not accept RIP updates.
■ interface vlan VLAN-ID ip rip all receive < V1-only | V2-only | V1-or-V2 | ... >
Define RIP version for incoming packets.
Supported Values:
■ V1-only -- Accept RIP version 1 updates only.
■ V2-only -- Accept RIP version 2 updates only.
■ V1-or-V2 -- Accept both RIP 1 and RIP 2 updates.
■ disabled -- Do not accept RIP updates.
retransmit-interval
■ interface vlan VLAN-ID ip ospf retransmit-interval < 1 to 3600 >
Set retransmit interval in seconds; the default is 5.
Range: < 1 to 3600 >
■ interface vlan VLAN-ID ip ospf IP-ADDR retransmit-interval < 1 to 3600 >
Set retransmit interval in seconds; the default is 5.
Range: < 1 to 3600 >
© 2009 Hewlett-Packard Development Company, L.P.
273
Command Line Interface Reference Guide
interface
■ interface vlan VLAN-ID ip ospf all retransmit-interval < 1 to 3600 >
Set retransmit interval in seconds; the default is 5.
Range: < 1 to 3600 >
rip
■ [no] interface vlan VLAN-ID ip rip
Usage: [no] ip rip [...]
Description: Enable/disable/configure Routing Internet Protocol (RIP)
on the VLAN interface.
Called without 'no', the command enables RIP on the interface.
Otherwise ('no' is specified), the command disables RIP on the
interface. The command can be followed by a RIP configuration
command. Use 'ip rip ?' to get a list of all possible options.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Options:
■ authentication-type < none | text > -- Set authentication type used on this interface.(p. 224)
■ authentication-key -- Set RIP authentication key (maximum 16 characters).(p. 223)
■ metric < 1 to 15 > -- Set metric for this interface.(p. 250)
■ poison-reverse -- Enable/disable poison reverse on this interface.(p. 262)
■ receive < V1-only | V2-only | V1-or-V2 | ... > -- Define RIP version for incoming packets.(p. 273)
■ send < disabled | V1-only | V1-compatible-V2 | ... > -- Define RIP version for outgoing packets.(p.
275)
■ rip-compatible < V1-only | V2-only | V1-or-V2 > -- Define RIP version for incoming and outgoing
packets.(p. 274)
■ ip-addr -- Specify the IP address the request is for. (IP-ADDR) (p. 241)
■ all -- Process the request for all IP addresses.(p. 219)
rip-compatible
■ interface vlan VLAN-ID ip rip < V1-only | V2-only | V1-or-V2 >
Define RIP version for incoming and outgoing packets.
Supported Values:
■ V1-only -- Use RIP version 1 only.
■ V2-only -- Use RIP version 2 only.
■ V1-or-V2 -- Use RIP 2 in the RIP 1 compatible mode.
■ interface vlan VLAN-ID ip rip IP-ADDR < V1-only | V2-only | V1-or-V2 >
Define RIP version for incoming and outgoing packets.
Supported Values:
■ V1-only -- Use RIP version 1 only.
■ V2-only -- Use RIP version 2 only.
■ V1-or-V2 -- Use RIP 2 in the RIP 1 compatible mode.
■ interface vlan VLAN-ID ip rip all < V1-only | V2-only | V1-or-V2 >
Define RIP version for incoming and outgoing packets.
© 2009 Hewlett-Packard Development Company, L.P.
274
Command Line Interface Reference Guide
interface
Supported Values:
■ V1-only -- Use RIP version 1 only.
■ V2-only -- Use RIP version 2 only.
■ V1-or-V2 -- Use RIP 2 in the RIP 1 compatible mode.
send
■ interface vlan VLAN-ID ip rip send < disabled | V1-only | V1-compatible-V2 | ... >
Define RIP version for outgoing packets.
Supported Values:
■ disabled -- Do not send RIP updates.
■ V1-only -- Send RIP version 1 updates only.
■ V1-compatible-V2 -- Send RIP 2 updates using RFC 1058 route subsumption.
■ V2-only -- Send RIP version 2 updates only.
■ interface vlan VLAN-ID ip rip IP-ADDR send < disabled | V1-only | V1-compatible-V2 | ... >
Define RIP version for outgoing packets.
Supported Values:
■ disabled -- Do not send RIP updates.
■ V1-only -- Send RIP version 1 updates only.
■ V1-compatible-V2 -- Send RIP 2 updates using RFC 1058 route subsumption.
■ V2-only -- Send RIP version 2 updates only.
■ interface vlan VLAN-ID ip rip all send < disabled | V1-only | V1-compatible-V2 | ... >
Define RIP version for outgoing packets.
Supported Values:
■ disabled -- Do not send RIP updates.
■ V1-only -- Send RIP version 1 updates only.
■ V1-compatible-V2 -- Send RIP 2 updates using RFC 1058 route subsumption.
■ V2-only -- Send RIP version 2 updates only.
service-policy
■ [no] interface [ETHERNET] PORT-LIST service-policy SERVICE-POLICY
Usage: [no] service-policy <name> in
Description: Apply the QoS/Mirror policy on the interface.
Parameters:
o <name> - Policy name.
o in - Apply the policy in inbound direction.
Next Available Option:
■ in -- Apply policy on inbound packets. (p. 238)
■ [no] interface vlan VLAN-ID service-policy SERVICE-POLICY
Usage: [no] service-policy <name> in
Description: Apply the QoS/Mirror policy on the vlan.
Parameters:
© 2009 Hewlett-Packard Development Company, L.P.
275
Command Line Interface Reference Guide
interface
o <name> - Policy name.
o in - Apply the policy in inbound direction.
Next Available Option:
■ in -- Apply policy on inbound packets. (p. 238)
source-lockdown
■ [no] interface [ETHERNET] PORT-LIST ip source-lockdown
Usage: [no] ip source-lockdown [ethernet] <port-list>
Description: Enable/disable IP source lockdown in global configuration mode.
Using the port-list option it can be configured on per-port basis.
speed-duplex
■ interface [ETHERNET] PORT-LIST speed-duplex < 10-half | 100-half | 10-full | ... >
Usage: speed-duplex <10-half|100-half|10-full|100-full|1000-full|
auto|auto-10|auto-100|auto-1000|auto-10-100>
Description: Define mode of operation for the port(s).
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
For 10FL:
- 10-half
- 10-full
10 Mbps, half duplex (default). The port operates
according to the IEEE 802.3/Ethernet standards.
10 Mbps, full duplex. The port simultaneously
receives and transmits data. (The device attached
to the port must support full duplex operation).
For 10/100TX:
- auto
-
10-half
10-full
100-half
100-full
auto-10
Note: Make sure that the device attached to the
port is configured the same as the selection you
make here.
(default) The port automatically selects the
network speed (10 or 100 Mbps), and that data
transfer operation (full or half duplex) between
the switch and another IEEE 802u-compliant device
running the 'Auto Negotiation' protocol.
10 Mbps, half duplex.
10 Mbps, full duplex.
100 Mbps, half duplex.
100 Mbps, full duplex.
Same as 'auto' except that the port speed is fixed
at 10 Mbps. The data transfer operation (full or
half duplex) is auto negotiated.
For 100FX:
- 100-full
- 100-half
(default) 100 Mbps, full duplex.
100 Mbps, half duplex.
For 1000T:
- auto
(default) The port automatically selects the
© 2009 Hewlett-Packard Development Company, L.P.
276
Command Line Interface Reference Guide
-
interface
network speed (100 or 1000 Mbps)and the port
wiring operation (MDI-X or MDI) between the
switch and another IEEE 802.3ab-compliant device
running the 'Auto Negotiation' protocol.
100-full
100 Mbps, full duplex.
auto-100
Same as 'auto'. Limited to 100Mbps network speed.
auto-1000
Same as 'auto'. Limited to 1000Mbps network speed.
auto-10-100 Same as 'auto'. Limited to 10Mbps or 100 Mbps
network speed.
For 1000SX, 1000LX:
- auto
(default) The port Auto Negotiates for Flow
Control if Flow Control is set to Enable.
- 1000-full
1000 Mbps, full duplex.
For 1000Stk:
- auto
Runs in 1000 Mbps, full duplex.
The port Auto Negotiates for Flow Control if
Flow Control is set to Enable.
Supported Values:
■ 10-half -- 10 Mbps, half duplex.
■ 100-half -- 100 Mbps, half duplex.
■ 10-full -- 10 Mbps, full duplex.
■ 100-full -- 100 Mbps, full duplex.
■ 1000-full -- 1000 Mbps, full duplex.
■ auto -- Use Auto Negotiation for speed and duplex mode.
■ auto-10 -- 10 Mbps, use Auto Negotiation for duplex mode.
■ auto-100 -- 100 Mbps, use Auto Negotiation for duplex mode.
■ auto-1000 -- 1000 Mbps, use Auto Negotiation for duplex mode.
■ auto-10-100 -- 10 or 100 Mbps, and half or full duplex, using Auto Negotiation.
src-ip
■ interface vlan VLAN-ID connection-rate-filter unblock IP-ADDR/mask-LENGTH
Match packets from the specified subnet.
■ interface svlan VLAN-ID connection-rate-filter unblock IP-ADDR/mask-LENGTH
Match packets from the specified subnet.
svlan
■ [no] interface svlan VLAN-ID
Usage: [no] svlan VLAN-ID [...]
Description: Add, delete, edit SVLAN configuration or enter a SVLAN context.
If an existing 'SVLAN VLAN-ID' is specified you are put into the
context for that SVLAN, and can then execute commands for that
SVLAN. If a new VLAN-ID is specified, the new SVLAN is added with
the VLAN-ID, and you are put into the context of the new SVLAN.
If you follow the command with one of the SVLAN Context commands
in the same command line, the context level is not changed, but
the commands are executed for the SVLAN specified by the
VLAN-ID. The 'no' option of the SVLAN command is used to delete
the SVLAN specified by VLAN-ID.
© 2009 Hewlett-Packard Development Company, L.P.
277
Command Line Interface Reference Guide
interface
Next Available Options:
■ dhcp-snooping -- (p. 230)
■ ip -- Configure various IP parameters for the VLAN(p. 240)
■ ipv6 -- Configure various IP parameters for the VLAN(p. 244)
■ auto -- Cause each port identified in the port list to learn its VLAN membership using the GARP
VLAN Registration Protocol (GVRP) ([ethernet] PORT-LIST) (p. 225)
■ connection-rate-filter -- Re-enables access to a host or set of hosts that has been previously
blocked by the connection rate filter(p. 228)
■ monitor -- Define either the VLAN is to be monitored or not(p. 252)
■ name -- Set the VLAN's name (ASCII-STR) (p. 254)
■ protocol -- Set a predefined protocol for the current VLAN. (p. 266)
■ qos -- Set VLAN-based priority(p. 268)
■ tagged -- Assign ports to current VLAN as tagged ([ethernet] PORT-LIST) (p. 278)
■ untagged -- Assign ports to current VLAN as untagged ([ethernet] PORT-LIST) (p. 282)
■ forbid -- Prevent ports from becoming a member of the current VLAN ([ethernet] PORT-LIST)
(p. 234)
■ voice -- Labels this VLAN as a Voice VLAN, allowing you to separate, prioritize, and authenticate
voice traffic moving through your network(p. 283)
■ jumbo -- Labels this VLAN as a Jumbo VLAN, allowing you to pass packets up to 9220 bytes
in size(p. 246)
tagged
■ [no] interface vlan VLAN-ID tagged [ETHERNET] PORT-LIST
Usage: [no] tagged [ethernet] PORT-LIST
Description: Assign ports to current VLAN as tagged.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
■ [no] interface svlan VLAN-ID tagged [ETHERNET] PORT-LIST
Usage: [no] tagged [ethernet] PORT-LIST
Description: Assign ports to current VLAN as tagged.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
timer-interval
■ interface vlan VLAN-ID ip-recv-mac-address MAC-ADDR interval < 1 to 255 >
Timeout interval in seconds <1-255>.
Range: < 1 to 255 >
track
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > track
Usage: [no] vrrp vrid <VRID> track <vlan <VLAN-ID-RANGE>|interface <LPORT-LIST>>
no vrrp vrid <VRID> track
Description: Enable/disable tracking for VR.
© 2009 Hewlett-Packard Development Company, L.P.
278
Command Line Interface Reference Guide
interface
Next Available Options:
■ interface -- Enable/disable tracking of logical ports for VR(p. 239)
■ vlan -- Enable/disable tracking of VLANs for VR(p. 282)
transit-delay
■ interface vlan VLAN-ID ip ospf transit-delay < 1 to 3600 >
Set transit delay in seconds; the default is 1.
Range: < 1 to 3600 >
■ interface vlan VLAN-ID ip ospf IP-ADDR transit-delay < 1 to 3600 >
Set transit delay in seconds; the default is 1.
Range: < 1 to 3600 >
■ interface vlan VLAN-ID ip ospf all transit-delay < 1 to 3600 >
Set transit delay in seconds; the default is 1.
Range: < 1 to 3600 >
trust
■ [no] interface [ETHERNET] PORT-LIST dhcp-snooping trust
Usage: [no] dhcp-snooping trust PORT-LIST
Description: Configure trusted interfaces. Only server packets received
on trusted interfaces will be forwarded. When 'no' is
specified the interfaces are marked as untrusted.
The default port state is untrusted.
Parameters:
o PORT-LIST - Port list on which to configure trust status.
■ [no] interface [ETHERNET] PORT-LIST arp-protect trust
ttl-threshold
■ interface vlan VLAN-ID ip pim-dense ttl-threshold < 0 to 255 >
Usage: ip pim-dense ttl-threshold <0-255>
Description: Set the Time To Live in a PIM-DM State Refresh message at
which it is not forwarded on this interface. Default is 0.
Range: < 0 to 255 >
■ interface vlan VLAN-ID ip mroute ttl-threshold < 0 to 255 >
Usage: ip mroute ttl-threshold <0-255>
Description: Set the multicast datagram TTL threshold for the interface.
Any IP multicast datagrams with a TTL less than this threshold
will not be forwarded out the interface. The default value of 0
means all multicast packets are forwarded out the interface.
Range: < 0 to 255 >
© 2009 Hewlett-Packard Development Company, L.P.
279
Command Line Interface Reference Guide
interface
type
■ interface [ETHERNET] PORT-LIST type < Trunk | | | ... >
Supported Values:
■ Trunk
■
■
■ 10FL
■ 10T
■ 10/100TX
■ 100FX
■ 100FX-SFP
■ Vlan
■ Mesh
■ 1000SX
■ 1000LX
■ 100/1000T
■ 1000T
■ 1000Stk
■ 1000LH
■ 10GbE-CX4
■ 10GbE-SR
■ 10GbE-ER
■ 10GbE-LR
■ 1000T-SFP
■ 100GEN
■ 1000GEN
■ 10GbE-GEN
■ 1000X
■ 100BX-D
■ 100BX-U
■ 1000BX-D
■ 1000BX-U
■ 10GbE-LRM
■ 10GSFP-SR
■ 10GSFP-LR
■ 10G-LRM
■ 10G-DAC
■ 10G-DA1
■ 10G-DA2
■ 10G-DA3
■ 10G-DA5
■ 10G-DA7
■ 10G-DA10
■ 10G-DA15
■ 10G-DA20
■ 10GbE-T
■ 10GbE-TSH
■ 10GbE-TLH
■ 10GbE-STK
udp
■ [no] interface vlan VLAN-ID ip forward-protocol udp
© 2009 Hewlett-Packard Development Company, L.P.
280
Command Line Interface Reference Guide
interface
Usage: [no] ip forward-protocol udp IP-ADDR PORT-NUM|PORT-NAME
Description: Add or remove a UDP server address for the VLAN. The
broadcast packets received by the switch on this VLAN are to
be forwarded to the specified application server.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
Next Available Option:
■ ip-addr -- IP address of the protocol server. (IP-ADDR) (p. 241)
unblock
■ interface vlan VLAN-ID connection-rate-filter unblock
Resets a host previously blocked by the connection rate filter
Next Available Options:
■ all -- Resets all previously blocked by the connection rate filter (p. 219)
■ host -- Match packets from the specified IP address. (IP-ADDR) (p. 237)
■ src-ip -- Match packets from the specified subnet. (IP-ADDR/mask-LENGTH) (p. 277)
■ interface svlan VLAN-ID connection-rate-filter unblock
Resets a host previously blocked by the connection rate filter
Next Available Options:
■ all -- Resets all previously blocked by the connection rate filter (p. 219)
■ host -- Match packets from the specified IP address. (IP-ADDR) (p. 237)
■ src-ip -- Match packets from the specified subnet. (IP-ADDR/mask-LENGTH) (p. 277)
unknown-vlans
■ interface [ETHERNET] PORT-LIST unknown-vlans < Learn | Block | Disable >
Usage: unknown-vlans <learn|block|disable>
Description: Configure GVRP on the port(s).
If 'learn' is specified then the port will accept join
requests for new VLANs on this port and propagate a VLAN
join requests through all other forwarding ports that are
participating in GVRP.
If 'block' is specified then the port will only process
GRVP packets that concern themselves with known VLANs.
If 'disable' is specified then all GRVP packets will be
ignored.
This is an Interface context command. It can be called directly
from the interface context or follow the 'interface [ethernet]
PORT-LIST' command.
Supported Values:
■ Learn -- Learn new VLANs.
■ Block -- Ignore new VLANs.
■ Disable -- Ignore all GVRP packets.
© 2009 Hewlett-Packard Development Company, L.P.
281
Command Line Interface Reference Guide
interface
untagged
■ [no] interface vlan VLAN-ID untagged [ETHERNET] PORT-LIST
Usage: [no] untagged [ethernet] PORT-LIST
Description: Assign ports to current VLAN as untagged.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
■ [no] interface svlan VLAN-ID untagged [ETHERNET] PORT-LIST
Usage: [no] untagged [ethernet] PORT-LIST
Description: Assign ports to current VLAN as untagged.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
virtual-ip-address
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > virtual-ip-address
Usage: [no] vrrp vrid <VRID> virtual-ip-address <IP-ADDR>
Description: Specify IP address to be supported by the virtual router instance.
There is no default value.
Next Available Option:
■ ip-addr -- Specify IP address/mask. (IP-ADDR/mask-LENGTH) (p. 241)
vlan
■ interface [ETHERNET] PORT-LIST link-keepalive vlan VLAN-ID
Set vlan-id for tagged UDLD control packets.
■ [no] interface vlan VLAN-ID
Usage: [no] vlan VLAN-ID [...]
Description: Add, delete, edit VLAN configuration or enter a VLAN context.
If an existing VLAN-ID is specified you are put into the
context for that VLAN, and can then execute commands for that
VLAN. If a new VLAN-ID is specified, the new VLAN is added with
the VLAN-ID, and you are put into the context of the new VLAN.
If you follow the command with one of the VLAN Context commands
in the same command line, the context level is not changed, but
the commands are executed for the VLAN specified by the
VLAN-ID. The 'no' option of the VLAN command is used to delete
the VLAN specified by VLAN-ID.
Next Available Options:
■ auto -- Cause each port identified in the port list to learn its VLAN membership using the GARP
VLAN Registration Protocol (GVRP) ([ethernet] PORT-LIST) (p. 225)
■ dhcp-snooping -- (p. 230)
■ ip -- Configure various IP parameters for the VLAN(p. 240)
■ igmp-proxy -- Associate an IGMP proxy domain with a VLAN(p. 238)
© 2009 Hewlett-Packard Development Company, L.P.
282
Command Line Interface Reference Guide
interface
■ ipv6 -- Configure various IP parameters for the VLAN(p. 244)
■ connection-rate-filter -- Re-enables access to a host or set of hosts that has been previously
blocked by the connection rate filter(p. 228)
■ monitor -- Define either the VLAN is to be monitored or not(p. 252)
■ name -- Set the VLAN's name (ASCII-STR) (p. 254)
■ protocol -- Set a predefined protocol for the current VLAN. (p. 266)
■ qos -- Set VLAN-based priority(p. 268)
■ tagged -- Assign ports to current VLAN as tagged ([ethernet] PORT-LIST) (p. 278)
■ untagged -- Assign ports to current VLAN as untagged ([ethernet] PORT-LIST) (p. 282)
■ forbid -- Prevent ports from becoming a member of the current VLAN ([ethernet] PORT-LIST)
(p. 234)
■ voice -- Labels this VLAN as a Voice VLAN, allowing you to separate, prioritize, and authenticate
voice traffic moving through your network(p. 283)
■ jumbo -- Labels this VLAN as a Jumbo VLAN, allowing you to pass packets up to 9220 bytes
in size(p. 246)
■ vrrp -- Enable/disable/configure VRRP operation on the VLAN(p. 284)
■ ip-recv-mac-address -- Associates a L3-mac-address with a VLAN(p. 243)
■ service-policy -- Apply the QoS/Mirror policy on the vlan (ASCII-STR) (p. 275)
■ [no] interface vlan VLAN-ID ipv6 access-group ACCESS-GROUP vlan
VLAN acl.
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > track vlan
Usage: [no] vrrp vrid <VRID> track vlan <VLAN-ID-RANGE>
Description: Enable/disable tracking of VLANs for VR.
Multiple <VLAN-ID-RANGE> can be specified.
Next Available Option:
■ vlan-id-range -- Enable/disable tracking of specified VLANs for VR (VLAN-ID-RANGE) (p. 283)
vlan-id-range
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 > track vlan VLAN-ID-RANGE
Usage: [no] vrrp vrid <VRID> track vlan <VLAN-ID-RANGE>
Description: Enable/disable tracking of specified VLANs for VR.
voice
■ [no] interface vlan VLAN-ID voice
Usage: [no] voice
Description: Labels this VLAN as a Voice VLAN, allowing you to separate,
prioritize, and authenticate voice traffic moving through
your network.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
■ [no] interface svlan VLAN-ID voice
© 2009 Hewlett-Packard Development Company, L.P.
283
Command Line Interface Reference Guide
interface
Usage: [no] voice
Description: Labels this VLAN as a Voice VLAN, allowing you to separate,
prioritize, and authenticate voice traffic moving through
your network.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
vrid
■ [no] interface vlan VLAN-ID vrrp vrid < 1 to 255 >
Usage: [no] vrrp vrid <VRID> [...]
Description: Configure a virtual router instance for the VLAN.
A virtual router is defined by its virtual router
identifier (VRID) and a set of IP addresses for which
virtual router acts as a Master or Backup. The scope
of each virtual router is restricted to a single VLAN.
Range: < 1 to 255 >
Next Available Options:
■ backup -- Designate the virtual router instance as a Backup(p. 226)
■ owner -- Designate the virtual router instance as an Owner (Master)(p. 258)
■ virtual-ip-address -- Specify IP address to be supported by the virtual router instance(p. 282)
■ primary-ip-address -- Specify IP address the virtual router instance will use as a source in VRRP
advertisement messages(p. 264)
■ advertise-interval < 1 to 255 > -- Set time interval (in seconds) between sending VRRP
advertisement messages(p. 219)
■ priority < 1 to 255 > -- Configure priority for the virtual router instance(p. 265)
■ preempt-mode -- Enable/disable preempt mode for the virtual router instance(p. 264)
■ preempt-delay-time < 1 to 600 > -- Enable the pre-emptive delay timer for the virtual router
instance(p. 264)
■ failback -- Trigger VR to failback to its configured priority value(p. 233)
■ failover -- Trigger VR to failover to a peer(p. 233)
■ track -- Enable/disable tracking for VR(p. 278)
■ enable -- Enable/disable operation of the virtual router instance(p. 232)
vrrp
■ [no] interface vlan VLAN-ID vrrp
Usage: [no] vlan <VLAN-ID> vrrp vrid <VRID> [...]
Description: Enable/disable/configure VRRP operation on the VLAN.
Use 'vrrp vrid <VRID> ?' to get a list of all possible options.
This is a VLAN context command. It can be called directly from
the VLAN context or follow the 'vlan VLAN-ID' command.
Next Available Option:
■ vrid < 1 to 255 > -- Configure a virtual router instance for the VLAN(p. 284)
© 2009 Hewlett-Packard Development Company, L.P.
284
Command Line Interface Reference Guide
interface
well-defined
■ interface [ETHERNET] PORT-LIST qos dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
© 2009 Hewlett-Packard Development Company, L.P.
285
Command Line Interface Reference Guide
interface
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ interface vlan VLAN-ID qos dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
© 2009 Hewlett-Packard Development Company, L.P.
286
Command Line Interface Reference Guide
010010
010100
010110
011010
011100
011110
100010
100100
100110
101110
000000
001000
010000
011000
100000
101000
110000
111000
interface
0
0
3
4
4
5
6
6
7
7
0
1
2
3
4
5
6
7
Assured Forwarding
AF21
Assured Forwarding
AF22
Assured Forwarding
AF23
Assured Forwarding
AF31
Assured Forwarding
AF32
Assured Forwarding
AF33
Assured Forwarding
AF41
Assured Forwarding
AF42
Assured Forwarding
AF43
Expedited Forwarding EF
Classs Selector
CS0
Classs Selector
CS1
Classs Selector
CS2
Classs Selector
CS3
Classs Selector
CS4
Classs Selector
CS5
Classs Selector
CS6
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ interface svlan VLAN-ID qos dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
© 2009 Hewlett-Packard Development Company, L.P.
287
Command Line Interface Reference Guide
interface
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
© 2009 Hewlett-Packard Development Company, L.P.
288
Command Line Interface Reference Guide
■
■
■
■
■
interface
cs3
cs4
cs5
cs6
cs7
with-monitoring
■ interface vlan VLAN-ID vrrp vrid < 1 to 255 > failover with-monitoring
Usage: vrrp vrid <VRID> failover with-monitoring
Description: Trigger VR to failover and continue montior of master VR.
© 2009 Hewlett-Packard Development Company, L.P.
289
ip
OVERVIEW
Category:
Primary context:
config
Related Commands
ipv6 (page 313)
show ip (page 561)
Usage: [no] ip ...
Description: Configure various IP parameters for the switch. The 'ip'
command must be followed by a feature-specific keyword.
Use 'ip ?' to get a list of all possible options.
COMMAND STRUCTURE
■ [no] ip access-list -- Enter the named-acl context for the specified access control list (p. 293)
■ connection-rate-filter -- Configure a connection-rate-filter Access Control List. (p. 297)
■ name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 304)
■ extended -- Configure an extended Access Control List. (p. 299)
■ name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 304)
■ number < 100 to 199 > -- Specify Access Control List to configure by number. (p. 305)
■ resequence -- Renumber the entries in an Access Control List. (p. 307)
■ name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 304)
■ start-seq-num < 1 to 2147483647 > -- Specify the starting sequence number. (p. 310)
■ increment < 1 to 2147483646 > -- Specify the increment. (p. 301)
■ standard -- Configure a standard Access Control List. (p. 310)
■ name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 304)
■ number < 1 to 99 > -- Specify Access Control List to configure by number. (p. 305)
■ [no] ip address -- Set IP parameters for communication within an IP network (p. 294)
■ dhcp-bootp -- Configure the interface to use DHCP/Bootp server to acquire parameters. (p. 297)
■ ip-addr -- Interface IP address/mask. (IP-ADDR/MASK-LENGTH) (p. 302)
■ [no] ip arp-age -- Modify Address Resolution Protocol (ARP) table entry timeout, specified in
minutes (p. 294)
■ infinite -- Causes the ARP timeout to be set to 0, indicating an infinite timeout period. (p. 301)
■ timeout < 1 to 1440 > -- Modify Address Resolution Protocol (ARP) table entry timeout, specified
in minutes (NUMBER) (p. 311)
■ [no] ip authorized-managers -- Define the IPV4 addresses allowed to manage the switch (p. 295)
■ IPV4-ADDR -- Authorized manager IPv4 address. (IP-ADDR) (p. 303)
■ access < Manager | Operator > -- Define an access level desired. (p. 293)
■ access-method < all | ssh | telnet | ... > -- Define an access method desired. (p. 294)
■ IPV4-MASK -- IP mask defining a group of adjacent manager IP addresses. (IP-ADDR) (p.
303)
■ [no] ip default-gateway -- Configure the IPv4 default gateway address, which will be used when
routing is not enabled on the switch (p. 297)
■ ipaddr -- IPv4 address of the default gateway. (IP-ADDR) (p. 302)
■ [no] ip directed-broadcast -- Enable/disable directed broadcast forwarding (p. 298)
■ [no] ip dns -- Configure the DNS (Domain Name System) default domain suffix and the name
server IP address for translation of hostnames to IP addresses (p. 298)
■ domain-name -- Configure default domain suffix. (p. 298)
■ domain-name -- Default domain suffix. (ASCII-STR) (p. 298)
© 2009 Hewlett-Packard Development Company, L.P.
290
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
ip
■ server-address -- Configure DNS server IP address. (p. 308)
■ priority < 1 to 2 > -- Priority of Server Address. (NUMBER) (p. 305)
■ ip6addr -- DNS server IPv6 address. (IPV6-ADDR) (p. 302)
■ ipaddr -- DNS server IP address. (IP-ADDR) (p. 302)
[no] ip icmp -- Configure ICMP Rate Limiting capacity (p. 300)
■ addrmask -- Enable/disable address mask replies (p. 294)
■ burst-normal < 0 to 1000000 > -- The maximum number of icmp replies to send per second
(p. 296)
■ echo -- Enable/disable echo replies to broadcast echo requests (p. 299)
■ broadcast-request < Min | Max > -- Enable/disable echo replies to broadcast echo requests
(p. 296)
■ redirects -- Enable/disable redirect error messages (p. 306)
■ reply-limit -- Enable/disable ICMP reply rate limiting (p. 306)
■ unreachable -- Enable/disable destination unreachable error messages (p. 312)
[no] ip igmp -- Enable/disable/configure IP Multicast Group Protocol (IGMP) feature (p. 300)
■ auto -- Instruct the device to monitor incoming multicast traffic on the specified ports (this is
the default behavior) ([ethernet] PORT-LIST) (p. 296)
■ blocked -- Instruct the device to drop incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 296)
■ fastleave -- Enables or disables IGMP Fast Leaves ([ethernet] PORT-LIST) (p. 299)
■ forcedfastleave -- When enabled, this feature forces IGMP Fast Leaves to occur even when the
port is cascaded ([ethernet] PORT-LIST) (p. 299)
■ forward -- Instruct the device to forward incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 300)
■ high-priority-forward -- Enable/disable the high priority forwarding of traffic for subscribed IP
Multicast groups (p. 300)
■ querier -- Specify querier/non-querier capability for the VLAN (p. 306)
■ interval < 5 to 300 > -- Sets the interval in seconds between IGMP queries (default: 125) (p.
301)
[no] ip irdp -- Enable/disable ICMP Router Discovery Protocol (IRDP) (p. 303)
[no] ip load-sharing -- Specify the maximum number of equal cost IP load sharing paths (p. 303)
■ load-sharing-value < 2 to 4 > -- Specify the maximum number of equal cost IP load sharing
paths (p. 303)
[no] ip multicast-routing -- Enable/disable IP multicast routing on the device (p. 304)
ip preserve -- (p. 305)
[no] ip route -- Add or delete static routing table entries (p. 307)
■ ip-addr -- Specify IP address and mask of the route destination. (IP-ADDR/MASK-LENGTH) (p.
302)
■ blackhole -- Specify that packets are silently discarded with no ICMP message sent. (p. 296)
■ distance < 1 to 255 > -- Set the administrative distance to associate with this static route.
(p. 298)
■ ip-addr -- Specify gateway IP address. (IP-ADDR) (p. 302)
■ distance < 1 to 255 > -- Set the administrative distance to associate with this static route.
(p. 298)
■ reject -- Specify that packets are discarded and ICMP error is returned to sender. (p. 306)
■ distance < 1 to 255 > -- Set the administrative distance to associate with this static route.
(p. 298)
■ vlan -- Specify the destination VLAN. (VLAN-ID) (p. 312)
■ distance < 1 to 255 > -- Set the administrative distance to associate with this static route.
(p. 298)
[no] ip router-id -- Define the device router id (p. 307)
■ ipaddr -- Define the device router id (IP-ADDR) (p. 302)
[no] ip routing -- Enable/disable IP routing support on the device (p. 308)
© 2009 Hewlett-Packard Development Company, L.P.
291
Command Line Interface Reference Guide
ip
■ [no] ip source-binding -- Add/remove a static IP-to-MAC binding in the DHCP snooping database
(p. 308)
■ trap -- Set traps for dynamic ip lockdown (p. 311)
■ OutOfResources -- Set out-of-resources trap. (p. 305)
■ vlan -- (VLAN-ID) (p. 312)
■ ip -- (IP-ADDR) (p. 302)
■ mac -- (MAC-ADDR) (p. 304)
■ interface -- ([ethernet] PORT-NUM) (p. 301)
■ [no] ip source-lockdown -- Enable/disable IP source lockdown in global configuration mode (p.
309)
■ portlist -- Specify the ports on which ip source-lockdown need to be implemented. ([ethernet]
PORT-LIST) (p. 305)
■ [no] ip source-route -- Enable/disable forwarding of source routed packets (p. 309)
■ [no] ip ssh -- Enable/disable SSH server on the device or set various SSH server parameters (p.
309)
■ cipher < aes128-cbc | 3des-cbc | aes192-cbc | ... > -- Specify a cipher to enable/disable. (p. 296)
■ filetransfer -- Enable/disable secure file transfer capability. (p. 299)
■ mac < hmac-md5 | hmac-sha1 | hmac-sha1-96 | ... > -- Specify a mac to enable/disable. (p. 304)
■ port -- Specify the TCP port on which the daemon should listen for SSH connections. (p. 305)
■ default -- Specify that the daemon should listen on the default TCP port (22). (p. 297)
■ IP-PORT -- Specify the TCP port number on which the daemon should listen. (TCP/UDP-PORT)
(p. 303)
■ public-key < manager | operator > -- Configure a client public-key. (NUMBER) (p. 306)
■ keystring -- ASCII formatted public-key. (ASCII-STR) (p. 303)
■ timeout < 5 to 120 > -- Specify the maximum length of time (seconds) permitted for protocol
negotiation and authentication. (NUMBER) (p. 311)
■ [no] ip timep -- Configure the method to acquire the Timep server address (p. 311)
■ dhcp -- Use DHCP to acquire Timep server address. (p. 297)
■ interval < 1 to 9999 > -- Specify how often (in minutes) the switch tries to get the current
time. (p. 301)
■ manual -- Manually configure the Timep server address. (p. 304)
■ server -- Timep server IPv4 address. (IP-ADDR) (p. 308)
■ interval < 1 to 9999 > -- Specify how often (in minutes) the switch tries to get the current
time. (p. 301)
■ serverV6 -- Timep server IPv6 address. (IPV6-ADDR) (p. 308)
■ interval < 1 to 9999 > -- Specify how often (in minutes) the switch tries to get the current
time. (p. 301)
■ ip ttl < 2 to 255 > -- Specify TTL for outgoing IP packets (NUMBER) (p. 312)
■ [no] ip udp-bcast-forward -- Enable/disable UDP broadcast forwarding (p. 312)
■ [no] ip zero-broadcast -- Enable/disable usage of zero broadcast IP Address (p. 312)
COMMAND DETAILS
access (p. 293)
access-list (p. 293)
access-method (p. 294)
address (p. 294)
addrmask (p. 294)
arp-age (p. 294)
authorized-managers (p. 295)
auto (p. 296)
blackhole (p. 296)
blocked (p. 296)
high-priority-forward (p. 300)
icmp (p. 300)
igmp (p. 300)
increment (p. 301)
infinite (p. 301)
interface (p. 301)
interval (p. 301)
ip (p. 302)
ip6addr (p. 302)
ipaddr (p. 302)
© 2009 Hewlett-Packard Development Company, L.P.
public-key (p. 306)
querier (p. 306)
redirects (p. 306)
reject (p. 306)
reply-limit (p. 306)
resequence (p. 307)
route (p. 307)
router-id (p. 307)
routing (p. 308)
server (p. 308)
292
Command Line Interface Reference Guide
broadcast-request (p. 296)
burst-normal (p. 296)
cipher (p. 296)
connection-rate-filter (p. 297)
default (p. 297)
default-gateway (p. 297)
dhcp (p. 297)
dhcp-bootp (p. 297)
directed-broadcast (p. 298)
distance (p. 298)
dns (p. 298)
domain-name (p. 298)
echo (p. 299)
extended (p. 299)
fastleave (p. 299)
filetransfer (p. 299)
forcedfastleave (p. 299)
forward (p. 300)
ip
ip-addr (p. 302)
IP-PORT (p. 303)
IPV4-ADDR (p. 303)
IPV4-MASK (p. 303)
irdp (p. 303)
keystring (p. 303)
load-sharing (p. 303)
load-sharing-value (p. 303)
mac (p. 304)
manual (p. 304)
multicast-routing (p. 304)
name (p. 304)
number (p. 305)
OutOfResources (p. 305)
port (p. 305)
portlist (p. 305)
preserve (p. 305)
priority (p. 305)
server-address (p. 308)
serverV6 (p. 308)
source-binding (p. 308)
source-lockdown (p. 309)
source-route (p. 309)
ssh (p. 309)
standard (p. 310)
start-seq-num (p. 310)
timeout (p. 311)
timep (p. 311)
trap (p. 311)
ttl (p. 312)
udp-bcast-forward (p. 312)
unreachable (p. 312)
vlan (p. 312)
zero-broadcast (p. 312)
access
■ ip authorized-managers IP-ADDR access < Manager | Operator >
Define an access level desired.
Supported Values:
■ Manager
■ Operator
access-list
■ [no] ip access-list
Usage: [no] ip access-list <extended|standard|conection-rate-filter> <ACL-ID>
<resequence> <ACL-ID> <start-seq-no> <increment>
Description: Enter the named-acl context for the specified access control
list.
Parameters:
o <extended|standard|conection-rate-filter> <ACL-ID>
Enter the named-acl context for the specified access control
list. The ACL-ID is case sensitive and may be up to sixty-four
characters in length. If it includes spaces, the entire ACL-ID
must be enclosed in quotation marks.
o <resequence> <ACL-ID> <start-seq-no> <increment>
Renumber the entries in an Access Control List.
Start sequence number and increment can range between
1 - 2147483647.
Next Available Options:
■ extended -- Configure an extended Access Control List. (p. 299)
■ standard -- Configure a standard Access Control List. (p. 310)
■ resequence -- Renumber the entries in an Access Control List. (p. 307)
■ connection-rate-filter -- Configure a connection-rate-filter Access Control List. (p. 297)
© 2009 Hewlett-Packard Development Company, L.P.
293
Command Line Interface Reference Guide
ip
access-method
■ [no] ip authorized-managers IP-ADDR access-method < all | ssh | telnet | ... >
Define an access method desired.
Supported Values:
■ all
■ ssh
■ telnet
■ web
■ snmp
■ tftp
address
■ [no] ip address
Usage: [no] ip address [dhcp-bootp|IP-ADDR/MASK-LENGTH]
Description: Set IP parameters for communication within an IP network.
Parameters:
o dhcp-bootp - The switch attempts to get its configuration from a
DHCP/Bootp server.
o IP-ADDR/MASK-LENGTH - Assign an IP address to the switch.
The IP-ADDR/MASK-LENGTH may be specified in two ways using the
following syntax:
ip address 192.32.36.87/24
ip address 192.32.36.87 255.255.255.0
Both of the statements above would have the same effect.
Next Available Options:
■ ip-addr -- Interface IP address/mask. (IP-ADDR/MASK-LENGTH) (p. 302)
■ dhcp-bootp -- Configure the interface to use DHCP/Bootp server to acquire parameters.(p. 297)
addrmask
■ [no] ip icmp addrmask
Usage: [no] ip icmp addrmask
Description: Enable/disable address mask replies.
arp-age
■ [no] ip arp-age
Usage: [no] ip arp-age <[0..1440]|infinite>
Description: Modify Address Resolution Protocol (ARP) table entry timeout,
specified in minutes. You can set the age up to 1440 minutes (24 hours).
The default timeout is 20 minutes.
o
<0..1440> - timeout specified in minutes.
© 2009 Hewlett-Packard Development Company, L.P.
294
Command Line Interface Reference Guide
o
ip
infinite - sets the timeout to 0. A value of 0 indicates an infinite
timeout to the switch. (Internally the ARP age timeout is set to 99,999,999
seconds (approximately 3.2 years)
Next Available Options:
■ timeout < 1 to 1440 > -- Modify Address Resolution Protocol (ARP) table entry timeout, specified
in minutes (NUMBER) (p. 311)
■ infinite -- Causes the ARP timeout to be set to 0, indicating an infinite timeout period. (p. 301)
Example 1. Example of ip arp-age Command
ProCurve(config)# ip arp-age 1000
authorized-managers
■ [no] ip authorized-managers
Usage: [no] ip authorized-managers <IPV4-ADDR> [IPV4-MASK]
[access <manager|operator>]
[access-method <all|ssh|telnet|web|snmp|tftp>]
Description: Define the IPV4 addresses allowed to manage the switch.
Clients using the specified IPV4 addresses are allowed
to access the switch with the specified access method and
access level.
A maximum of 100 addresses may be configured.
Parameters:
o IPV4-ADDR - The IPV4 address of an authorized manager.
o IPV4-MASK - A mask that allows you to define which portions of
the listed IP address need to be matched by an incoming request.
The default mask is 255.255.255.255. For example, with an
authorized address of 10.8.11.1 and a mask of 255.255.255.255,
only access from 10.8.11.1 is allowed. With a mask of
255.255.255.0, access from any IP address with 10.8.11.x is
allowed.
o access <manager|operator> - A designation of the management
capabilities that are accessible to the authorized manager.
'manager' allows full access to all web browser and telnet to console
for viewing and setting the switch configuration, and for performing
all other interface operations,including all TFTP operations.
'operator' allows view-only access from the web browser and the
console, but does not allow changing the switch configuration or any
TFTP operations. The default access level is manager.
o access-method <all|ssh|telnet|web|snmp|tftp> - A designation of the
access method that the authorized manager will allow for this rule.
The default access method is all.
Next Available Option:
■ IPV4-ADDR -- Authorized manager IPv4 address. (IP-ADDR) (p. 303)
© 2009 Hewlett-Packard Development Company, L.P.
295
Command Line Interface Reference Guide
ip
auto
■ ip igmp auto [ETHERNET] PORT-LIST
Usage: ip igmp auto [ethernet] PORT-LIST
Description: Instruct the device to monitor incoming multicast traffic
on the specified ports (this is the default behavior). This
feature is configured on a per-VLAN basis.
blackhole
■ [no] ip route IP-ADDR/MASK-LENGTH blackhole
Specify that packets are silently discarded with no ICMP message sent.
Next Available Option:
■ distance < 1 to 255 > -- Set the administrative distance to associate with this static route.(p.
298)
blocked
■ ip igmp blocked [ETHERNET] PORT-LIST
Usage: ip igmp blocked [ethernet] PORT-LIST
Description: Instruct the device to drop incoming multicast packets
received on the specified ports. This feature is
configured on a per-VLAN basis.
broadcast-request
■ [no] ip icmp echo broadcast-request
Usage: [no] ip icmp echo broadcast-request
Description: Enable/disable echo replies to broadcast echo requests.
Supported Values:
■ Min
■ Max
burst-normal
■ [no] ip icmp burst-normal < 0 to 1000000 >
Usage: ip icmp burst-normal <0-1000000>
Description: The maximum number of icmp replies to send per second.
The default value is 1000.
Range: < 0 to 1000000 >
cipher
■ [no] ip ssh cipher < aes128-cbc | 3des-cbc | aes192-cbc | ... >
Specify a cipher to enable/disable.
Supported Values:
■ aes128-cbc
© 2009 Hewlett-Packard Development Company, L.P.
296
Command Line Interface Reference Guide
■
■
■
■
■
■
■
ip
3des-cbc
aes192-cbc
aes256-cbc
[email protected]
aes128-ctr
aes192-ctr
aes256-ctr
connection-rate-filter
■ [no] ip access-list connection-rate-filter
Configure a connection-rate-filter Access Control List.
Next Available Option:
■ name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 304)
default
■ ip ssh port default
Specify that the daemon should listen on the default TCP port (22).
default-gateway
■ [no] ip default-gateway
Usage: [no] ip default-gateway [IP-ADDR]
Description: Configure the IPv4 default gateway address, which will be
used when routing is not enabled on the switch. The IP-ADDR
must be specified if the command is not preceded by 'no'.
Preceding the command with 'no' deletes the default gateway
address.The 'no' form of this command does not take
effect on default gateway address obtained via dhcp.
Next Available Option:
■ ipaddr -- IPv4 address of the default gateway. (IP-ADDR) (p. 302)
dhcp
■ ip timep dhcp
Use DHCP to acquire Timep server address.
Next Available Option:
■ interval < 1 to 9999 > -- Specify how often (in minutes) the switch tries to get the current time.(p.
301)
dhcp-bootp
■ ip address dhcp-bootp
Configure the interface to use DHCP/Bootp server to acquire parameters.
© 2009 Hewlett-Packard Development Company, L.P.
297
Command Line Interface Reference Guide
ip
directed-broadcast
■ [no] ip directed-broadcast
Usage: [no] ip directed-broadcast
Description: Enable/disable directed broadcast forwarding.
distance
■ ip route IP-ADDR/MASK-LENGTH IP-ADDR distance < 1 to 255 >
Set the administrative distance to associate with this static route.
Range: < 1 to 255 >
■ ip route IP-ADDR/MASK-LENGTH vlan VLAN-ID distance < 1 to 255 >
Set the administrative distance to associate with this static route.
Range: < 1 to 255 >
■ ip route IP-ADDR/MASK-LENGTH reject distance < 1 to 255 >
Set the administrative distance to associate with this static route.
Range: < 1 to 255 >
■ ip route IP-ADDR/MASK-LENGTH blackhole distance < 1 to 255 >
Set the administrative distance to associate with this static route.
Range: < 1 to 255 >
dns
■ [no] ip dns
Usage: [no] ip dns domain-name <domain-name>
[no] ip dns server-address priority <PRIORITY> [IP-ADDR|IPV6-ADDR]
Description: Configure the DNS (Domain Name System) default domain suffix
and the name server IP address for translation of hostnames
to IP addresses.
No additional parameters are required when 'no' is specified.
Parameters:
o domain-name <domain-name> - The default domain suffix.
o server-address priority <PRIORITY> [IP-ADDR|IPV6-ADDR]
<PRIORITY> priority of the domain name server address.
[IP-ADDR|IPV6-ADDR] IPv4 or IPv6 address.
Next Available Options:
■ domain-name -- Configure default domain suffix.(p. 298)
■ server-address -- Configure DNS server IP address.(p. 308)
domain-name
■ [no] ip dns domain-name
Configure default domain suffix.
© 2009 Hewlett-Packard Development Company, L.P.
298
Command Line Interface Reference Guide
ip
Next Available Option:
■ domain-name -- Default domain suffix. (ASCII-STR) (p. 298)
■ ip dns domain-name DOMAIN-NAME
Default domain suffix.
echo
■ [no] ip icmp echo
Usage: [no] ip icmp echo ...
Description: Enable/disable echo replies to broadcast echo requests.
Next Available Option:
■ broadcast-request < Min | Max > -- Enable/disable echo replies to broadcast echo requests(p.
296)
extended
■ [no] ip access-list extended
Configure an extended Access Control List.
Next Available Options:
■ name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 304)
■ number < 100 to 199 > -- Specify Access Control List to configure by number. (p. 305)
fastleave
■ [no] ip igmp fastleave [ETHERNET] PORT-LIST
Usage: [no] ip igmp fastleave [ethernet] PORT-LIST
Description: Enables or disables IGMP Fast Leaves. When enabled, as soon as
an IGMP Group Leave has been received on a non-cascaded port,
the switch stops forwarding multicast traffic for that group
to that port.
Does not apply to cascaded ports (see ip igmp forcedfastleave).
When disabled, or when the port is cascaded, the regular IGMP
leave time is used (up to 10 seconds when the switch is not
the IGMP Querier).
The default behavior is for IGMP FastLeaves to be enabled.
This feature is configured for ports on a per-VLAN basis.
filetransfer
■ [no] ip ssh filetransfer
Enable/disable secure file transfer capability.
forcedfastleave
■ [no] ip igmp forcedfastleave [ETHERNET] PORT-LIST
© 2009 Hewlett-Packard Development Company, L.P.
299
Command Line Interface Reference Guide
ip
Usage: [no] ip igmp forcedfastleave [ethernet] PORT-LIST
Description: When enabled, this feature forces IGMP Fast Leaves to occur
even when the port is cascaded. See 'ip igmp fastleave' for
more information. The default behavior is for IGMP Forced
FastLeaves to be disabled.
This feature is configured for ports on a per-VLAN basis.
forward
■ ip igmp forward [ETHERNET] PORT-LIST
Usage: ip igmp forward [ethernet] PORT-LIST
Description: Instruct the device to forward incoming multicast packets
received on the specified ports. This feature is
configured on a per-VLAN basis.
high-priority-forward
■ [no] ip igmp high-priority-forward
Usage: [no] ip igmp high-priority-forward
Description: Enable/disable the high priority forwarding of traffic for
subscribed IP Multicast groups. This feature is configured on
a per-VLAN basis.
icmp
■ [no] ip icmp
Usage: [no] ip icmp [...]
Description: Configure ICMP Rate Limiting capacity. Use 'ip icmp ?' to get
a list of all possible configurable parameters.
Next Available Options:
■ addrmask -- Enable/disable address mask replies(p. 294)
■ burst-normal < 0 to 1000000 > -- The maximum number of icmp replies to send per second(p.
296)
■ echo -- Enable/disable echo replies to broadcast echo requests(p. 299)
■ redirects -- Enable/disable redirect error messages(p. 306)
■ reply-limit -- Enable/disable ICMP reply rate limiting(p. 306)
■ unreachable -- Enable/disable destination unreachable error messages(p. 312)
igmp
■ [no] ip igmp
Usage: [no] ip igmp [...]
Description: Enable/disable/configure IP Multicast Group Protocol (IGMP)
feature. This command enables, disables or configures the
IGMP feature for IGMP communication between Multicast
Routers, Multicast Servers, and Multicast Clients connected
to the switch. If not preceded by 'no', the command accepts
a variety of configuration parameters. To get a list of all
© 2009 Hewlett-Packard Development Company, L.P.
300
Command Line Interface Reference Guide
ip
available parameters use 'ip igmp ?'. To get a detailed help
for a parameter, follow it with 'help' keyword.
Next Available Options:
■ querier -- Specify querier/non-querier capability for the VLAN(p. 306)
■ high-priority-forward -- Enable/disable the high priority forwarding of traffic for subscribed IP
Multicast groups(p. 300)
■ auto -- Instruct the device to monitor incoming multicast traffic on the specified ports (this is
the default behavior) ([ethernet] PORT-LIST) (p. 296)
■ blocked -- Instruct the device to drop incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 296)
■ fastleave -- Enables or disables IGMP Fast Leaves ([ethernet] PORT-LIST) (p. 299)
■ forcedfastleave -- When enabled, this feature forces IGMP Fast Leaves to occur even when the
port is cascaded ([ethernet] PORT-LIST) (p. 299)
■ forward -- Instruct the device to forward incoming multicast packets received on the specified
ports ([ethernet] PORT-LIST) (p. 300)
increment
■ ip access-list resequence NAME < 1 to 2147483647 > < 1 to 2147483646 >
Specify the increment.
Range: < 1 to 2147483646 >
infinite
■ ip arp-age infinite
Causes the ARP timeout to be set to 0, indicating an infinite
timeout period.
interface
■ ip source-binding VLAN-ID IP-ADDR MAC-ADDR [ETHERNET] PORT-NUM
See ip source-binding command.
interval
■ ip igmp querier interval < 5 to 300 >
Sets the interval in seconds between IGMP queries
(default: 125)
Range: < 5 to 300 >
■ ip timep dhcp interval < 1 to 9999 >
Specify how often (in minutes) the switch tries to get the current time.
Range: < 1 to 9999 >
■ ip timep manual IP-ADDR interval < 1 to 9999 >
Specify how often (in minutes) the switch tries to get the current time.
Range: < 1 to 9999 >
■ ip timep manual IPV6-ADDR interval < 1 to 9999 >
© 2009 Hewlett-Packard Development Company, L.P.
301
Command Line Interface Reference Guide
ip
Specify how often (in minutes) the switch tries to get the current time.
Range: < 1 to 9999 >
ip
■ ip source-binding VLAN-ID IP-ADDR
Next Available Option:
■ mac -- (MAC-ADDR) (p. 304)
ip6addr
■ [no] ip dns server-address priority < 1 to 2 > IPV6-ADDR
DNS server IPv6 address.
ipaddr
■ ip default-gateway IP-ADDR
IPv4 address of the default gateway.
■ [no] ip dns server-address priority < 1 to 2 > IP-ADDR
DNS server IP address.
■ ip router-id IP-ADDR
Usage: ip router-id IP-ADDR
[no] ip router-id
Description: Define the device router id.
The no form of the command clears the router-id.
ip-addr
■ [no] ip address IP-ADDR/MASK-LENGTH
Interface IP address/mask.
■ ip route IP-ADDR/MASK-LENGTH
Specify IP address and mask of the route destination.
Next Available Options:
■ ip-addr -- Specify gateway IP address. (IP-ADDR) (p. 302)
■ vlan -- Specify the destination VLAN. (VLAN-ID) (p. 312)
■ reject -- Specify that packets are discarded and ICMP error is returned to sender.(p. 306)
■ blackhole -- Specify that packets are silently discarded with no ICMP message sent.(p. 296)
■ [no] ip route IP-ADDR/MASK-LENGTH IP-ADDR
Specify gateway IP address.
Next Available Option:
■ distance < 1 to 255 > -- Set the administrative distance to associate with this static route.(p.
298)
© 2009 Hewlett-Packard Development Company, L.P.
302
Command Line Interface Reference Guide
ip
IP-PORT
■ ip ssh port TCP/UDP-PORT
Specify the TCP port number on which the daemon should listen.
IPV4-ADDR
■ ip authorized-managers IP-ADDR
Authorized manager IPv4 address.
Next Available Options:
■ IPV4-MASK -- IP mask defining a group of adjacent manager IP addresses. (IP-ADDR) (p. 303)
■ access < Manager | Operator > -- Define an access level desired.(p. 293)
■ access-method < all | ssh | telnet | ... > -- Define an access method desired.(p. 294)
IPV4-MASK
■ ip authorized-managers IP-ADDR IP-ADDR
IP mask defining a group of adjacent manager IP addresses.
irdp
■ [no] ip irdp
Usage: [no] ip irdp
Description: Enable/disable ICMP Router Discovery Protocol (IRDP).
To configure IRDP, execute '[no] ip irdp [...]' from the
VLAN context for the VLAN on which you wish to configure IRDP.
keystring
■ ip ssh public-key < manager | operator > KEYSTRING
ASCII formatted public-key.
load-sharing
■ [no] ip load-sharing
Usage: ip load-sharing <2-4>
no ip load-sharing
Description: Specify the maximum number of equal cost IP load sharing
paths. no ip load-sharing disables IP load sharing.
Next Available Option:
■ load-sharing-value < 2 to 4 > -- Specify the maximum number of equal cost IP load sharing
paths(p. 303)
load-sharing-value
■ ip load-sharing < 2 to 4 >
© 2009 Hewlett-Packard Development Company, L.P.
303
Command Line Interface Reference Guide
ip
Usage: ip load-sharing <2-4>
no ip load-sharing
Description: Specify the maximum number of equal cost IP load sharing
paths. no ip load-sharing disables IP load sharing.
Range: < 2 to 4 >
mac
■ [no] ip ssh mac < hmac-md5 | hmac-sha1 | hmac-sha1-96 | ... >
Specify a mac to enable/disable.
Supported Values:
■ hmac-md5
■ hmac-sha1
■ hmac-sha1-96
■ hmac-md5-96
■ ip source-binding VLAN-ID IP-ADDR MAC-ADDR
Next Available Option:
■ interface -- ([ethernet] PORT-NUM) (p. 301)
manual
■ ip timep manual
Manually configure the Timep server address.
Next Available Options:
■ server -- Timep server IPv4 address. (IP-ADDR) (p. 308)
■ serverV6 -- Timep server IPv6 address. (IPV6-ADDR) (p. 308)
multicast-routing
■ [no] ip multicast-routing
Usage: [no] ip multicast-routing
Description: Enable/disable IP multicast routing on the device.
name
■ [no] ip access-list extended NAME
Specify name of Access Control List to configure.
■ [no] ip access-list standard NAME
Specify name of Access Control List to configure.
■ ip access-list resequence NAME
Specify name of Access Control List to configure.
© 2009 Hewlett-Packard Development Company, L.P.
304
Command Line Interface Reference Guide
ip
Next Available Option:
■ start-seq-num < 1 to 2147483647 > -- Specify the starting sequence number. (p. 310)
■ [no] ip access-list connection-rate-filter NAME
Specify name of Access Control List to configure.
number
■ [no] ip access-list extended < 100 to 199 >
Specify Access Control List to configure by number.
Range: < 100 to 199 >
■ [no] ip access-list standard < 1 to 99 >
Specify Access Control List to configure by number.
Range: < 1 to 99 >
OutOfResources
■ [no] ip source-binding trap OutOfResources
Set out-of-resources trap.
port
■ ip ssh port
Specify the TCP port on which the daemon should listen for SSH connections.
Next Available Options:
■ IP-PORT -- Specify the TCP port number on which the daemon should listen. (TCP/UDP-PORT)
(p. 303)
■ default -- Specify that the daemon should listen on the default TCP port (22).(p. 297)
portlist
■ [no] ip source-lockdown [ETHERNET] PORT-LIST
Specify the ports on which ip source-lockdown need to be implemented.
preserve
■ ip preserve
priority
■ [no] ip dns server-address priority < 1 to 2 >
Priority of Server Address.
Range: < 1 to 2 >
Next Available Options:
■ ipaddr -- DNS server IP address. (IP-ADDR) (p. 302)
■ ip6addr -- DNS server IPv6 address. (IPV6-ADDR) (p. 302)
© 2009 Hewlett-Packard Development Company, L.P.
305
Command Line Interface Reference Guide
ip
public-key
■ ip ssh public-key < manager | operator >
Configure a client public-key.
Supported Values:
■ manager -- Select manager public keys.
■ operator -- Select operator public keys.
Next Available Option:
■ keystring -- ASCII formatted public-key. (ASCII-STR) (p. 303)
querier
■ [no] ip igmp querier
Usage: [no] ip igmp querier [interval <seconds>]
Description: Specify querier/non-querier capability for the VLAN. IGMP
queries are not sent when the mode is disabled. When
enabled, the device cannot become Querier for the subnet
unless the VLAN has an IP Address (use the 'show ip' command
to determine this). Each subnet must have at least one IGMP
Querier-capable device in order for IGMP to function
properly. The querier interval setting modifies the time (in
seconds) between IGMP queries.
Next Available Option:
■ interval < 5 to 300 > -- Sets the interval in seconds between IGMP queries (default: 125) (p. 301)
redirects
■ [no] ip icmp redirects
Usage: [no] ip icmp redirects
Description: Enable/disable redirect error messages.
reject
■ [no] ip route IP-ADDR/MASK-LENGTH reject
Specify that packets are discarded and ICMP error is returned to sender.
Next Available Option:
■ distance < 1 to 255 > -- Set the administrative distance to associate with this static route.(p.
298)
reply-limit
■ [no] ip icmp reply-limit
© 2009 Hewlett-Packard Development Company, L.P.
306
Command Line Interface Reference Guide
ip
Usage: ip icmp reply-limit
Description: Enable/disable ICMP reply rate limiting.
resequence
■ ip access-list resequence
Renumber the entries in an Access Control List.
Next Available Option:
■ name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 304)
route
■ [no] ip route
Usage: [no] ip route IP-ADDR/MASK-LENGTH
<IP-ADDR|vlan <vlan-id>|reject|blackhole> [distance <1-255>]
Description: Add or delete static routing table entries. A route
entry is identified by a destination (IP-ADDR/MASK-LENGTH)
and next-hop pair. The next-hop can be either a gateway IP
address or a vlan or the keyword 'reject' or 'blackhole':
- a gateway IP address indicates that the specified gateway
will be used to reach the destination. The gateway address is
not required to be directly reachable on one of local subnets.
If the gateway address is not directly reachable, the route
will be added to the routing table as soon as a route to the
gateway address is learned.
If the gateway address is one of local interface addresses,
the destination is treated as if it is directly connected to
the specified interface.
- the keyword 'vlan' followed by the vlan-id indicates the
destination vlan for that route.
- the keyword 'reject' indicates that if this route is matched,
a packet to the destination is discarded and a notification
(e.g. ICMP error) is returned to the packet sender.
- the keyword 'blackhole' indicates that if this route is matched,
a packet to the destination is silently discarded and no
notification (e.g. ICMP error) is returned to the packet sender.
- the optional keyword 'distance' is used to specify the
administrative distance for the route.
If the route command is preceded by 'no' the command deletes
the route for the specified destination next-hop pair.
Next Available Option:
■ ip-addr -- Specify IP address and mask of the route destination. (IP-ADDR/MASK-LENGTH) (p.
302)
router-id
■ [no] ip router-id
Usage: ip router-id IP-ADDR
[no] ip router-id
© 2009 Hewlett-Packard Development Company, L.P.
307
Command Line Interface Reference Guide
ip
Description: Define the device router id.
The no form of the command clears the router-id.
Next Available Option:
■ ipaddr -- Define the device router id (IP-ADDR) (p. 302)
routing
■ [no] ip routing
Usage: [no] ip routing
Description: Enable/disable IP routing support on the device.
server
■ ip timep manual IP-ADDR
Timep server IPv4 address.
Next Available Option:
■ interval < 1 to 9999 > -- Specify how often (in minutes) the switch tries to get the current time.(p.
301)
server-address
■ [no] ip dns server-address
Configure DNS server IP address.
Next Available Option:
■ priority < 1 to 2 > -- Priority of Server Address. (NUMBER) (p. 305)
serverV6
■ ip timep manual IPV6-ADDR
Timep server IPv6 address.
Next Available Option:
■ interval < 1 to 9999 > -- Specify how often (in minutes) the switch tries to get the current time.(p.
301)
source-binding
■ [no] ip source-binding
Usage: [no] ip source-binding <VLAN-ID> <MAC-ADDR> <IP-ADDR>
[ethernet] <PORT-NUM>
Description: Add/remove a static IP-to-MAC binding in the DHCP snooping
database.
Parameters:
© 2009 Hewlett-Packard Development Company, L.P.
308
Command Line Interface Reference Guide
ip
o <VLAN-ID>
-- VLAN ID number to bind with the specified IP and MAC
address on the specified port in the DHCP snooping
binding database.
o <MAC-ADDR> -- MAC address to bind with the specified IP address and
VLAN on the specified port.
o <IP-ADDR>
-- IP address to bind with the specified MAC address and
VLAN on the specified port.
o [ethernet] <PORT-NUM> -- Port number on which the IP-to-MAC and VLAN
binding is configured in.
Next Available Options:
■ vlan -- (VLAN-ID) (p. 312)
■ trap -- Set traps for dynamic ip lockdown(p. 311)
source-lockdown
■ [no] ip source-lockdown
Usage: [no] ip source-lockdown [ethernet] <port-list>
Description: Enable/disable IP source lockdown in global configuration mode.
Using the port-list option it can be configured on per-port basis.
Next Available Option:
■ portlist -- Specify the ports on which ip source-lockdown need to be implemented. ([ethernet]
PORT-LIST) (p. 305)
source-route
■ [no] ip source-route
Usage: [no] ip source-route
Description: Enable/disable forwarding of source routed packets.
ssh
■ [no] ip ssh
Usage: ip ssh filetransfer
port <<1-65535>|default>
public-key <operator|manager> KEYSTRING
ip-version <4|6|4or6>
timeout <5-120>
cipher CIPHER
mac MAC
no ip ssh [filetransfer]
cipher CIPHER
mac MAC
Description: Enable/disable SSH server on the device or set various SSH
server parameters.
Parameters:
o 'filetransfer' - Enable/disable secure file transfer
capability. (SCP and SFTP) Secure file transfer will not
© 2009 Hewlett-Packard Development Company, L.P.
309
Command Line Interface Reference Guide
ip
function unless SSH is also enabled.
o 'port <<1-65535>|default>' - Set the TCP port on which the
daemon should listen for SSH connections. The default is 22.
o 'public-key <operator|manager> KEYSTRING' - set a key for
public-key authentication. The KEYSTRING parameter must be
enclosed in quotes--either"KEYSTRING" or 'KEYSTRING'.
Newlines may be escaped with a backslash.
o 'ip-version <4|6|4or6>' - Select the IP mode to run in.
'ip-version 4' will only accept connections from IPv4
clients. 'ip-version 6' will only accept connections from
IPv6 clients. 'ip-version 4or6' accept connections from
both IPv4 and IPv6 clients. default is 'ip-version 4or6'.
o 'timeout <5-120>' - Set the maximum length of time in
seconds permitted for initial protocol negotiation and
authentication. The default is 120 seconds.
o 'cipher CIPHER' - Enable or disable the specified cipher.
By default, all available ciphers are enabled.
o 'mac MAC' - Enable or disable the specified mac.
all available macs are enabled.
By default,
Next Available Options:
■ filetransfer -- Enable/disable secure file transfer capability.(p. 299)
■ port -- Specify the TCP port on which the daemon should listen for SSH connections.(p. 305)
■ public-key < manager | operator > -- Configure a client public-key. (NUMBER) (p. 306)
■ timeout < 5 to 120 > -- Specify the maximum length of time (seconds) permitted for protocol
negotiation and authentication. (NUMBER) (p. 311)
■ cipher < aes128-cbc | 3des-cbc | aes192-cbc | ... > -- Specify a cipher to enable/disable.(p. 296)
■ mac < hmac-md5 | hmac-sha1 | hmac-sha1-96 | ... > -- Specify a mac to enable/disable.(p. 304)
standard
■ [no] ip access-list standard
Configure a standard Access Control List.
Next Available Options:
■ name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 304)
■ number < 1 to 99 > -- Specify Access Control List to configure by number. (p. 305)
start-seq-num
■ ip access-list resequence NAME < 1 to 2147483647 >
Specify the starting sequence number.
Range: < 1 to 2147483647 >
Next Available Option:
■ increment < 1 to 2147483646 > -- Specify the increment. (p. 301)
© 2009 Hewlett-Packard Development Company, L.P.
310
Command Line Interface Reference Guide
ip
timeout
■ ip arp-age < 1 to 1440 >
Usage: [no] ip arp-age <[0..1440]|infinite>
Description: Modify Address Resolution Protocol (ARP) table entry timeout,
specified in minutes.
The default timeout is 20 minutes.
o
<0..1440> - timeout specified in minutes.
o
infinite - sets the timeout to 0. A value of 0 indicates an infinite
timeout to the switch.
Range: < 1 to 1440 >
■ ip ssh timeout < 5 to 120 >
Specify the maximum length of time (seconds) permitted for protocol negotiation and
authentication.
Range: < 5 to 120 >
timep
■ [no] ip timep
Usage: [no] ip timep [<dhcp|[manual <IP-ADDR | IPV6-ADDR>]> [interval <1-9999>]]
Description: Configure the method to acquire the Timep server address.
No additional parameters are required when 'no' is specified.
Parameters:
o <dhcp|manual> - The method the switch uses to acquire
the Timep server address: dhcp - from a DHCP server; manual - you
manually enter the Timep server address; disable (which is set by
specifying the 'no' parameter) - the switch will not attempt to get
its time from a Timep server.
o [interval <1-9999>] (default is 720) How often (in minutes) the
switch tries to get the current time.
o [server <IP-ADDR>] - The IPv4 address of the Timep server that the
switch gets the current time from.
o [server <IPV6-ADDR>] - The IPv6 address of the Timep server that the
switch gets the current time from.
Next Available Options:
■ dhcp -- Use DHCP to acquire Timep server address.(p. 297)
■ manual -- Manually configure the Timep server address.(p. 304)
trap
■ [no] ip source-binding trap
© 2009 Hewlett-Packard Development Company, L.P.
311
Command Line Interface Reference Guide
ip
Usage: [no] ip source-binding trap OutOfResources
Description: Set traps for dynamic ip lockdown.
Next Available Option:
■ OutOfResources -- Set out-of-resources trap. (p. 305)
ttl
■ ip ttl < 2 to 255 >
Usage: ip ttl <2-255>
Description: Specify TTL for outgoing IP packets.
Range: < 2 to 255 >
udp-bcast-forward
■ [no] ip udp-bcast-forward
Usage: [no] ip udp-bcast-forward
Description: Enable/disable UDP broadcast forwarding.
unreachable
■ [no] ip icmp unreachable
Usage: [no] ip icmp unreachable
Description: Enable/disable destination unreachable error messages.
vlan
■ ip source-binding VLAN-ID
Next Available Option:
■ ip -- (IP-ADDR) (p. 302)
■ [no] ip route IP-ADDR/MASK-LENGTH vlan VLAN-ID
Specify the destination VLAN.
Next Available Option:
■ distance < 1 to 255 > -- Set the administrative distance to associate with this static route.(p.
298)
zero-broadcast
■ [no] ip zero-broadcast
Usage: [no] ip zero-broadcast
Description: Enable/disable usage of zero broadcast IP Address.
© 2009 Hewlett-Packard Development Company, L.P.
312
ipv6
OVERVIEW
Category:
Primary context:
config
Related Commands
show ipv6 (page 562)
ip (page 290)
Usage: [no] ipv6 ...
Description: Configure various IP parameters for the VLAN. The 'ipv6'
command must be followed by a feature-specific keyword.
Use 'ipv6 ?' to get a list of all possible options.
This is a VLAN context command. It can be called directly
from the VLAN context or follow the 'vlan VLAN-ID'
command.
COMMAND STRUCTURE
■ [no] ipv6 access-list -- Enter the ipv6 acl context for the specified access control list (p. 314)
■ acl-name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 314)
■ resequence -- Renumber the entries in an Access Control List. (ASCII-STR) (p. 317)
■ start-seq-num < 1 to 2147483647 > -- Specify the starting sequence number. (p. 318)
■ incr-num < 1 to 2147483646 > -- Specify the increment. (p. 316)
■ [no] ipv6 authorized-managers -- Define the IPV6 addresses allowed to manage the switch (p. 314)
■ IPV6-ADDR -- Authorized manager IPv6 address. (IPV6-ADDR) (p. 317)
■ access < Manager | Operator > -- Define an access level desired. (p. 314)
■ access-method < all | ssh | telnet | ... > -- Define an access method desired. (p. 314)
■ IPV6-MASK -- IP mask defining a group of adjacent manager IP addresses. (IPV6-ADDR) (p.
317)
■ [no] ipv6 icmp -- ICMPv6 rate limiting. (p. 316)
■ error-interval -- Send the ICMP error message. (p. 316)
■ int < 0 to 2147483647 > -- Specify interval-range. (p. 316)
■ bucket-size -- Set the bucket size. This is optional. (p. 315)
■ int < 1 to 200 > -- Specify bucket size. (p. 316)
■ [no] ipv6 nd -- IPv6 nodes on the same link use Neighbor Discovery to discover each other's
presence, link-layer addresses, routers and to maintain reachability information about the paths
to active neighbors (p. 317)
■ dad-attempts -- IPv6 neighbor discovery duplicate address detection. (p. 315)
■ number < 0 to 600 > -- Configures the number of neighbor solicitations to send when
performing duplicate address detection (p. 317)
COMMAND DETAILS
access (p. 314)
access-list (p. 314)
access-method (p. 314)
acl-name (p. 314)
authorized-managers (p. 314)
bucket-size (p. 315)
dad-attempts (p. 315)
error-interval (p. 316)
icmp (p. 316)
incr-num (p. 316)
int (p. 316)
IPV6-ADDR (p. 317)
© 2009 Hewlett-Packard Development Company, L.P.
IPV6-MASK (p. 317)
nd (p. 317)
number (p. 317)
resequence (p. 317)
start-seq-num (p. 318)
313
Command Line Interface Reference Guide
ipv6
access
■ ipv6 authorized-managers IPV6-ADDR access < Manager | Operator >
Define an access level desired.
Supported Values:
■ Manager
■ Operator
access-list
■ [no] ipv6 access-list
Usage: [no] ipv6 access-list <ACL-ID>
<resequence> <ACL-ID> <start-seq-no> <increment>
Description: Enter the ipv6 acl context for the specified access control
list.
Parameters:
o <ACL-ID>
Enter the ipv6 acl context for the specified access control
list. The ACL-ID is case sensitive and may be up to sixty-four
characters in length. If it includes spaces, the entire ACL-ID
must be enclosed in quotation marks.
o <resequence> <ACL-ID> <start-seq-no> <increment>
Renumber the entries in an Access Control List.
Start sequence number and increment can range between
1 - 2147483647.
Next Available Options:
■ acl-name -- Specify name of Access Control List to configure. (ASCII-STR) (p. 314)
■ resequence -- Renumber the entries in an Access Control List. (ASCII-STR) (p. 317)
access-method
■ [no] ipv6 authorized-managers IPV6-ADDR access-method < all | ssh | telnet | ... >
Define an access method desired.
Supported Values:
■ all
■ ssh
■ telnet
■ web
■ snmp
■ tftp
acl-name
■ [no] ipv6 access-list ACL-NAME
Specify name of Access Control List to configure.
authorized-managers
■ [no] ipv6 authorized-managers
Usage: [no] ipv6 authorized-managers <IPV6-ADDR> [IPV6-MASK]
[access <manager|operator>]
© 2009 Hewlett-Packard Development Company, L.P.
314
Command Line Interface Reference Guide
ipv6
[access-method <all|ssh|telnet|web|snmp|tftp>]
Description: Define the IPV6 addresses allowed to manage the switch.
Clients using the specified IPV6 addresses are allowed
to access the switch with the specified access method and
access level.
A maximum of 100 addresses may be configured.
Parameters:
o IPV6-ADDR - The IPV6 address of an authorized manager.
o IPV6-MASK - A mask that allows you to define which portions of
the listed IP address need to be matched by an incoming request.
The default mask is ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
For example, with an ipv6 authorized address of
2001:db8:5:0:218:71ff:fec5:4400 and a mask of
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff,only access from
2001:db8:5:0:218:71ff:fec5:4400 is allowed. With a mask of
ffff:ffff:ffff:ffff:ffff:ffff:ffff:0, access from any IP address
with 2001:db8:5:0:218:71ff:fec5:x is allowed.
o access <manager|operator> - A designation of the management
capabilities that are accessible to the authorized manager.
'manager' allows full access to all web browser and telnet to console
for viewing and setting the switch configuration, and for performing
all other interface operations,including all TFTP operations.
'operator' allows view-only access from the web browser and the
console, but does not allow changing the switch configuration or any
TFTP operations. The default access level is manager.
o access-method <all|ssh|telnet|web|snmp|tftp> - A designation of the
access method that the authorized manager will allow for this rule.
The default access method is all.
Next Available Option:
■ IPV6-ADDR -- Authorized manager IPv6 address. (IPV6-ADDR) (p. 317)
bucket-size
■ ipv6 icmp error-interval < 0 to 2147483647 > bucket-size
This optional keyword specifies the maximum number of tokens allowed in the
token bucket at any time. Decreasing this value decreases the maximum number
of tokens that may be available at any time.
Range: 1-200
Default: 10
Next Available Option:
■ int < 1 to 200 > -- Specify bucket size.(p. 316)
dad-attempts
■ [no] ipv6 nd dad-attempts
© 2009 Hewlett-Packard Development Company, L.P.
315
Command Line Interface Reference Guide
ipv6
This command is executed at the global config level. It configures the number
of neighbor solicitations to send when performing duplicate address detection
for a unicast address configured on a VLAN interface.
Range: 0-600 (0 = disabled)
Default: 3 (enabled)
Next Available Option:
■ number < 0 to 600 > -- Configures the number of neighbor solicitations to send when performing
duplicate address detection(p. 317)
error-interval
■ [no] ipv6 icmp error-interval
Specifies the time interval in milliseconds between successive token adds.
Increasing this value decreases the rate at which tokens can be added. A
setting of zero disables ICMP messaging.
Range: 0 - 2147483647
Default: 100
Next Available Option:
■ int < 0 to 2147483647 > -- Specify interval-range.(p. 316)
icmp
■ [no] ipv6 icmp
ICMPv6 rate limiting.
Next Available Option:
■ error-interval -- Send the ICMP error message.(p. 316)
incr-num
■ ipv6 access-list resequence RESEQUENCE < 1 to 2147483647 > < 1 to 2147483646 >
Specify the increment.
Range: < 1 to 2147483646 >
int
■ ipv6 icmp error-interval < 0 to 2147483647 >
Specify interval-range.
Range: < 0 to 2147483647 >
Next Available Option:
■ bucket-size -- Set the bucket size. This is optional.(p. 315)
© 2009 Hewlett-Packard Development Company, L.P.
316
Command Line Interface Reference Guide
ipv6
■ ipv6 icmp error-interval < 0 to 2147483647 > bucket-size < 1 to 200 >
Specify bucket size.
Range: < 1 to 200 >
IPV6-ADDR
■ ipv6 authorized-managers IPV6-ADDR
Authorized manager IPv6 address.
Next Available Options:
■ IPV6-MASK -- IP mask defining a group of adjacent manager IP addresses. (IPV6-ADDR) (p. 317)
■ access < Manager | Operator > -- Define an access level desired.(p. 314)
■ access-method < all | ssh | telnet | ... > -- Define an access method desired.(p. 314)
IPV6-MASK
■ ipv6 authorized-managers IPV6-ADDR IPV6-ADDR
IP mask defining a group of adjacent manager IP addresses.
nd
■ [no] ipv6 nd
Usage: [no] ipv6 nd <parameter>
Description: IPv6 nodes on the same link use Neighbor Discovery to
discover each other's presence, link-layer addresses,
routers and to maintain reachability information about the
paths to active neighbors.
<parameter>
o dad-attempts - configure the neighbor solicitations to
determine that an address, it wishes to use is not already
in use by another node
Next Available Option:
■ dad-attempts -- IPv6 neighbor discovery duplicate address detection.(p. 315)
number
■ ipv6 nd dad-attempts < 0 to 600 >
Usage: [no] ipv6 nd dad attempts <number>
Description: Configures the number of neighbor solicitations to send when
performing duplicate address detection.
Range: < 0 to 600 >
resequence
■ ipv6 access-list resequence RESEQUENCE
Renumber the entries in an Access Control List.
© 2009 Hewlett-Packard Development Company, L.P.
317
Command Line Interface Reference Guide
ipv6
Next Available Option:
■ start-seq-num < 1 to 2147483647 > -- Specify the starting sequence number. (p. 318)
start-seq-num
■ ipv6 access-list resequence RESEQUENCE < 1 to 2147483647 >
Specify the starting sequence number.
Range: < 1 to 2147483647 >
Next Available Option:
■ incr-num < 1 to 2147483646 > -- Specify the increment. (p. 316)
© 2009 Hewlett-Packard Development Company, L.P.
318
jumbo
OVERVIEW
Category:
Primary context:
config
Related Commands
the section called “jumbos” (page 564)
Usage: jumbo ...
Description: Configure Global Jumbos parameters for the switch.
NOTES
Restriction on Value of max-frame-size
The value of max-frame-size must be greater than or equal to 18 bytes more than the value
selected for ip-mtu. For example, if ip-mtu is set to 8964, the max-frame-size is configured
as 8982.
COMMAND STRUCTURE
■ jumbo ip-mtu < 1500 to 9198 > -- Set the untagged Jumbos IP MTU or L3 MTU size for the switch
(p. 319)
■ jumbo max-frame-size < 1518 to 9216 > -- Set the untagged Jumbos Max frame size for the switch
(p. 319)
COMMAND DETAILS
ip-mtu (p. 319)
max-frame-size (p. 319)
ip-mtu
■ jumbo ip-mtu < 1500 to 9198 >
Usage: jumbo ip-mtu <1500-9198>
Description: Set the untagged Jumbos IP MTU or L3 MTU size for the switch.
This value will be effective only when Jumbos are
enabled.
Range: < 1500 to 9198 >
max-frame-size
■ jumbo max-frame-size < 1518 to 9216 >
Usage: jumbo max-frame-size <1518-9216>
Description: Set the untagged Jumbos Max frame size for the switch.
This value will be effective only when Jumbos are
enabled.
Range: < 1518 to 9216 >
© 2009 Hewlett-Packard Development Company, L.P.
319
key-chain
OVERVIEW
Category:
Switch Security
Primary context:
config
Related Commands
show (page 511)
Usage: key-chain ASCII-STR
Usage: key-chain ASCII-STR key NUMBER [key-string ASCII-STR]
[accept-lifetime <infinite|<<START-TIME|now> <END-TIME|duration SEC>>>]
[send-lifetime <infinite|<<START-TIME|now> <END-TIME|duration SEC>>>]
Usage: no key-chain ASCII-STR
Usage: no key-chain ASCII-STR key KEY-ID
Description: Configures authentication key chains and individual keys.
The configured key chains can be used for routing protocol
authentication. Refer to routing protocol configuration
commands for supported authentication methods and further
instructions. The first form of command creates a new key
chain unless the identified chain already exists.
The second form of the command allows adding keys to an
existent chain. The third and fourth forms of the command
can be used to delete keys and chains.
Parameters:
- 'key-string ASCII-STR' authentication key to use
(default empty string).
- 'accept-lifetime ...' time and date when to start accepting
the key and when the key is going to expire. The
expiration time is set to 'infinite' by default.
- 'send-lifetime ...' time and date when to start using
the key to send and when the key is going to expire.
A send key is always an accept key too. The expiration
time is set to 'infinite' by default.
Note: The 'accept-lifetime' period must always include the
'send-lifetime' period. If only one of the periods is being
changed then the other period also will be increased/reduced
when it is necessary.
Note: All time values are assumed to be GMT
COMMAND STRUCTURE
■ [no] key-chain KEY-CHAIN key < 0 to 255 > -- Configure chain keys. (NUMBER) (p. 333)
■ accept-lifetime -- Set key accept lifetime. (p. 323)
■ date -- Key accept start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key accept start time. (HH:MM[:SS]) (p. 338)
■ date -- Key accept stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ additional options available...
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ additional options available...
■ duration -- Use current day and time. (NUMBER) (p. 329)
© 2009 Hewlett-Packard Development Company, L.P.
320
Command Line Interface Reference Guide
key-chain
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ additional options available...
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ additional options available...
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ infinite -- Set infinite lifetime. (p. 332)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ now -- Use current day and time. (p. 334)
■ date -- Key accept stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ additional options available...
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ additional options available...
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ additional options available...
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-string -- Set key string (ASCII-STR) (p. 333)
■ accept-lifetime -- Set key accept lifetime. (p. 323)
■ date -- Key accept start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key accept start time. (HH:MM[:SS]) (p. 338)
■ date -- Key accept stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ additional options available...
© 2009 Hewlett-Packard Development Company, L.P.
321
Command Line Interface Reference Guide
key-chain
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ additional options available...
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ additional options available...
■ infinite -- Set infinite lifetime. (p. 332)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ additional options available...
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ now -- Use current day and time. (p. 334)
■ date -- Key accept stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ additional options available...
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ additional options available...
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ additional options available...
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ additional options available...
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ send-lifetime -- Set key send lifetime. (p. 336)
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
© 2009 Hewlett-Packard Development Company, L.P.
322
Command Line Interface Reference Guide
key-chain
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ infinite -- Set infinite lifetime. (p. 332)
■ now -- Use current day and time. (p. 334)
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ duration -- Use current day and time. (NUMBER) (p. 329)
COMMAND DETAILS
accept-lifetime (p. 323)
date (p. 323)
duration (p. 329)
infinite (p. 332)
key (p. 333)
key-string (p. 333)
now (p. 334)
send-lifetime (p. 336)
time (p. 338)
accept-lifetime
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime
Set key accept lifetime.
Next Available Options:
■ date -- Key accept start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime
Set key accept lifetime.
Next Available Options:
■ date -- Key accept start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
date
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE]
Key accept start date.
Next Available Option:
■ time -- Key accept start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE]
Key accept stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime [DATE]
© 2009 Hewlett-Packard Development Company, L.P.
323
Command Line Interface Reference Guide
key-chain
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime [DATE] [TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime [DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime [DATE] [TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
Key accept stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
© 2009 Hewlett-Packard Development Company, L.P.
324
Command Line Interface Reference Guide
key-chain
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime [DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime [DATE] [TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime [DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime [DATE] [TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
[DATE]
© 2009 Hewlett-Packard Development Company, L.P.
325
Command Line Interface Reference Guide
key-chain
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
[DATE] [TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime [DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime [DATE] [TIME]
[DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE]
Key accept start date.
Next Available Option:
■ time -- Key accept start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE]
© 2009 Hewlett-Packard Development Company, L.P.
326
Command Line Interface Reference Guide
key-chain
Key accept stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime [DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime [DATE] [TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime [DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime [DATE] [TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
© 2009 Hewlett-Packard Development Company, L.P.
327
Command Line Interface Reference Guide
key-chain
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE]
Key accept stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime [DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime [DATE]
[TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime now
[DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime
[DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime
[DATE] [TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime now
[DATE]
Key send stop date.
© 2009 Hewlett-Packard Development Company, L.P.
328
Command Line Interface Reference Guide
key-chain
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime [DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime [DATE] [TIME]
[DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime [DATE]
Key send start date.
Next Available Option:
■ time -- Key send start time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime [DATE] [TIME] [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime now [DATE]
Key send stop date.
Next Available Option:
■ time -- Key send stop time. (HH:MM[:SS]) (p. 338)
duration
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime [DATE] [TIME] duration NUMBER
© 2009 Hewlett-Packard Development Company, L.P.
329
Command Line Interface Reference Guide
key-chain
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime now duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER
Use current day and time.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime [DATE] [TIME] duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime now duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime [DATE] [TIME] duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime now duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER
Use current day and time.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime [DATE] [TIME] duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime now duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
[DATE] [TIME] duration NUMBER
Use current day and time.
© 2009 Hewlett-Packard Development Company, L.P.
330
Command Line Interface Reference Guide
key-chain
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
now duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime [DATE] [TIME]
duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime now duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime [DATE] [TIME] duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime now duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
Use current day and time.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime [DATE] [TIME] duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime now duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime [DATE]
[TIME] duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime now
duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER
Use current day and time.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
© 2009 Hewlett-Packard Development Company, L.P.
331
Command Line Interface Reference Guide
key-chain
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime
[DATE] [TIME] duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime now
duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime [DATE] [TIME]
duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime now duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime [DATE] [TIME] duration NUMBER
Use current day and time.
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime now duration NUMBER
Use current day and time.
infinite
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite
Set infinite lifetime.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
infinite
Set infinite lifetime.
© 2009 Hewlett-Packard Development Company, L.P.
332
Command Line Interface Reference Guide
key-chain
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime
infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite
Set infinite lifetime.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime infinite
Set infinite lifetime.
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime infinite
Set infinite lifetime.
key
■ [no] key-chain KEY-CHAIN key < 0 to 255 >
Configure chain keys.
Range: < 0 to 255 >
Next Available Options:
■ key-string -- Set key string (ASCII-STR) (p. 333)
■ accept-lifetime -- Set key accept lifetime.(p. 323)
■ send-lifetime -- Set key send lifetime.(p. 336)
key-string
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING
Set key string
© 2009 Hewlett-Packard Development Company, L.P.
333
Command Line Interface Reference Guide
key-chain
Next Available Options:
■ accept-lifetime -- Set key accept lifetime.(p. 323)
■ send-lifetime -- Set key send lifetime.(p. 336)
now
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key accept stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
© 2009 Hewlett-Packard Development Company, L.P.
334
Command Line Interface Reference Guide
key-chain
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key accept stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
© 2009 Hewlett-Packard Development Company, L.P.
335
Command Line Interface Reference Guide
key-chain
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime now
Use current day and time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
send-lifetime
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime
Set key send lifetime.
© 2009 Hewlett-Packard Development Company, L.P.
336
Command Line Interface Reference Guide
key-chain
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
© 2009 Hewlett-Packard Development Company, L.P.
337
Command Line Interface Reference Guide
key-chain
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime
Set key send lifetime.
Next Available Options:
■ date -- Key send start date. (MM/DD[/[YY]YY]) (p. 323)
■ now -- Use current day and time.(p. 334)
■ infinite -- Set infinite lifetime.(p. 332)
time
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
Key accept start time.
Next Available Options:
■ date -- Key accept stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME]
© 2009 Hewlett-Packard Development Company, L.P.
338
Command Line Interface Reference Guide
key-chain
Key send stop time.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime [DATE] [TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime [DATE] [TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
[DATE] [TIME] send-lifetime now [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime [DATE] [TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime [DATE] [TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime [DATE] [TIME]
duration NUMBER send-lifetime now [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME]
Key send stop time.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime [DATE] [TIME]
Key send start time.
© 2009 Hewlett-Packard Development Company, L.P.
339
Command Line Interface Reference Guide
key-chain
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime [DATE] [TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now [DATE]
[TIME] send-lifetime now [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime [DATE] [TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime [DATE] [TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime now duration
NUMBER send-lifetime now [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
[DATE] [TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
[DATE] [TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING accept-lifetime infinite send-lifetime
now [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime [DATE] [TIME]
Key send start time.
© 2009 Hewlett-Packard Development Company, L.P.
340
Command Line Interface Reference Guide
key-chain
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime [DATE] [TIME]
[DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > key-string KEY-STRING send-lifetime now [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME]
Key accept start time.
Next Available Options:
■ date -- Key accept stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
Key send stop time.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime [DATE] [TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime [DATE] [TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] [DATE] [TIME]
send-lifetime now [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime [DATE] [TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
© 2009 Hewlett-Packard Development Company, L.P.
341
Command Line Interface Reference Guide
key-chain
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime [DATE] [TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime [DATE] [TIME] duration NUMBER
send-lifetime now [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME]
Key send stop time.
Next Available Option:
■ send-lifetime -- Set key send lifetime.(p. 336)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime [DATE]
[TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime [DATE]
[TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now [DATE] [TIME] send-lifetime now
[DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime
[DATE] [TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime
[DATE] [TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime now duration NUMBER send-lifetime now
[DATE] [TIME]
© 2009 Hewlett-Packard Development Company, L.P.
342
Command Line Interface Reference Guide
key-chain
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime [DATE] [TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime [DATE] [TIME]
[DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > accept-lifetime infinite send-lifetime now [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime [DATE] [TIME]
Key send start time.
Next Available Options:
■ date -- Key send stop date. (MM/DD[/[YY]YY]) (p. 323)
■ duration -- Use current day and time. (NUMBER) (p. 329)
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime [DATE] [TIME] [DATE] [TIME]
Key send stop time.
■ key-chain KEY-CHAIN key < 0 to 255 > send-lifetime now [DATE] [TIME]
Key send stop time.
© 2009 Hewlett-Packard Development Company, L.P.
343
kill
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
the section called “ssh” (page 593)
the section called “telnet” (page 598)
Usage: kill [SESSION_ID]
Description: Kill other active console, telnet, or ssh sessions.
If no session ID is specified, all other active sessions
are terminated.
COMMAND STRUCTURE
■ kill session < (Range unavailble) > -- Kill other active console, telnet, or ssh sessions (p. 344)
EXAMPLES
Example: kill SESSION-ID
Display the currently active management sessions, then terminate one of the Telnet sessions:
ProCurve# show telnet
Telnet Activity
Session
------1
** 2
3
Privilege From
To
--------- --------------- --------------Superuser Console
Manager
10.132.193.146
Manager
10.132.193.101
ProCurve# kill 3
ProCurve# show telnet
Telnet Activity
Session
------1
** 2
Privilege From
To
--------- --------------- --------------Superuser Console
Manager
10.132.193.146
COMMAND DETAILS
session (p. 344)
session
■ kill < (Range unavailble) >
Usage: kill [SESSION_ID]
Description: Kill other active console, telnet, or ssh sessions.
© 2009 Hewlett-Packard Development Company, L.P.
344
Command Line Interface Reference Guide
kill
If no session ID is specified, all other active sessions
are terminated.
Range: < (Range unavailble) >
© 2009 Hewlett-Packard Development Company, L.P.
345
licenses
OVERVIEW
Category:
Primary context:
manager
Related Commands
show licenses (page 565)
Usage: licenses <hardware-id PKG-ID |
install PKG-ID PKG-KEY |
uninstall PKG-ID>
Description: Manage premium features.
Parameters:
o hardware-id - Display the hardware ID for installing the specified
package on this chassis.
o install
- Install the specified package.
o uninstall
- Uninstall the specified package, and display the
uninstall verification key.
NOTES
Premium Features
The Premium License features are:
■ OSPF
■ PIM-DM (Dense Mode)
■ PIM-SM (Sparse Mode)
■ QinQ (Provider Bridging)
■ VRRP
COMMAND STRUCTURE
■ licenses hardware-id -- Display hardware ID for installation request. (p. 347)
■ Network-Services -- For Network-Services features (p. 347)
■ Premium -- For Premium features (p. 348)
■ licenses install -- Install the specified package. (p. 347)
■ Network-Services -- For Network-Services features (p. 347)
■ key -- Enter key for this feature. (ASCII-STR) (p. 347)
■ premium -- For Premium features (p. 347)
■ key -- Enter key for this feature. (ASCII-STR) (p. 347)
■ licenses uninstall -- Uninstall the specified package. (p. 348)
■ Network-Services -- For Network-Services features (p. 347)
■ Premium -- For Premium features (p. 348)
© 2009 Hewlett-Packard Development Company, L.P.
346
Command Line Interface Reference Guide
licenses
COMMAND DETAILS
hardware-id (p. 347)
install (p. 347)
key (p. 347)
Network-Services (p. 347)
premium (p. 347)
Premium (p. 348)
uninstall (p. 348)
hardware-id
■ licenses hardware-id
Display hardware ID for installation request.
Next Available Options:
■ Premium -- For Premium features(p. 348)
■ Network-Services -- For Network-Services features(p. 347)
install
■ licenses install
Install the specified package.
Next Available Options:
■ premium -- For Premium features(p. 347)
■ Network-Services -- For Network-Services features(p. 347)
key
■ licenses install premium KEY
Enter key for this feature.
■ licenses install Network-Services KEY
Enter key for this feature.
Network-Services
■ licenses hardware-id Network-Services
For Network-Services features
■ licenses install Network-Services
For Network-Services features
Next Available Option:
■ key -- Enter key for this feature. (ASCII-STR) (p. 347)
■ licenses uninstall Network-Services
For Network-Services features
premium
■ licenses install premium
© 2009 Hewlett-Packard Development Company, L.P.
347
Command Line Interface Reference Guide
licenses
For Premium features
Next Available Option:
■ key -- Enter key for this feature. (ASCII-STR) (p. 347)
Premium
■ licenses hardware-id Premium
For Premium features
■ licenses uninstall Premium
For Premium features
uninstall
■ licenses uninstall
Uninstall the specified package.
Next Available Options:
■ Premium -- For Premium features(p. 348)
■ Network-Services -- For Network-Services features(p. 347)
© 2009 Hewlett-Packard Development Company, L.P.
348
link-keepalive
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: link-keepalive interval <10-100>
link-keepalive retries <3-10>
Description: Configure UDLD on your switch.
The first version of the command is used to configure
keep-alive interval in seconds. Here 10 is 1 sec, 11 is 1.1 sec,
and so on. Default keep-alive interval is 5 seconds.
The second version of the command is used to configure
maximum number of keep-alive attempts. Default keep-alive
attempt is 4.
COMMAND STRUCTURE
■ link-keepalive interval < 10 to 100 > -- Set link keep-alive interval in deciseconds. (p. 349)
■ link-keepalive retries < 3 to 10 > -- Set maximum number of link keep-alive attempts. (p. 349)
COMMAND DETAILS
interval (p. 349)
retries (p. 349)
interval
■ link-keepalive interval < 10 to 100 >
Set link keep-alive interval in deciseconds.
Range: < 10 to 100 >
retries
■ link-keepalive retries < 3 to 10 >
Set maximum number of link keep-alive attempts.
Range: < 3 to 10 >
© 2009 Hewlett-Packard Development Company, L.P.
349
link-test
OVERVIEW
Category:
Primary context:
operator
Related Commands
ping (page 392)
Usage: link-test MAC-ADDR [vlan <VLAN-ID>] [repetitions <1-999>]
[timeout <1-256>]
Description: Test the connection to a MAC address on the LAN.
The command sends a 802.2 test packet to a specific target
node on a network directly attached to a port in that
LAN. The target node must be able to respond to this test
packet with an 802.2 Test Response packet in order for the
test to work. The switch produces the following output if
the link test succeeds: 'Link-test passed'; otherwise, the
following is displayed: 'Link-test timed out'.
Parameters:
o MAC-ADDR - MAC address of the device to which to send link test.
o [vlan VLAN-ID] - VLAN on which the device is expected to be present.
If this argument is not present, VLAN 1 will be used.
o [repetitions <1-999>] - Number of test packets to send; the
default value is 1.
o [timeout <1-256>] - Seconds within which a response is required
before the test is considered as failed; the default value is 5.
Examples:
(1) hp-switch# link-test 0800095F3AD6
COMMAND STRUCTURE
■
■
■
■
link-test mac -- MAC address of device to which to send link test. (MAC-ADDR) (p. 351)
link-test repetitions < 1 to 999 > -- Number of test packets to send <1-999>. (NUMBER) (p. 351)
link-test timeout < 0 to 256 > -- Test timeout in seconds <0-256>. (NUMBER) (p. 351)
link-test vlan -- VLAN where the device to be tested is present. (VLAN-ID) (p. 351)
EXAMPLES
Example: link-test
Test the link to MAC address 0800095F3AD6 on VLAN 1:
ProCurve# link-test 0800095F3AD6
© 2009 Hewlett-Packard Development Company, L.P.
350
Command Line Interface Reference Guide
link-test
COMMAND DETAILS
mac (p. 351)
repetitions (p. 351)
timeout (p. 351)
vlan (p. 351)
mac
■ link-test MAC-ADDR
MAC address of device to which to send link test.
repetitions
■ link-test repetitions < 1 to 999 >
Number of test packets to send <1-999>.
Range: < 1 to 999 >
timeout
■ link-test timeout < 0 to 256 >
Test timeout in seconds <0-256>.
Range: < 0 to 256 >
vlan
■ link-test vlan VLAN-ID
VLAN where the device to be tested is present.
© 2009 Hewlett-Packard Development Company, L.P.
351
lldp
OVERVIEW
Category:
Device Discovery
Primary context:
config
Related Commands
show lldp (page 566)
Usage:lldp ...
Description: Configuration for LLDP parameter. Provides a standards-based method
for enabling the switches to advertise themselves to adjacent devices
and to learn about adjacent LLDP devices.
You can also configure the Media Extension Discovery (MED) extension
to LLDP for Voice over IP (VoIP) devices.
COMMAND STRUCTURE
■ lldp admin-status -- Set the port in one of the operational mode transmit | receive | transmit &
receive | disable the port ([ethernet] PORT-LIST) (p. 353)
■ omodes < TxOnly | RxOnly | Tx_Rx | ... > -- Set the operational mode: transmit | receive |
transmit-receive | disable. (NUMBER) (p. 358)
■ lldp auto-provision -- Configure various parameters related to lldp automatic provisioning (p. 353)
■ radio-ports -- Configure various parameters related to automatic provisioning for the radio-port
application (p. 358)
■ auto-vlan -- Create a VLAN, with the specified VLAN id value, to be used as the radio-ports
controller auto-generated VLAN. (p. 354)
■ auto-vlan < 2 to 4094 > -- Create a VLAN, with the specified VLAN id value, to be used
as the radio-ports controller auto-generated VLAN. (VLAN-ID) (p. 354)
■ auto -- (p. 353)
■ vlan-base < 2 to 4094 > -- Assign the default value of the VLAN id to be used if an
auto-generated VLAN is created for a radio-port application. (VLAN-ID) (p. 359)
■ lldp config -- Specify configurational parameters to the port ([ethernet] PORT-LIST) (p. 355)
■ basicTlvEnable < port_descr | system_name | system_descr | ... > -- Specify the Basic TLV List
to be advertised. (NUMBER) (p. 354)
■ dot1TlvEnable -- Specify the 802.1 TLV List to be advertised. (p. 356)
■ vlan-name -- Specify that the VLAN name TLV is to be advertised. (p. 359)
■ dot3TlvEnable < macphy_config > -- Specify the 802.3 TLV List to be advertised. (NUMBER)
(p. 356)
■ ipAddrEnable -- Set IP ADDR to be enabled. (p. 357)
■ lldp-ip -- Set IPV4 ADDR to be enabled. (IP-ADDR) (p. 357)
■ lldp-ipv6 -- Set IPV6 ADDR to be enabled. (IPV6-ADDR) (p. 357)
■ medPortLocation -- Configure location-id information to be advertised. (p. 357)
■ civic-addr -- Specify the civic location-id information to be advertised (p. 355)
■ COUNTRY -- Specify the Country Code of two characters. (ASCII-STR) (p. 356)
■ WHAT -- Specify the 'what' number of range <0-2>. (NUMBER) (p. 359)
■ CA-TYPE -- Specify the ca-type value of range <0-255>. (NUMBER) (p. 354)
■ CA-VALUE -- Specify the ca-value string. (ASCII-STR) (p. 354)
■ elin-addr -- Specify the elin address location to be advertised. (p. 356)
■ addr -- Specify the Location name to be advertised. (OCTET-STR) (p. 353)
■ medTlvEnable < capabilities | network_policy | location_id | ... > -- Specify the MED TLV List
to be advertised. (NUMBER) (p. 357)
© 2009 Hewlett-Packard Development Company, L.P.
352
Command Line Interface Reference Guide
lldp
■ [no] lldp enable-notification -- Set the port for which notification should be enabled ([ethernet]
PORT-LIST) (p. 356)
■ lldp fast-start-count < 1 to 10 > -- Set MED fast-start count in seconds (NUMBER) (p. 357)
■ lldp holdtime-multiplier < 2 to 10 > -- Set holdtime-multipler between <2-10>; the default is 4
(NUMBER) (p. 357)
■ lldp refresh-interval < 5 to 32768 > -- Set refresh interval/transmit-interval in seconds (NUMBER)
(p. 358)
■ [no] lldp run -- Start or Stop LLDP on device (p. 358)
■ [no] lldp top-change-notify -- Set the port for which LLDP MED topology notification should be
enabled ([ethernet] PORT-LIST) (p. 359)
COMMAND DETAILS
addr (p. 353)
admin-status (p. 353)
auto (p. 353)
auto-provision (p. 353)
auto-vlan (p. 354)
basicTlvEnable (p. 354)
CA-TYPE (p. 354)
CA-VALUE (p. 354)
civic-addr (p. 355)
config (p. 355)
COUNTRY (p. 356)
dot1TlvEnable (p. 356)
dot3TlvEnable (p. 356)
elin-addr (p. 356)
enable-notification (p. 356)
fast-start-count (p. 357)
holdtime-multiplier (p. 357)
ipAddrEnable (p. 357)
lldp-ip (p. 357)
lldp-ipv6 (p. 357)
medPortLocation (p. 357)
medTlvEnable (p. 357)
omodes (p. 358)
radio-ports (p. 358)
refresh-interval (p. 358)
run (p. 358)
top-change-notify (p. 359)
vlan-base (p. 359)
vlan-name (p. 359)
WHAT (p. 359)
addr
■ lldp config [ETHERNET] PORT-LIST medPortLocation elin-addr OCTET-STR
Specify the Location name to be advertised.
admin-status
■ lldp admin-status [ETHERNET] PORT-LIST
Usage: lldp admin-status <port-list> <txonly | rxonly
tx_rx | disable>
Description: Set the port in one of the operational mode
transmit | receive | transmit & receive |
disable the port.
Next Available Option:
■ omodes < TxOnly | RxOnly | Tx_Rx | ... > -- Set the operational mode: transmit | receive |
transmit-receive | disable. (NUMBER) (p. 358)
auto
■ lldp auto-provision radio-ports auto-vlan < 2 to 4094 > auto
auto-provision
■ lldp auto-provision
Usage:[no] lldp auto-provision radio-ports [suggested-auto-vlan|auto-vlan]
<vid>
© 2009 Hewlett-Packard Development Company, L.P.
353
Command Line Interface Reference Guide
lldp
Description: Configure various parameters related to lldp automatic
provisioning.
Next Available Option:
■ radio-ports -- Configure various parameters related to automatic provisioning for the radio-port
application(p. 358)
auto-vlan
■ [no] lldp auto-provision radio-ports auto-vlan
Create a VLAN, with the specified VLAN id value, to be used as
the radio-ports controller auto-generated VLAN.
Next Available Option:
■ auto-vlan < 2 to 4094 > -- Create a VLAN, with the specified VLAN id value, to be used as the
radio-ports controller auto-generated VLAN. (VLAN-ID) (p. 354)
■ lldp auto-provision radio-ports auto-vlan < 2 to 4094 >
Create a VLAN, with the specified VLAN id value, to be used as
the radio-ports controller auto-generated VLAN.
Range: < 2 to 4094 >
Next Available Option:
■ auto -- (p. 353)
basicTlvEnable
■ [no] lldp config [ETHERNET] PORT-LIST basicTlvEnable < port_descr | system_name | system_descr
| ... >
Specify the Basic TLV List to be advertised.
Supported Values:
■ port_descr -- Port Description TLV
■ system_name -- System Name TLV
■ system_descr -- System Description TLV
■ system_cap -- System Capability TLV
CA-TYPE
■ lldp config [ETHERNET] PORT-LIST medPortLocation civic-addr COUNTRY NUMBER NUMBER
Specify the ca-type value of range <0-255>.
Next Available Option:
■ CA-VALUE -- Specify the ca-value string. (ASCII-STR) (p. 354)
CA-VALUE
■ lldp config [ETHERNET] PORT-LIST medPortLocation civic-addr COUNTRY NUMBER NUMBER
CA-VALUE
© 2009 Hewlett-Packard Development Company, L.P.
354
Command Line Interface Reference Guide
lldp
Specify the ca-value string.
civic-addr
■ [no] lldp config [ETHERNET] PORT-LIST medPortLocation civic-addr
Usage: lldp config <port-list> medPortLocation civic-str <COUNTRY-STR>
<WHAT> <CA-TYPE> <CA-VALUE>
Description: Specify the civic location-id information to be advertised.
The total length of the TLV is 104.
COUNTRY-STR : Set the Country Code of two characters.e.g. DE or US.
WHAT
: Set the 'what' number of range <0-2>.
0 - Location of DHCP server.
1 - Location of Switch.
2 - Location of Client.
CA-TYPE
: Set the ca-type of range <0-255>.
It is a repeatable parameter.ca-type should be unique.
ca-type sholud be followed by ca-value.
CA-VALUE
: Set the ca-value string.
Next Available Option:
■ COUNTRY -- Specify the Country Code of two characters. (ASCII-STR) (p. 356)
config
■ lldp config [ETHERNET] PORT-LIST
Usage: [no] lldp config <PORT-LIST> <basicTlvEnable TLVMAP |
dot1TlvEnable vlan-name |
dot3TlvEnable TLVMAP |
ipAddrEnable <IPV4-ADDR | IPV6-ADDR> |
medPortLocation ...
|
medTlvEnable
TLVMAP>
Description: Specify configurational parameters to the port.
Set basicTlvEnable with any one of the following TLV Maps.
port_descr
: Send Port Description TLV out this port.
system_name
: Send System Name TLV out this port.
system_descr
: Send System Descr TLV out this port.
system_cap
: Send Capability TLV out this port.
Set dot1TlvEnable with the following TLVs.
vlan_name
: Enable VLAN name TLV out the given port(s).
Set dot3TlvEnable with the following TLV Map.
macphy_config : Send Mac Phy Config TLV out this port.
Set ipAddrEnable with the IP-ADDR to send out this port.
Set medPortLocation with location information for the port.
civic-addr
: Set civic address to send out this port.
elin-addr
: Set elin address to send out this port.
Set medTlvEnable with any one of the following TLV Maps.
capabilities
: Send Capability TLV out this port.This TLV has
to be enabled first to enable any MED TLV's.
network_policy : Send Network Policy TLV out this port.
location_id
: Send Location Id TLV out this port.
poe
: Send Med Poe TLV out this port.
© 2009 Hewlett-Packard Development Company, L.P.
355
Command Line Interface Reference Guide
lldp
Next Available Options:
■ basicTlvEnable < port_descr | system_name | system_descr | ... > -- Specify the Basic TLV List
to be advertised. (NUMBER) (p. 354)
■ ipAddrEnable -- Set IP ADDR to be enabled.(p. 357)
■ dot1TlvEnable -- Specify the 802.1 TLV List to be advertised.(p. 356)
■ medTlvEnable < capabilities | network_policy | location_id | ... > -- Specify the MED TLV List to
be advertised. (NUMBER) (p. 357)
■ medPortLocation -- Configure location-id information to be advertised. (p. 357)
■ dot3TlvEnable < macphy_config > -- Specify the 802.3 TLV List to be advertised. (NUMBER)
(p. 356)
COUNTRY
■ lldp config [ETHERNET] PORT-LIST medPortLocation civic-addr COUNTRY
Specify the Country Code of two characters.
Next Available Option:
■ WHAT -- Specify the 'what' number of range <0-2>. (NUMBER) (p. 359)
dot1TlvEnable
■ lldp config [ETHERNET] PORT-LIST dot1TlvEnable
Specify the 802.1 TLV List to be advertised.
Next Available Option:
■ vlan-name -- Specify that the VLAN name TLV is to be advertised. (p. 359)
dot3TlvEnable
■ [no] lldp config [ETHERNET] PORT-LIST dot3TlvEnable < macphy_config >
Specify the 802.3 TLV List to be advertised.
Supported Values:
■ macphy_config -- MAC Physical Config Tlv
elin-addr
■ [no] lldp config [ETHERNET] PORT-LIST medPortLocation elin-addr
Specify the elin address location to be advertised.
Next Available Option:
■ addr -- Specify the Location name to be advertised. (OCTET-STR) (p. 353)
enable-notification
■ [no] lldp enable-notification [ETHERNET] PORT-LIST
Usage: [no] lldp notificationEnable <PORT-LIST>
Description: Set the port for which notification should be enabled.
© 2009 Hewlett-Packard Development Company, L.P.
356
Command Line Interface Reference Guide
lldp
fast-start-count
■ lldp fast-start-count < 1 to 10 >
Usage: lldp fast-start-count <1-10>
Description: Set MED fast-start count in seconds.
Range: < 1 to 10 >
holdtime-multiplier
■ lldp holdtime-multiplier < 2 to 10 >
Usage: lldp holdtime-multiplier <2-10>
Description: Set holdtime-multipler between <2-10>; the default is 4.
Range: < 2 to 10 >
ipAddrEnable
■ [no] lldp config [ETHERNET] PORT-LIST ipAddrEnable
Set IP ADDR to be enabled.
Next Available Options:
■ lldp-ip -- Set IPV4 ADDR to be enabled. (IP-ADDR) (p. 357)
■ lldp-ipv6 -- Set IPV6 ADDR to be enabled. (IPV6-ADDR) (p. 357)
lldp-ip
■ [no] lldp config [ETHERNET] PORT-LIST ipAddrEnable IP-ADDR
Set IPV4 ADDR to be enabled.
lldp-ipv6
■ [no] lldp config [ETHERNET] PORT-LIST ipAddrEnable IPV6-ADDR
Set IPV6 ADDR to be enabled.
medPortLocation
■ [no] lldp config [ETHERNET] PORT-LIST medPortLocation
Configure location-id information to be advertised.
Next Available Options:
■ civic-addr -- Specify the civic location-id information to be advertised(p. 355)
■ elin-addr -- Specify the elin address location to be advertised. (p. 356)
medTlvEnable
■ [no] lldp config [ETHERNET] PORT-LIST medTlvEnable < capabilities | network_policy | location_id
| ... >
© 2009 Hewlett-Packard Development Company, L.P.
357
Command Line Interface Reference Guide
lldp
Specify the MED TLV List to be advertised.
Supported Values:
■ capabilities -- Capability TLV
■ network_policy -- Network Policy TLV
■ location_id -- Location Id TLV
■ poe -- Poe TLV
omodes
■ lldp admin-status [ETHERNET] PORT-LIST < TxOnly | RxOnly | Tx_Rx | ... >
Set the operational mode: transmit | receive |
transmit-receive | disable.
Supported Values:
■ TxOnly -- Set in transmit mode.
■ RxOnly -- Set in receive mode.
■ Tx_Rx -- Set in transmit & Receive mode.
■ disable -- disable.
radio-ports
■ [no] lldp auto-provision radio-ports
Usage:[no] lldp auto-provision radio-ports [suggested-auto-vlan|auto-vlan]
<vid>
Description: Configure various parameters related to automatic
provisioning for the radio-port application.
If no additional parameters following the radio-ports
parameter this command will enable the auto-provision
option (use the [no] keyword to disable the
auto-provision option).
Next Available Options:
■ auto-vlan -- Create a VLAN, with the specified VLAN id value, to be used as the radio-ports
controller auto-generated VLAN. (p. 354)
■ vlan-base < 2 to 4094 > -- Assign the default value of the VLAN id to be used if an auto-generated
VLAN is created for a radio-port application. (VLAN-ID) (p. 359)
refresh-interval
■ lldp refresh-interval < 5 to 32768 >
Usage: lldp refresh-interval <5-32768>
Description: Set refresh interval/transmit-interval in seconds.
The default is 30.
The refresh interval/transmit-interval should be greater
than or equal to (4*delay-interval).
The default value of delay-interval is 2.
Range: < 5 to 32768 >
run
■ [no] lldp run
© 2009 Hewlett-Packard Development Company, L.P.
358
Command Line Interface Reference Guide
lldp
Usage:[no] lldp run
Description: Start or Stop LLDP on device.
top-change-notify
■ [no] lldp top-change-notify [ETHERNET] PORT-LIST
Usage:[no] lldp top-change-notify <port-list>
Description: Set the port for which LLDP MED topology notification should be enabled.
vlan-base
■ lldp auto-provision radio-ports vlan-base < 2 to 4094 >
Assign the default value of the VLAN id to be used if an
auto-generated VLAN is created for a radio-port application.
Range: < 2 to 4094 >
vlan-name
■ [no] lldp config [ETHERNET] PORT-LIST dot1TlvEnable vlan-name
Specify that the VLAN name TLV is to be advertised.
WHAT
■ lldp config [ETHERNET] PORT-LIST medPortLocation civic-addr COUNTRY NUMBER
Specify the 'what' number of range <0-2>.
Next Available Option:
■ CA-TYPE -- Specify the ca-type value of range <0-255>. (NUMBER) (p. 354)
© 2009 Hewlett-Packard Development Company, L.P.
359
lockout-mac
OVERVIEW
Category:
Port Security
Primary context:
config
Related Commands
the section called “lockout-mac” (page 566)
Usage: lockout-mac <MAC-ADDR>
Description: Lock out a MAC address.
Parameter:
o MAC-ADDR
- MAC address to lock down.
Examples:
(1) hp-switch#
lockout-mac 0800095F3AD6
COMMAND STRUCTURE
EXAMPLES
Example: lockout-mac
Drop all traffic to or from MAC address 0800095F3AD6:
ProCurve# lockout-mac 0800095F3AD6
© 2009 Hewlett-Packard Development Company, L.P.
360
log
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
logging (page 363)
the section called “logging” (page 567)
Usage: log [-a|-r|-m|-p|-w|-i|-d|substring ...]
Description: Display log events.
-a - Instructs the switch to display all recorded log
events, which includes events from previous boot cycles.
-r - Instructs the switch to display recorded
log events in reverse order (most recent first).
substring - Instructs the switch to display
only those events that match the substring.
The remaining event class options (listed below in
order of severity - lowest severity first) confine
output to event clases of equal or higher severity
-d - Debug
-i - Informative
-w - Warnings
-p - Performance
-m - Major
Only one of options -d,-i,-w,-p and -m may be specified.
The -a, -r, and substring options may be used in
combination with an event class option.
COMMAND STRUCTURE
■ log -a -- Display all log events, including those from previous boot cycles. (p. 361)
■ log event_class < -M | -P | -W | ... > -- Specify substring to match in log entry. See 'log help' for
details. (p. 361)
■ log option -- Specify substring to match in log entry. See 'log help' for details. (ASCII-STR) (p. 362)
■ log -r -- Display log events in reverse order (most recent first). (p. 362)
COMMAND DETAILS
-a (p. 361)
event_class (p. 361)
option (p. 362)
-r (p. 362)
-a
■ log -a
Display all log events, including those from previous boot cycles.
event_class
■ log
Specify substring to match in log entry. See 'log help' for details.
© 2009 Hewlett-Packard Development Company, L.P.
361
Command Line Interface Reference Guide
log
Supported Values:
■ -M -- Major event class.
■ -P -- Performance event class.
■ -W -- Warning event class.
■ -I -- Information event class.
■ -D -- Debug event class.
option
■ log OPTION
Specify substring to match in log entry. See 'log help' for details.
-r
■ log -r
Display log events in reverse order (most recent first).
© 2009 Hewlett-Packard Development Company, L.P.
362
logging
OVERVIEW
Category:
Switch Management
Primary context:
config
Related Commands
log (page 361)
the section called “logging” (page 567)
Usage: [no]
[no]
[no]
[no]
[no]
logging
logging
logging
logging
logging
<IP-ADDR> [control-descr <text string>]
priority-descr <text-string>
facility <facility>
severity <severity>
system-module <module>
Description: Add an IP address to the list of receiving syslog servers.
Use of 'no' without an IP address specified will remove all
IP addresses from the list of syslog receivers. If an IP
address is specified, that receiver will be removed.
- Specify syslog server facility with <facility>. 'no
logging facility <facility>' sets facility back to defaults.
- Specify severity for event messages to be filtered to the
syslog server with <severity>. 'no logging severity
<severity>' sets severity back to default.
- Event messages of specified system module will be sent to
the syslog server. 'no' sends messages from all system
modules. Messages are 1st filtered by selected severity.
NOTES
Maximum Number of Entries
Starting in software release K.13.xx, the maximum number of entries supported in the Event
Log is increased from 1000 to 2000 entries. Entries are listed in chronological order, from the
oldest to the most recent. Once the log has received 2000 entries, it discards the oldest
message each time a new message is received. The Event Log window contains 14 log entry
lines. You can scroll through it to view any part of the log.
COMMAND STRUCTURE
■ [no] logging facility < kern | user | mail | ... > -- Specify the syslog facility value that will be used
for all syslog servers (p. 364)
■ [no] logging ip-address -- Add an IP address to the list of receiving syslog servers (IP-ADDR) (p.
365)
■ control-descr -- A text string associated with the given IP-ADDr (p. 364)
■ control-descr -- A text string associated with the given IP-ADDr (ASCII-STR) (p. 364)
■ [no] logging priority-descr -- A text string associated with the values of facility, severity, and
system-module (p. 365)
■ priority-descr -- A text string associated with the values of facility, severity, and system-module
(ASCII-STR) (p. 365)
■ [no] logging severity < major | error | warning | ... > -- Event messages of the specified severity
or higher will be sent to the syslog server (p. 366)
■ [no] logging system-module < all-pass | vlan | ip | ... > -- Event messages of the specified system
module (subsystem) will be sent to the syslog server (p. 366)
© 2009 Hewlett-Packard Development Company, L.P.
363
Command Line Interface Reference Guide
logging
COMMAND DETAILS
control-descr (p. 364)
facility (p. 364)
ip-address (p. 365)
priority-descr (p. 365)
severity (p. 366)
system-module (p. 366)
control-descr
■ [no] logging IP-ADDR control-descr
Usage: [no] logging <IP-ADDR> [control-descr <text string>]
Description: A text string associated with the given IP-ADDr.
'no' replaces the string with a zero length string.
The length of the string is limited to 255 characters.
Next Available Option:
■ control-descr -- A text string associated with the given IP-ADDr (ASCII-STR) (p. 364)
■ logging IP-ADDR control-descr CONTROL-DESCR
Usage: [no] logging <IP-ADDR> [control-descr <text string>]
Description: A text string associated with the given IP-ADDr.
'no' replaces the string with a zero length string.
The length of the string is limited to 255 characters.
facility
■ [no] logging facility < kern | user | mail | ... >
Usage: [no] logging facility <facility>
Description: Specify the syslog facility value that will be used
for all syslog servers. Syslog facility determines
where syslog servers should log the syslog message.
Supported Values:
■ kern
■ user
■ mail
■ daemon
■ auth
■ syslog
■ lpr
■ news
■ uucp
■ sys9
■ sys10
■ sys11
■ sys12
■ sys13
■ sys14
■ cron
■ local0
■ local1
■ local2
© 2009 Hewlett-Packard Development Company, L.P.
364
Command Line Interface Reference Guide
■
■
■
■
■
logging
local3
local4
local5
local6
local7
ip-address
■ [no] logging IP-ADDR
Usage: [no]
[no]
[no]
[no]
[no]
logging
logging
logging
logging
logging
<IP-ADDR> [control-descr <text string>]
priority-descr <text-string>
facility <facility>
severity <severity>
system-module <module>
Description: Add an IP address to the list of receiving syslog servers.
Use of 'no' without an IP address specified will remove all
IP addresses from the list of syslog receivers. If an IP
address is specified, that receiver will be removed.
- Specify syslog server facility with <facility>. 'no
logging facility <facility>' sets facility back to defaults.
- Specify severity for event messages to be filtered to the
syslog server with <severity>. 'no logging severity
<severity>' sets severity back to default.
- Event messages of specified system module will be sent to
the syslog server. 'no' sends messages from all system
modules. Messages are 1st filtered by selected severity.
Next Available Option:
■ control-descr -- A text string associated with the given IP-ADDr(p. 364)
priority-descr
■ [no] logging priority-descr
Usage: [no] logging priority-descr <text string>
Description: A text string associated with the values of
facility, severity, and system-module. 'no' replaces
the string with a zero length string
The length of the string is limited to 255 characters.
Next Available Option:
■ priority-descr -- A text string associated with the values of facility, severity, and system-module
(ASCII-STR) (p. 365)
■ logging priority-descr PRIORITY-DESCR
Usage: [no] logging priority-descr <text string>
Description: A text string associated with the values of
facility, severity, and system-module. 'no' replaces
the string with a zero length string
The length of the string is limited to 255 characters.
© 2009 Hewlett-Packard Development Company, L.P.
365
Command Line Interface Reference Guide
logging
severity
■ [no] logging severity < major | error | warning | ... >
Usage: [no] logging severity <severity>
Description: Event messages of the specified severity or higher will be
sent to the syslog server. 'no' sends all severities.
Supported Values:
■ major
■ error
■ warning
■ info
■ debug
system-module
■ [no] logging system-module < all-pass | vlan | ip | ... >
Usage: [no] logging system-module <module>
Description: Event messages of the specified system module (subsystem)
will be sent to the syslog server. 'no' sends messages
from all system modules, as does 'logging system-module
all-pass'. Messages are severity filtered before
system module filtering occurs.
Supported Values:
■ all-pass
■ vlan
■ ip
■ igmp
■ ipx
■ stp
■ system
■ chassis
■ console
■ ports
■ dhcp
■ download
■ tcp
■ telnet
■ timep
■ tftp
■ Xmodem
■ update
■ mgr
■ system
■ snmp
■ addrMgr
■ pagp
■ fault
■ ldbal
■ garp
■ gvrp
■ cos
© 2009 Hewlett-Packard Development Company, L.P.
366
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
logging
lacp
dhcpr
stack
dma
SNTP
802.1x
cdp
auth
tacacs
radius
ssh
NETINET
OSPF
XRRP
ssl
IpAddrMgr
MacAuth
KMS
PIM
maclock
ACL
udpf
inst-mon
udld
HPESP
lldp
connfilt
RateLim
idm
IPLOCK
dhcp-snoop
vrrp
usb
licensing
loop-protect
sFlow
arp-protect
dhcpv6c
mtm
mld
dca
QinQ
autorun
ffi
wsm
dipld
HPSM
policy
© 2009 Hewlett-Packard Development Company, L.P.
367
log-numbers
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] log-numbers
Description: Enable the display of log event numbers when log is displayed
via the CLI or via the menu.
COMMAND STRUCTURE
© 2009 Hewlett-Packard Development Company, L.P.
368
logout
OVERVIEW
Category:
Switch Management
Primary context:
operator
Related Commands
Usage: logout
Description: Terminate this console/telnet session.
COMMAND STRUCTURE
© 2009 Hewlett-Packard Development Company, L.P.
369
loop-protect
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] loop-protect <...>
[[ethernet] PORT-LIST [receiver-action <send-disable|no-disable>]|
[transmit-interval <1-10>]|
[disable-period <0-604800>]|
[trap <loop-detected>]
Description: Configure Loop protection on the switch.
Parameters:
o ethernet PORT-LIST - Port(s) to configure loop protection on. By default
loop protection is disabled on a port
o receiver-action
- Sets the loop detected action per port. When a loop
is detected the port that received the loop protection
packet determines the action taken. If send-disable
is selected the port that transmitted the packet will
be disabled. If no-disable is selected, the port will
not be disabled. The default action is 'send-disable'.
o trap <loop-detected> - Configure Loop protection traps. The following
traps are generated by Loop protection
- 'loop-detected' signifies that a loop was detected
on a port.
o disable-timer <0-604800> (default:0) - Sets the time in seconds to
disable a port for when a loop has been detected. A
value of 0 disables the auto reenable functionality.
By default the timer is disabled.
o transmit-interval <1-10> (default:5) - Time in seconds between transmission
of loop protection packets.
COMMAND STRUCTURE
■ loop-protect disable-timer < 0 to 604800 > -- Set time in seconds to wait before attempting to
reenable a port. (NUMBER) (p. 371)
■ [no] loop-protect port-list -- Specify the ports that are to be added to/removed from loop protection.
([ethernet] PORT-LIST) (p. 371)
■ receiver-action < send-disable | no-disable > -- Select action to take when loop protect packets
are received on the specified port(s). (p. 371)
■ loop-protect transmit-interval < 1 to 10 > -- Set time between packet transmissions. (NUMBER)
(p. 371)
■ [no] loop-protect trap -- Specify loop protection traps that are to be enabled/disabled. (p. 371)
■ loop-detected -- generate trap when a loop is detected (p. 371)
COMMAND DETAILS
disable-timer (p. 371)
loop-detected (p. 371)
port-list (p. 371)
receiver-action (p. 371)
© 2009 Hewlett-Packard Development Company, L.P.
transmit-interval (p. 371)
trap (p. 371)
370
Command Line Interface Reference Guide
loop-protect
disable-timer
■ loop-protect disable-timer < 0 to 604800 >
Set time in seconds to wait before attempting to reenable a port.
Range: < 0 to 604800 >
loop-detected
■ [no] loop-protect trap loop-detected
generate trap when a loop is detected
port-list
■ [no] loop-protect [ETHERNET] PORT-LIST
Specify the ports that are to be added to/removed from loop protection.
Next Available Option:
■ receiver-action < send-disable | no-disable > -- Select action to take when loop protect packets
are received on the specified port(s). (p. 371)
receiver-action
■ loop-protect [ETHERNET] PORT-LIST receiver-action < send-disable | no-disable >
Select action to take when loop protect packets are received on the specified port(s).
Supported Values:
■ send-disable
■ no-disable
transmit-interval
■ loop-protect transmit-interval < 1 to 10 >
Set time between packet transmissions.
Range: < 1 to 10 >
trap
■ [no] loop-protect trap
Specify loop protection traps that are to be enabled/disabled.
Next Available Option:
■ loop-detected -- generate trap when a loop is detected(p. 371)
© 2009 Hewlett-Packard Development Company, L.P.
371
mac-age-time
OVERVIEW
Category:
Device Discovery
Primary context:
config
Related Commands
Usage: mac-age-time <60-999960>
Description: Set the MAC address table's age-out interval.
A MAC address that is dynamically learned by the switch, stays
in the switch's address table for a certain amount of time the age-out interval, before being aged out. An address is aged
out if the switch does not receive traffic from that MAC
address for the age-out interval. The interval is measured in
seconds. The default value is 300 seconds.
COMMAND STRUCTURE
EXAMPLES
Example: mac-age-time SECONDS
Configure the MAC age-out interval to seven minutes:
ProCurve(config)# mac-age-time 420
© 2009 Hewlett-Packard Development Company, L.P.
372
management-vlan
OVERVIEW
Category:
config
Primary context:
config
Related Commands
the section called “vlan” (page 603)
Usage: [no] management-vlan VLAN-ID
Description: Set the VLAN that is to be used as the management VLAN.
COMMAND STRUCTURE
EXAMPLES
Example: management-vlan
Set VLAN 100 as the management VLAN and add ports A1 and A2 to it:
ProCurve(config)# management-vlan 100
ProCurve(config)# vlan 100 tagged a1
ProCurve(config)# vlan 100 tagged a2
© 2009 Hewlett-Packard Development Company, L.P.
373
max-vlans
OVERVIEW
Category:
VLANs
Primary context:
config
Related Commands
Usage: max-vlans <1-2048>
Description: Set the maximum number of VLANs on the switch.
The default is 256.
COMMAND STRUCTURE
EXAMPLES
Example: max-vlans NUMBER
Reconfigure the switch to allow 10 VLANs:
ProCurve(config)# max-vlans 10
Command will take effect after saving configuration and reboot.
ProCurve(config)# write memory
ProCurve(config) boot
Device will be rebooted, do you want to continue [y/n]? y
© 2009 Hewlett-Packard Development Company, L.P.
374
menu
OVERVIEW
Category:
Switch Management
Primary context:
operator
Related Commands
Usage: menu
Description: Change console user interface to menu system.
COMMAND STRUCTURE
EXAMPLES
menu
Enter the menu mode for switch configuration:
ProCurve# menu
HP ProCurve Switch 5400zl
1-Jan-2006
4:55:06
=======================- TELNET - MANAGER MODE -========================
Main Menu
1.
2.
3.
4.
5.
6.
7.
8.
0.
Status and Counters...
Switch Configuration...
Console Passwords...
Event Log
Command Line (CLI)
Reboot Switch
Download OS
Run Setup
Logout
Provides the menu to display configuration, status, and counters.
To select menu item, press item number, or highlight item and press <Enter>.
© 2009 Hewlett-Packard Development Company, L.P.
375
mesh
OVERVIEW
Category:
Redundant Paths
Primary context:
config
Related Commands
the section called “mesh” (page 569)
Usage: [no] mesh [ethernet] PORT-LIST
Description: Configure the specified ports as being members of a mesh group.
A mesh group can have up to 24 member ports.
- VLAN support must be enabled before configuring a mesh group.
- A mesh group cannot exist if IP routing is enabled. Disable
routing protocols (if any) before configuring a mesh group.
- After configuring meshing, it will be necessary to reboot the
switch before the changes take effect.
COMMAND STRUCTURE
■ [no] mesh portlist -- Specify the ports that are to be added to/removed from a mesh. ([ethernet]
PORT-LIST) (p. 376)
EXAMPLES
Example: mesh PORT-LIST
Configure meshing on ports A1-A4, B3, C1, and D1-D3:
ProCurve(config)# mesh a1-a4, b3, c1, d1-d3
Command will take effect after saving configuration and reboot
ProCurve(config)# write memory
ProCurve(config)# boot
Device will be rebooted, do you want to continue [y/n]? y
COMMAND DETAILS
portlist (p. 376)
portlist
■ [no] mesh [ETHERNET] PORT-LIST
Specify the ports that are to be added to/removed from a mesh.
© 2009 Hewlett-Packard Development Company, L.P.
376
mirror
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: 1) mirror <1-4> [ name NAME-STR ] port PORT-NUM
2) mirror <1-4> [ name NAME-STR ] remote ip SRC-IP-ADDR
SRC-UDP-PORT DST-IP-ADDR
3) mirror <1-4> [ name NAME-STR ] remote ip SRC-IP-ADDR
SRC-UDP-PORT DST-IP-ADDR
4) no mirror <1-4> [ name NAME-STR ]
5) mirror endpoint ip SRC-IP-ADDR SRC-UDP-PORT DST-IP-ADDR
port PORT-NUM
6) no mirror endpoint ip SRC-IP-ADDR SRC-UDP-PORT DST-IP-ADDR
Description: Define the mirror destinations for diagnostic purposes. The device
ports or VLANs that will be monitored are defined through
the 'monitor' command in either interface or VLAN context.
The network traffic seen by the monitored ports/VLANs is copied to
the mirror destination to which a network analyzer can be attached.
When mirroring multiple ports/VLANs in a busy network,
some frames may not be copied to the monitoring destination.
Parameters:
o <1-4> - Mirror destination number
o name NAME-STR - Friendly name to be associated with the
mirror destionation number.
o PORT-NUM - Port that will be acting as the monitoring port. It
cannot be a trunked port. The parameter must be specified,
if the 'no' keyword is not used. Otherwise, it must not be
present.
o SRC-IP-ADDR - source ip address for remote mirroring.
o SRC-UDP-PORT - source UDP port for remote mirroring.
o DST-IP-ADDR - destination ip address for remote mirroring.
Note1: The SRC-IP-ADDR, SRC-UDP-PORT, and DST-IP-ADDR specified on the
source switch must match those on the respective destination switch.
Note2: The SRC-IP-ADDR, SRC-UDP-PORT, and DST-IP-ADDR must not be uses if the
'no' keyword is used unless the 'endpoint' keyword is used.
COMMAND STRUCTURE
■ [no] mirror endpoint -- Remote mirroring destination configuration. (p. 378)
■ ip -- Remote mirroring destination configuration. (IP-ADDR) (p. 378)
■ mirror_session_ip_udp < 1 to 65535 > -- Remote mirroring UDP encapsulation port.
(TCP/UDP-PORT) (p. 379)
■ mirror_session_dest_ip -- Remote mirroring UDP encapsulation destination ip addr.
(IP-ADDR) (p. 379)
■ port -- Remote mirroring destination port. ([ethernet] PORT-NUM) (p. 380)
■ [no] mirror mirror_session_id < 1 to 4 > -- Mirror destination number. (p. 379)
■ name -- Mirroring destination name string. (ASCII-STR) (p. 380)
■ port -- Mirroring destination monitoring port. ([ethernet] PORT-NUM) (p. 380)
■ remote -- Remote mirroring destination configuration. (p. 380)
© 2009 Hewlett-Packard Development Company, L.P.
377
Command Line Interface Reference Guide
mirror
■ ip -- Remote mirroring destination configuration. (IP-ADDR) (p. 378)
■ mirror_session_src_udp < 1 to 65535 > -- Remote mirroring UDP encapsulation port.
(TCP/UDP-PORT) (p. 379)
■ mirror_session_dest_ip -- Remote mirroring UDP encapsulation destination ip
addr. (IP-ADDR) (p. 379)
■ port -- Mirroring destination monitoring port. ([ethernet] PORT-NUM) (p. 380)
■ remote -- Remote mirroring destination configuration. (p. 380)
■ ip -- Remote mirroring destination configuration. (IP-ADDR) (p. 378)
■ mirror_session_src_udp < 1 to 65535 > -- Remote mirroring UDP encapsulation port.
(TCP/UDP-PORT) (p. 379)
■ mirror_session_dest_ip -- Remote mirroring UDP encapsulation destination ip addr.
(IP-ADDR) (p. 379)
■ no mirror name -- Mirror destination name. (p. 380)
COMMAND DETAILS
endpoint (p. 378)
mirror_session_id (p. 379)
name (p. 380)
ip (p. 378)
mirror_session_ip_udp (p. 379) port (p. 380)
mirror_session_dest_ip (p. 379) mirror_session_src_udp (p. 379) remote (p. 380)
endpoint
■ [no] mirror endpoint
Remote mirroring destination configuration.
Next Available Option:
■ ip -- Remote mirroring destination configuration. (IP-ADDR) (p. 378)
ip
■ mirror < 1 to 4 > name NAME remote ip IP-ADDR
Remote mirroring destination configuration.
Next Available Option:
■ mirror_session_src_udp < 1 to 65535 > -- Remote mirroring UDP encapsulation port.
(TCP/UDP-PORT) (p. 379)
■ mirror < 1 to 4 > remote ip IP-ADDR
Remote mirroring destination configuration.
Next Available Option:
■ mirror_session_src_udp < 1 to 65535 > -- Remote mirroring UDP encapsulation port.
(TCP/UDP-PORT) (p. 379)
■ [no] mirror endpoint ip IP-ADDR
Remote mirroring destination configuration.
Next Available Option:
■ mirror_session_ip_udp < 1 to 65535 > -- Remote mirroring UDP encapsulation port.
(TCP/UDP-PORT) (p. 379)
© 2009 Hewlett-Packard Development Company, L.P.
378
Command Line Interface Reference Guide
mirror
mirror_session_dest_ip
■ mirror < 1 to 4 > name NAME remote ip IP-ADDR < 1 to 65535 > IP-ADDR
Remote mirroring UDP encapsulation destination ip addr.
■ mirror < 1 to 4 > remote ip IP-ADDR < 1 to 65535 > IP-ADDR
Remote mirroring UDP encapsulation destination ip addr.
■ [no] mirror endpoint ip IP-ADDR < 1 to 65535 > IP-ADDR
Remote mirroring UDP encapsulation destination ip addr.
Next Available Option:
■ port -- Remote mirroring destination port. ([ethernet] PORT-NUM) (p. 380)
mirror_session_id
■ [no] mirror < 1 to 4 >
Mirror destination number.
Range: < 1 to 4 >
Next Available Options:
■ name -- Mirroring destination name string. (ASCII-STR) (p. 380)
■ port -- Mirroring destination monitoring port. ([ethernet] PORT-NUM) (p. 380)
■ remote -- Remote mirroring destination configuration.(p. 380)
mirror_session_ip_udp
■ [no] mirror endpoint ip IP-ADDR < 1 to 65535 >
Remote mirroring UDP encapsulation port.
Range: < 1 to 65535 >
Next Available Option:
■ mirror_session_dest_ip -- Remote mirroring UDP encapsulation destination ip addr. (IP-ADDR)
(p. 379)
mirror_session_src_udp
■ mirror < 1 to 4 > name NAME remote ip IP-ADDR < 1 to 65535 >
Remote mirroring UDP encapsulation port.
Range: < 1 to 65535 >
Next Available Option:
■ mirror_session_dest_ip -- Remote mirroring UDP encapsulation destination ip addr. (IP-ADDR)
(p. 379)
© 2009 Hewlett-Packard Development Company, L.P.
379
Command Line Interface Reference Guide
mirror
■ mirror < 1 to 4 > remote ip IP-ADDR < 1 to 65535 >
Remote mirroring UDP encapsulation port.
Range: < 1 to 65535 >
Next Available Option:
■ mirror_session_dest_ip -- Remote mirroring UDP encapsulation destination ip addr. (IP-ADDR)
(p. 379)
name
■ mirror < 1 to 4 > name NAME
Mirroring destination name string.
Next Available Options:
■ port -- Mirroring destination monitoring port. ([ethernet] PORT-NUM) (p. 380)
■ remote -- Remote mirroring destination configuration.(p. 380)
■ no mirror name
Mirror destination name.
port
■ mirror < 1 to 4 > name NAME port [ETHERNET] PORT-NUM
Mirroring destination monitoring port.
■ mirror < 1 to 4 > port [ETHERNET] PORT-NUM
Mirroring destination monitoring port.
■ mirror endpoint ip IP-ADDR < 1 to 65535 > IP-ADDR port [ETHERNET] PORT-NUM
Remote mirroring destination port.
remote
■ mirror < 1 to 4 > name NAME remote
Remote mirroring destination configuration.
Next Available Option:
■ ip -- Remote mirroring destination configuration. (IP-ADDR) (p. 378)
■ mirror < 1 to 4 > remote
Remote mirroring destination configuration.
Next Available Option:
■ ip -- Remote mirroring destination configuration. (IP-ADDR) (p. 378)
© 2009 Hewlett-Packard Development Company, L.P.
380
mirror-port
OVERVIEW
Category:
config
Primary context:
config
Related Commands
vlan (page 706)
Usage: [no] mirror-port [[ethernet] PORT-NUM]
Description: Define the mirror port for diagnostic purposes. The device
ports or VLAN (if VLANs are enabled on the device) that will
be monitored are defined through the 'monitor' command in
either VLAN or interface context.
The network traffic seen by the monitored ports is copied to
the mirror port to which a network analyzer can be attached.
When mirroring multiple ports in a busy network,
some frames may not be copied to the monitoring port.
Parameters:
PORT-NUM - Port that will be acting as the monitoring port. It
cannot be a trunked port. The parameter must be specified,
if the 'no' keyword is not used. Otherwise, it must not be
present.
COMMAND STRUCTURE
■ [no] mirror-port port_num -- Define the mirror port for diagnostic purposes ([ethernet] PORT-NUM)
(p. 381)
EXAMPLES
Example: mirror-port
Assign port A6 as the monitoring port:
ProCurve(config)# mirror-port a6
COMMAND DETAILS
port_num (p. 381)
port_num
■ [no] mirror-port [ETHERNET] PORT-NUM
Usage: [no] mirror-port [[ethernet] PORT-NUM]
Description: Define the mirror port for diagnostic purposes. The device
ports or VLAN (if VLANs are enabled on the device) that will
be monitored are defined through the 'monitor' command in
either VLAN or interface context.
The network traffic seen by the monitored ports is copied to
the mirror port to which a network analyzer can be attached.
When mirroring multiple ports in a busy network,
some frames may not be copied to the monitoring port.
Parameters:
PORT-NUM - Port that will be acting as the monitoring port. It
© 2009 Hewlett-Packard Development Company, L.P.
381
Command Line Interface Reference Guide
mirror-port
cannot be a trunked port. The parameter must be specified,
if the 'no' keyword is not used. Otherwise, it must not be
present.
© 2009 Hewlett-Packard Development Company, L.P.
382
module
OVERVIEW
Category:
config
Primary context:
config
Related Commands
the section called “modules” (page 570)
Usage: module <MODULE-NUM> type <MODULE-TYPE>
Description: Configure type of the module.
COMMAND STRUCTURE
■ module < 1 to 12 > type < J8701A | J8702A | J8705A | ... > -- The type of the module. (p. 383)
EXAMPLES
Example: module SLOT-NUM type MODULE-TYPE
Configure slot 4 for module type j4820a:
ProCurve(config)# module 4 type j4820a
COMMAND DETAILS
type (p. 383)
type
■ module < 1 to 12 > type < J8701A | J8702A | J8705A | ... >
The type of the module.
Supported Values:
■ J8701A
■ J8702A
■ J8705A
■ J8706A
■ J8707A
■ J8708A
■ J8694A
■ J8992A
■ J9154A
■ J9051A
■ J9052A
■ J86yyA
■ J94yyA
■ J94zzA
■ J86xxA
■ J86yyA
■ J86xxA
■ J90XXA
■ J92zzA
© 2009 Hewlett-Packard Development Company, L.P.
383
Command Line Interface Reference Guide
■
■
■
■
■
module
J92yyA
J94wwa
JXXXXA
JXXXXB
JXXXXA
© 2009 Hewlett-Packard Development Company, L.P.
384
monitor
OVERVIEW
Category:
Primary context:
config
Related Commands
show monitor (page 570)
Usage: [no] monitor mac MAC-ADDR <src | dst | both> mirror <1-4 | NAME-STR>
Description: Set up traffic monitoring for a given MAC address. Network
traffic with this MAC address as the source or destination is
copied to the mirror port.
Parameters:
o MAC-ADDR - MAC address to be monitored
o <src | dst | both> - Type of traffic to monitor:
src - Monitor traffic with MAC-ADDR as the source.
dst - Monitor traffic with MAC-ADDR as the destination.
both - Monitor traffic with MAC-ADDR as the source or
destination.
o <1-4> - Mirror destination number
o NAME-STR - Friendly name associated with the mirror
destionation number.
COMMAND STRUCTURE
■ [no] monitor mac -- MAC address. (MAC-ADDR) (p. 385)
■ monitor_mac_direction < src | dst | both > -- (p. 386)
■ mirror -- Mirror destination. (p. 385)
■ mirror_session_id < 1 to 4 > -- Mirror destination number. (p. 386)
■ mirror_session_name -- Mirror destination name. (p. 386)
COMMAND DETAILS
mac (p. 385)
mirror (p. 385)
mirror_session_id (p. 386)
mirror_session_name (p. 386)
monitor_mac_direction (p. 386)
mac
■ [no] monitor mac MAC-ADDR
Configures the MAC address as selection criteria for mirroring traffic on
any port or learned VLAN on the switch.
Next Available Option:
■ monitor_mac_direction < src | dst | both > -- (p. 386)
mirror
■ [no] monitor mac MAC-ADDR < src | dst | both > mirror
Mirror destination. Assigns the inbound and/or outbound traffic filtered by the
specified
MAC address to a previously configured mirroring session. The session is identified
by a
© 2009 Hewlett-Packard Development Company, L.P.
385
Command Line Interface Reference Guide
monitor
number or (if configured) a name.
Depending on how many sessions are configured on the switch, you can use the same
command
to configure a MAC address as mirroring criteria in up to four sessions. To identify
a
session, you can enter either its name or number; for example: mirror 1 2 3 traffsrc4
Next Available Options:
■ mirror_session_id < 1 to 4 > -- Mirror destination number.(p. 386)
■ mirror_session_name -- Mirror destination name.(p. 386)
mirror_session_id
■ [no] monitor mac MAC-ADDR < src | dst | both > mirror < 1 to 4 >
Mirror destination number.
Range: < 1 to 4 >
mirror_session_name
■ [no] monitor mac MAC-ADDR < src | dst | both > mirror
Mirror destination name.
monitor_mac_direction
■ [no] monitor mac MAC-ADDR < src | dst | both >
Specifies how the MAC address is used to filter and mirror packets in inbound and/or
outbound
traffic on the interfaces on which the mirroring session is applied.
Supported Values:
■ src -- Monitor traffic with this MAC as source
■ dst -- Monitor traffic with this MAC as destination
■ both -- Monitor traffic with this MAC as source or destination
Next Available Option:
■ mirror -- Mirror destination.(p. 385)
© 2009 Hewlett-Packard Development Company, L.P.
386
page
OVERVIEW
Category:
CLI Setup
Primary context:
manager
Related Commands
Usage: [no] page
Description: Toggle paging mode. The printing is paused when a full page
of text has been displayed, or continues until end of output.
COMMAND STRUCTURE
© 2009 Hewlett-Packard Development Company, L.P.
387
password
OVERVIEW
Category:
Switch Management
Primary context:
config
Related Commands
front-panel-security (page 190)
show (page 511)
Usage: [no] password <manager|operator|port-access|all>
[user-name ASCII-STR] [<plaintext|sha1> ASCII-STR]
Description: Set or clear local password/username for a given access level.
Invoked without 'no', the command sets or changes existent
password(s). If no password provided in the command, the user
will be prompted to enter the new password twice. The command
removes specific local password protection, if preceded by 'no'.
Parameters:
o <manager|operator|port-access|all> - Level of access.
o user-name ASCII-STR - Username (up to 16 characters).
o <plaintext|sha-1> ASCII-STR - Format for the password entry, and
the password itself (up to 16 characters). 'plaintext' is
default type, and the only type accepted for 'port-access'.
COMMAND STRUCTURE
■ [no] password access < operator | manager > -- Set or clear local password/username for a given
access level (p. 388)
■ plaintext -- Enter plaintext password. (p. 390)
■ password -- Set password (ASCII-STR) (p. 389)
■ sha0 -- Enter SHA-0 hash of password. (p. 390)
■ password -- Set password (ASCII-STR) (p. 389)
■ sha1 -- Enter SHA-1 hash of password. (p. 390)
■ password -- Set password (ASCII-STR) (p. 389)
■ user-name -- Set username for the specified user category. (ASCII-STR) (p. 391)
■ plaintext -- Enter plaintext password. (p. 390)
■ password -- Set password (ASCII-STR) (p. 389)
■ sha0 -- Enter SHA-0 hash of password. (p. 390)
■ password -- Set password (ASCII-STR) (p. 389)
■ sha1 -- Enter SHA-1 hash of password. (p. 390)
■ password -- Set password (ASCII-STR) (p. 389)
■ [no] password all < all > -- Set or clear local password/username for a given access level (p. 389)
COMMAND DETAILS
access (p. 388)
all (p. 389)
password (p. 389)
plaintext (p. 390)
sha0 (p. 390)
sha1 (p. 390)
user-name (p. 391)
access
■ [no] password < operator | manager >
© 2009 Hewlett-Packard Development Company, L.P.
388
Command Line Interface Reference Guide
password
Usage: [no] password <manager|operator|port-access|all>
[user-name ASCII-STR] [<plaintext|sha1> ASCII-STR]
Description: Set or clear local password/username for a given access level.
Invoked without 'no', the command sets or changes existent
password(s). If no password provided in the command, the user
will be prompted to enter the new password twice. The command
removes specific local password protection, if preceded by 'no'.
Parameters:
o <manager|operator|port-access|all> - Level of access.
o user-name ASCII-STR - Username (up to 16 characters).
o <plaintext|sha1> ASCII-STR - Format for the password entry, and
the password itself (up to 16 characters). 'plaintext' is
default type, and the only type accepted for 'port-access'.
Supported Values:
■ operator -- Configure operator access.
■ manager -- Configure manager access.
Next Available Options:
■ user-name -- Set username for the specified user category. (ASCII-STR) (p. 391)
■ plaintext -- Enter plaintext password.(p. 390)
■ sha0 -- Enter SHA-0 hash of password.(p. 390)
■ sha1 -- Enter SHA-1 hash of password.(p. 390)
all
■ [no] password < all >
Usage: [no] password <manager|operator|port-access|all>
[user-name ASCII-STR] [<plaintext|sha1> ASCII-STR]
Description: Set or clear local password/username for a given access level.
Invoked without 'no', the command sets or changes existent
password(s). If no password provided in the command, the user
will be prompted to enter the new password twice. The command
removes specific local password protection, if preceded by 'no'.
Parameters:
o <manager|operator|port-access|all> - Level of access.
o user-name ASCII-STR - Username (up to 16 characters).
o <plaintext|sha1> ASCII-STR - Format for the password entry, and
the password itself (up to 16 characters). 'plaintext' is
default type, and the only type accepted for 'port-access'.
Supported Values:
■ all -- Configure all available types of access.
password
■ password < operator | manager > user-name USER-NAME plaintext PASSWORD
Set password
■ password < operator | manager > user-name USER-NAME sha0 PASSWORD
Set password
■ password < operator | manager > user-name USER-NAME sha1 PASSWORD
© 2009 Hewlett-Packard Development Company, L.P.
389
Command Line Interface Reference Guide
password
Set password
■ password < operator | manager > plaintext PASSWORD
Set password
■ password < operator | manager > sha0 PASSWORD
Set password
■ password < operator | manager > sha1 PASSWORD
Set password
plaintext
■ password < operator | manager > user-name USER-NAME plaintext
Enter plaintext password.
Next Available Option:
■ password -- Set password (ASCII-STR) (p. 389)
■ password < operator | manager > plaintext
Enter plaintext password.
Next Available Option:
■ password -- Set password (ASCII-STR) (p. 389)
sha0
■ password < operator | manager > user-name USER-NAME sha0
Enter SHA-0 hash of password.
Next Available Option:
■ password -- Set password (ASCII-STR) (p. 389)
■ password < operator | manager > sha0
Enter SHA-0 hash of password.
Next Available Option:
■ password -- Set password (ASCII-STR) (p. 389)
sha1
■ password < operator | manager > user-name USER-NAME sha1
Enter SHA-1 hash of password.
Next Available Option:
■ password -- Set password (ASCII-STR) (p. 389)
© 2009 Hewlett-Packard Development Company, L.P.
390
Command Line Interface Reference Guide
password
■ password < operator | manager > sha1
Enter SHA-1 hash of password.
Next Available Option:
■ password -- Set password (ASCII-STR) (p. 389)
user-name
■ password < operator | manager > user-name USER-NAME
Set username for the specified user category.
Next Available Options:
■ plaintext -- Enter plaintext password.(p. 390)
■ sha0 -- Enter SHA-0 hash of password.(p. 390)
■ sha1 -- Enter SHA-1 hash of password.(p. 390)
© 2009 Hewlett-Packard Development Company, L.P.
391
ping
OVERVIEW
Category:
Primary context:
operator
Related Commands
traceroute (page 690)
link-test (page 350)
ping6 (page 395)
Usage: ping <IP-ADDR|hostname|SWITCH-NUM>
[repetitions <1-10000>] [timeout <1-60>]
[data-size <0-65471>] [data-fill <0-1024>]
[source <IP_ADDR|VLAN-ID>]
Description: Send IPv4 ping request(s) to a device on the network.
Parameters:
o IP-ADDR - IPv4 address of device to ping.
o hostname - Hostname of device to which to send IPv4 ping.
o [repetitions <1-10000>] - Number of times to send ping; the default
value is 1.
o [timeout <1-60>] - Seconds within which a response is required
before the test is considered as failed; the default value is 5.
o [data-size <0-65471>] - Size of data to send; the default
size is 0.
o [data-fill <0-1024>] - The string to be filled in the data portion
of the packet. A string upto 1024 characters in length can be
specified. The default value is a 0 length string.
o [source <IP_ADDR|VLAN-ID>] - The source IPv4 address or VLAN.
Examples:
(1) hp-switch# ping 1.1.1.1
COMMAND STRUCTURE
ping data-fill -- Ping data fill string (size <0-1024>). (OCTET-STR) (p. 393)
ping data-size < 0 to 65471 > -- Ping data size <0-65471>. (NUMBER) (p. 393)
ping host-name -- Hostname of the device to ping. (ASCII-STR) (p. 393)
ping ip-addr -- IPv4 address of the device to ping. (IP-ADDR) (p. 393)
ping repetitions < 1 to 10000 > -- Number of packets to send <1-10000>. (NUMBER) (p. 393)
ping source -- Source address or VLAN. (p. 393)
■ ip-addr -- Source IPv4 address. (IP-ADDR) (p. 393)
■ vlan -- Source VLAN. (VLAN-ID) (p. 394)
■ ping switch-num -- The stack number of the switch to ping. (NUMBER) (p. 394)
■ ping timeout < 1 to 60 > -- Ping timeout in seconds <1-60>. (NUMBER) (p. 394)
■
■
■
■
■
■
© 2009 Hewlett-Packard Development Company, L.P.
392
Command Line Interface Reference Guide
ping
EXAMPLES
Example: ping IP-ADDR
Send an IP Ping request to the device that has IP address 10.10.10.1:
ProCurve# ping 10.10.10.1
10.10.10.1 is alive, time = 50 ms
COMMAND DETAILS
data-fill (p. 393)
data-size (p. 393)
host-name (p. 393)
ip-addr (p. 393)
repetitions (p. 393)
source (p. 393)
switch-num (p. 394)
timeout (p. 394)
vlan (p. 394)
data-fill
■ ping data-fill OCTET-STR
Ping data fill string (size <0-1024>).
data-size
■ ping data-size < 0 to 65471 >
Ping data size <0-65471>.
Range: < 0 to 65471 >
host-name
■ ping HOST-NAME
Hostname of the device to ping.
ip-addr
■ ping IP-ADDR
IPv4 address of the device to ping.
■ ping source IP-ADDR
Source IPv4 address.
repetitions
■ ping repetitions < 1 to 10000 >
Number of packets to send <1-10000>.
Range: < 1 to 10000 >
source
■ ping source
Source address or VLAN.
Next Available Options:
■ vlan -- Source VLAN. (VLAN-ID) (p. 394)
■ ip-addr -- Source IPv4 address. (IP-ADDR) (p. 393)
© 2009 Hewlett-Packard Development Company, L.P.
393
Command Line Interface Reference Guide
ping
switch-num
■ ping NUMBER
The stack number of the switch to ping.
timeout
■ ping timeout < 1 to 60 >
Ping timeout in seconds <1-60>.
Range: < 1 to 60 >
vlan
■ ping source VLAN-ID
Source VLAN.
© 2009 Hewlett-Packard Development Company, L.P.
394
ping6
OVERVIEW
Category:
Primary context:
operator
Related Commands
ping (page 392)
traceroute6 (page 695)
Usage: ping6 <IPV6-ADDR|hostname>
[repetitions <1-10000>] [timeout <1-60>]
[data-size <0-65471>] [data-fill <0-1024>]
[source <IPV6-ADDR|VLAN-ID>]
Description: Send IPv6 ping request(s) to a device on the network.
Parameters:
o IPV6-ADDR - IPv6 address of device to ping.
o hostname
- Hostname of device to which to send IPv6 ping.
o [repetitions <1-10000>] - Number of times to send ping; the default
value is 1.
o [timeout <1-60>] - Seconds within which a response is required
before the test is considered as failed; the default value is 5.
o [data-size <0-65471>] - Specifies the size of the data in the ICMP echo
packet; the default value is 0.
o [data-fill <1-10000>] - Specifies the data pattern to be filled in the
data of the ICMP echo packet; the default pattern is .
o [source <IPV6_ADDR|VLAN-ID>] - The source IPv6 address or VLAN.
COMMAND STRUCTURE
ping6 data-fill -- Ping data fill string (size <0-1024>). (OCTET-STR) (p. 396)
ping6 data-size < 0 to 65471 > -- Ping data size <0-65471>. (NUMBER) (p. 396)
ping6 host-name -- Hostname of the device to ping. (ASCII-STR) (p. 396)
ping6 ipv6-addr -- IPv6 address of device to ping. (IPV6-ADDR) (p. 396)
ping6 repetitions < 1 to 10000 > -- Number of packets to send <1-10000>. (NUMBER) (p. 396)
ping6 source -- Source address or VLAN. (p. 396)
■ ip-addr -- Source IPv6 address. (IPV6-ADDR) (p. 396)
■ vlan -- Source VLAN. (VLAN-ID) (p. 397)
■ ping6 timeout < 1 to 60 > -- Ping timeout in seconds <1-60>. (NUMBER) (p. 397)
■
■
■
■
■
■
EXAMPLES
Example: ping6
Ping an IPv6 address:
© 2009 Hewlett-Packard Development Company, L.P.
395
Command Line Interface Reference Guide
ping6
ProCurve# ping6 80fe::20b:cdff:fedd:9a62
ProCurve# ping6 fe80::5%vlan20
COMMAND DETAILS
data-fill (p. 396)
data-size (p. 396)
host-name (p. 396)
ip-addr (p. 396)
ipv6-addr (p. 396)
repetitions (p. 396)
source (p. 396)
timeout (p. 397)
vlan (p. 397)
data-fill
■ ping6 data-fill OCTET-STR
Text string used as data in ping packets. You can enter up to 1024
alphanumeric characters in the text.
Valid values: 0-1024.
Default: 0 (no text is used)
data-size
■ ping6 data-size < 0 to 65471 >
Size of data (in bytes) to be ent in ping packets.
Valid values: 0-65471.
Range: < 0 to 65471 >
Default: 0
host-name
■ ping6 HOST-NAME
Hostname of the device to ping.
ip-addr
■ ping6 source IPV6-ADDR
Source IPv6 address.
ipv6-addr
■ ping6 IPV6-ADDR
IPv6 address of device to ping.
repetitions
■ ping6 repetitions < 1 to 10000 >
Number of times that IPv6 ping packets are sent to the destination
IPv6 host. Valid values are: <1-10000>.
Range: < 1 to 10000 >
Default: 1
source
■ ping6 source
© 2009 Hewlett-Packard Development Company, L.P.
396
Command Line Interface Reference Guide
ping6
Source address or VLAN.
Next Available Options:
■ vlan -- Source VLAN. (VLAN-ID) (p. 397)
■ ip-addr -- Source IPv6 address. (IPV6-ADDR) (p. 396)
timeout
■ ping6 timeout < 1 to 60 >
Number of seconds within which a response is required from the destination
host before the ping test times out. Valid values: <1-60>.
Range: < 1 to 60 >
Default: 1 second
vlan
■ ping6 source VLAN-ID
Source VLAN.
© 2009 Hewlett-Packard Development Company, L.P.
397
policy
OVERVIEW
Category:
Primary context:
config
Related Commands
class (page 79)
Usage:
[no] policy <qos | pbr | mirror> <name>
Description: Create a classifier policy and enter the policy context.
Parameters are policy type and policy name.
COMMAND STRUCTURE
■ [no] policy mirror -- Enter mirror type policy name (ASCII-STR) (p. 399)
■ [no] policy qos -- Enter qos type policy name (ASCII-STR) (p. 399)
■ policy resequence -- Renumber the entries in the policy. (p. 399)
■ name -- Specify the policy name. (ASCII-STR) (p. 399)
■ start-seq-num < 1 to 2147483646 > -- Specify the starting sequence number. (p. 399)
■ incr-num < 1 to 2147483645 > -- Specify the increment. (p. 398)
EXAMPLES
Example: policy
In the following QoS policy configuration, matching HTTP packets are rate-limited to 10000 kbps and
assigned an 802.1p (CoS) priority of 3 in their Layer 2 VLAN headers. All unmatched packets are
managed by the default class, which assigns a slightly higher 802.1p priority (4) and a new DSCP
codepoint (5):
ProCurve(config)# class
ProCurve(class-config)#
ProCurve(class-config)#
ProCurve(class-config)#
ipv4 http
match tcp any any eq 80
match tcp any any eq 8080
exit
ProCurve(config)# policy
ProCurve(policy-config)#
ProCurve(policy-config)#
ProCurve(policy-config)#
ProCurve(policy-config)#
qos RateLimitPrioritizeSuspectTraffic
class ipv4 http action rate-limit kbps 10000
class ipv4 http action priority 3
default-class action priority 4 dscp 5
exit
COMMAND DETAILS
incr-num (p. 398)
mirror (p. 399)
name (p. 399)
qos (p. 399)
resequence (p. 399)
start-seq-num (p. 399)
incr-num
■ policy resequence NAME < 1 to 2147483646 > < 1 to 2147483645 >
Specify the increment.
Range: < 1 to 2147483645 >
© 2009 Hewlett-Packard Development Company, L.P.
398
Command Line Interface Reference Guide
policy
mirror
■ [no] policy mirror MIRROR
Enter mirror type policy name
name
■ policy resequence NAME
Specify the policy name.
Next Available Option:
■ start-seq-num < 1 to 2147483646 > -- Specify the starting sequence number. (p. 399)
qos
■ [no] policy qos QOS
Enter qos type policy name
resequence
■ policy resequence
Renumber the entries in the policy.
Next Available Option:
■ name -- Specify the policy name. (ASCII-STR) (p. 399)
start-seq-num
■ policy resequence NAME < 1 to 2147483646 >
Specify the starting sequence number.
Range: < 1 to 2147483646 >
Next Available Option:
■ incr-num < 1 to 2147483645 > -- Specify the increment. (p. 398)
© 2009 Hewlett-Packard Development Company, L.P.
399
port-security
OVERVIEW
Category:
Port Security
Primary context:
config
Related Commands
show (page 511)
show (page 511)
Usage: [no] port-security [ethernet] PORT-LIST
[learn-mode <continuous|static|configured|
limited-continuous|port-access>]
[address-limit <1-32>]
[mac-address MAC-ADDR [MAC-ADDR ...]]
[action <none|send-alarm|send-disable>]
[clear-intrusion-flag]
Description: Set the port-security operation(s) for each port in port list.
Parameters:
o learn-mode <continuous|static|configured|limited-continuous|port-access>
If 'continuous' is specified, the port continually learns new
addresses on the port. If 'static' is specified, the user
can configure addresses that are authorized to use on that port
and let the switch learn the remaining addresses up to the
specified address-limit. If 'configured' is specified, up
to address-limit configured addresses are authorized. Use the
'address-limit' parameter to specify the maximum number of
static addresses for the port.
The 'port-access' instructs the device to learn only the MAC
addresses authorized by 802.1X or Web/MAC authentication
subsystem. After a MAC address is authorized, only traffic
from the authorized MAC address is allowed.
If 'limited-continuous' is specified, the first
'address-limit' source MAC addresses heard on this
port become the authorized addresses. When new authorized
addresses are learned, they are stored in a table. When
the table has reached its 'address-limit', any
new source MAC addresses received on the port
constitutes an intrusion. The authorized addresses in
this mode will age out of the system, therefore the
list of authorized addresses can be dynamic over time.
o address-limit <1-N> - This parameter is valid only when the learn-mode
is static, configured, or limited-continuous.
It defines the number of MAC address that the table for the
given port will hold. For static and configured N is equal
to 8. For limited-continuous N is equal to 32.
o mac-address MAC-ADDR ... - This 12-hex digit parameter is only valid
when the learn-mode is static. The parameter is used to configure
the addresses that are authorized to use the port. The maximum
number of authorized addresses that may be configured and
learned is 8. If the number of configured addresses is less
than the address-limit, the switch will learn the remaining
number of addresses. Several addresses can be specified in
one command line.
© 2009 Hewlett-Packard Development Company, L.P.
400
Command Line Interface Reference Guide
port-security
o action <none|send-alarm|send-disable> - Indicates the port security
action the switch will take if an intruder is detected on the
port.
o clear-intrusion-flag - clears intrusion indicator for the ports
specified in the command PORT-LIST.
COMMAND STRUCTURE
■ port-security [ETHERNET] PORT-LIST action < none | send-alarm | send-disable > -- Define device's
action in case of an intrusion detection. (p. 401)
■ port-security [ETHERNET] PORT-LIST address-limit < 1 to 32 > -- Define number of authorized
addresses on the port(s). (p. 401)
■ port-security [ETHERNET] PORT-LIST clear-intrusion-flag -- Clear intrusion indicator for the port(s)
(p. 401)
■ port-security [ETHERNET] PORT-LIST learn-mode < continuous | static | configured | ... > -- Define
the mode of acquiring authorized MAC address(es). (p. 401)
■ [no] port-security [ETHERNET] PORT-LIST mac-address -- Configure the address(es) authorized
on the port(s). (p. 402)
■ mac-addr -- Authorized MAC address. (MAC-ADDR) (p. 402)
COMMAND DETAILS
action (p. 401)
address-limit (p. 401)
clear-intrusion-flag (p. 401)
learn-mode (p. 401)
mac-addr (p. 402)
mac-address (p. 402)
action
■ port-security [ETHERNET] PORT-LIST action < none | send-alarm | send-disable >
Define device's action in case of an intrusion detection.
Supported Values:
■ none
■ send-alarm
■ send-disable
address-limit
■ port-security [ETHERNET] PORT-LIST address-limit < 1 to 32 >
Define number of authorized addresses on the port(s).
Range: < 1 to 32 >
clear-intrusion-flag
■ port-security [ETHERNET] PORT-LIST clear-intrusion-flag
Clear intrusion indicator for the port(s)
learn-mode
■ port-security [ETHERNET] PORT-LIST learn-mode < continuous | static | configured | ... >
Define the mode of acquiring authorized MAC address(es).
Supported Values:
■ continuous -- Continuous MAC address learn mode.
■ static -- Static MAC address learn mode.
■ configured -- Static MAC address configured mode.
© 2009 Hewlett-Packard Development Company, L.P.
401
Command Line Interface Reference Guide
port-security
■ port-access -- Learn port-access authorized MAC address only.
■ limited-continuous -- Limited continuous MAC address learn mode.
mac-addr
■ port-security [ETHERNET] PORT-LIST mac-address MAC-ADDR
Authorized MAC address.
mac-address
■ [no] port-security [ETHERNET] PORT-LIST mac-address
Configure the address(es) authorized on the port(s).
Next Available Option:
■ mac-addr -- Authorized MAC address. (MAC-ADDR) (p. 402)
© 2009 Hewlett-Packard Development Company, L.P.
402
power-over-ethernet
OVERVIEW
Category:
Primary context:
config
Related Commands
show power-over-ethernet (page 581)
Usage: power [slot <SLOT-LIST>] [threshold <1-99>][optional-parameters]
Description: Set Power Over Ethernet(poe) configuration parameters.
threshold - set the power consumption percentage at which
a trap should be sent.
optional-parameters - Use <TAB> or <?> after entering power
to see a list of all available options.
NOTES
Replaces "power" Command
The "interface power-over-ethernet" command replaces the " interface power" command that
was used in earlier versions. The "show power-over-ethernet" command replaces the "show
power-management" command that was used in earlier versions.
COMMAND STRUCTURE
■ [no] power-over-ethernet pre-std-detect -- Detect and power pre-802 (p. 404)
■ [no] power-over-ethernet redundancy -- Set how much power is held in reserve for redundancy
(p. 404)
■ redundancy_type < n+1 | full > -- Set how much power is held in reserve for redundancy
(NUMBER) (p. 404)
■ power-over-ethernet slot -- Optional - Specify a valid powered-slot list for power threshold setting
or omit to set all powered-slots. (SLOT-ID-RANGE) (p. 405)
■ threshold < 1 to 99 > -- Set the power consumption percentage at which a trap should be sent.
(NUMBER) (p. 405)
■ power-over-ethernet threshold < 1 to 99 > -- Set the power consumption percentage at which a
trap should be sent. (NUMBER) (p. 405)
EXAMPLES
Example: interface command with power-over-ethernet
ProCurve(config)# interface c5-c10, c23-c24, d1-d10, d12 power-over-ethernet high
All ports on module C are prioritized as critical:
ProCurve(config)# interface c1-c24 power-over-ethernet critical
All ports on module A are prioritized as low:
ProCurve(config)# interface a1-a24 power-over-ethernet low
© 2009 Hewlett-Packard Development Company, L.P.
403
Command Line Interface Reference Guide
power-over-ethernet
Example: power-over-ethernet threshold option
Executing the following command sets the global notification threshold to 70% of available PoE
power:
ProCurve(config)# power-over-ethernet threshold 70
COMMAND DETAILS
pre-std-detect (p. 404)
redundancy (p. 404)
redundancy_type (p. 404)
slot (p. 405)
threshold (p. 405)
pre-std-detect
■ [no] power-over-ethernet pre-std-detect
Usage: [NO] power-over-ethernet pre-std-detect
Description: Detect and power pre-802.3af-standard devices. This is enabled
by default.
redundancy
■ [no] power-over-ethernet redundancy
Usage: [NO] power redundancy [n+1|full]
Description: Set how much power is held in reserve for redundancy.
NO
- All available power can be allocated to powered devices.
n+1 - One of the highest power supplies will be held in
reserve. In the event of a simgle power supply failure,
no powered devices will be shut down.
full - Half of the available power supplies will be held in
reserve.
Default: No PoE redundancy enforced.
Next Available Option:
■ redundancy_type < n+1 | full > -- Set how much power is held in reserve for redundancy
(NUMBER) (p. 404)
redundancy_type
■ power-over-ethernet redundancy < n+1 | full >
Usage: [NO] power redundancy [n+1|full]
Description: Set how much power is held in reserve for redundancy.
NO
- All available power can be allocated to powered devices.
n+1 - One of the highest power supplies will be held in
reserve. In the event of a simgle power supply failure,
no powered devices will be shut down.
full - Half of the available power supplies will be held in
reserve.
Supported Values:
■ n+1
© 2009 Hewlett-Packard Development Company, L.P.
404
Command Line Interface Reference Guide
power-over-ethernet
■ full
slot
■ power-over-ethernet slot SLOT-ID-RANGE
Optional - Specify a valid powered-slot list for power threshold setting or
omit to set all powered-slots.
Next Available Option:
■ threshold < 1 to 99 > -- Set the power consumption percentage at which a trap should be sent.
(NUMBER) (p. 405)
threshold
■ power-over-ethernet threshold < 1 to 99 >
Set the power consumption percentage at which a trap should be sent.
Note that the last "threshold" command affecting a given slot supersedes
the previous threshold command affecting the same slot.
Range: < 1 to 99 >
■ power-over-ethernet slot SLOT-ID-RANGE threshold < 1 to 99 >
Set the power consumption percentage at which a trap should be sent.
Range: < 1 to 99 >
© 2009 Hewlett-Packard Development Company, L.P.
405
primary-vlan
OVERVIEW
Category:
config
Primary context:
config
Related Commands
the section called “vlan” (page 603)
Usage: primary-vlan VLAN-ID
Description: Set the VLAN that is to be used as the primary VLAN.
The primary VLAN comes into play for features such as
stacking, DHCP, and TIMEP.
COMMAND STRUCTURE
EXAMPLES
Example: primary-vlan VLAN-ID
Reassign the Primary VLAN and change the VLAN name:
ProCurve(config)# primary-vlan 22
ProCurve(config)# vlan 22 name 22-Primary
ProCurve(config)# show vlans
Status and Counters - VLAN Information
Maximum VLANs to support: 8
Primary VLAN: 22-Primary
Management VLAN:
802.1Q VLAN ID
-------------1
22
Name
-----------DEFAULT_VLAN
22-Primary
© 2009 Hewlett-Packard Development Company, L.P.
Status
---------Static
Static
Voice
----No
No
Jumbo
----No
No
406
print
OVERVIEW
Category:
Primary context:
manager
Related Commands
Usage: print COMMAND-STR
Description: Execute a command and redirect its output to the device channel
for current session.
COMMAND STRUCTURE
■ print command -- Command to execute. Use quotes for multiword commands. (ASCII-STR) (p.
407)
COMMAND DETAILS
command (p. 407)
command
■ print COMMAND
Command to execute. Use quotes for multiword commands.
© 2009 Hewlett-Packard Development Company, L.P.
407
p-wireless-services
OVERVIEW
Category:
Primary context:
config
Related Commands
COMMAND STRUCTURE
■ p-wireless-services p-wireless-services -- (SLOT-ID) (p. 408)
■ config -- (ASCII-STR) (p. 408)
COMMAND DETAILS
config (p. 408)
p-wireless-services (p. 408)
config
■ p-wireless-services SLOT-ID config CONFIG
p-wireless-services
■ p-wireless-services SLOT-ID
Next Available Option:
■ config -- (ASCII-STR) (p. 408)
© 2009 Hewlett-Packard Development Company, L.P.
408
qinq
OVERVIEW
Category:
Primary context:
config
Related Commands
svlan (page 661)
vlan (page 706)
show qinq (page 582)
Usage:
[no] qinq [ <mixedvlan|svlan> [tag-type<tpid>] ]
Description: Configure the device qinq mode. The command 'no qinq' disables
qinq on the device (no tag-stacking). Changing qinq mode from
one to another requires reboot to take effect and the device
will boot up with a default configuration for the new qinq mode.
Parameters:
mixedvlan - This is a qinq mode with support for both CVLANs and SVLANs.
svlan
- This is a qinq mode with only SVLANs support.
tag-type - The tpid (ethertype) for provider tagged frames. The default
tpid value is 0x88a8.
COMMAND STRUCTURE
■ qinq mixedvlan -- Configure as mixedvlan mode (p. 409)
■ tag-type < 1536 to 65535 > -- Configure qinq tag-type (HEX NUMBER) (p. 410)
■ qinq svlan -- Configure as svlan mode (p. 410)
■ tag-type < 1536 to 65535 > -- Configure qinq tag-type (HEX NUMBER) (p. 410)
EXAMPLES
Example: Enable QinQ
Enable QinQ:
Edge l(config)# qinq svlan tag-type 88a8
Edge 2(config)# qinq svlan tag-type 88a8
COMMAND DETAILS
mixedvlan (p. 409)
svlan (p. 410)
tag-type (p. 410)
mixedvlan
■ qinq mixedvlan
Configure as mixedvlan mode. Mixed vlan mode configuration supports both C-VLAN
and S-VLAN operations on the same device. This allows the use of S-VLAN member
ports for QinQ tunneling.
The main advantage for mixed vlan mode is that users do not have to dedicate
the entire switch as a QinQ access switch.
Requires a reboot to take effect.
Next Available Option:
■ tag-type < 1536 to 65535 > -- Configure qinq tag-type (HEX NUMBER) (p. 410)
© 2009 Hewlett-Packard Development Company, L.P.
409
Command Line Interface Reference Guide
qinq
svlan
■ qinq svlan
Configure as svlan mode. Globally enables QinQ svlan mode, an S-VLAN only
environment that supports port-based or s-tagged interfaces of the standard.
Requires a reboot to take effect.
Next Available Option:
■ tag-type < 1536 to 65535 > -- Configure qinq tag-type (HEX NUMBER) (p. 410)
tag-type
■ qinq mixedvlan tag-type < 1536 to 65535 >
Configure qinq tag-type
Range: < 1536 to 65535 >
■ qinq svlan tag-type < 1536 to 65535 >
Configure qinq tag-type
Range: < 1536 to 65535 >
© 2009 Hewlett-Packard Development Company, L.P.
410
qos
OVERVIEW
Category:
QoS
Primary context:
config
Related Commands
show (page 511)
Usage: [no] qos ...
Description: Configure Quality of Service (QoS) on the device. The
command must be followed by a keyword defining a subdomain
of the QoS parameters to configure.
COMMAND STRUCTURE
■ [no] qos apptype < udp-port | tcp-port > -- Configure priorities for TCP/UDP services (p. 415)
■ ip-all -- Specify range of TCP/UDP ports from [to] which to prioritize traffic. (p. 424)
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ range -- Specify range of TCP/UDP ports from [to] which to prioritize traffic. (p. 432)
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ max-port-num -- Maximal TCP/UDP port in the range from [to] which to prioritize
traffic. (TCP/UDP-PORT) (p. 425)
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY)
(p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ ipv4 -- Specify range of TCP/UDP ports from [to] which to prioritize traffic. (p. 425)
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ range -- Specify range of TCP/UDP ports from [to] which to prioritize traffic. (p. 432)
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ max-port-num -- Maximal TCP/UDP port in the range from [to] which to prioritize
traffic. (TCP/UDP-PORT) (p. 425)
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY)
(p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
© 2009 Hewlett-Packard Development Company, L.P.
411
Command Line Interface Reference Guide
qos
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ ipv6 -- Specify range of TCP/UDP ports from [to] which to prioritize traffic. (p. 425)
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ range -- Specify range of TCP/UDP ports from [to] which to prioritize traffic. (p. 432)
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ max-port-num -- Maximal TCP/UDP port in the range from [to] which to prioritize
traffic. (TCP/UDP-PORT) (p. 425)
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY)
(p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ range -- Specify range of TCP/UDP ports from [to] which to prioritize traffic. (p. 432)
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ max-port-num -- Maximal TCP/UDP port in the range from [to] which to prioritize traffic.
(TCP/UDP-PORT) (p. 425)
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p.
416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ [no] qos device-priority -- Configure device-based priority (p. 417)
■ ip-addr -- specify the ipv4 address of the device to set the priority (IP-ADDR) (p. 424)
■ dscp -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ ipv4/mask -- specify the ipv4 address with subnet mask of the device to set the priority
(IP-ADDR/mask-LENGTH) (p. 425)
■ dscp -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
© 2009 Hewlett-Packard Development Company, L.P.
412
Command Line Interface Reference Guide
■
■
■
■
qos
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ ipv6 -- specify the ipv6 address of the device to set the priority (IPV6-ADDR) (p. 425)
■ dscp -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ ipv6/mask -- specify the ipv6 address with prefix-length of the device to set the priority
(IPV6-ADDR/PREFIX-LEN) (p. 425)
■ dscp -- Specify DSCP policy to use. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP
(Differentiated-Services Codepoint) value and an 802 (p. 434)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
[no] qos dscp-map -- Define mapping between a DSCP (Differentiated-Services Codepoint) value
and an 802 (p. 421)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ name -- Specify DSCP->priority mapping name. (p. 426)
■ name-string -- Specify DSCP->priority mapping name. (ASCII-STR) (p. 426)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ name -- Specify DSCP->priority mapping name. (p. 426)
■ name-string -- Specify DSCP->priority mapping name. (ASCII-STR) (p. 426)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802 (p. 434)
■ name -- Specify DSCP->priority mapping name. (p. 426)
■ name-string -- Specify DSCP->priority mapping name. (ASCII-STR) (p. 426)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
[no] qos protocol < IP | IPX | ARP | ... > -- Configure protocol-based priority (p. 431)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
qos queue-config -- Sets the number of outbound port queues that buffer the packets depending
on their 802 (p. 432)
■ 2-queues -- Set the number of outbound port queues for all switch ports. (p. 415)
■ 4-queues -- Set the number of outbound port queues for all switch ports. (p. 415)
■ 8-queues -- Set the number of outbound port queues for all switch ports. (p. 415)
[no] qos type-of-service -- Configure the Type-of-Service method the device uses to prioritize IP
traffic (p. 433)
■ diff-services -- In IP Differentiated Services (Diffserv) mode, IPv4 packets are classified and
given a QoS priority based on the upper 6 bits of the IP ToS field from the packets as they enter
the switch. The assignment of Diffserv Codepoints to 802.1p priorities is done via the qos
dscp-map command. Any Diffserv Codepoint in an inbound IPv4 packet can be re-mapped to
a different codepoint (and its associated 802.1p priority) on outbound. This is done by using
the syntax: qos type-of-service diff-services <af11..ef|0-63|000000...111111> dscp
<af11..ef|0-63|000000...111111> (p. 418)
■ binary-codepoint < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ dscp -- Define Differentiated Services Codepoint to which to map IP ToS. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
© 2009 Hewlett-Packard Development Company, L.P.
413
Command Line Interface Reference Guide
qos
■ well-defined < af11 | af12 | af13 | ... > -- Define Differentiated Services Codepoint to
which to map IP ToS. (p. 434)
■ integer-codepoint < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 422)
■ dscp -- Define Differentiated Services Codepoint to which to map IP ToS. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define Differentiated Services Codepoint to
which to map IP ToS. (p. 434)
■ well-defined-codepoint < af11 | af12 | af13 | ... > -- Configure the Type-of-Service method
the device uses to prioritize IP traffic (p. 453)
■ dscp -- Define Differentiated Services Codepoint to which to map IP ToS. (p. 418)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ well-defined < af11 | af12 | af13 | ... > -- Define Differentiated Services Codepoint to
which to map IP ToS. (p. 434)
■ ip-precedence -- In IP-Precedence mode, IPv4 packets are classified and given a QoS priority
based on the upper 3 bits of the IP ToS field. The priority association is automatic and cannot
be changed: IP-Precedence 802.1p ToS Bits Priority -------------------------------- 111 7 (Highest) 110
6 101 5 100 4 011 3 010 0 (Normal) 001 2 (Low) 000 1 (Lowest) (p. 424)
EXAMPLES
Example: qos
The following example shows the 802.1p priority for the UDP and TCP port prioritization.
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
qos
qos
qos
qos
qos
tcp-port
udp-port
tcp-port
udp-port
udp-port
23 priority 7
23 priority 7
80 priority 2
80 priority 1
range 100 199 priority 3
ProCurve(config)# show qos tcp-udp-port-priority
TCP/UDP port based priorities
Protocol
-------TCP
UDP
TCP
UDP
UDP
|
|
+
|
|
|
|
|
Application
Port
----------23
23
80
80
100-199
Apply rule
---------Priority
Priority
Priority
Priority
Priority
|
| DSCP
+ -----|
|
|
|
|
Priority
----------7
7
2
1
3
Example: qos
This example assigns the DSCP policies to the selected UDP/TCP port applications.
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
qos
qos
qos
qos
udp-port
tcp-port
tcp-port
udp-port
23 dscp 000111
80 dscp 000101
914 dscp 000010
range 1001 2000 dscp 000010
ProCurve(config)# show qos tcp-udp-port-priority
TCP/UDP port based priorities
© 2009 Hewlett-Packard Development Company, L.P.
414
Command Line Interface Reference Guide
Protocol
-------UDP
TCP
TCP
UDP
|
|
+
|
|
|
|
Application
Port
----------23
80
914
1001-2000
qos
Apply rule
---------DSCP
DSCP
DSCP
DSCP
|
|
+
|
|
|
|
DSCP
Priority
------ ---------000111
7
000101
5
000010
1
000010
1
COMMAND DETAILS
2-queues (p. 415)
4-queues (p. 415)
8-queues (p. 415)
apptype (p. 415)
binary-codepoint (p. 416)
binary-range (p. 416)
device-priority (p. 417)
diff-services (p. 418)
dscp (p. 418)
dscp-map (p. 421)
integer-codepoint (p. 422)
integer-range (p. 423)
ip-addr (p. 424)
ip-all (p. 424)
ip-precedence (p. 424)
ipv4 (p. 425)
ipv4/mask (p. 425)
ipv6 (p. 425)
ipv6/mask (p. 425)
max-port-num (p. 425)
name (p. 426)
name-string (p. 426)
port-num (p. 427)
priority (p. 428)
protocol (p. 431)
queue-config (p. 432)
range (p. 432)
type-of-service (p. 433)
well-defined (p. 434)
well-defined-codepoint (p. 453)
2-queues
■ qos queue-config 2-queues
Set the number of outbound port queues for all switch ports.
4-queues
■ qos queue-config 4-queues
Set the number of outbound port queues for all switch ports.
8-queues
■ qos queue-config 8-queues
Set the number of outbound port queues for all switch ports.
apptype
■ [no] qos < udp-port | tcp-port >
Usage: [no] qos <udp|tcp> <[ipv4]|ipv6|ip-all> <TCP/UDP-PORT|range TCP/UDP-PORT
MAX-TCP/UDP-PORT>
[dscp <0..63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
priority <0-7>]
Description: Configure priorities for TCP/UDP services. The priority can
be defined for packets sourced and destined to a particular
TCP/UDP service. The specified priority value will be placed
in the 802.1p priority field of outgoing tagged packets. The
packets will also be placed in the appropriate outbound priority
queue. '7' means highest priority. If 'dscp' is specified, the
© 2009 Hewlett-Packard Development Company, L.P.
415
Command Line Interface Reference Guide
qos
priority of the outgoing packets is defined by the
Differentiated Services Codepoint mapping (see 'show qos
dscp-map'). Using 'no' removes any priority assignment for
this TCP/UDP service.
If MAX-TCP/UDP-PORT is specified then the priority is applied
to all TCP/UDP ports in the range from TCP/UDP-PORT to
MAX-TCP/UDP-PORT.
Supported Values:
■ udp-port -- Set UDP port based priority.
■ tcp-port -- Set TCP port based priority.
Next Available Options:
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ range -- Specify range of TCP/UDP ports from [to] which to prioritize traffic.(p. 432)
■ ipv4 -- Specify range of TCP/UDP ports from [to] which to prioritize traffic.(p. 425)
■ ipv6 -- Specify range of TCP/UDP ports from [to] which to prioritize traffic.(p. 425)
■ ip-all -- Specify range of TCP/UDP ports from [to] which to prioritize traffic.(p. 424)
binary-codepoint
■ [no] qos type-of-service diff-services < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
Next Available Option:
■ dscp -- Define Differentiated Services Codepoint to which to map IP ToS.(p. 418)
binary-range
■ qos device-priority IP-ADDR dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos device-priority IP-ADDR/mask-LENGTH dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos device-priority IPV6-ADDR dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos device-priority IPV6-ADDR/PREFIX-LEN dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ [no] qos dscp-map < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
Next Available Options:
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
© 2009 Hewlett-Packard Development Company, L.P.
416
Command Line Interface Reference Guide
qos
■ name -- Specify DSCP->priority mapping name. (p. 426)
■ qos < udp-port | tcp-port > TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > range TCP/UDP-PORT TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ipv4 TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ipv4 range TCP/UDP-PORT TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ipv6 TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ipv6 range TCP/UDP-PORT TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ip-all TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ip-all range TCP/UDP-PORT TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos type-of-service diff-services < 0 to 63 > dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos type-of-service diff-services < 0 to 63 > dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
■ qos type-of-service diff-services < af11 | af12 | af13 | ... > dscp < 0 to 63 >
Specify the DSCP code-point in binary.
Range: < 0 to 63 >
device-priority
■ [no] qos device-priority
© 2009 Hewlett-Packard Development Company, L.P.
417
Command Line Interface Reference Guide
qos
Usage: [no] qos device-priority
<IP-ADDR[/mask-or-prefix-length] |
IPV6_ADDR[/CIDR mask length]>
[dscp <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
priority <0-7>]
Description: Configure device-based priority. The priority can be set for
IP packets from/to a particular IP Address. The specified
priority value will be placed in the 802.1p priority field of
outgoing tagged packets. The packets will also be placed in
the appropriate outbound priority queue. '7' means highest
priority. If 'dscp' is specified, the priority of the outgoing
packets is defined by the Differentiated Services Codepoint
mapping (see 'show qos dscp-map'). Using 'no' removes any
priority assignment for this IP address.
Next Available Options:
■ ip-addr -- specify the ipv4 address of the device to set the priority (IP-ADDR) (p. 424)
■ ipv4/mask -- specify the ipv4 address with subnet mask of the device to set the priority
(IP-ADDR/mask-LENGTH) (p. 425)
■ ipv6 -- specify the ipv6 address of the device to set the priority (IPV6-ADDR) (p. 425)
■ ipv6/mask -- specify the ipv6 address with prefix-length of the device to set the priority
(IPV6-ADDR/PREFIX-LEN) (p. 425)
diff-services
■ qos type-of-service diff-services
In IP Differentiated Services (Diffserv) mode, IPv4 packets are classified
and given a QoS priority based on the upper 6 bits of the IP ToS
field from the packets as they enter the switch.
The assignment of Diffserv Codepoints to 802.1p priorities is done
via the
qos dscp-map
command.
Any Diffserv Codepoint in an inbound IPv4 packet can be re-mapped to
a different codepoint (and its associated 802.1p priority) on
outbound. This is done by using the syntax:
qos type-of-service diff-services <af11..ef|0-63|000000...111111> dscp
<af11..ef|0-63|000000...111111>
Next Available Options:
■ integer-codepoint < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 422)
■ binary-codepoint < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined-codepoint < af11 | af12 | af13 | ... > -- Configure the Type-of-Service method the
device uses to prioritize IP traffic(p. 453)
dscp
■ qos device-priority IP-ADDR dscp
Specify DSCP policy to use.
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
© 2009 Hewlett-Packard Development Company, L.P.
418
Command Line Interface Reference Guide
qos
■ qos device-priority IP-ADDR/mask-LENGTH dscp
Specify DSCP policy to use.
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos device-priority IPV6-ADDR dscp
Specify DSCP policy to use.
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos device-priority IPV6-ADDR/PREFIX-LEN dscp
Specify DSCP policy to use.
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos < udp-port | tcp-port > TCP/UDP-PORT dscp
Specify DSCP policy to use.
Supported Values:
Binary formatted value from 000000 to 111111
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos < udp-port | tcp-port > range TCP/UDP-PORT TCP/UDP-PORT dscp
Specify DSCP policy to use.
Supported Values:
Binary formatted value from 000000 to 111111
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos < udp-port | tcp-port > ipv4 TCP/UDP-PORT dscp
Specify DSCP policy to use.
© 2009 Hewlett-Packard Development Company, L.P.
419
Command Line Interface Reference Guide
qos
Supported Values:
Binary formatted value from 000000 to 111111
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos < udp-port | tcp-port > ipv4 range TCP/UDP-PORT TCP/UDP-PORT dscp
Specify DSCP policy to use.
Supported Values:
Binary formatted value from 000000 to 111111
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos < udp-port | tcp-port > ipv6 TCP/UDP-PORT dscp
Specify DSCP policy to use.
Supported Values:
Binary formatted value from 000000 to 111111
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos < udp-port | tcp-port > ipv6 range TCP/UDP-PORT TCP/UDP-PORT dscp
Specify DSCP policy to use.
Supported Values:
Binary formatted value from 000000 to 111111
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos < udp-port | tcp-port > ip-all TCP/UDP-PORT dscp
Specify DSCP policy to use.
Supported Values:
Binary formatted value from 000000 to 111111
© 2009 Hewlett-Packard Development Company, L.P.
420
Command Line Interface Reference Guide
qos
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos < udp-port | tcp-port > ip-all range TCP/UDP-PORT TCP/UDP-PORT dscp
Specify DSCP policy to use.
Supported Values:
Binary formatted value from 000000 to 111111
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
■ qos type-of-service diff-services < 0 to 63 > dscp
Define Differentiated Services Codepoint to which to map IP ToS.
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define Differentiated Services Codepoint to which to
map IP ToS.(p. 434)
■ qos type-of-service diff-services < 0 to 63 > dscp
Define Differentiated Services Codepoint to which to map IP ToS.
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define Differentiated Services Codepoint to which to
map IP ToS.(p. 434)
■ qos type-of-service diff-services < af11 | af12 | af13 | ... > dscp
Define Differentiated Services Codepoint to which to map IP ToS.
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define Differentiated Services Codepoint to which to
map IP ToS.(p. 434)
dscp-map
■ [no] qos dscp-map
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
© 2009 Hewlett-Packard Development Company, L.P.
421
Command Line Interface Reference Guide
qos
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Next Available Options:
■ integer-range < 0 to 63 > -- Specify the DSCP code-point in decimal. (p. 423)
■ binary-range < 0 to 63 > -- Specify the DSCP code-point in binary. (BINARY) (p. 416)
■ well-defined < af11 | af12 | af13 | ... > -- Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802(p. 434)
integer-codepoint
■ [no] qos type-of-service diff-services < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
© 2009 Hewlett-Packard Development Company, L.P.
422
Command Line Interface Reference Guide
qos
Next Available Option:
■ dscp -- Define Differentiated Services Codepoint to which to map IP ToS.(p. 418)
integer-range
■ qos device-priority IP-ADDR dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos device-priority IP-ADDR/mask-LENGTH dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos device-priority IPV6-ADDR dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos device-priority IPV6-ADDR/PREFIX-LEN dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ [no] qos dscp-map < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
Next Available Options:
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ name -- Specify DSCP->priority mapping name. (p. 426)
■ qos < udp-port | tcp-port > TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > range TCP/UDP-PORT TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ipv4 TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ipv4 range TCP/UDP-PORT TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ipv6 TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ipv6 range TCP/UDP-PORT TCP/UDP-PORT dscp < 0 to 63 >
© 2009 Hewlett-Packard Development Company, L.P.
423
Command Line Interface Reference Guide
qos
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ip-all TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos < udp-port | tcp-port > ip-all range TCP/UDP-PORT TCP/UDP-PORT dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos type-of-service diff-services < 0 to 63 > dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos type-of-service diff-services < 0 to 63 > dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
■ qos type-of-service diff-services < af11 | af12 | af13 | ... > dscp < 0 to 63 >
Specify the DSCP code-point in decimal.
Range: < 0 to 63 >
ip-addr
■ [no] qos device-priority IP-ADDR
specify the ipv4 address of the device to set the priority
Next Available Options:
■ dscp -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
ip-all
■ qos < udp-port | tcp-port > ip-all
Specify range of TCP/UDP ports from [to] which to prioritize traffic.
Next Available Options:
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ range -- Specify range of TCP/UDP ports from [to] which to prioritize traffic.(p. 432)
ip-precedence
■ qos type-of-service ip-precedence
In IP-Precedence mode, IPv4 packets are classified and given a QoS priority
based on the upper 3 bits of the IP ToS field. The priority
association is automatic and cannot be changed:
IP-Precedence
802.1p
ToS Bits
Priority
-------------------------------111
7 (Highest)
110
6
© 2009 Hewlett-Packard Development Company, L.P.
424
Command Line Interface Reference Guide
101
100
011
010
001
000
qos
5
4
3
0 (Normal)
2 (Low)
1 (Lowest)
ipv4
■ qos < udp-port | tcp-port > ipv4
Specify range of TCP/UDP ports from [to] which to prioritize traffic.
Next Available Options:
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ range -- Specify range of TCP/UDP ports from [to] which to prioritize traffic.(p. 432)
ipv4/mask
■ [no] qos device-priority IP-ADDR/mask-LENGTH
specify the ipv4 address with subnet mask of the device to set the priority
Next Available Options:
■ dscp -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
ipv6
■ [no] qos device-priority IPV6-ADDR
specify the ipv6 address of the device to set the priority
Next Available Options:
■ dscp -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ qos < udp-port | tcp-port > ipv6
Specify range of TCP/UDP ports from [to] which to prioritize traffic.
Next Available Options:
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
■ range -- Specify range of TCP/UDP ports from [to] which to prioritize traffic.(p. 432)
ipv6/mask
■ [no] qos device-priority IPV6-ADDR/PREFIX-LEN
specify the ipv6 address with prefix-length of the device to set the priority
Next Available Options:
■ dscp -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
max-port-num
■ [no] qos < udp-port | tcp-port > range TCP/UDP-PORT TCP/UDP-PORT
Maximal TCP/UDP port in the range from [to] which to prioritize traffic.
© 2009 Hewlett-Packard Development Company, L.P.
425
Command Line Interface Reference Guide
qos
Next Available Options:
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ [no] qos < udp-port | tcp-port > ipv4 range TCP/UDP-PORT TCP/UDP-PORT
Maximal TCP/UDP port in the range from [to] which to prioritize traffic.
Next Available Options:
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ [no] qos < udp-port | tcp-port > ipv6 range TCP/UDP-PORT TCP/UDP-PORT
Maximal TCP/UDP port in the range from [to] which to prioritize traffic.
Next Available Options:
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ [no] qos < udp-port | tcp-port > ip-all range TCP/UDP-PORT TCP/UDP-PORT
Maximal TCP/UDP port in the range from [to] which to prioritize traffic.
Next Available Options:
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
name
■ [no] qos dscp-map < 0 to 63 > name
Specify DSCP->priority mapping name.
Next Available Option:
■ name-string -- Specify DSCP->priority mapping name. (ASCII-STR) (p. 426)
■ [no] qos dscp-map < 0 to 63 > name
Specify DSCP->priority mapping name.
Next Available Option:
■ name-string -- Specify DSCP->priority mapping name. (ASCII-STR) (p. 426)
■ [no] qos dscp-map < af11 | af12 | af13 | ... > name
Specify DSCP->priority mapping name.
Next Available Option:
■ name-string -- Specify DSCP->priority mapping name. (ASCII-STR) (p. 426)
name-string
■ qos dscp-map < 0 to 63 > name NAME-STRING
Specify DSCP->priority mapping name.
■ qos dscp-map < 0 to 63 > name NAME-STRING
Specify DSCP->priority mapping name.
■ qos dscp-map < af11 | af12 | af13 | ... > name NAME-STRING
Specify DSCP->priority mapping name.
© 2009 Hewlett-Packard Development Company, L.P.
426
Command Line Interface Reference Guide
qos
port-num
■ qos < udp-port | tcp-port > TCP/UDP-PORT
TCP/UDP port from [to] which to prioritize traffic.
Next Available Options:
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ qos < udp-port | tcp-port > range TCP/UDP-PORT
TCP/UDP port from [to] which to prioritize traffic.
Next Available Option:
■ max-port-num -- Maximal TCP/UDP port in the range from [to] which to prioritize traffic.
(TCP/UDP-PORT) (p. 425)
■ qos < udp-port | tcp-port > ipv4 TCP/UDP-PORT
TCP/UDP port from [to] which to prioritize traffic.
Next Available Options:
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ qos < udp-port | tcp-port > ipv4 range TCP/UDP-PORT
TCP/UDP port from [to] which to prioritize traffic.
Next Available Option:
■ max-port-num -- Maximal TCP/UDP port in the range from [to] which to prioritize traffic.
(TCP/UDP-PORT) (p. 425)
■ qos < udp-port | tcp-port > ipv6 TCP/UDP-PORT
TCP/UDP port from [to] which to prioritize traffic.
Next Available Options:
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ qos < udp-port | tcp-port > ipv6 range TCP/UDP-PORT
TCP/UDP port from [to] which to prioritize traffic.
Next Available Option:
■ max-port-num -- Maximal TCP/UDP port in the range from [to] which to prioritize traffic.
(TCP/UDP-PORT) (p. 425)
■ qos < udp-port | tcp-port > ip-all TCP/UDP-PORT
TCP/UDP port from [to] which to prioritize traffic.
Next Available Options:
■ dscp < 000000 | 000001 | 000010 | ... > -- Specify DSCP policy to use. (p. 418)
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ qos < udp-port | tcp-port > ip-all range TCP/UDP-PORT
TCP/UDP port from [to] which to prioritize traffic.
Next Available Option:
■ max-port-num -- Maximal TCP/UDP port in the range from [to] which to prioritize traffic.
(TCP/UDP-PORT) (p. 425)
© 2009 Hewlett-Packard Development Company, L.P.
427
Command Line Interface Reference Guide
qos
priority
■ qos device-priority IP-ADDR priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos device-priority IP-ADDR/mask-LENGTH priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos device-priority IPV6-ADDR priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos device-priority IPV6-ADDR/PREFIX-LEN priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos dscp-map < 0 to 63 > priority < 0 | 1 | 2 | ... >
© 2009 Hewlett-Packard Development Company, L.P.
428
Command Line Interface Reference Guide
qos
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos dscp-map < 0 to 63 > priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos dscp-map < af11 | af12 | af13 | ... > priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos protocol < IP | IPX | ARP | ... > priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos < udp-port | tcp-port > TCP/UDP-PORT priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
© 2009 Hewlett-Packard Development Company, L.P.
429
Command Line Interface Reference Guide
qos
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos < udp-port | tcp-port > range TCP/UDP-PORT TCP/UDP-PORT priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos < udp-port | tcp-port > ipv4 TCP/UDP-PORT priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos < udp-port | tcp-port > ipv4 range TCP/UDP-PORT TCP/UDP-PORT priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos < udp-port | tcp-port > ipv6 TCP/UDP-PORT priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
© 2009 Hewlett-Packard Development Company, L.P.
430
Command Line Interface Reference Guide
qos
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos < udp-port | tcp-port > ipv6 range TCP/UDP-PORT TCP/UDP-PORT priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos < udp-port | tcp-port > ip-all TCP/UDP-PORT priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
■ qos < udp-port | tcp-port > ip-all range TCP/UDP-PORT TCP/UDP-PORT priority < 0 | 1 | 2 | ... >
Specify priority to use.
Supported Values:
■ 0
■ 1
■ 2
■ 3
■ 4
■ 5
■ 6
■ 7
protocol
■ [no] qos protocol < IP | IPX | ARP | ... >
Usage: [no] qos protocol <ip|ipx|arp|appletalk|sna|netbeui>
[priority <0-7>]
Description: Configure protocol-based priority. The priority can be
defined for any of the listed protocol types. The specified
priority value will be placed in the 802.1p priority field of
outgoing tagged packets. The protocol packets will also be
© 2009 Hewlett-Packard Development Company, L.P.
431
Command Line Interface Reference Guide
qos
placed in the appropriate outbound priority queue. '7' means
highest priority. Using 'no' removes any priority assignment
for the specified protocol.
Supported Values:
■ IP
■ IPX
■ ARP
■ AppleTalk
■ SNA
■ NetBEUI
Next Available Option:
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
queue-config
■ qos queue-config
Usage: queue-config <2-queues|4-queues|8-queues>
Description: Sets the number of outbound port queues that buffer the
packets depending on their 802.1p priority. This command will
execute a 'write memory', replacing the Startup configuration
with the contents of the current Running configuration. The new
configuration will reset the number of outbound port queues and
remove any previously configured 'bandwidth-min output' settings.
After the write memory is executed, the switch will reboot
immediately.
The mapping of 802.1p priorities to outbound port queues is
shown below:
802.1p
Priority
| 2-queues | 4-queues | 8-queues
-------------------------------------------1 (lowest) |
1
|
1
1
2
|
1
|
1
2
0 (normal) |
1
|
2
3
3
|
1
|
2
4
4
|
2
|
3
5
5
|
2
|
3
6
6
|
2
|
4
7
7 (highest) |
2
|
4
8
Next Available Options:
■ 2-queues -- Set the number of outbound port queues for all switch ports. (p. 415)
■ 4-queues -- Set the number of outbound port queues for all switch ports. (p. 415)
■ 8-queues -- Set the number of outbound port queues for all switch ports. (p. 415)
range
■ qos < udp-port | tcp-port > range
Specify range of TCP/UDP ports from [to] which to prioritize traffic. A port
range can be from 1 to 65535 (inclusive) ports or any subset thereof. The
minimum port number must precede the maximum port number in the range.
Note: If you have specified a range of port numbers, you must specify the
entire range in the 'no' command; you cannot remove part of a range.
© 2009 Hewlett-Packard Development Company, L.P.
432
Command Line Interface Reference Guide
qos
Next Available Option:
■ port-num -- TCP/UDP port from [to] which to prioritize traffic. (TCP/UDP-PORT) (p. 427)
Example 1. Example of Port Range
ProCurve(config)# qos udp-port range 1001 2000 dscp 000010
type-of-service
■ [no] qos type-of-service
Usage: [no] type-of-service <ip-precedence|
diff-services [<0|1...63|af11|af12|af13|af21|
af22|af23|af31|af32|af33|af41|
af42|af43|ef|cs0..cs7|
000000|000001...111111>
dscp <0|1...63|af11|af12|af13|af21|af22|
af23|af31|af32|af33|af41|af42|af43|ef|
cs0..cs7|000000|000001...111111>]
Description: Configure the Type-of-Service method the device uses to
prioritize IP traffic. Prioritization is done based on the
contents of the Type of Service (ToS) field in the IP header
of each packet. Using 'no' type-of-service with just the
mode (ip-precedence or diff-services) will disable all ToS
QoS for the switch.
Modes:
-------------Disabled
The switch does NOT prioritize IP packets based on the IP
ToS field.
IP Precedence
The switch uses the upper 3 bits of the IP ToS field (the IP
Precedence bits) to determine the 802.1p priority of the
packet and its outbound switch queue. If the packet is
transmitted out a port on which VLAN tagging is enabled, the
new priority is placed in the outbound VLAN tag. See the
switch documentation for more information.
Differentiated
Services
The switch uses the upper 6 bits of the ToS field (the
Differentiated Services bits) to decide whether to apply an
802.1p priority to the packet and thus affect its outbound
queue. The priority is defined by the Differentiated
Services Codepoint mapping (see 'show qos dscp-map'). If no
priority is mapped for the packet's codepoint, the switch
does not classify the packet using Differentiated Services.
If there IS an associated priority configured, and the
packet is transmitted out a port on which VLAN tagging is
enabled, the new 802.1p priority will be placed in the
outbound VLAN tag. If a DSCP Policy is configured to apply
to the inbound DS codepoint (i.e., the codepoint has been
're-mapped'), the priority assignment and outbound queueing
will be that specified by the new Policy's codepoint in the
DSCP table, and the Differentiated Services field in the
outbound packet will be changed to the new value.
Using 'no type-of-service diff-services
<af11..ef|0-63|000000...111111>
removes the re-mapping assignment, i.e., a new DSCP Policy
will no longer be applied to the specified codepoint. To
remove a priority association from a codepoint altogether,
© 2009 Hewlett-Packard Development Company, L.P.
433
Command Line Interface Reference Guide
qos
the 'no dscp-map <af11..ef|0-63|000000...111111>' function
must be used.
o diff-services <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|af33|
af41|af42|af43|ef|cs0..cs7|000000|000001...111111> - The value
of the upper bits in the ToS field.
o dscp <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|af33|af42|af42|
af43|ef|cs0..cs7|000000|000001...111111> - Re-maps a given inbound
Differentiated Services codepoint to the specified DSCP Policy and
codepoint on outbound.
Next Available Options:
■ ip-precedence -- In IP-Precedence mode, IPv4 packets are classified and given a QoS priority
based on the upper 3 bits of the IP ToS field. The priority association is automatic and cannot
be changed: IP-Precedence 802.1p ToS Bits Priority -------------------------------- 111 7 (Highest) 110
6 101 5 100 4 011 3 010 0 (Normal) 001 2 (Low) 000 1 (Lowest) (p. 424)
■ diff-services -- In IP Differentiated Services (Diffserv) mode, IPv4 packets are classified and
given a QoS priority based on the upper 6 bits of the IP ToS field from the packets as they enter
the switch. The assignment of Diffserv Codepoints to 802.1p priorities is done via the qos
dscp-map command. Any Diffserv Codepoint in an inbound IPv4 packet can be re-mapped to
a different codepoint (and its associated 802.1p priority) on outbound. This is done by using
the syntax: qos type-of-service diff-services <af11..ef|0-63|000000...111111> dscp
<af11..ef|0-63|000000...111111> (p. 418)
well-defined
■ qos device-priority IP-ADDR dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
© 2009 Hewlett-Packard Development Company, L.P.
802.1p
434
Command Line Interface Reference Guide
qos
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos device-priority IP-ADDR/mask-LENGTH dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
© 2009 Hewlett-Packard Development Company, L.P.
435
Command Line Interface Reference Guide
qos
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
© 2009 Hewlett-Packard Development Company, L.P.
436
Command Line Interface Reference Guide
qos
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos device-priority IPV6-ADDR dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
© 2009 Hewlett-Packard Development Company, L.P.
437
Command Line Interface Reference Guide
010000
011000
100000
101000
110000
111000
qos
2
3
4
5
6
7
Classs
Classs
Classs
Classs
Classs
Classs
Selector
Selector
Selector
Selector
Selector
Selector
CS2
CS3
CS4
CS5
CS6
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos device-priority IPV6-ADDR/PREFIX-LEN dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
© 2009 Hewlett-Packard Development Company, L.P.
438
Command Line Interface Reference Guide
qos
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ [no] qos dscp-map < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
© 2009 Hewlett-Packard Development Company, L.P.
439
Command Line Interface Reference Guide
qos
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
© 2009 Hewlett-Packard Development Company, L.P.
440
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
■
■
qos
af33
af41
af42
af43
ef
cs0
cs1
cs2
cs3
cs4
cs5
cs6
cs7
Next Available Options:
■ priority < 0 | 1 | 2 | ... > -- Specify priority to use. (p. 428)
■ name -- Specify DSCP->priority mapping name. (p. 426)
■ qos < udp-port | tcp-port > TCP/UDP-PORT dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
© 2009 Hewlett-Packard Development Company, L.P.
441
Command Line Interface Reference Guide
011010
011100
011110
100010
100100
100110
101110
000000
001000
010000
011000
100000
101000
110000
111000
qos
4
4
5
6
6
7
7
0
1
2
3
4
5
6
7
Assured Forwarding
AF31
Assured Forwarding
AF32
Assured Forwarding
AF33
Assured Forwarding
AF41
Assured Forwarding
AF42
Assured Forwarding
AF43
Expedited Forwarding EF
Classs Selector
CS0
Classs Selector
CS1
Classs Selector
CS2
Classs Selector
CS3
Classs Selector
CS4
Classs Selector
CS5
Classs Selector
CS6
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos < udp-port | tcp-port > range TCP/UDP-PORT TCP/UDP-PORT dscp < af11 | af12 | af13 | ...
>
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
© 2009 Hewlett-Packard Development Company, L.P.
442
Command Line Interface Reference Guide
qos
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
© 2009 Hewlett-Packard Development Company, L.P.
443
Command Line Interface Reference Guide
qos
■ cs5
■ cs6
■ cs7
■ qos < udp-port | tcp-port > ipv4 TCP/UDP-PORT dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
© 2009 Hewlett-Packard Development Company, L.P.
444
Command Line Interface Reference Guide
qos
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos < udp-port | tcp-port > ipv4 range TCP/UDP-PORT TCP/UDP-PORT dscp < af11 | af12 | af13
| ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
Codepoint
© 2009 Hewlett-Packard Development Company, L.P.
802.1p
Value
IETF Standard Designation
445
Command Line Interface Reference Guide
qos
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos < udp-port | tcp-port > ipv6 TCP/UDP-PORT dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
© 2009 Hewlett-Packard Development Company, L.P.
446
Command Line Interface Reference Guide
qos
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
© 2009 Hewlett-Packard Development Company, L.P.
447
Command Line Interface Reference Guide
qos
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos < udp-port | tcp-port > ipv6 range TCP/UDP-PORT TCP/UDP-PORT dscp < af11 | af12 | af13
| ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
© 2009 Hewlett-Packard Development Company, L.P.
448
Command Line Interface Reference Guide
010000
011000
100000
101000
110000
111000
qos
2
3
4
5
6
7
Classs
Classs
Classs
Classs
Classs
Classs
Selector
Selector
Selector
Selector
Selector
Selector
CS2
CS3
CS4
CS5
CS6
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos < udp-port | tcp-port > ip-all TCP/UDP-PORT dscp < af11 | af12 | af13 | ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
© 2009 Hewlett-Packard Development Company, L.P.
449
Command Line Interface Reference Guide
qos
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos < udp-port | tcp-port > ip-all range TCP/UDP-PORT TCP/UDP-PORT dscp < af11 | af12 | af13
| ... >
Usage: [no] qos dscp-map <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|
af33|af41|af42|af43|ef|cs0..cs7|000000|000001...111111>|
[priority <<0-7>|no-override>]
[name <str>]
© 2009 Hewlett-Packard Development Company, L.P.
450
Command Line Interface Reference Guide
qos
Description: Define mapping between a DSCP (Differentiated-Services
Codepoint) value and an 802.1p priority. The mapping is used
to assign priority for IPv4 packets if a QoS classifier uses
this DSCP policy as the method of traffic prioritization.
The mapping also provides the profile for inbound classification
and priority assignment based on an IPv4 packet's received
IP ToS byte ONLY IF the user has also configured
'qos type-of-service diff-services'
'no qos dscp-map <codepoint>' will remove the settings for the
specified codepoint from the running configuration. The
priority is set to no-override and the name is deleted (the
priority and name can only be removed if no QoS feature is
configured to use this DSCP Policy).
'no qos dscp-map <codepoint> name' will remove the name
associated with this policy, but not the policy priority.
Certain codepoints may have a default associated 802.1p
priority, as part of the IETF standards for Assured Forwarding
and Expedited Forwarding. These are automatically configured as
follows:
DiffServ
802.1p
Codepoint
Value
IETF Standard Designation
--------------------------------------------------001010
1
Assured Forwarding
AF11
001100
1
Assured Forwarding
AF12
001110
2
Assured Forwarding
AF13
010010
0
Assured Forwarding
AF21
010100
0
Assured Forwarding
AF22
010110
3
Assured Forwarding
AF23
011010
4
Assured Forwarding
AF31
011100
4
Assured Forwarding
AF32
011110
5
Assured Forwarding
AF33
100010
6
Assured Forwarding
AF41
100100
6
Assured Forwarding
AF42
100110
7
Assured Forwarding
AF43
101110
7
Expedited Forwarding EF
000000
0
Classs Selector
CS0
001000
1
Classs Selector
CS1
010000
2
Classs Selector
CS2
011000
3
Classs Selector
CS3
100000
4
Classs Selector
CS4
101000
5
Classs Selector
CS5
110000
6
Classs Selector
CS6
111000
7
Classs Selector
CS7
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
© 2009 Hewlett-Packard Development Company, L.P.
451
Command Line Interface Reference Guide
qos
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos type-of-service diff-services < 0 to 63 > dscp < af11 | af12 | af13 | ... >
Define Differentiated Services Codepoint to which to map IP ToS.
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos type-of-service diff-services < 0 to 63 > dscp < af11 | af12 | af13 | ... >
Define Differentiated Services Codepoint to which to map IP ToS.
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
© 2009 Hewlett-Packard Development Company, L.P.
452
Command Line Interface Reference Guide
qos
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
■ qos type-of-service diff-services < af11 | af12 | af13 | ... > dscp < af11 | af12 | af13 | ... >
Define Differentiated Services Codepoint to which to map IP ToS.
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
■ af33
■ af41
■ af42
■ af43
■ ef
■ cs0
■ cs1
■ cs2
■ cs3
■ cs4
■ cs5
■ cs6
■ cs7
well-defined-codepoint
■ [no] qos type-of-service diff-services < af11 | af12 | af13 | ... >
Usage: [no] type-of-service <ip-precedence|
diff-services [<0|1...63|af11|af12|af13|af21|
af22|af23|af31|af32|af33|af41|
af42|af43|ef|cs0..cs7|
000000|000001...111111>
dscp <0|1...63|af11|af12|af13|af21|af22|
af23|af31|af32|af33|af41|af42|af43|ef|
cs0..cs7|000000|000001...111111>]
Description: Configure the Type-of-Service method the device uses to
prioritize IP traffic. Prioritization is done based on the
contents of the Type of Service (ToS) field in the IP header
© 2009 Hewlett-Packard Development Company, L.P.
453
Command Line Interface Reference Guide
qos
of each packet. Using 'no' type-of-service with just the
mode (ip-precedence or diff-services) will disable all ToS
QoS for the switch.
Modes:
-------------Disabled
The switch does NOT prioritize IP packets based on the IP
ToS field.
IP Precedence
The switch uses the upper 3 bits of the IP ToS field (the IP
Precedence bits) to determine the 802.1p priority of the
packet and its outbound switch queue. If the packet is
transmitted out a port on which VLAN tagging is enabled, the
new priority is placed in the outbound VLAN tag. See the
switch documentation for more information.
Differentiated
Services
The switch uses the upper 6 bits of the ToS field (the
Differentiated Services bits) to decide whether to apply an
802.1p priority to the packet and thus affect its outbound
queue. The priority is defined by the Differentiated
Services Codepoint mapping (see 'show qos dscp-map'). If no
priority is mapped for the packet's codepoint, the switch
does not classify the packet using Differentiated Services.
If there IS an associated priority configured, and the
packet is transmitted out a port on which VLAN tagging is
enabled, the new 802.1p priority will be placed in the
outbound VLAN tag. If a DSCP Policy is configured to apply
to the inbound DS codepoint (i.e., the codepoint has been
're-mapped'), the priority assignment and outbound queueing
will be that specified by the new Policy's codepoint in the
DSCP table, and the Differentiated Services field in the
outbound packet will be changed to the new value.
Using 'no type-of-service diff-services
<af11..ef|0-63|000000...111111>
removes the re-mapping assignment, i.e., a new DSCP Policy
will no longer be applied to the specified codepoint. To
remove a priority association from a codepoint altogether,
the 'no dscp-map <af11..ef|0-63|000000...111111>' function
must be used.
o diff-services <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|af33|
af41|af42|af43|ef|cs0..cs7|000000|000001...111111> - The value
of the upper bits in the ToS field.
o dscp <0|1...63|af11|af12|af13|af21|af22|af23|af31|af32|af33|af42|af42|
af43|ef|cs0..cs7|000000|000001...111111> - Re-maps a given inbound
Differentiated Services codepoint to the specified DSCP Policy and
codepoint on outbound.
Supported Values:
■ af11
■ af12
■ af13
■ af21
■ af22
■ af23
■ af31
■ af32
© 2009 Hewlett-Packard Development Company, L.P.
454
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
■
■
qos
af33
af41
af42
af43
ef
cs0
cs1
cs2
cs3
cs4
cs5
cs6
cs7
Next Available Option:
■ dscp -- Define Differentiated Services Codepoint to which to map IP ToS.(p. 418)
© 2009 Hewlett-Packard Development Company, L.P.
455
radius-server
OVERVIEW
Category:
Switch Security
Primary context:
config
Related Commands
show radius (page 583)
Usage:
[no] radius-server host <IP-ADDR>
[auth-port <UDP-PORT>]
[acct-port <UDP-PORT>]
[dyn-authorization]
[time-window <0-65535>]
[key <KEY-STR>]
[no] radius-server key <KEY-STR>
radius-server timeout <1-15>
radius-server retransmit <1-5>
radius-server dyn-autz-port <UDP-PORT>
[no] radius-server dead-time <1-1440>
Description: Configure RADIUS parameters.
The first command adds/removes a RADIUS server to/from the
list of the RADIUS servers that will be used for the
authentication, accounting and authorization. Up to 3 RADIUS
servers can be configured.
The second command sets/removes the global encryption key to use
in communication with RADIUS servers.
The third command sets the interval in seconds the switch
waits for a reply from a RADIUS server.
The fourth command specifies the number of times the switch
retransmits requests to a RADIUS server.
The fifth command specifies the UDP port to listen for
Change-of-Authorization and Disconnect messages.
The last command sets the length of time in minutes a RADIUS
server that failed to respond to an authentication request is
bypassed by additional requests. See 'dead-time', below. Use
the 'no' form of command to set the dead-time to 0.
Parameters:
o host IP-ADDR [auth-port <UDP-PORT>] [acct-port <UDP-PORT>]
[dyn-authorization] [time-window <0-65535>]
[key <KEY-STR>] - specifies
the IP address of the RADIUS server to use. Optional parameter
'auth-port <UDP-PORT>' specifies the UDP destination port to use
when sending authentication requests to the server (default is
1812). Optional parameter 'acct-port <UDP-PORT>' specifies the
UDP destination port to use when sending accounting requests to
the server (default is 1813). Optional 'dyn-authorization'
parameter enables/disables the processing of Disconnect and
Change-of-Authorization messages from the host. Optional
parameter 'time-window <0-65535>' specifies the time frame
(in seconds) within which received Change-of-Authorization and
Disconnect request messages will be considered current and
accepted for processing, '0' value means 'infinity' (default is
300 seconds). Optional parameter 'key <KEY-STR>' specifies an
© 2009 Hewlett-Packard Development Company, L.P.
456
Command Line Interface Reference Guide
o
o
o
o
o
radius-server
encryption key to use for authentication with given server
(default is NULL). Specifying this key overrides the key set for
this server by the 'radius-server key <KEY-STR>' global
configuration command.
key <KEY-STR> - specifies the global encryption key, which is
used for authentication if encryption key for the server is
not configured. The default is NULL.
timeout <1-15> - server response timeout interval in seconds. The
default is 5 seconds.
retransmit <1-5> - specifies the maximum number of retransmission
attempts. The default is 3 attempts.
dyn-autz-port <UDP-PORT> - specifies the UDP port to listen for
Change-of-Authorization and Disconnect messages. The default
is 3799.
dead-time <1-1440> - If the switch does not receive a response from a
specific RADIUS server, the switch avoids sending any new
authentication requests to that server until the dead-time has
expired. That is, during a new authentication attempt, the
switch bypasses a specified RADIUS server if a dead-time
period is running on the switch for a previous failure to
receive a response from that server. (The switch will still
send new authentication requests to any other configured
RADIUS servers that are not affected by a dead-time
condition.) For a specific RADIUS server, dead-time counting
begins with the end of the last timeout in the last retransmit
attempt of the failed authentication session. When dead-time
is set to 0 (zero), there is no dead-time and the switch will
not bypass a RADIUS server that has failed to respond to an
earlier authentication attempt. (Default: 0.)
COMMAND STRUCTURE
■ [no] radius-server dead-time < Min | Max > -- Server unavailability time (default is 0, use the 'no'
form of command to set the dead-time to 0). (p. 459)
■ dead-time < 1 to 1440 > -- Server unavailability time (default is 0, use the 'no' form of command
to set the dead-time to 0). (p. 459)
■ radius-server dyn-autz-port < 1024 to 49151 > -- UDP port number to listen for
Change-of-Authorization and Disconnect messages (default is 3799). (TCP/UDP-PORT) (p. 460)
■ [no] radius-server host -- IP address of the RADIUS server to use. (IP-ADDR) (p. 460)
■ acct-port -- Accounting UDP destination port number (default is 1813). (p. 458)
■ acct-port -- Accounting UDP destination port number (default is 1813). (TCP/UDP-PORT) (p.
458)
■ auth-port -- Authentication UDP destination port number (default is 1812).
(TCP/UDP-PORT) (p. 459)
■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p.
460)
■ auth-port -- Authentication UDP destination port number (default is 1812). (p. 459)
■ auth-port -- Authentication UDP destination port number (default is 1812). (TCP/UDP-PORT)
(p. 459)
■ acct-port -- Accounting UDP destination port number (default is 1813). (TCP/UDP-PORT)
(p. 458)
■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p.
460)
■ dyn-authorization -- Enable/disable dynamic authorization control from this host. (p. 459)
■ key -- Encryption key to use with the RADIUS server (default is NULL). (p. 460)
■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p. 460)
© 2009 Hewlett-Packard Development Company, L.P.
457
Command Line Interface Reference Guide
radius-server
■ acct-port -- Accounting UDP destination port number (default is 1813). (TCP/UDP-PORT)
(p. 458)
■ auth-port -- Authentication UDP destination port number (default is 1812).
(TCP/UDP-PORT) (p. 459)
■ time-window -- time window (in seconds) within which the received dynamic authorization
requests are considered to be current and accepted for processing. (p. 461)
■ time-window < 0 to 65535 > -- (p. 461)
■ [no] radius-server key -- Global encryption key (default is NULL). (p. 460)
■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p. 460)
■ radius-server retransmit < 1 to 5 > -- Number of packet retransmits (default is 3). (p. 461)
■ radius-server timeout < 1 to 15 > -- Server timeout interval (default is 5). (p. 461)
EXAMPLES
Example: radius-server
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
ProCurve(config)#
radius-server
radius-server
radius-server
radius-server
write mem
key My-Global-Key-1099
dead-time 5
timeout 3
retransmit 2
COMMAND DETAILS
acct-port (p. 458)
auth-port (p. 459)
dead-time (p. 459)
dyn-authorization (p. 459)
dyn-autz-port (p. 460)
host (p. 460)
key (p. 460)
retransmit (p. 461)
timeout (p. 461)
time-window (p. 461)
acct-port
■ radius-server host IP-ADDR acct-port
Accounting UDP destination port number (default is 1813).
Next Available Option:
■ acct-port -- Accounting UDP destination port number (default is 1813). (TCP/UDP-PORT) (p.
458)
■ radius-server host IP-ADDR acct-port TCP/UDP-PORT
Accounting UDP destination port number (default is 1813).
Next Available Options:
■ auth-port -- Authentication UDP destination port number (default is 1812). (TCP/UDP-PORT)
(p. 459)
■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p. 460)
■ radius-server host IP-ADDR auth-port TCP/UDP-PORT acct-port TCP/UDP-PORT
Accounting UDP destination port number (default is 1813).
■ radius-server host IP-ADDR key KEY acct-port TCP/UDP-PORT
Accounting UDP destination port number (default is 1813).
© 2009 Hewlett-Packard Development Company, L.P.
458
Command Line Interface Reference Guide
radius-server
auth-port
■ radius-server host IP-ADDR acct-port TCP/UDP-PORT auth-port TCP/UDP-PORT
Authentication UDP destination port number (default is 1812).
■ radius-server host IP-ADDR auth-port
Authentication UDP destination port number (default is 1812).
Next Available Option:
■ auth-port -- Authentication UDP destination port number (default is 1812). (TCP/UDP-PORT)
(p. 459)
■ radius-server host IP-ADDR auth-port TCP/UDP-PORT
Authentication UDP destination port number (default is 1812).
Next Available Options:
■ acct-port -- Accounting UDP destination port number (default is 1813). (TCP/UDP-PORT) (p.
458)
■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p. 460)
■ radius-server host IP-ADDR key KEY auth-port TCP/UDP-PORT
Authentication UDP destination port number (default is 1812).
dead-time
■ [no] radius-server dead-time
Server unavailability time (default is 0, use the 'no'
form of command to set the dead-time to 0).
Supported Values:
■ Min
■ Max
Next Available Option:
■ dead-time < 1 to 1440 > -- Server unavailability time (default is 0, use the 'no' form of command
to set the dead-time to 0).(p. 459)
■ radius-server dead-time < 1 to 1440 >
Server unavailability time (default is 0, use the 'no'
form of command to set the dead-time to 0).
Range: < 1 to 1440 >
dyn-authorization
■ [no] radius-server host IP-ADDR dyn-authorization
Enable/disable dynamic authorization control from this host.
© 2009 Hewlett-Packard Development Company, L.P.
459
Command Line Interface Reference Guide
radius-server
dyn-autz-port
■ radius-server dyn-autz-port < 1024 to 49151 >
UDP port number to listen for Change-of-Authorization and Disconnect messages
(default is 3799).
Range: < 1024 to 49151 >
host
■ [no] radius-server host IP-ADDR
IP address of the RADIUS server to use.
Next Available Options:
■ acct-port -- Accounting UDP destination port number (default is 1813).(p. 458)
■ auth-port -- Authentication UDP destination port number (default is 1812).(p. 459)
■ dyn-authorization -- Enable/disable dynamic authorization control from this host.(p. 459)
■ time-window -- time window (in seconds) within which the received dynamic authorization
requests are considered to be current and accepted for processing. (p. 461)
■ key -- Encryption key to use with the RADIUS server (default is NULL).(p. 460)
key
■ radius-server host IP-ADDR acct-port TCP/UDP-PORT key KEY
Encryption key to use with the RADIUS server (default is NULL).
■ radius-server host IP-ADDR auth-port TCP/UDP-PORT key KEY
Encryption key to use with the RADIUS server (default is NULL).
■ [no] radius-server host IP-ADDR key
Encryption key to use with the RADIUS server (default is NULL).
Next Available Option:
■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p. 460)
■ radius-server host IP-ADDR key KEY
Encryption key to use with the RADIUS server (default is NULL).
Next Available Options:
■ acct-port -- Accounting UDP destination port number (default is 1813). (TCP/UDP-PORT) (p.
458)
■ auth-port -- Authentication UDP destination port number (default is 1812). (TCP/UDP-PORT)
(p. 459)
■ [no] radius-server key
Global encryption key (default is NULL).
Next Available Option:
■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p. 460)
© 2009 Hewlett-Packard Development Company, L.P.
460
Command Line Interface Reference Guide
radius-server
■ radius-server key KEY
Encryption key to use with the RADIUS server (default is NULL).
retransmit
■ radius-server retransmit < 1 to 5 >
Number of packet retransmits (default is 3).
Range: < 1 to 5 >
timeout
■ radius-server timeout < 1 to 15 >
Server timeout interval (default is 5).
Range: < 1 to 15 >
time-window
■ [no] radius-server host IP-ADDR time-window
time window (in seconds) within which the received dynamic authorization
requests are considered to be current and accepted for processing.
Next Available Option:
■ time-window < 0 to 65535 > -- (p. 461)
■ radius-server host IP-ADDR time-window < 0 to 65535 >
Range: < 0 to 65535 >
© 2009 Hewlett-Packard Development Company, L.P.
461
redo
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
repeat (page 470)
Usage: redo [NUMBER|COMMAND-STR]
Description: Re-execute a command from history.
By default, it executes the last command. If the 'number' is
specified, it executes the n-th command starting from the most
recent command in the history. The n is the number specified.
If the 'COMMAND-STR' is specified, it executes the most recent
command whose name matches the specified string.
COMMAND STRUCTURE
■ redo command -- The command word identifying a command to execute in the history list.
(ASCII-STR) (p. 462)
■ redo NUMBER -- The position of the command to execute in the history list. (NUMBER) (p. 462)
COMMAND DETAILS
command (p. 462)
NUMBER (p. 462)
command
■ redo COMMAND
The command word identifying a command to execute in the history list.
NUMBER
■ redo NUMBER
The position of the command to execute in the history list.
© 2009 Hewlett-Packard Development Company, L.P.
462
redundancy
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: redundancy switchover
redundancy active-management < management-module1 |
management-module2 |
standby>
[no]redundancy management-module
redundancy fabric-module <<1|2> <enable|disable>>
Description: Redundancy configuration for management and fabric modules.
The first version of the command causes the switch to
immediately switchover to the standby management module.
The second version of the command makes the module specified
an active management module for next boot. This command
will fail if the other module is in a failed state.
The third version of the command enables/disables
redundant management. The current 'active' management module
will continue to be the 'active' management module on boot,
unless the user uses the 'redundancy active-management ...'
command to change to the other module.
The fourth version of the command enables/disables the fabric
modules.
NOTES
Multiple Contexts
This command also is available in the manager context.
COMMAND STRUCTURE
■ redundancy active-management < management-module1 | management-module2 | standby >
-- Specify the management module that will be active for next boot. (NUMBER) (p. 464)
■ redundancy fabric-module < 1 | 2 > -- Enable/Disable fabric modules. (NUMBER) (p. 464)
■ disable -- Disable the fabric module. (p. 464)
■ enable -- Enable the fabric module. (p. 464)
■ [no] redundancy management-module -- Enable/Disable redundant management. (p. 465)
■ redundancy switchover -- Switchover to the standby management module. (p. 465)
EXAMPLES
Example: redundancy management-module
ProCurve(config)# redundancy management-module
All configuration files and software images on the off-line management module
will be overwritten with the data from the current active management module.
Do you want to continue [y/n]? y
ProCurve(config)#
© 2009 Hewlett-Packard Development Company, L.P.
463
Command Line Interface Reference Guide
redundancy
ProCurve(config)# show redundancy
Settings
-------Mgmt Redundancy : enabled
Statistics
---------Failovers
: 0
Last Failover :
Slot
---1
2
Module Description
---------------------------------------ProCurve J9092A Management Module 8200zl
ProCurve J9092A Management Module 8200zl
Status
-------Standby
Active
1
2
ProCurve J9093A F2 Fabric Module 8200zl
ProCurve J9093A F2 Fabric Module 8200zl
Enabled
Enabled
SW Version
----------K.14.XX
K.14.XX
Boot Image
--------Primary
Primary
COMMAND DETAILS
active-management (p. 464)
disable (p. 464)
enable (p. 464)
fabric-module (p. 464)
management-module (p. 465)
switchover (p. 465)
active-management
■ redundancy active-management < management-module1 | management-module2 | standby >
Specify the management module that will be active for next boot.
Supported Values:
■ management-module1 -- Configures management-module 1 as an active management module
for next boot
■ management-module2 -- Configures management-module 2 as an active management module
for next boot
■ standby -- Configures standby module as an active management module for next boot
disable
■ redundancy fabric-module < 1 | 2 > disable
Disable the fabric module.
enable
■ redundancy fabric-module < 1 | 2 > enable
Enable the fabric module.
fabric-module
■ redundancy fabric-module < 1 | 2 >
Enable/Disable fabric modules.
Supported Values:
■ 1 -- enable/disable fabric module-1
■ 2 -- enable/disable fabric module-2
© 2009 Hewlett-Packard Development Company, L.P.
464
Command Line Interface Reference Guide
redundancy
Next Available Options:
■ enable -- Enable the fabric module.(p. 464)
■ disable -- Disable the fabric module.(p. 464)
management-module
■ [no] redundancy management-module
Enable/Disable redundant management.
switchover
■ redundancy switchover
Switchover to the standby management module.
© 2009 Hewlett-Packard Development Company, L.P.
465
redundancy
OVERVIEW
Category:
Primary context:
manager
Related Commands
Usage: redundancy switchover
redundancy active-management < management-module1 |
management-module2 |
standby>
Description: Redundancy configuration for management modules.
The first version of the command causes the switch to
immediately switchover to the standby management module.
The second version of the command makes the module specified
an active management module for next boot. This command
will fail if the other module is in a failed state.
NOTES
Multiple Contexts
This command also is available in the config context.
COMMAND STRUCTURE
■ redundancy active-management < management-module1 | management-module2 | standby >
-- Specify the management module that will be active for next boot. (NUMBER) (p. 466)
■ redundancy switchover -- Switchover to the standby management module. (p. 466)
COMMAND DETAILS
active-management (p. 466)
switchover (p. 466)
active-management
■ redundancy active-management < management-module1 | management-module2 | standby >
Specify the management module that will be active for next boot.
Supported Values:
■ management-module1 -- Configures management-module 1 as an active management module
for next boot
■ management-module2 -- Configures management-module 2 as an active management module
for next boot
■ standby -- Configures standby module as an active management module for next boot
switchover
■ redundancy switchover
Switchover to the standby management module.
© 2009 Hewlett-Packard Development Company, L.P.
466
reload
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
boot (page 73)
Usage: [no] reload <after <[[DD:]HH:]MM> |
at HH:MM[:SS] [MM/DD[/[YY]YY]>] >
Description: Warm reboot of the switch. If no parameters are entered,
an immediate reload is executed.
[no] - Causes the removal of any pending reload request.
Note:
Parameters:
o after
o at
The maximum allowable time is 99 days.
- Warm reboot the switch after the given amount of
time has passed.
- Warm reboot the switch at the given time.
COMMAND STRUCTURE
■ reload after -- Warm reboot in a specified amount of time. ([[DD:]HH:]MM) (p. 467)
■ reload at -- Warm reboot at a specified time; If the mm/dd/yy is left blank, the current day is
assumed. (p. 468)
■ time -- Time on given date to do a warm reboot. (HH:MM[:SS]) (p. 468)
■ date -- Date on which a warm reboot is to occur. (MM/DD[/[YY]YY]) (p. 468)
EXAMPLES
Example: reload
Automatically save your configuration changes and reboot the switch from the same flash image
you have been using:
ProCurve(config)# max-vlans 12
Command will take effect after saving configuration and reboot.
ProCurve(config)# reload
Device will be rebooted, do you want to continue [y/n]? y
Do you want to save current configuration [y/n]? y
COMMAND DETAILS
after (p. 467)
at (p. 468)
date (p. 468)
time (p. 468)
after
■ reload after [[DD:]HH:]MM
Warm reboot in a specified amount of time.
© 2009 Hewlett-Packard Development Company, L.P.
467
Command Line Interface Reference Guide
reload
at
■ reload at
Warm reboot at a specified time; If the mm/dd/yy is left blank, the current day is
assumed.
Next Available Option:
■ time -- Time on given date to do a warm reboot. (HH:MM[:SS]) (p. 468)
date
■ reload at [TIME] [DATE]
Date on which a warm reboot is to occur.
time
■ reload at [TIME]
Time on given date to do a warm reboot.
Next Available Option:
■ date -- Date on which a warm reboot is to occur. (MM/DD[/[YY]YY]) (p. 468)
© 2009 Hewlett-Packard Development Company, L.P.
468
rename
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
show (page 511)
erase (page 174)
Usage: rename config OLDNAME NEWNAME
Description: Change the name of the configuration OLDNAME to NEWNAME.
No action occurs if there is no configuration named
OLDNAME, or if a configuration named NEWNAME already
exists.
COMMAND STRUCTURE
■ rename config < config | config1 > -- Change the name of the configuration OLDNAME to NEWNAME
(p. 469)
■ newname -- Specify new name for configuration file. (ASCII-STR) (p. 469)
COMMAND DETAILS
config (p. 469)
newname (p. 469)
config
■ rename config < config | config1 >
Usage: rename config OLDNAME NEWNAME
Description: Change the name of the configuration OLDNAME to NEWNAME.
No action occurs if there is no configuration named
OLDNAME, or if a configuration named NEWNAME already
exists.
Supported Values:
■ config
■ config1
Next Available Option:
■ newname -- Specify new name for configuration file. (ASCII-STR) (p. 469)
newname
■ rename config < config | config1 > NEWNAME
Specify new name for configuration file.
© 2009 Hewlett-Packard Development Company, L.P.
469
repeat
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
redo (page 462)
Usage: repeat [CMDLIST] [count NUMBER] [delay NUMBER]
Description: Repeat execution of a previous command.
By default, repeats the last command until a key is pressed.
If the 'CMDLIST' is specified, repeats the n-th most recent
command where n is the number.
If the 'count NUMBER' is specified repeat the command
the NUMBER of times.
If the 'delay NUMBER' is specified, the iterations are
separated by the NUMBER of seconds.
COMMAND STRUCTURE
■ repeat CMDLIST -- Specify the position of the command to execute in the history list. (CMDLIST)
(p. 470)
■ repeat count -- Number of repetitions to make. (NUMBER) (p. 470)
■ repeat delay -- Delay between the command executions. (NUMBER) (p. 470)
COMMAND DETAILS
CMDLIST (p. 470)
count (p. 470)
delay (p. 470)
CMDLIST
■ repeat CMDLIST
Specify the position of the command to execute in the history list.
count
■ repeat count NUMBER
Number of repetitions to make.
delay
■ repeat delay NUMBER
Delay between the command executions.
© 2009 Hewlett-Packard Development Company, L.P.
470
router
OVERVIEW
Category:
Routing
Primary context:
config
Related Commands
ip (page 290)
vlan (page 706)
show (page 511)
Usage: [no] router ...
Description: Configure the switch routing protocols. You can enter the commands from the
global configuration context
or the RIP, OSPF, PIM, or VRRP configuration contexts. For example, to enter
an OSPF command from the
global configuration context, use the "router" keyword in front of the
command. To enter an OSPF
command in the OSPF configuration context, type "router ospf" to change to
the OSPF configuration
context, then type the command without the "router" keyword.
Use 'router ?' to see a list of all possible options.
COMMAND STRUCTURE
■ [no] router ospf -- Enable/disable/configure Open Shortest Path First (OSPF) protocol on the device,
or enter OSPF Configuration Context (p. 483)
■ area -- Define/remove an OSPF area, area range or virtual link (p. 474)
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p. 476)
■ normal -- Define a "normal" area. (p. 482)
■ nssa < 0 to 16777215 > -- Define a "not-so-stubby" area (or NSSA) and its cost. (p. 483)
■ metric-type < type1 | type2 > -- Metric type of the type-7 default. (p. 482)
■ no-summary -- Do not send summary LSA into the area. (p. 482)
■ range -- Summarize routes matching address/MASK pair. (p. 484)
■ ip -- Specify IP address/MASK pair. (IP-ADDR/MASK-LENGTH) (p. 481)
■ no-advertise -- Do not advertise the range outside the area. (p. 482)
■ type < summary | nssa > -- Link state database type to apply the range. (p. 491)
■ stub -- Define a "stub" area and specify its cost. (p. 489)
■ cost < 0 to 16777215 > -- Enter cost to use when injecting default routes into the
area. (p. 478)
■ no-summary -- Do not send summary LSA into the area. (p. 482)
■ virtual-link -- Specify a virtual neighbor. (IP-ADDR) (p. 492)
■ authentication -- Disable authentication. (p. 476)
■ authentication-key -- Set simple authentication method and key. (p. 476)
■ authentication-key -- OSPF authentication key (maximum 8 characters).
(OCTET-STR) (p. 476)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40. (p. 478)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10. (p. 480)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain. (p. 481)
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p.
478)
© 2009 Hewlett-Packard Development Company, L.P.
471
Command Line Interface Reference Guide
router
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is
5. (p. 486)
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1. (p. 489)
■ backbone -- The backbone area (the same as 0.0.0.0). (p. 477)
■ normal -- Define a "normal" area. (p. 482)
■ nssa < 0 to 16777215 > -- Define a "not-so-stubby" area (or NSSA) and its cost. (p. 483)
■ metric-type < type1 | type2 > -- Metric type of the type-7 default. (p. 482)
■ no-summary -- Do not send summary LSA into the area. (p. 482)
■ range -- Summarize routes matching address/MASK pair. (p. 484)
■ ip -- Specify IP address/MASK pair. (IP-ADDR/MASK-LENGTH) (p. 481)
■ no-advertise -- Do not advertise the range outside the area. (p. 482)
■ type < summary | nssa > -- Link state database type to apply the range. (p. 491)
■ stub -- Define a "stub" area and specify its cost. (p. 489)
■ cost < 0 to 16777215 > -- Enter cost to use when injecting default routes into the
area. (p. 478)
■ no-summary -- Do not send summary LSA into the area. (p. 482)
■ virtual-link -- Specify a virtual neighbor. (IP-ADDR) (p. 492)
■ authentication -- Disable authentication. (p. 476)
■ authentication-key -- Set simple authentication method and key. (p. 476)
■ authentication-key -- OSPF authentication key (maximum 8 characters).
(OCTET-STR) (p. 476)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40. (p. 478)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10. (p. 480)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain. (p. 481)
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p.
478)
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is
5. (p. 486)
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1. (p. 489)
■ default-metric < 0 to 16777215 > -- The default metric used for advertising external routes
imported into OSPF by this router (p. 478)
■ distance -- Set administrative distance to associate with intra-area, inter-area and AS-external
routes learned by OSPF (p. 479)
■ external < 1 to 255 > -- Set administrative distance to associate with external routes learned
by OSPF. (p. 479)
■ inter-area < 1 to 255 > -- Set administrative distance to associate with inter-area routes
learned by OSPF. (p. 480)
■ intra-area < 1 to 255 > -- Set administrative distance to associate with intra-area routes
learned by OSPF. (p. 480)
■ metric-type < type1 | type2 > -- The default metric type used for advertising external routes
imported into OSPF by this router (p. 482)
■ redistribute < connected | static | rip > -- Specify source protocols which will be redistributed
into OSPF (p. 485)
■ restrict -- Prevent redistribution of routes via OSPF (p. 485)
■ ip-addr -- Prevent redistribution of routes via OSPF (IP-ADDR/MASK-LENGTH) (p. 481)
■ rfc1583-compatibility -- Enable/disable RFC-1583 compatibility (p. 486)
■ trap < virtual-interface-state-change | neighbor-state-change | virtual-neighbor-state-change
| ... > -- Enable/disable OSPF traps (p. 489)
■ [no] router pim -- Enable/disable/configure PIM protocol on the device, or enter PIM Configuration
Context (p. 484)
■ bsr-candidate -- Configure the router to advertise itself as the Candidate Bootstrap Router
(Candidate-BSR) for a PIM-SM domain (p. 477)
© 2009 Hewlett-Packard Development Company, L.P.
472
Command Line Interface Reference Guide
router
■ bsm-interval < 5 to 300 > -- Specify the interval for sending Bootstrap messages on PIM-SM
interfaces. (p. 477)
■ hash-mask-length < 1 to 32 > -- Specify the length (in bits) of the hash mask. (p. 480)
■ priority < 0 to 255 > -- Specify the priority for the Candidate Bootstrap router. (p. 484)
■ source-ip-vlan -- Specify the VLAN to use as a source for Candidate-BSR router IP address
(PIM-SM must be enabled on this VLAN). (VLAN-ID) (p. 488)
■ join-prune-interval < 5 to 65535 > -- Configure interval at which the router will send periodic
PIM-SM Join/Prune messages (p. 481)
■ rp-address -- Statically configure the Rendezvous Point (RP) to accept multicast traffic for
specified group or range of groups (p. 487)
■ IP-ADDR -- Specify the IP address of the static RP. (IP-ADDR) (p. 481)
■ GROUP-ADDR/GROUP-MASK -- Specify the range of multicast group addresses
associated with the static RP. (IP-ADDR/MASK-LENGTH) (p. 479)
■ override -- Specify whether or not static RP configuration precedes the information
learned by a BSR. (p. 484)
■ rp-candidate -- Configure router to advertise itself as the Candidate Rendezvous Point
(Candidate-RP) to the Bootstrap Router (BSR) (p. 487)
■ group-prefix -- Specify the multicast group prefix to associate with the Candidate-RP router.
(p. 480)
■ GROUP-ADDR/GROUP-MASK -- Enter the address and mask to define the multicast
group range. (IP-ADDR/MASK-LENGTH) (p. 479)
■ hold-time < 30 to 255 > -- Specify the hold time value to be send in C-RP-Adv messages.
(p. 480)
■ priority < 0 to 255 > -- Specify the priority for the Candidate-RP router. (p. 484)
■ source-ip-vlan -- Specify the VLAN to use as a source for Candidate-RP router IP address
(PIM-SM must be enabled on this VLAN). (VLAN-ID) (p. 488)
■ group-prefix -- Specify the multicast group prefix to associate with the Candidate-RP
router. (p. 480)
■ GROUP-ADDR/GROUP-MASK -- Enter the address and mask to define the multicast
group range. (IP-ADDR/MASK-LENGTH) (p. 479)
■ spt-threshold -- Specify whether switching to the Shortest Path Tree is enabled or disabled on
the router (p. 488)
■ state-refresh < 10 to 300 > -- Set the interval between successive State Refresh messages
originated by this router (p. 489)
■ trap < neighbor-loss | hardware-mrt-full | software-mrt-full | ... > -- Enable/disable PIM traps
(p. 489)
■ [no] router rip -- Enable/disable/configure Routing Internet Protocol (RIP) on the device, or enter
RIP Configuration Context (p. 486)
■ auto-summary -- Enable/disable advertisement of summarized routes (p. 476)
■ default-metric < 1 to 15 > -- Set default metric for imported routes (p. 478)
■ distance < 1 to 255 > -- Set administrative distance for routes learned via RIP (p. 479)
■ redistribute < connected | static | ospf > -- Specify source protocols which will be redistributed
into RIP (p. 485)
■ restrict -- Prevent redistribution of routes via RIP (p. 485)
■ ip-addr -- Prevent redistribution of routes via RIP (IP-ADDR/MASK-LENGTH) (p. 481)
■ [no] router vrrp -- Enable/disable/configure Virtual Router Redundancy Protocol (VRRP) on the
device (p. 492)
■ traps -- Enable/disable generation of VRRP traps (p. 491)
EXAMPLES
Example: router vrrp
Configure VRRP and display:
© 2009 Hewlett-Packard Development Company, L.P.
473
Command Line Interface Reference Guide
router
ProCurve(config)# router vrrp
ProCurve(config)# vlan 10
ProCurve(vlan-10)# vrrp vrid 1
ProCurve(vlan-10-vrid-1)# owner
ProCurve(vlan-10-vrid-1)# virtual-ip-address 10.10.10.1 255.255.255.0
ProCurve(vlan-10-vrid-1)# enable
ProCurve(vlan-10-vrid-1)# show vrrp vlan 10 vrid 1 config
VRRP Virtual Router Configuration Information
Vlan ID : 10
Virtual Router ID : 1
Administrative Status [Disabled] : Enabled
Mode [Uninitialized] : Owner
Priority [100] : 255
Advertisement Interval [1] : 1
Preempt Mode [True] : True
Primary IP Address : Lowest
IP Address
Subnet Mask
--------------- --------------10.10.10.1
255.255.255.0
To create VR 1 in VLAN 10 and enter the VR context, you would execute the following command:
ProCurve(vlan-10)# vrrp vrid 1
ProCurve(vlan-10-vrid-1)#
COMMAND DETAILS
area (p. 474)
area-id (p. 476)
authentication (p. 476)
authentication-key (p. 476)
auto-summary (p. 476)
backbone (p. 477)
bsm-interval (p. 477)
bsr-candidate (p. 477)
chain-name (p. 478)
cost (p. 478)
dead-interval (p. 478)
default-metric (p. 478)
distance (p. 479)
external (p. 479)
GROUP-ADDR/GROUP-MASK (p.
479)
group-prefix (p. 480)
hash-mask-length (p. 480)
hello-interval (p. 480)
hold-time (p. 480)
inter-area (p. 480)
intra-area (p. 480)
ip (p. 481)
ip-addr (p. 481)
IP-ADDR (p. 481)
join-prune-interval (p. 481)
md5-auth-key-chain (p. 481)
metric-type (p. 482)
no-advertise (p. 482)
normal (p. 482)
no-summary (p. 482)
nssa (p. 483)
ospf (p. 483)
override (p. 484)
pim (p. 484)
priority (p. 484)
range (p. 484)
redistribute (p. 485)
restrict (p. 485)
retransmit-interval (p. 486)
rfc1583-compatibility (p. 486)
rip (p. 486)
rp-address (p. 487)
rp-candidate (p. 487)
source-ip-vlan (p. 488)
spt-threshold (p. 488)
state-refresh (p. 489)
stub (p. 489)
transit-delay (p. 489)
trap (p. 489)
traps (p. 491)
type (p. 491)
virtual-link (p. 492)
vrrp (p. 492)
area
■ [no] router ospf area
Usage:
area <OSPF-AREA-ID|backbone> [normal]
area <OSPF-AREA-ID|backbone> nssa <0-16777215>
[metric-type <type1|type2>] [no-summary]
area <OSPF-AREA-ID|backbone> stub <0-16777215> [no-summary]
© 2009 Hewlett-Packard Development Company, L.P.
474
Command Line Interface Reference Guide
router
area <OSPF-AREA-ID|backbone> range IP-ADDR/MASK-LENGTH
[no-advertise]
area <OSPF-AREA-ID|backbone> virtual-link IP-ADDR
[transit-delay <0-3600>]
[retransmit-interval <0-3600>]
[hello-interval <1-65535>]
[dead-interval <0-2147483647>]
area <OSPF-AREA-ID|backbone> virtual-link IP-ADDR
authentication-key OCTET-STR
area <OSPF-AREA-ID|backbone> virtual-link IP-ADDR
md5-auth-key-chain CHAIN-NAME-STR
no area <OSPF-AREA-ID|backbone>
no area <OSPF-AREA-ID|backbone> range IP-ADDR/MASK-LENGTH
no area <OSPF-AREA-ID|backbone> virtual-link IP-ADDR
[authentication]
Description: Define/remove an OSPF area, area range or virtual link.
- 'area... [normal]' command defines a normal area. Area can be
identified by a single integer or an IP address style dotted
decimal. Use 0.0.0.0 address or 'backbone' keyword to specify the
backbone area.
- 'area... nssa...' defines a "not-so-stubby" area (or NSSA)
and its cost. You can specify also the metric type and/or disable
summary LSA to be sent into the area.
- 'area... stub...' defines a "stub" area and cost to use when
injecting default routes of a border router into the area. If
'no-summary' is specified then no summary LSA will be sent into
the area.
- 'area... range...' defines a range of IP addresses the area
consists of and directs to summarize routes matching the range.
If 'no-advertise' is specified then the range will not be
advertised outside the area.
- 'area... virtual-link...' defines a virtual link along with its
time duration parameters:
'transit-delay' - The estimated number of seconds it takes to
transmit a link state update packet over the link.
'retransmit-interval' - The number of seconds between link-state
advertisement retransmissions. This value is also used when
retransmitting database description and link-state request packets.
'hello-interval' - The number of seconds between the Hello packets
those the router sends to the virtual neighbor.
'dead-interval' - The number of seconds that a router's Hello
packets have not been seen before it's neighbor declares the
router down. This should be some multiple of the Hello interval.
- 'area... virtual-link... authentication-key...' - specifies the
authentication key to be used to maintain the virtual link. Note
that unauthenticated link need no authentication key, and simple
password authentication cannot use a key of more than 8 octets.
- 'area... virtual-link... md5-auth-key-chain...' specifies the key chain to pick keys for MD5 authentication
from and configures the virtual link to MD5 authentication.
- 'no area...' removes the entire area.
- 'no area... range...' removes the specified range.
- 'no area... virtual-link...' removes the specified virtual link,
and 'no area... virtual-link... authentication' unsets the
authentication on the link.
Next Available Options:
■ area-id -- Single integer or IP address style dotted decimal. (OSPF-AREA-ID) (p. 476)
© 2009 Hewlett-Packard Development Company, L.P.
475
Command Line Interface Reference Guide
router
■ backbone -- The backbone area (the same as 0.0.0.0).(p. 477)
area-id
■ router ospf area OSPF-AREA-ID
Single integer or IP address style dotted decimal.
Next Available Options:
■ normal -- Define a "normal" area.(p. 482)
■ nssa < 0 to 16777215 > -- Define a "not-so-stubby" area (or NSSA) and its cost.(p. 483)
■ stub -- Define a "stub" area and specify its cost.(p. 489)
■ range -- Summarize routes matching address/MASK pair.(p. 484)
■ virtual-link -- Specify a virtual neighbor. (IP-ADDR) (p. 492)
authentication
■ no router ospf area OSPF-AREA-ID virtual-link IP-ADDR authentication
Disable authentication.
■ no router ospf area backbone virtual-link IP-ADDR authentication
Disable authentication.
authentication-key
■ router ospf area OSPF-AREA-ID virtual-link IP-ADDR authentication-key
Set simple authentication method and key.
Next Available Option:
■ authentication-key -- OSPF authentication key (maximum 8 characters). (OCTET-STR) (p. 476)
■ router ospf area OSPF-AREA-ID virtual-link IP-ADDR authentication-key OCTET-STR
OSPF authentication key (maximum 8 characters).
■ router ospf area backbone virtual-link IP-ADDR authentication-key
Set simple authentication method and key.
Next Available Option:
■ authentication-key -- OSPF authentication key (maximum 8 characters). (OCTET-STR) (p. 476)
■ router ospf area backbone virtual-link IP-ADDR authentication-key OCTET-STR
OSPF authentication key (maximum 8 characters).
auto-summary
■ [no] router rip auto-summary
Usage: [no] auto-summary
© 2009 Hewlett-Packard Development Company, L.P.
476
Command Line Interface Reference Guide
router
Description: Enable/disable advertisement of summarized routes.
Summarization mechanisms should be disabled when using both
version 1 and version 2 of RIP within a single network.
backbone
■ router ospf area backbone
The backbone area (the same as 0.0.0.0).
Next Available Options:
■ normal -- Define a "normal" area.(p. 482)
■ nssa < 0 to 16777215 > -- Define a "not-so-stubby" area (or NSSA) and its cost.(p. 483)
■ stub -- Define a "stub" area and specify its cost.(p. 489)
■ range -- Summarize routes matching address/MASK pair.(p. 484)
■ virtual-link -- Specify a virtual neighbor. (IP-ADDR) (p. 492)
bsm-interval
■ router pim bsr-candidate bsm-interval < 5 to 300 >
Specify the interval for sending Bootstrap messages on PIM-SM interfaces.
Range: < 5 to 300 >
bsr-candidate
■ [no] router pim bsr-candidate
Usage: bsr-candidate [source-ip-vlan <VLAN-ID>]
[hash-mask-length <1-32>]
[priority <0-255>]
[bsm-interval <5-300>]
no bsr-candidate [source-ip-vlan <VLAN-ID>]
Description: Configure the router to advertise itself as the Candidate
Bootstrap Router (Candidate-BSR) for a PIM-SM domain. When
enabling router to be a Candidate-BSR the VLAN ID must be
specified, which IP address will be advertised as a
Candidate-BSR address. PIM-SM must be enabled on the VLAN.
Use 'no' form of this command to disable the router to be a
Candidate-BSR.
NOTE: It is recommended that the same routing switch is
configured as both the Candidate-BSR and the Candidate-RP.
Parameters:
o source-ip-vlan <VLAN-ID> - The VLAN which IP address will be advertised
as the Candidate-BSR IP address.
o hash-mask-length <1-32> - The mask length (in bits) used by the
PIM-SM hash function when selecting an RP. The default is 30.
o priority <0-255> - The priority for the Candidate-BSR for the
local PIM-SM domain. The larger value means the higher priority.
The default is 0.
o bsm-interval <5-300> - The interval (in seconds) for sending periodic
Bootstrap messages on all PIM-SM interfaces, when this router is
the elected BSR. The default is 60 seconds.
© 2009 Hewlett-Packard Development Company, L.P.
477
Command Line Interface Reference Guide
router
Next Available Options:
■ source-ip-vlan -- Specify the VLAN to use as a source for Candidate-BSR router IP address
(PIM-SM must be enabled on this VLAN). (VLAN-ID) (p. 488)
■ hash-mask-length < 1 to 32 > -- Specify the length (in bits) of the hash mask. (p. 480)
■ priority < 0 to 255 > -- Specify the priority for the Candidate Bootstrap router. (p. 484)
■ bsm-interval < 5 to 300 > -- Specify the interval for sending Bootstrap messages on PIM-SM
interfaces. (p. 477)
chain-name
■ router ospf area OSPF-AREA-ID virtual-link IP-ADDR md5-auth-key-chain CHAIN-NAME
Specify key chain to use for MD5 authentication.
■ router ospf area backbone virtual-link IP-ADDR md5-auth-key-chain CHAIN-NAME
Specify key chain to use for MD5 authentication.
cost
■ router ospf area OSPF-AREA-ID stub < 0 to 16777215 >
Enter cost to use when injecting default routes
into the area.
Range: < 0 to 16777215 >
■ router ospf area backbone stub < 0 to 16777215 >
Enter cost to use when injecting default routes
into the area.
Range: < 0 to 16777215 >
dead-interval
■ router ospf area OSPF-AREA-ID virtual-link IP-ADDR dead-interval < 1 to 65535 >
Set dead interval in seconds; the default is 40.
Range: < 1 to 65535 >
■ router ospf area backbone virtual-link IP-ADDR dead-interval < 1 to 65535 >
Set dead interval in seconds; the default is 40.
Range: < 1 to 65535 >
default-metric
■ router ospf default-metric < 0 to 16777215 >
Usage: default-metric <0-16777215>
Description: The default metric used for advertising external routes imported
into OSPF by this router.
Range: < 0 to 16777215 >
■ router rip default-metric < 1 to 15 >
Usage: default-metric <1-15>
© 2009 Hewlett-Packard Development Company, L.P.
478
Command Line Interface Reference Guide
router
Description: Set default metric for imported routes.
Default value is 1.
Range: < 1 to 15 >
distance
■ router ospf distance
Usage: distance <intra-area|inter-area|external> <1-255>
Description: Set administrative distance to associate with intra-area,
inter-area and AS-external routes learned by OSPF. Default
value is 110 for all types of OSPF routes.
Next Available Options:
■ intra-area < 1 to 255 > -- Set administrative distance to associate with intra-area routes learned
by OSPF.(p. 480)
■ inter-area < 1 to 255 > -- Set administrative distance to associate with inter-area routes learned
by OSPF.(p. 480)
■ external < 1 to 255 > -- Set administrative distance to associate with external routes learned
by OSPF.(p. 479)
■ router rip distance < 1 to 255 >
Usage: distance <1-255>
Description: Set administrative distance for routes learned via RIP.
Default value is 120.
Range: < 1 to 255 >
external
■ [no] router ospf distance external < 1 to 255 >
Set administrative distance to associate with external routes learned by OSPF.
Range: < 1 to 255 >
GROUP-ADDR/GROUP-MASK
■ [no] router pim rp-address IP-ADDR IP-ADDR/MASK-LENGTH
Specify the range of multicast group addresses associated with the static RP.
Next Available Option:
■ override -- Specify whether or not static RP configuration precedes the information learned by
a BSR. (p. 484)
■ router pim rp-candidate source-ip-vlan VLAN-ID group-prefix IP-ADDR/MASK-LENGTH
Enter the address and mask to define the multicast group range.
■ router pim rp-candidate group-prefix IP-ADDR/MASK-LENGTH
Enter the address and mask to define the multicast group range.
© 2009 Hewlett-Packard Development Company, L.P.
479
Command Line Interface Reference Guide
router
group-prefix
■ router pim rp-candidate source-ip-vlan VLAN-ID group-prefix
Specify the multicast group prefix to associate with the Candidate-RP router.
Next Available Option:
■ GROUP-ADDR/GROUP-MASK -- Enter the address and mask to define the multicast group
range. (IP-ADDR/MASK-LENGTH) (p. 479)
■ [no] router pim rp-candidate group-prefix
Specify the multicast group prefix to associate with the Candidate-RP router.
Next Available Option:
■ GROUP-ADDR/GROUP-MASK -- Enter the address and mask to define the multicast group
range. (IP-ADDR/MASK-LENGTH) (p. 479)
hash-mask-length
■ router pim bsr-candidate hash-mask-length < 1 to 32 >
Specify the length (in bits) of the hash mask.
Range: < 1 to 32 >
hello-interval
■ router ospf area OSPF-AREA-ID virtual-link IP-ADDR hello-interval < 1 to 65535 >
Set hello interval in seconds; the default is 10.
Range: < 1 to 65535 >
■ router ospf area backbone virtual-link IP-ADDR hello-interval < 1 to 65535 >
Set hello interval in seconds; the default is 10.
Range: < 1 to 65535 >
hold-time
■ router pim rp-candidate hold-time < 30 to 255 >
Specify the hold time value to be send in C-RP-Adv messages.
Range: < 30 to 255 >
inter-area
■ [no] router ospf distance inter-area < 1 to 255 >
Set administrative distance to associate with inter-area routes learned by OSPF.
Range: < 1 to 255 >
intra-area
■ [no] router ospf distance intra-area < 1 to 255 >
Set administrative distance to associate with intra-area routes learned by OSPF.
© 2009 Hewlett-Packard Development Company, L.P.
480
Command Line Interface Reference Guide
router
Range: < 1 to 255 >
ip
■ router ospf area OSPF-AREA-ID range IP-ADDR/MASK-LENGTH
Specify IP address/MASK pair.
■ router ospf area backbone range IP-ADDR/MASK-LENGTH
Specify IP address/MASK pair.
ip-addr
■ [no] router ospf restrict IP-ADDR/MASK-LENGTH
Usage: [no] restrict IP-ADDR/MASK-LEN
Description: Prevent redistribution of routes via OSPF.
■ [no] router rip restrict IP-ADDR/MASK-LENGTH
Usage: [no] restrict IP-ADDR/MASK-LEN
Description: Prevent redistribution of routes via RIP.
IP-ADDR
■ [no] router pim rp-address IP-ADDR
Specify the IP address of the static RP.
Next Available Option:
■ GROUP-ADDR/GROUP-MASK -- Specify the range of multicast group addresses associated
with the static RP. (IP-ADDR/MASK-LENGTH) (p. 479)
join-prune-interval
■ router pim join-prune-interval < 5 to 65535 >
Usage: join-prune-interval <1-65535>
Description: Configure interval at which the router will send periodic
PIM-SM Join/Prune messages. Default is 60 seconds.
Range: < 5 to 65535 >
md5-auth-key-chain
■ router ospf area OSPF-AREA-ID virtual-link IP-ADDR md5-auth-key-chain
Set MD5 authentication method and key chain.
Next Available Option:
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p. 478)
■ router ospf area backbone virtual-link IP-ADDR md5-auth-key-chain
Set MD5 authentication method and key chain.
© 2009 Hewlett-Packard Development Company, L.P.
481
Command Line Interface Reference Guide
router
Next Available Option:
■ chain-name -- Specify key chain to use for MD5 authentication. (ASCII-STR) (p. 478)
metric-type
■ router ospf area OSPF-AREA-ID nssa < 0 to 16777215 > metric-type < type1 | type2 >
Metric type of the type-7 default.
Supported Values:
■ type1 -- Comparable (an OSPF metric plus the external metric).
■ type2 -- Non-comparable metric (the external metric).
■ router ospf area backbone nssa < 0 to 16777215 > metric-type < type1 | type2 >
Metric type of the type-7 default.
Supported Values:
■ type1 -- Comparable (an OSPF metric plus the external metric).
■ type2 -- Non-comparable metric (the external metric).
■ router ospf metric-type < type1 | type2 >
Usage: metric-type <type1|type2>
Description: The default metric type used for advertising external routes
imported into OSPF by this router.
Supported Values:
■ type1 -- Comparable (an OSPF metric plus the external metric).
■ type2 -- Non-comparable metric (the external metric).
no-advertise
■ router ospf area OSPF-AREA-ID range no-advertise
Do not advertise the range outside the area.
■ router ospf area backbone range no-advertise
Do not advertise the range outside the area.
normal
■ router ospf area OSPF-AREA-ID normal
Define a "normal" area.
■ router ospf area backbone normal
Define a "normal" area.
no-summary
■ router ospf area OSPF-AREA-ID nssa < 0 to 16777215 > no-summary
Do not send summary LSA into the area.
■ router ospf area OSPF-AREA-ID stub no-summary
Do not send summary LSA into the area.
© 2009 Hewlett-Packard Development Company, L.P.
482
Command Line Interface Reference Guide
router
■ router ospf area backbone nssa < 0 to 16777215 > no-summary
Do not send summary LSA into the area.
■ router ospf area backbone stub no-summary
Do not send summary LSA into the area.
nssa
■ router ospf area OSPF-AREA-ID nssa < 0 to 16777215 >
Define a "not-so-stubby" area (or NSSA) and its cost.
Range: < 0 to 16777215 >
Next Available Options:
■ metric-type < type1 | type2 > -- Metric type of the type-7 default.(p. 482)
■ no-summary -- Do not send summary LSA into the area.(p. 482)
■ router ospf area backbone nssa < 0 to 16777215 >
Define a "not-so-stubby" area (or NSSA) and its cost.
Range: < 0 to 16777215 >
Next Available Options:
■ metric-type < type1 | type2 > -- Metric type of the type-7 default.(p. 482)
■ no-summary -- Do not send summary LSA into the area.(p. 482)
ospf
■ [no] router ospf
Usage: [no] router ospf [...]
Description: Enable/disable/configure Open Shortest Path First (OSPF)
protocol on the device, or enter OSPF Configuration Context.
Called without 'no', the command enables OSPF on the device
and changes current context to OSPF Configuration Context.
Otherwise ('no' is specified) the command disables OSPF. The
command can be followed by an OSPF configuration command. Use
'router ospf ?' to get a list of all possible options.
Next Available Options:
■ area -- Define/remove an OSPF area, area range or virtual link(p. 474)
■ default-metric < 0 to 16777215 > -- The default metric used for advertising external routes
imported into OSPF by this router(p. 478)
■ distance -- Set administrative distance to associate with intra-area, inter-area and AS-external
routes learned by OSPF(p. 479)
■ metric-type < type1 | type2 > -- The default metric type used for advertising external routes
imported into OSPF by this router(p. 482)
■ redistribute < connected | static | rip > -- Specify source protocols which will be redistributed
into OSPF(p. 485)
■ restrict -- Prevent redistribution of routes via OSPF(p. 485)
■ rfc1583-compatibility -- Enable/disable RFC-1583 compatibility(p. 486)
© 2009 Hewlett-Packard Development Company, L.P.
483
Command Line Interface Reference Guide
router
■ trap < virtual-interface-state-change | neighbor-state-change | virtual-neighbor-state-change |
... > -- Enable/disable OSPF traps(p. 489)
override
■ [no] router pim rp-address IP-ADDR IP-ADDR/MASK-LENGTH override
Specify whether or not static RP configuration precedes the information
learned by a BSR.
pim
■ [no] router pim
Usage: [no] router pim [...]
Description: Enable/disable/configure PIM protocol on the device, or enter
PIM Configuration Context.
Called without 'no', the command enables PIM on the device
and changes current context to PIM Configuration Context.
Otherwise, the command disables PIM. The command can be
followed by a PIM configuration command. Use 'router pim ?' to
get a list of all possible options.
Next Available Options:
■ bsr-candidate -- Configure the router to advertise itself as the Candidate Bootstrap Router
(Candidate-BSR) for a PIM-SM domain(p. 477)
■ rp-address -- Statically configure the Rendezvous Point (RP) to accept multicast traffic for
specified group or range of groups(p. 487)
■ rp-candidate -- Configure router to advertise itself as the Candidate Rendezvous Point
(Candidate-RP) to the Bootstrap Router (BSR)(p. 487)
■ join-prune-interval < 5 to 65535 > -- Configure interval at which the router will send periodic
PIM-SM Join/Prune messages(p. 481)
■ spt-threshold -- Specify whether switching to the Shortest Path Tree is enabled or disabled on
the router(p. 488)
■ state-refresh < 10 to 300 > -- Set the interval between successive State Refresh messages
originated by this router(p. 489)
■ trap < neighbor-loss | hardware-mrt-full | software-mrt-full | ... > -- Enable/disable PIM traps(p.
489)
priority
■ router pim bsr-candidate priority < 0 to 255 >
Specify the priority for the Candidate Bootstrap router.
Range: < 0 to 255 >
■ router pim rp-candidate priority < 0 to 255 >
Specify the priority for the Candidate-RP router.
Range: < 0 to 255 >
range
■ [no] router ospf area OSPF-AREA-ID range
© 2009 Hewlett-Packard Development Company, L.P.
484
Command Line Interface Reference Guide
router
Summarize routes matching address/MASK pair.
Next Available Options:
■ ip -- Specify IP address/MASK pair. (IP-ADDR/MASK-LENGTH) (p. 481)
■ no-advertise -- Do not advertise the range outside the area.(p. 482)
■ type < summary | nssa > -- Link state database type to apply the range.(p. 491)
■ [no] router ospf area backbone range
Summarize routes matching address/MASK pair.
Next Available Options:
■ ip -- Specify IP address/MASK pair. (IP-ADDR/MASK-LENGTH) (p. 481)
■ no-advertise -- Do not advertise the range outside the area.(p. 482)
■ type < summary | nssa > -- Link state database type to apply the range.(p. 491)
redistribute
■ [no] router ospf redistribute < connected | static | rip >
Usage: [no] redistribute <static|connected|rip>
Description: Specify source protocols which will be redistributed
into OSPF. Use the [no] form of the command to disable
redistribution of the specified protocol.
o static
-- redistribute from manually configured routes.
o connected -- redistribute from locally connected network(s).
o rip
-- redistribute from RIP routes.
Supported Values:
■ connected
■ static
■ rip
■ [no] router rip redistribute < connected | static | ospf >
Usage: [no] redistribute <static|connected|ospf>
Description: Specify source protocols which will be redistributed
into RIP. Use the [no] form of the command to disable
redistribution of the specified protocol.
o static
-- redistribute manually configured routes.
o connected -- redistribute locally connected network(s).
o ospf
-- redistribute OSPF routes.
Supported Values:
■ connected
■ static
■ ospf
restrict
■ router ospf restrict
© 2009 Hewlett-Packard Development Company, L.P.
485
Command Line Interface Reference Guide
router
Usage: [no] restrict IP-ADDR/MASK-LEN
Description: Prevent redistribution of routes via OSPF.
Next Available Option:
■ ip-addr -- Prevent redistribution of routes via OSPF (IP-ADDR/MASK-LENGTH) (p. 481)
■ router rip restrict
Usage: [no] restrict IP-ADDR/MASK-LEN
Description: Prevent redistribution of routes via RIP.
Next Available Option:
■ ip-addr -- Prevent redistribution of routes via RIP (IP-ADDR/MASK-LENGTH) (p. 481)
retransmit-interval
■ router ospf area OSPF-AREA-ID virtual-link IP-ADDR retransmit-interval < 1 to 3600 >
Set retransmit interval in seconds; the default is 5.
Range: < 1 to 3600 >
■ router ospf area backbone virtual-link IP-ADDR retransmit-interval < 1 to 3600 >
Set retransmit interval in seconds; the default is 5.
Range: < 1 to 3600 >
rfc1583-compatibility
■ [no] router ospf rfc1583-compatibility
Usage: [no] rfc-1583-compatibility
Description: Enable/disable RFC-1583 compatibility. This controls the
preference rules used when choosing among multiple
AS-external-LSAs advertising the same destination. When RFC-1583
compatibility is disabled, the preference rules are those stated
in RFC-2328, which prevent routing loops when AS-external-LSAs
for the same destination have been originated from different
areas. In order to minimize the chance of routing loops, all OSPF
routers in an OSPF routing domain should have this parameter to
be identical. When there are routers present that have not been
updated with the functionality specified in RFC-2328, all routers
should have RFC-1583 compatibility enabled. Otherwise, all routers
should have RFC-1583 compatibility disabled, preventing routing
loops.
rip
■ [no] router rip
Usage: [no] router rip [...]
Description: Enable/disable/configure Routing Internet Protocol (RIP)
on the device, or enter RIP Configuration Context.
Called without 'no', the command enables RIP on the device
© 2009 Hewlett-Packard Development Company, L.P.
486
Command Line Interface Reference Guide
router
and changes current context to RIP Configuration Context.
Otherwise, the command disables RIP. The command can be
followed by a RIP configuration command. Use 'router rip ?' to
get a list of all possible options.
Next Available Options:
■ auto-summary -- Enable/disable advertisement of summarized routes(p. 476)
■ default-metric < 1 to 15 > -- Set default metric for imported routes(p. 478)
■ distance < 1 to 255 > -- Set administrative distance for routes learned via RIP(p. 479)
■ redistribute < connected | static | ospf > -- Specify source protocols which will be redistributed
into RIP(p. 485)
■ restrict -- Prevent redistribution of routes via RIP(p. 485)
rp-address
■ [no] router pim rp-address
Usage: [no] rp-address <IP-ADDR> [GROUP-ADDR/GROUP-MASK] [override]
Description: Statically configure the Rendezvous Point (RP) to accept
multicast traffic for specified group or range of groups.
If GROUP-ADDR/GROUP-MASK is not specified, the default multicast
group prefix 224.0.0.0/4 (224.0.0.0 240.0.0.0) will be used.
To remove all entries associated with the RP or a specific
entry use 'no' form of the command.
Parameters:
o IP-ADDR
- IP address of the Rendezvous Point.
o GROUP-ADDR - IP address of multicast group, when combined
with GROUP-MASK, gives the group prefix.
o GROUP-MASK - Defines the range of multicast group addresses.
o override
- Sets the precedence of statically configured RP higher
than dynamically learned RPs. Not set by default.
Next Available Option:
■ IP-ADDR -- Specify the IP address of the static RP. (IP-ADDR) (p. 481)
rp-candidate
■ [no] router pim rp-candidate
Usage: rp-candidate [source-ip-vlan <VLAN-ID>]
[group-prefix <GROUP-ADDR/GROUP-MASK>]
[hold-time <30-255>]
[priority <0-255>]
no rp-candidate [source-ip-vlan <VLAN-ID>]
[group-prefix <GROUP-ADDR/GROUP-MASK>]
Description: Configure router to advertise itself as the Candidate
Rendezvous Point (Candidate-RP) to the Bootstrap Router (BSR).
When enabling router to be a Candidate-RP the VLAN ID must
be specified, which IP address will be advertised as a
Candidate-RP's IP address. PIM-SM must be enabled on the VLAN.
If GROUP-ADDR/GROUP-MASK is not specified the router will be a
Candidate-RP for all multicast groups. Use 'no' form of this
© 2009 Hewlett-Packard Development Company, L.P.
487
Command Line Interface Reference Guide
router
command to remove specific multicast group or disable the router
to be a Candidate-RP.
NOTE: It is recommended that the same routing switch is configured
as the Candidate-BSR and the Candidate-RP.
Parameters:
o source-ip-vlan <VLAN-ID> - The VLAN which IP address will be advertised
as the Candidate-RP address.
o group-prefix <GROUP-ADDR/GROUP-MASK> - The address and mask that specify
the multicast group(s) the router uses to advertise in association
with the Candidate-RP address.
o hold-time <3-255> - The hold time value (in seconds) to be send to the
BSR in C-RP-Adv messages. This tells the BSR for how long it
should consider the sending Candidate-RP router to be operative.
The default is 150 seconds.
Note: This value is set to '0' when local system is not a
Candidate-RP.
o priority <0-255> - The priority for the Candidate-RP router for the
local PIM-SM domain. The smaller value means the higher priority.
The default is 192.
Next Available Options:
■ hold-time < 30 to 255 > -- Specify the hold time value to be send in C-RP-Adv messages. (p.
480)
■ priority < 0 to 255 > -- Specify the priority for the Candidate-RP router. (p. 484)
■ source-ip-vlan -- Specify the VLAN to use as a source for Candidate-RP router IP address
(PIM-SM must be enabled on this VLAN). (VLAN-ID) (p. 488)
■ group-prefix -- Specify the multicast group prefix to associate with the Candidate-RP router.
(p. 480)
source-ip-vlan
■ [no] router pim bsr-candidate source-ip-vlan VLAN-ID
Specify the VLAN to use as a source for Candidate-BSR router IP address
(PIM-SM must be enabled on this VLAN).
■ [no] router pim rp-candidate source-ip-vlan VLAN-ID
Specify the VLAN to use as a source for Candidate-RP router IP address
(PIM-SM must be enabled on this VLAN).
Next Available Option:
■ group-prefix -- Specify the multicast group prefix to associate with the Candidate-RP router.
(p. 480)
spt-threshold
■ [no] router pim spt-threshold
Usage: [no] spt-threshold
Description: Specify whether switching to the Shortest Path Tree is enabled
or disabled on the router. Default is 'enabled'.
© 2009 Hewlett-Packard Development Company, L.P.
488
Command Line Interface Reference Guide
router
state-refresh
■ router pim state-refresh < 10 to 300 >
Usage: state-refresh <10-300>
Description: Set the interval between successive State Refresh messages
originated by this router. Default value is 60 seconds.
Range: < 10 to 300 >
stub
■ router ospf area OSPF-AREA-ID stub
Define a "stub" area and specify its cost.
Next Available Options:
■ cost < 0 to 16777215 > -- Enter cost to use when injecting default routes into the area.(p. 478)
■ no-summary -- Do not send summary LSA into the area.(p. 482)
■ router ospf area backbone stub
Define a "stub" area and specify its cost.
Next Available Options:
■ cost < 0 to 16777215 > -- Enter cost to use when injecting default routes into the area.(p. 478)
■ no-summary -- Do not send summary LSA into the area.(p. 482)
transit-delay
■ router ospf area OSPF-AREA-ID virtual-link IP-ADDR transit-delay < 1 to 3600 >
Set transit delay in seconds; the default is 1.
Range: < 1 to 3600 >
■ router ospf area backbone virtual-link IP-ADDR transit-delay < 1 to 3600 >
Set transit delay in seconds; the default is 1.
Range: < 1 to 3600 >
trap
■ [no] router ospf trap < virtual-interface-state-change | neighbor-state-change |
virtual-neighbor-state-change | ... >
Usage: [no] trap <TRAP-NAME|all>
Description: Enable/disable OSPF traps. The traps defined below are generated
as the result of finding an unusual condition while parsing an
OSPF packet or a processing a timer event. Note that if more than
one type of unusual condition is encountered while parsing the
packet or processing an event, only the first one will generate a
trap. Possible trap names are:
- 'interface-state-change' signifies that there has been a change in
the state of a non-virtual OSPF interface. This trap is generated
when the interface state regresses (e.g., goes from Dr to Down) or
progresses to a terminal state (i.e., Point-to-Point, DR Other,
© 2009 Hewlett-Packard Development Company, L.P.
489
Command Line Interface Reference Guide
router
Dr, or Backup).
- 'virtual-interface-state-change' signifies the same change in the
state of a virtual OSPF interface.
- 'neighbor-state-change' signifies that there has been a change in
the state of a non-virtual OSPF neighbor. This trap is generated
when the neighbor state regresses (e.g., goes from Attempt or Full
to 1-Way or Down) or progresses to a terminal state (e.g., 2-Way
or Full).
- 'virtual-neighbor-state-change' signifies the same change in the
state of a virtual OSPF neighbor.
- 'interface-config-error' signifies that a packet has been received
on a non-virtual interface from a router whose configuration
parameters conflict with this router's configuration parameters.
- 'virtual-interface-config-error' signifies the same condition on a
virtual interface.
- 'interface-authentication-failure' signifies that a packet has
been received on a non-virtual interface from a router whose
authentication key or authentication type conflicts with this
router's authentication key or authentication type.
- 'virtual-interface-authentication-failure' signifies the same
condition on a virtual interface.
- 'interface-receive-bad-packet' signifies that an OSPF packet has
been received on a non-virtual interface that cannot be parsed.
- 'virtual-interface-receive-bad-packet' signifies the same
condition on a virtual interface.
- 'interface-retransmit-packet' signifies than an OSPF packet has
been retransmitted on a non-virtual interface.
- 'virtual-interface-retransmit-packet' signifies the same condition
on a virtual interface.
- 'originate-lsa' signifies that a new LSA has been originated by
this router. This trap is not invoked for simple refreshes of
LSAs, but instead will only be invoked when an LSA is
(re)originated due to a topology change. Additionally, this trap
does not include LSAs that are being flushed because they have
expired.
- 'originate-maxage-lsa' signifies that one of the LSA in the
router's link-state database has expired.
If 'all' is specified in place of a trap name then all the traps
are affected by the command.
Supported Values:
■ virtual-interface-state-change
■ neighbor-state-change
■ virtual-neighbor-state-change
■ interface-config-error
■ virtual-interface-config-error
■ interface-authentication-failure
■ virtual-interface-authentication-failure
■ interface-receive-bad-packet
■ virtual-interface-receive-bad-packet
■ interface-retransmit-packet
■ virtual-interface-retransmit-packet
■ originate-lsa
■ originate-maxage-lsa
■ interface-state-change
■ all
■ [no] router pim trap < neighbor-loss | hardware-mrt-full | software-mrt-full | ... >
© 2009 Hewlett-Packard Development Company, L.P.
490
Command Line Interface Reference Guide
router
Usage: [no] trap <TRAP-NAME|all>
Description: Enable/disable PIM traps. The traps defined below are generated
as the result of finding an unusual condition or a timer event.
Possible trap names are:
- 'neighbor-loss' signifies that a neighbor timer expired and the
router has no other neighbors on the same interface with a lower
IP address than itself.
- 'hardware-mrt-full' signifies that the MRT table is full and the
error has been originated by hardware.
- 'software-mrt-full' signifies that the MRT table is full and the
error has been originated by software.
If 'all' is specified in place of a trap name then all the traps
are affected by the command.
Supported Values:
■ neighbor-loss -- A neighbor router was lost.
■ hardware-mrt-full -- Hardware MRT table is full.
■ software-mrt-full -- Software MRT table is full.
■ all -- All types of traps.
traps
■ [no] router vrrp traps
Usage: [no] router vrrp traps
Description: Enable/disable generation of VRRP traps. When 'enabled' an
appropriate SNMP notification message will be sent as a result
of finding one of the following conditions:
o 'New Master' - this trap indicates that the sending agent
has transitioned to 'Master' state.
o 'Authentication Failure' - this trap indicates that a packet
has been received from a router whose
authentication key or authentication type
conflicts with this router's authentication
key or authentication type.
type
■ [no] router ospf area OSPF-AREA-ID range type < summary | nssa >
Link state database type to apply the range.
Supported Values:
■ summary -- summary.
■ nssa -- nssa.
■ [no] router ospf area backbone range type < summary | nssa >
Link state database type to apply the range.
Supported Values:
■ summary -- summary.
■ nssa -- nssa.
© 2009 Hewlett-Packard Development Company, L.P.
491
Command Line Interface Reference Guide
router
virtual-link
■ [no] router ospf area OSPF-AREA-ID virtual-link IP-ADDR
Specify a virtual neighbor.
Next Available Options:
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1.(p. 489)
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is 5.(p. 486)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10.(p. 480)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40.(p. 478)
■ authentication-key -- Set simple authentication method and key.(p. 476)
■ authentication -- Disable authentication.(p. 476)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain.(p. 481)
■ [no] router ospf area backbone virtual-link IP-ADDR
Specify a virtual neighbor.
Next Available Options:
■ transit-delay < 1 to 3600 > -- Set transit delay in seconds; the default is 1.(p. 489)
■ retransmit-interval < 1 to 3600 > -- Set retransmit interval in seconds; the default is 5.(p. 486)
■ hello-interval < 1 to 65535 > -- Set hello interval in seconds; the default is 10.(p. 480)
■ dead-interval < 1 to 65535 > -- Set dead interval in seconds; the default is 40.(p. 478)
■ authentication-key -- Set simple authentication method and key.(p. 476)
■ authentication -- Disable authentication.(p. 476)
■ md5-auth-key-chain -- Set MD5 authentication method and key chain.(p. 481)
vrrp
■ [no] router vrrp
Usage: [no] router vrrp [traps]
Description: Enable/disable/configure Virtual Router Redundancy Protocol (VRRP)
on the device.
Next Available Option:
■ traps -- Enable/disable generation of VRRP traps(p. 491)
© 2009 Hewlett-Packard Development Company, L.P.
492
r-wireless-services
OVERVIEW
Category:
Primary context:
config
Related Commands
COMMAND STRUCTURE
■ r-wireless-services r-wireless-services -- (SLOT-ID) (p. 493)
■ config -- (ASCII-STR) (p. 493)
COMMAND DETAILS
config (p. 493)
r-wireless-services (p. 493)
config
■ r-wireless-services SLOT-ID config CONFIG
r-wireless-services
■ r-wireless-services SLOT-ID
Next Available Option:
■ config -- (ASCII-STR) (p. 493)
© 2009 Hewlett-Packard Development Company, L.P.
493
savepower
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: [no] savepower <1|2|3>
Description: power on/off of blocks controlling ports.
o 1
o 2
o 3
- Power block-1 associated with ports 01-08.
- Power block-2 associated with ports 09-16.
- Power block-3 associated with ports 17-24.
COMMAND STRUCTURE
■ [no] savepower int < 1 | 2 | 3 > -- 1 -> Power block-1 associated with ports 01-08 2 -> Power block-2
associated with ports 09-16 3 -> Power block-3 associated with ports 17-24 (p. 494)
COMMAND DETAILS
int (p. 494)
int
■ [no] savepower < 1 | 2 | 3 >
1 -> Power block-1 associated with ports 01-08
2 -> Power block-2 associated with ports 09-16
3 -> Power block-3 associated with ports 17-24
Supported Values:
■ 1 -- Power block 1, ports 1-8
■ 2 -- Power block 2, ports 9-16
■ 3 -- Power block 3, ports 17-24
© 2009 Hewlett-Packard Development Company, L.P.
494
services
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: services [<SLOT-ID> <INDEX>|(name <NAME>)|
|reload|shutdown]
Description: Configure parameters for the services module or
change the module's state (reload or shutdown).
Parameters:
o - Display the applications installed and running.
o <SLOT-ID> <INDEX>
- Configure parameters for the installed
application.
o <SLOT-ID> locator
- Controls services module locator LED.
o <SLOT-ID> name <NAME>
- Configure parameters for the installed
application.
o <SLOT-ID> reload
- Reboot services module.
o <SLOT-ID> shutdown
- Shutdown (halt) the services module.
COMMAND STRUCTURE
■ services slot-id -- Device slot identifier for the services module. (SLOT-ID) (p. 497)
■ diagnostic-restart -- Reboot services module into diagnostic partition. (p. 496)
■ id -- Index of the services CLI to access. (p. 496)
■ locator -- Control services module locator LED. (p. 496)
■ blink -- Blink the locate led (p. 496)
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 496)
■ off -- Turn the locate led off (p. 496)
■ on -- Turn the locate led on (p. 497)
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 496)
■ name -- Name of the services CLI to access. (ASCII-STR) (p. 496)
■ reload -- Reboot services module. (p. 497)
■ shutdown -- Shutdown (halt) the services module. (p. 497)
■ tech -- Enter the configuration context for the services module. (p. 497)
COMMAND DETAILS
blink (p. 496)
diagnostic-restart (p. 496)
duration (p. 496)
id (p. 496)
locator (p. 496)
name (p. 496)
off (p. 496)
on (p. 497)
© 2009 Hewlett-Packard Development Company, L.P.
reload (p. 497)
shutdown (p. 497)
slot-id (p. 497)
tech (p. 497)
495
Command Line Interface Reference Guide
services
blink
■ services SLOT-ID locator blink
Blink the locate led
Next Available Option:
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 496)
diagnostic-restart
■ services SLOT-ID diagnostic-restart
Reboot services module into diagnostic partition.
duration
■ services SLOT-ID locator on < 1 to 1440 >
Number of minutes duration (default 30).
Range: < 1 to 1440 >
■ services SLOT-ID locator blink < 1 to 1440 >
Number of minutes duration (default 30).
Range: < 1 to 1440 >
id
■ services SLOT-ID INTEGER
Index of the services CLI to access.
locator
■ services SLOT-ID locator
Control services module locator LED.
Next Available Options:
■ on -- Turn the locate led on(p. 497)
■ off -- Turn the locate led off(p. 496)
■ blink -- Blink the locate led(p. 496)
name
■ services SLOT-ID name NAME
Name of the services CLI to access.
off
■ services SLOT-ID locator off
Turn the locate led off
© 2009 Hewlett-Packard Development Company, L.P.
496
Command Line Interface Reference Guide
services
on
■ services SLOT-ID locator on
Turn the locate led on
Next Available Option:
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 496)
reload
■ services SLOT-ID reload
Reboot services module.
shutdown
■ services SLOT-ID shutdown
Shutdown (halt) the services module.
slot-id
■ services SLOT-ID
Device slot identifier for the services module.
Next Available Options:
■ id -- Index of the services CLI to access. (p. 496)
■ name -- Name of the services CLI to access. (ASCII-STR) (p. 496)
■ diagnostic-restart -- Reboot services module into diagnostic partition. (p. 496)
■ locator -- Control services module locator LED. (p. 496)
■ reload -- Reboot services module. (p. 497)
■ shutdown -- Shutdown (halt) the services module. (p. 497)
■ tech -- Enter the configuration context for the services module. (p. 497)
tech
■ services SLOT-ID tech
Enter the configuration context for the services module.
© 2009 Hewlett-Packard Development Company, L.P.
497
services
OVERVIEW
Category:
Primary context:
manager
Related Commands
Usage: services [<SLOT-ID> <INDEX>|(name <NAME>)|
|reload|shutdown]
Description: Display parameters for the services module or
change the module's state (reload or shutdown).
Parameters:
o - Display the applications installed and running.
o <SLOT-ID> <INDEX>
- Configure parameters for the installed
application.
o <SLOT-ID> locator
- Controls services module locator LED.
o <SLOT-ID> name <NAME>
- Configure parameters for the installed
application.
o <SLOT-ID> reload
- Reboot services module.
o <SLOT-ID> shutdown
- Shutdown (halt) the services module.
COMMAND STRUCTURE
■ services slot-id -- Device slot identifier for the services module. (SLOT-ID) (p. 500)
■ id -- Index of the services CLI to access. (p. 499)
■ locator -- Control services module locator LED. (p. 499)
■ blink -- Blink the locate led (p. 498)
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 499)
■ off -- Turn the locate led off (p. 499)
■ on -- Turn the locate led on (p. 499)
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 499)
■ name -- Name of the services CLI to access. (ASCII-STR) (p. 499)
■ reload -- Reboot services module. (p. 500)
■ shutdown -- Shutdown (halt) the services module. (p. 500)
COMMAND DETAILS
blink (p. 498)
duration (p. 499)
id (p. 499)
locator (p. 499)
name (p. 499)
off (p. 499)
on (p. 499)
reload (p. 500)
shutdown (p. 500)
slot-id (p. 500)
blink
■ services SLOT-ID locator blink
© 2009 Hewlett-Packard Development Company, L.P.
498
Command Line Interface Reference Guide
services
Blink the locate led
Next Available Option:
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 499)
duration
■ services SLOT-ID locator on < 1 to 1440 >
Number of minutes duration (default 30).
Range: < 1 to 1440 >
■ services SLOT-ID locator blink < 1 to 1440 >
Number of minutes duration (default 30).
Range: < 1 to 1440 >
id
■ services SLOT-ID INTEGER
Index of the services CLI to access.
locator
■ services SLOT-ID locator
Control services module locator LED.
Next Available Options:
■ on -- Turn the locate led on(p. 499)
■ off -- Turn the locate led off(p. 499)
■ blink -- Blink the locate led(p. 498)
name
■ services SLOT-ID name NAME
Name of the services CLI to access.
off
■ services SLOT-ID locator off
Turn the locate led off
on
■ services SLOT-ID locator on
Turn the locate led on
Next Available Option:
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 499)
© 2009 Hewlett-Packard Development Company, L.P.
499
Command Line Interface Reference Guide
services
reload
■ services SLOT-ID reload
Reboot services module.
shutdown
■ services SLOT-ID shutdown
Shutdown (halt) the services module.
slot-id
■ services SLOT-ID
Device slot identifier for the services module.
Next Available Options:
■ id -- Index of the services CLI to access. (p. 499)
■ name -- Name of the services CLI to access. (ASCII-STR) (p. 499)
■ locator -- Control services module locator LED. (p. 499)
■ reload -- Reboot services module. (p. 500)
■ shutdown -- Shutdown (halt) the services module. (p. 500)
© 2009 Hewlett-Packard Development Company, L.P.
500
services
OVERVIEW
Category:
Primary context:
operator
Related Commands
Usage: services [<SLOT-ID> <INDEX>|(name <NAME>)]
Description: Display parameters for the services module.
Parameters:
o - Display the applications installed and running.
o <SLOT-ID> <INDEX>
- Configure parameters for the installed
application.
o <SLOT-ID> locator
- Controls services module locator LED.
o <SLOT-ID> name <NAME>
- Configure parameters for the installed
application.
COMMAND STRUCTURE
■ services slot-id -- Device slot identifier for the services module. (SLOT-ID) (p. 502)
■ id -- Index of the services CLI to access. (p. 502)
■ locator -- Control services module locator LED. (p. 502)
■ blink -- Blink the locate led (p. 501)
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 501)
■ off -- Turn the locate led off (p. 502)
■ on -- Turn the locate led on (p. 502)
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 501)
■ name -- Name of the services CLI to access. (ASCII-STR) (p. 502)
COMMAND DETAILS
blink (p. 501)
duration (p. 501)
id (p. 502)
locator (p. 502)
name (p. 502)
off (p. 502)
on (p. 502)
slot-id (p. 502)
blink
■ services SLOT-ID locator blink
Blink the locate led
Next Available Option:
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 501)
duration
■ services SLOT-ID locator on < 1 to 1440 >
© 2009 Hewlett-Packard Development Company, L.P.
501
Command Line Interface Reference Guide
services
Number of minutes duration (default 30).
Range: < 1 to 1440 >
■ services SLOT-ID locator blink < 1 to 1440 >
Number of minutes duration (default 30).
Range: < 1 to 1440 >
id
■ services SLOT-ID INTEGER
Index of the services CLI to access.
locator
■ services SLOT-ID locator
Control services module locator LED.
Next Available Options:
■ on -- Turn the locate led on(p. 502)
■ off -- Turn the locate led off(p. 502)
■ blink -- Blink the locate led(p. 501)
name
■ services SLOT-ID name NAME
Name of the services CLI to access.
off
■ services SLOT-ID locator off
Turn the locate led off
on
■ services SLOT-ID locator on
Turn the locate led on
Next Available Option:
■ duration < 1 to 1440 > -- Number of minutes duration (default 30). (NUMBER) (p. 501)
slot-id
■ services SLOT-ID
Device slot identifier for the services module.
Next Available Options:
■ id -- Index of the services CLI to access. (p. 502)
■ name -- Name of the services CLI to access. (ASCII-STR) (p. 502)
■ locator -- Control services module locator LED. (p. 502)
© 2009 Hewlett-Packard Development Company, L.P.
502
Command Line Interface Reference Guide
© 2009 Hewlett-Packard Development Company, L.P.
services
503
setMIB
OVERVIEW
Category:
SNMP
Primary context:
manager
Related Commands
walkMIB (page 754)
Usage: setmib OBJECT-STR TYPE-STR VALUE-STR
[[OBJECT-STR TYPE-STR VALUE-STR] ...]
Description: Set the value of a MIB object. The <TYPE-STR> can be:
-i - integer
-o - octet
-d - object identifier
-a - ip_addr
-c - counter
-g - gauge
-t - time_ticks
-u - unsigned integer 32
-D - Display String
-N - NULL
COMMAND STRUCTURE
■ setMIB object -- MIB object name.instance. (ASCII-STR) (p. 504)
■ type -- Type of the value to set. See 'setmib help' for details. (ASCII-STR) (p. 504)
■ value -- A value to which to set the MIB object. (ASCII-STR) (p. 504)
COMMAND DETAILS
object (p. 504)
type (p. 504)
value (p. 504)
object
■ setMIB OBJECT
MIB object name.instance.
Next Available Option:
■ type -- Type of the value to set. See 'setmib help' for details. (ASCII-STR) (p. 504)
type
■ setMIB OBJECT TYPE
Type of the value to set. See 'setmib help' for details.
Next Available Option:
■ value -- A value to which to set the MIB object. (ASCII-STR) (p. 504)
value
■ setMIB OBJECT TYPE VALUE
© 2009 Hewlett-Packard Development Company, L.P.
504
Command Line Interface Reference Guide
setMIB
A value to which to set the MIB object.
© 2009 Hewlett-Packard Development Company, L.P.
505
setup
OVERVIEW
Category:
Switch Management
Primary context:
manager
Related Commands
Usage: setup [default-logon <CLI|Menu>]
Description: Enter the 'Switch Setup' screen for basic switch configuration.
The optional parameter 'default-logon' changes the user
interface presented after boot without entering full-screen
setup.
COMMAND STRUCTURE
■ setup default-logon < CLI | Menu > -- Specify whether switch should boot to CLI (default) or menu.
(p. 507)
■ setup mgmt-interfaces -- Enter the 'Management Interface Wizard' for configuring various
management interfaces (p. 507)
EXAMPLES
Example: setup
Access the Switch Setup screen to quickly configure IP addressing and other basic settings:
ProCurve# setup
ProCurve
1-Jan-2001
2:14:27
===========================- TELNET - MANAGER MODE -============================
Switch Setup
System Name : HPswitch
System Contact : Sysadmin
Manager Password : ***********
Logon Default : CLI
Community Name : public
Confirm Password : ***********
Time Zone [0] : -480
Spanning Tree Enabled [No] : No
Default Gateway : 10.10.10.1
Time Sync Method [None] : TIMEP
TimeP Mode [Disabled] : Disabled
IP Config [DHCP/Bootp] : Manual
IP Address : 10.10.10.150
Subnet Mask : 255.255.255.0
Actions->
Cancel
Edit
Save
Help
Enter System Name - up to 25 characters.
Use arrow keys to change field selection, <Space> to toggle field choices,
and <Enter> to go to Actions.
© 2009 Hewlett-Packard Development Company, L.P.
506
Command Line Interface Reference Guide
setup
COMMAND DETAILS
default-logon (p. 507)
mgmt-interfaces (p. 507)
default-logon
■ setup default-logon < CLI | Menu >
Specify whether switch should boot to CLI (default) or menu.
Supported Values:
■ CLI -- Set Command Line Interface as default console interface.
■ Menu -- Set Menu as default console interface.
mgmt-interfaces
■ setup mgmt-interfaces
Usage: setup mgmt-interfaces
Description: Enter the 'Management Interface Wizard' for configuring various
management interfaces.
This wizard will help you with the initial setup of the various
management interfaces.The current values are shown in
brackets[].Type in a new value, or press <Enter> to keep the
current value.Press CTRL-C at any time to quit the wizard
without saving any changes.Press ? for help.
© 2009 Hewlett-Packard Development Company, L.P.
507
sflow
OVERVIEW
Category:
Primary context:
config
Related Commands
Usage: sflow <RECEIVER-INSTANCE> destination <IP-ADDRESS> [UDP-PORT]
sflow <RECEIVER-INSTANCE> polling [ethernet] PORT-LIST
<POLLING-INTERVAL>
sflow <RECEIVER-INSTANCE> sampling [ethernet] PORT-LIST
<SAMPLING-RATE>
[no] sflow <RECEIVER-INSTANCE>
Description: Configure or un-claim an sflow sampling receiver.
If the [no] option is not used, this command will
configure the sflow sampling receiver, polling,
and sampling.
Parameters:
IP-ADDRESS - Ip address of the sFlow
receiver/collector/management station
UDP-PORT - The udp application port of the sFlow
receiver/collector/management station (default: 6343).
POLLING-INTERVAL - The maximum interval (seconds) between
polling of counters. (a value of 0 causes polling to be
disabled.
PORT-LIST - Port(s) for which packet are to be sampled.
RECEIVER-INSTANCE - One of three posible sFlow receiver tables.
SAMPLING-RATE - N, where 1/N is the number of packets sampled.
(a value of 0 causes sampling to be disabled.)
COMMAND STRUCTURE
■ [no] sflow sflow-receiver < 1 to 3 > -- Select one of three possible sFlow receiver tables. (NUMBER)
(p. 510)
■ destination -- IP address of sFlow receiver/collector/management station. (IP-ADDR) (p. 509)
■ sflow-udp-port < 1 to 65535 > -- UDP application port of sFlow
receiver/collector/management station. (NUMBER) (p. 510)
■ polling -- Specify the ports for which packets are to be polled. ([ethernet] PORT-LIST) (p. 509)
■ sflow-polling-interval < 20 to 2147483647 > -- Specify the maximum interval (seconds)
between polling of counters. (p. 509)
■ sflow-polling-int-off < 0 > -- Disable polling of counters. (p. 509)
■ sampling -- Specify the ports for which packets are to be sampled. ([ethernet] PORT-LIST) (p.
509)
■ sflow-sampler-off < 0 > -- Disable sampling. (p. 510)
■ sflow-sampler-rate < 50 to 16441700 > -- Specify N, where 1/N is the number of packets
sampled. (p. 510)
© 2009 Hewlett-Packard Development Company, L.P.
508
Command Line Interface Reference Guide
sflow
COMMAND DETAILS
destination (p. 509)
polling (p. 509)
sampling (p. 509)
sflow-polling-interval (p. 509)
sflow-polling-int-off (p. 509)
sflow-receiver (p. 510)
sflow-sampler-off (p. 510)
sflow-sampler-rate (p. 510)
sflow-udp-port (p. 510)
destination
■ sflow < 1 to 3 > destination IP-ADDR
IP address of sFlow receiver/collector/management station.
Next Available Option:
■ sflow-udp-port < 1 to 65535 > -- UDP application port of sFlow receiver/collector/management
station. (NUMBER) (p. 510)
polling
■ sflow < 1 to 3 > polling [ETHERNET] PORT-LIST
Specify the ports for which packets are to be polled.
Next Available Options:
■ sflow-polling-int-off < 0 > -- Disable polling of counters. (p. 509)
■ sflow-polling-interval < 20 to 2147483647 > -- Specify the maximum interval (seconds) between
polling of counters. (p. 509)
sampling
■ sflow < 1 to 3 > sampling [ETHERNET] PORT-LIST
Specify the ports for which packets are to be sampled.
Next Available Options:
■ sflow-sampler-off < 0 > -- Disable sampling. (p. 510)
■ sflow-sampler-rate < 50 to 16441700 > -- Specify N, where 1/N is the number of packets sampled.
(p. 510)
sflow-polling-interval
■ sflow < 1 to 3 > polling [ETHERNET] PORT-LIST < 20 to 2147483647 >
Specify the maximum interval (seconds) between polling of counters.
Range: < 20 to 2147483647 >
sflow-polling-int-off
■ sflow < 1 to 3 > polling [ETHERNET] PORT-LIST < 0 >
Disable polling of counters.
Supported Values:
■ 0 -- Disable polling.
© 2009 Hewlett-Packard Development Company, L.P.
509
Command Line Interface Reference Guide
sflow
sflow-receiver
■ [no] sflow < 1 to 3 >
Select one of three possible sFlow receiver tables.
Range: < 1 to 3 >
Next Available Options:
■ destination -- IP address of sFlow receiver/collector/management station. (IP-ADDR) (p. 509)
■ polling -- Specify the ports for which packets are to be polled. ([ethernet] PORT-LIST) (p. 509)
■ sampling -- Specify the ports for which packets are to be sampled. ([ethernet] PORT-LIST) (p.
509)
sflow-sampler-off
■ sflow < 1 to 3 > sampling [ETHERNET] PORT-LIST < 0 >
Disable sampling.
Supported Values:
■ 0 -- Disable sampling.
sflow-sampler-rate
■ sflow < 1 to 3 > sampling [ETHERNET] PORT-LIST < 50 to 16441700 >
Specify N, where 1/N is the number of packets sampled.
Range: < 50 to 16441700 >
sflow-udp-port
■ sflow < 1 to 3 > destination IP-ADDR < 1 to 65535 >
UDP application port of sFlow receiver/collector/management station.
Range: < 1 to 65535 >
© 2009 Hewlett-Packard Development Company, L.P.
510
show
OVERVIEW
Category:
Primary context:
operator
Related Commands
Usage: show ...
Description: Display switch operation information.
The 'show' must be followed by a command.
Use 'show ?' for the list of all possible command.
COMMAND STRUCTURE
■ show access-list -- Show Access Control List information (p. 527)
■ acl-name -- Display detailed information on specified ACL. (ASCII-STR) (p. 528)
■ config -- Show all configured ACL's on the switch using the CLI syntax used to create them.
(p. 540)
■ config -- Show all configured ACL's on the switch using the CLI syntax used to create them.
(p. 540)
■ ports -- Show ACLs applied to the specified ports. ([ethernet] PORT-LIST) (p. 580)
■ radius -- Display ACLs applied via RADIUS. ([ethernet] PORT-LIST) (p. 583)
■ resources -- Display ACL Rules/Masks availability. (p. 585)
■ vlan -- Show ACLs applied to the specified VLAN. (VLAN-ID) (p. 603)
■ show accounting -- Show Accounting configuration parameters (p. 528)
■ sessions -- Show accounting data for all active sessions (p. 590)
■ show alias -- Show configured alias commands (p. 529)
■ show arp -- Show the IP ARP translation table (p. 530)
■ vlan -- Specify VLAN for which to show ARP entries. (VLAN-ID) (p. 603)
■ show arp-protect -- Display Dynamic ARP Protection information (p. 530)
■ statistics -- (VLAN-ID-RANGE) (p. 594)
■ show authentication -- Show Authentication configuration parameters (p. 531)
■ show authorization -- Show Authorization configuration parameters (p. 531)
■ show autorun -- Show Autorun configuration status. (p. 533)
■ show bandwidth -- Show queue percentages for outbound guaranteed minimum bandwidth (p.
533)
■ output -- Show outbound guaranteed minimum bandwidth. (p. 575)
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p.
578)
■ show banner -- show the configured banner text (p. 533)
■ motd -- show the configured banner text (p. 571)
■ show boot-history -- Display the system boot log (p. 534)
■ show cdp -- Show CDP configuration and neighbors discovered (p. 537)
■ neighbors -- Show CDP neighbors. See 'show cdp help' for details. (p. 573)
■ detail -- Show neighbor information field-per-line instead of shortened table format. (p. 546)
■ neighbors-port -- Show CDP neighbors on specified port only. ([ethernet] PORT-NUM) (p.
574)
■ show class -- Show class config. (p. 537)
■ ipv4 -- Enter ipv4 class. (ASCII-STR) (p. 562)
■ ipv6 -- Enter ipv6 class. (ASCII-STR) (p. 562)
© 2009 Hewlett-Packard Development Company, L.P.
511
Command Line Interface Reference Guide
show
■ show config -- Show the switch startup configuration (p. 540)
■ filename < config | config1 > -- Display specified configuration. (p. 551)
■ files -- List saved configuration files. (p. 551)
■ status -- Check if the running configuration differs from the statup configuration. (p. 596)
■ show connection-rate-filter -- List the ports and the on/off connection-rate-filter status and sensitivity
(p. 543)
■ all-hosts -- Show blocked and throttled IP addresses. (p. 529)
■ blocked-hosts -- Show blocked IP addresses. (p. 534)
■ throttled-hosts -- Show throttled IP addresses. (p. 599)
■ show console -- Show serial link/console settings (p. 543)
■ show cpu -- Show average CPU utilization over the last 1, 5, and 60 seconds; or the number of
seconds specified (p. 543)
■ slot -- Display module CPU statistics. (SLOT-ID-RANGE) (p. 591)
■ slave_time < 1 to 90 > -- Time (seconds) over which to average CPU utilization. (NUMBER)
(p. 591)
■ time < 1 to 300 > -- Time (seconds) over which to average CPU utilization. (NUMBER) (p. 599)
■ show crypto -- Display flash files used for authentication (p. 544)
■ autorun-cert -- Display trusted certificate. (p. 533)
■ autorun-key -- Display autorun key. (p. 533)
■ client-public-key -- Display ssh authorized client public keys. (p. 537)
■ babble -- Display phonetic hash. (p. 533)
■ fingerprint -- Display hexadecimal hash. (p. 552)
■ keyfile < manager | operator > -- Choose to display manager or operator keys. (p. 564)
■ babble -- Display phonetic hash. (p. 533)
■ fingerprint -- Display hexadecimal hash. (p. 552)
■ keylist -- Select keys to display (comma-delimited list). (ASCII-STR) (p. 564)
■ babble -- Display phonetic hash. (p. 533)
■ fingerprint -- Display hexadecimal hash. (p. 552)
■ host-cert -- Display https certificate information. (p. 555)
■ host-public-key -- Display ssh host RSA public key. (p. 555)
■ babble -- Display phonetic hash. (p. 533)
■ fingerprint -- Display hexadecimal hash. (p. 552)
■ show debug -- Display currently active debug log destinations and types (p. 545)
■ buffer -- Show the contents of the debug log buffer (p. 535)
■ -c -- Stop after displaying <count> messages. (NUMBER) (p. 536)
■ option -- Filter messages shown to those matching a string up to 64 chars. (ASCII-STR) (p.
574)
■ -r -- Display messages in reverse order (most recent first). (p. 583)
■ show dhcp-relay -- Shows the current status of DHCP Relay Agent, option 82 statistics and BOOTP
Gateway for configured interfaces (p. 548)
■ bootp-gateway -- Show the configured BOOTP gateway for configured interfaces (p. 534)
■ vlan -- Show the configured BOOTP Gateway for VLAN. (p. 603)
■ vlan -- (VLAN-ID) (p. 603)
■ show dhcp-snooping -- Display DHCP snooping information (p. 548)
■ binding -- Display DHCP snooping binding information. (p. 534)
■ stats -- Display DHCP snooping events. (p. 596)
■ show fastboot -- Shows the current status of fastboot on switch (p. 551)
■ show fault-finder -- Show the fault-finder table (p. 551)
■ show feature-coordinator -- Display the feature coordination restrictions (p. 551)
■ show filter -- Show a table of security filters or a filter detailed information, if the filter's INDEX is
specified (p. 552)
■ INDEX -- Show detailed information for the filter identified by the INDEX. The indices are
displayed by the 'show filter' command. (p. 557)
© 2009 Hewlett-Packard Development Company, L.P.
512
Command Line Interface Reference Guide
show
■ source-port -- (p. 592)
■ show flash -- Show the version of software stored in the Primary and Secondary image locations
(p. 552)
■ show front-panel-security -- Show current security status of the front panel butons (p. 553)
■ show gvrp -- Show GVRP settings (p. 554)
■ show history -- Show previously entered commands (p. 555)
■ show igmp -- Show global switch IGMP configuration parameters (p. 556)
■ delayed-flush -- Shows switch-wide IGMP delayed flush value (p. 545)
■ show igmp-proxy -- Show active/configured IGMP proxy forwarder information (p. 557)
■ domains -- Show all the currently configured IGMP proxy domains. (p. 549)
■ entries -- Show all the currently active IGMP proxy entries. (p. 550)
■ vlans -- Show all the VLANs currently associated with IGMP proxy domains. (p. 607)
■ show instrumentation -- Show internal version-dependant counters for debugging (p. 559)
■ cam -- Show internal version-dependant counters for debugging (p. 536)
■ port -- Show internal version-dependant counters for debugging for thespecified port or
vlan number (p. 577)
■ portNum < 1 to 409 > -- Show internal version-dependant counters for debugging for
thespecified port or vlan number (NUMBER) (p. 580)
■ vlan -- Show internal version-dependant counters for debugging for thespecified port or
vlan number (p. 603)
■ vlanNum < 1 to 2048 > -- Show internal version-dependant counters for debugging for
thespecified port or vlan number (NUMBER) (p. 607)
■ monitor -- Show latest values for monitored parameters (p. 570)
■ configuration -- show configured thresholds for monitored parameters (p. 543)
■ port -- Show internal version-dependant counters for debugging for thespecified port or vlan
number (p. 577)
■ portNum < 1 to 409 > -- Show internal version-dependant counters for debugging for
thespecified port or vlan number (NUMBER) (p. 580)
■ resptime -- show service response time data for performance sensitive operations registered
for response time measurement (p. 585)
■ option -- Filter response time metrics shown to those services whose name contains the
specified substring of up to 16 chars. (ASCII-STR) (p. 574)
■ vlan -- Show internal version-dependant counters for debugging for thespecified port or vlan
number (p. 603)
■ vlanNum < 1 to 2048 > -- Show internal version-dependant counters for debugging for
thespecified port or vlan number (NUMBER) (p. 607)
■ show interfaces -- Show port configuration and status information (p. 560)
■ brief -- Show the ports' operational parameters (p. 535)
■ port-list -- Show summary of network traffic handled by the ports ([ethernet] PORT-LIST)
(p. 578)
■ config -- Show configuration information (p. 540)
■ custom -- Show the ports' parameters in customized order (p. 544)
■ custom-port-list -- Show summary of network traffic handled by the ports ([ethernet]
PORT-LIST) (p. 545)
■ column-list -- The list of desired FIELD[:WIDTH] (port, type, status, speed, mode, mdi,
flow, name, vlan, enabled, intrusion, bcast) (TITLE[:NN]) (p. 539)
■ display -- Show summary of network traffic handled by the ports (p. 549)
■ port-list -- Show summary of network traffic handled by the ports ([ethernet] PORT-LIST) (p.
578)
■ hc -- Show summary of network traffic handled by the ports (p. 554)
■ port-utilization -- Show the ports' bandwidth-utilization (p. 581)
■ show ip -- Show the device IP configuration (p. 561)
■ authorized-managers -- Show IPV4 addresses allowed to manage the switch (p. 532)
© 2009 Hewlett-Packard Development Company, L.P.
513
Command Line Interface Reference Guide
show
■ client-public-key -- Show currently loaded public keys for authorized clients (NUMBER) (p. 537)
■ babble -- Display phonetic hash. (p. 533)
■ fingerprint -- Display hexadecimal hash. (p. 552)
■ dns -- Show configured DNS server IP addresses on the switch (p. 549)
■ forward-protocol -- Show server addresses where broadcast requests received by the switch
are to be forwarded based on configured port (p. 552)
■ vlan -- Specify a vlan for which to show server addresses. (VLAN-ID) (p. 603)
■ helper-address -- Show DHCP servers where DHCP requests received by the switch are to be
forwarded (p. 555)
■ vlan -- Specify a vlan for which to show server addresses. (VLAN-ID) (p. 603)
■ host-public-key -- Display the SSH host RSA public key (NUMBER) (p. 555)
■ babble -- Display phonetic hash. (p. 533)
■ fingerprint -- Display hexadecimal hash. (p. 552)
■ icmp -- Show ICMP Rate Limiting settings (p. 556)
■ igmp -- Invoked without any parameters, shows per-VLAN IGMP status, or, if VLANs are disabled
displays the global IGMP status (p. 556)
■ config -- Show IGMP configuration information. (p. 540)
■ group -- Show ports the specified multicast group address is registered on. (IP-ADDR) (p.
553)
■ vlan -- Show IGMP operational information for the VLAN specified. (VLAN-ID) (p. 603)
■ config -- Show IGMP configuration information for the VLAN specified. (p. 540)
■ irdp -- Show IRDP (ICMP Router Discovery Protocol) settings (p. 563)
■ mroute -- Show IP multicast routing table (p. 571)
■ interface -- Show IP multicast routing interfaces' information (p. 559)
■ VLAN-ID -- Specify the VLAN ID of the IP multicast routing interface to show. (VLAN-ID)
(p. 607)
■ IP-ADDR -- Show detailed information for the specified entry from the IP multicast routing
table (IP-ADDR) (p. 562)
■ IP-ADDR -- Specify the source IP address of the MRT entry. (IP-ADDR) (p. 562)
■ ospf -- Show OSPF operational and configuration information (p. 574)
■ area -- Show OSPF areas configured on the device (p. 529)
■ area-ip -- (OSPF-AREA-ID) (p. 530)
■ external-link-state -- Show the Link State Advertisements from throughout the areas to
which the device is attached (p. 550)
■ advertise -- Show each LSA as a stream of bytes in hexadecimal notation. (p. 529)
■ link-state-id -- Show LSAs with the specified ID only. (IP-ADDR) (p. 566)
■ router-id -- Show LSAs with the specified Router ID only. (IP-ADDR) (p. 587)
■ sequence-number -- Show LSAs with the specified sequence number only. (p. 589)
■ status -- The keyword is optional and can be omitted. (p. 596)
■ general -- Show OSPF basic configuration and operational information (p. 553)
■ interface -- Show OSPF interfaces' information (p. 559)
■ if-ip -- Specify IP address of the interface for which to show detailed information.
(IP-ADDR) (p. 556)
■ vlan -- Specify VLAN of the interface for which to show detailed information. (VLAN-ID)
(p. 603)
■ link-state -- Show all Link State Advertisements from throughout the areas to which the
device is attached (p. 565)
■ advertise -- Show each LSA as a stream of bytes in hexadecimal notation. (p. 529)
■ area-id -- Show LSAs for the specified area only. (OSPF-AREA-ID) (p. 530)
■ link-state-id -- Show LSAs with the specified ID only. (IP-ADDR) (p. 566)
■ router-id -- Show LSAs with the specified Router ID only. (IP-ADDR) (p. 587)
■ sequence-number -- Show LSAs with the specified sequence number only. (p. 589)
■ status -- The keyword is optional and can be omitted. (p. 596)
© 2009 Hewlett-Packard Development Company, L.P.
514
Command Line Interface Reference Guide
show
■ type < router | network | summary | ... > -- Show LSAs of the specified type only. (p.
600)
■ neighbor -- Show all OSPF neighbors in the locality of of the device (p. 573)
■ neighbor-ip -- (IP-ADDR) (p. 573)
■ redistribute -- List protocols which are being redistributed into OSPF (p. 584)
■ restrict -- List routes which will not be redistributed via OSPF (p. 586)
■ spf-log -- List the OSPF SPF(Shortes Path First Algorithm) run count for all OSPF areas and
last ten Reasons for running SPF (p. 593)
■ statistics -- List OSPF packet statistics( OSPF sent,recieved and error packet count) of all
OSPF enabled interfaces (p. 594)
■ if-ip -- Specify IP address of the interface for which to show detailed information.
(IP-ADDR) (p. 556)
■ vlan -- Specify VLAN of the interface for which to show detailed information. (VLAN-ID)
(p. 603)
■ traps -- Show OSPF traps enabled on the device (p. 599)
■ virtual-link -- Show status of all OSPF virtual links configured (p. 603)
■ area -- Specify area of the virtual links to show. (OSPF-AREA-ID) (p. 529)
■ vlink-ip -- Router ID of the link destination for which to show detailed information.
(IP-ADDR) (p. 608)
■ virtual-neighbor -- Show all virtual neighbors of the device (p. 603)
■ area -- Specify area of the virtual neighbors to show. (OSPF-AREA-ID) (p. 529)
■ vneighbor-ip -- Router ID of the virtual neighbor for which to show detailed information.
(IP-ADDR) (p. 608)
■ pim -- Show PIM protocol operational and configuration information (p. 576)
■ bsr -- Show Bootstrap Router information (p. 535)
■ elected -- Show elected Bootstrap Router information. (p. 550)
■ local -- Show local Candidate-BSR configuration information. (p. 566)
■ interface -- Show PIM interface information (p. 559)
■ VLAN-ID -- Specify the VLAN ID of the PIM interface to show. (VLAN-ID) (p. 607)
■ mroute -- Show PIM-specific information from the IP multicast routing table (p. 571)
■ IP-ADDR -- Specify the IP multicast group address of the MRT entry. (IP-ADDR) (p. 562)
■ IP-ADDR -- Specify the source IP address of the MRT entry. (IP-ADDR) (p. 562)
■ neighbor -- Show PIM neighbor information (p. 573)
■ IP-ADDR -- Specify the IP address of the PIM neighbor to show. (IP-ADDR) (p. 562)
■ pending -- Show (*,G) and (S,G) Join Pending Information. (p. 576)
■ rp-candidate -- Show Candidate-RP operational and configuration information (p. 588)
■ config -- Show C-RP configuration information. (p. 540)
■ rp-pending -- Show (*,*,RP) Join Pending Information. (p. 588)
■ rp-set -- Show RP-Set information available on the router (p. 588)
■ learned -- Show RP-Set information learned from the BSR. (p. 565)
■ static -- Show statically configured RP-Set information. (p. 594)
■ rip -- Show RIP operational and configuration information (p. 586)
■ general -- Show RIP basic configuration and operational information (p. 553)
■ interface -- Show RIP interfaces' information (p. 559)
■ if-ip -- Specify IP address of the interface for which to show detailed information.
(IP-ADDR) (p. 556)
■ vlan -- Specify VLAN of the interface for which to show detailed information. (VLAN-ID)
(p. 603)
■ peer -- Show RIP peers (p. 575)
■ peer-ip -- Specify IP address of the RIP peer to show. (IP-ADDR) (p. 576)
■ redistribute -- List protocols which are being redistributed into RIP (p. 584)
■ restrict -- List routes which will not be redistributed via RIP (p. 586)
■ route -- Show the IP routing table (p. 587)
© 2009 Hewlett-Packard Development Company, L.P.
515
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
show
■ ip-addr -- Destination IP address to display the routes to. (IP-ADDR) (p. 561)
■ type < static | connected | rip | ... > -- Specify type of routes to display. (p. 600)
■ source-binding -- Show Dynamic IP Lockdown trap status. (p. 592)
■ traps -- Show Dynamic IP Lockdown trap status. (p. 599)
■ source-lockdown -- Show Dynamic IP Lockdown configuration. (p. 592)
■ bindings -- Show source bindings for Dynamic IP Lockdown ports. (p. 534)
■ portlist -- Specify the ports for which source bindings need to be displayed. ([ethernet]
PORT-NUM) (p. 578)
■ status -- Show Dynamic IP Lockdown port status. (p. 596)
■ ssh -- Show both current SSH configuration and the status of active connections (p. 593)
show ip-recv-mac-address -- Show VLAN L3-Mac-Address table. (p. 562)
show ipv6 -- Show the device IPv6 configuration (p. 562)
■ authorized-managers -- Show IPV6 addresses allowed to manage the switch (p. 532)
■ mld -- Invoked without any parameters, shows per-VLAN MLD status, or, if VLANs are disabled
displays the global MLD status (p. 570)
■ config -- Show MLD configuration information. (p. 540)
■ statistics -- Show MLD statistics. (p. 594)
■ vlan -- Show MLD VLAN information. (p. 603)
■ vlan-id -- Show MLD operational information for the VLAN specified. (VLAN-ID) (p. 606)
■ config -- Show MLD configuration information for the VLAN specified. (p. 540)
■ counters -- Show MLD VLAN counter information. (p. 543)
■ group -- Show MLD VLAN group info. (p. 553)
■ ipv6-addr -- Show MLD VLAN group address information. (IPV6-ADDR) (p. 563)
■ statistics -- Show MLD VLAN statistics (p. 594)
■ nd -- Show the IPv6 Neighbor Discovery settings (p. 573)
■ neighbors -- Displays information on the IPv6 neighbor discovery cache (p. 573)
■ vlan -- Displays information on the IPv6 neighbor discovery cache (p. 603)
■ vlan -- Show IPv6 information for the VLAN with the ID supplied. (VLAN-ID) (p. 603)
■ route -- Show the IPv6 routing table (p. 587)
■ ipv6-addr -- Destination IPv6 address to display the routes to. (IPV6-ADDR) (p. 563)
■ type < connected > -- Specify type of routes to display. (p. 600)
■ routers -- Show the IPv6 Router table entries (p. 587)
■ vlan -- Show the IPv6 Router Table Entries for VLAN. (p. 603)
■ vlan -- Show IPv6 information for the VLAN with the ID supplied. (VLAN-ID) (p. 603)
■ vlan -- Show IPv6 status information for all VLANs (p. 603)
■ vlan -- Show IPv6 information for the VLAN with the ID supplied. (VLAN-ID) (p. 603)
show jumbos -- Show the untagged Max frame size for the switch (p. 564)
show key-chain -- Display key chains (p. 564)
■ CHAIN-NAME -- Show the chain detailed information. (ASCII-STR) (p. 537)
show lacp -- Show status of LACP trunks (p. 565)
■ distributed -- Show distributed lacp of local and remote switch (p. 549)
show licenses -- Display license status for premium features (p. 565)
■ uninstalled -- Display verification key for features which have been uninstalled. (p. 601)
show link-keepalive -- show link-keepalive information on the switch (p. 565)
■ statistics -- show detailed statistics for all link-keepalive enabled ports. (p. 594)
show lldp -- Show various LLDP settings (p. 566)
■ auto-provision -- Show LLDP auto-provision related info for radio-ports (p. 532)
■ radio-ports -- Show LLDP radio-ports information. (p. 583)
■ config -- Show LLDP configuration information (p. 540)
■ port-list -- Specify the port or list of ports. ([ethernet] PORT-LIST) (p. 578)
■ info -- Show LLDP information about the remote or local device (p. 557)
■ local-device -- Show LLDP local device information. (p. 566)
© 2009 Hewlett-Packard Development Company, L.P.
516
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
■
show
■ port-list -- Show remote or local device information for the specified ports. ([ethernet]
PORT-LIST) (p. 578)
■ remote-device -- Show LLDP remote device information. (p. 585)
■ port-list -- Show remote or local device information for the specified ports. ([ethernet]
PORT-LIST) (p. 578)
■ stats -- Show LLDP statistics (p. 596)
■ port-list -- Specify the port or list of ports. ([ethernet] PORT-LIST) (p. 578)
show lockout-mac -- Show the MAC addresses that have been locked out of the network (p. 566)
show logging -- Display log events (p. 567)
■ -a -- Display all log events, including those from previous boot cycles. (p. 527)
■ event_class < -M | -P | -W | ... > -- Specify substring to match in log entry. See 'log help' for
details. (p. 550)
■ option -- Filter events shown. See 'show logging help' for details. (ASCII-STR) (p. 574)
■ -r -- Display log events in reverse order (most recent first). (p. 583)
show loop-protect -- Show loop protection status (p. 567)
■ port-list -- Show loop protection summary for ports. ([ethernet] PORT-LIST) (p. 578)
show mac-address -- Show MAC addresses the switch has learned (p. 568)
■ address-table-port -- Show MAC addresses learned on the specified ports. ([ethernet] PORT-LIST)
(p. 528)
■ MAC -- Show port the specified MAC address is located on. (MAC-ADDR) (p. 567)
■ vlan -- Show MAC addresses learned on the specified VLAN. (VLAN-ID) (p. 603)
show management -- Show the switch's addresses available for management and the time server
if the switch uses one (p. 569)
show mesh -- Show the switch mesh information such as mesh ports, adjacent switches and their
peer ports (p. 569)
show modules -- (p. 570)
■ details -- (p. 547)
show monitor -- Show the switch network monitoring status and configuration, if network
monitoring is enabled (p. 570)
■ endpoint -- Remote mirroring destination configuration. (p. 550)
■ mirror_session_id < 1 to 4 > -- Mirror destination number. (p. 569)
■ name -- Mirror destination name. (p. 572)
show name -- Show names assigned to the ports (p. 572)
■ port-list -- Show names assigned to the ports ([ethernet] PORT-LIST) (p. 578)
show policy -- Show policy config. (p. 576)
■ name -- Enter policy name. (ASCII-STR) (p. 572)
■ resources -- Show the policy resources (p. 585)
show port-access -- Show 802 (p. 577)
■ -- Show Web/MAC Authentication statistics and configuration ([ethernet] PORT-LIST) (p. 525)
■ authenticator -- Show 802 (p. 531)
■ clients -- Show the current 802.1X client session statistics. (p. 538)
■ detailed -- Show the current 802.1X client session detailed statistics. (p. 546)
■ config -- Show 802.1X authenticator configuration. (p. 540)
■ session-counters -- Show 802.1X current (or last if no current sessions open) sessions
counters. (p. 590)
■ statistics -- Show authentication sessions statistics for 802.1X authenticator. (p. 594)
■ vlan -- Show authorized and unauthorized vlans for 802.1X authenticator. (p. 603)
■ mac-based -- Show MAC Authentication statistics and configuration (p. 568)
■ clients -- Show the connected MAC address information. (p. 538)
■ detailed -- Show the connected MAC address detailed information. (p. 546)
■ config -- Show the current configuration of MAC Authentication. (p. 540)
■ auth-server -- Show the authentication server-related configuration items. (p. 532)
■ detailed -- Show the detailed configuration of MAC Authentication. (p. 546)
© 2009 Hewlett-Packard Development Company, L.P.
517
Command Line Interface Reference Guide
■
■
■
■
■
show
■ web-based -- Show Web Authentication statistics and configuration (p. 609)
■ clients -- Show the current web client session statistics. (p. 538)
■ detailed -- Show the current web client session detailed statistics. (p. 546)
■ config -- Show the current configuration of Web Authentication. (p. 540)
■ auth-server -- Show the authentication server-related configuration items. (p. 532)
■ detailed -- Show the detailed configuration of Web Authentication. (p. 546)
■ web-server -- Show the web server-related configuration items. (p. 610)
authenticator -- Show 802 (p. 531)
■ -- Show information for specified ports only. ([ethernet] PORT-LIST) (p. 525)
■ clients -- Show the current 802.1X client session statistics. (p. 538)
■ detailed -- Show the current 802.1X client session detailed statistics. (p. 546)
■ config -- Show 802.1X authenticator configuration. (p. 540)
■ session-counters -- Show 802.1X current (or last if no current sessions open) sessions
counters. (p. 590)
■ statistics -- Show authentication sessions statistics for 802.1X authenticator. (p. 594)
■ vlan -- Show authorized and unauthorized vlans for 802.1X authenticator. (p. 603)
■ clients -- Show the current 802.1X client session statistics. (p. 538)
■ -- Show information for specified ports only. ([ethernet] PORT-LIST) (p. 525)
■ detailed -- Show the current 802.1X client session detailed statistics. (p. 546)
■ config -- Show 802.1X authenticator configuration. (p. 540)
■ session-counters -- Show 802.1X current (or last if no current sessions open) sessions
counters. (p. 590)
■ statistics -- Show authentication sessions statistics for 802.1X authenticator. (p. 594)
■ vlan -- Show authorized and unauthorized vlans for 802.1X authenticator. (p. 603)
config -- Show status of 802.1X, Web Auth, and MAC Auth configurations. (p. 540)
mac-based -- Show MAC Authentication statistics and configuration (p. 568)
■ -- Specify ports for which MAC Authentication information will be shown. ([ethernet]
PORT-LIST) (p. 525)
■ clients -- Show the connected MAC address information. (p. 538)
■ detailed -- Show the connected MAC address detailed information. (p. 546)
■ config -- Show the current configuration of MAC Authentication. (p. 540)
■ auth-server -- Show the authentication server-related configuration items. (p. 532)
■ detailed -- Show the detailed configuration of MAC Authentication. (p. 546)
■ clients -- Show the connected MAC address information. (p. 538)
■ -- Specify ports for which MAC Authentication information will be shown. ([ethernet]
PORT-LIST) (p. 525)
■ detailed -- Show the connected MAC address detailed information. (p. 546)
■ config -- Show the current configuration of MAC Authentication. (p. 540)
■ -- Specify ports for which MAC Authentication information will be shown. ([ethernet]
PORT-LIST) (p. 525)
■ auth-server -- Show the authentication server-related configuration items. (p. 532)
■ detailed -- Show the detailed configuration of MAC Authentication. (p. 546)
■ auth-server -- Show the authentication server-related configuration items. (p. 532)
supplicant -- Show 802 (p. 596)
■ -- Show information for specified ports only. ([ethernet] PORT-LIST) (p. 525)
■ statistics -- Show authentication sessions statistics for 802.1X supplicant. (p. 594)
web-based -- Show Web Authentication statistics and configuration (p. 609)
■ -- Specify ports for which Web Authentication information will be shown. ([ethernet]
PORT-LIST) (p. 525)
■ clients -- Show the current web client session statistics. (p. 538)
■ detailed -- Show the current web client session detailed statistics. (p. 546)
■ config -- Show the current configuration of Web Authentication. (p. 540)
■ auth-server -- Show the authentication server-related configuration items. (p. 532)
© 2009 Hewlett-Packard Development Company, L.P.
518
Command Line Interface Reference Guide
■
■
■
■
■
■
show
■ detailed -- Show the detailed configuration of Web Authentication. (p. 546)
■ web-server -- Show the web server-related configuration items. (p. 610)
■ clients -- Show the current web client session statistics. (p. 538)
■ -- Specify ports for which Web Authentication information will be shown. ([ethernet]
PORT-LIST) (p. 525)
■ detailed -- Show the current web client session detailed statistics. (p. 546)
■ config -- Show the current configuration of Web Authentication. (p. 540)
■ -- Specify ports for which Web Authentication information will be shown. ([ethernet]
PORT-LIST) (p. 525)
■ auth-server -- Show the authentication server-related configuration items. (p. 532)
■ detailed -- Show the detailed configuration of Web Authentication. (p. 546)
■ web-server -- Show the web server-related configuration items. (p. 610)
■ auth-server -- Show the authentication server-related configuration items. (p. 532)
■ web-server -- Show the web server-related configuration items. (p. 610)
show port-security -- Show a table describing port security settings (p. 581)
■ intrusion-log -- Show the intrusion log records. (p. 561)
■ port-list -- Show a table describing port security settings ([ethernet] PORT-LIST) (p. 578)
show power-over-ethernet -- Show port poe configuration and status information (p. 581)
■ brief -- Show summary of poe status (p. 535)
■ port-list -- Show the ports' poe status ([ethernet] PORT-LIST) (p. 578)
■ slot -- Show summary of poe status (SLOT-ID-RANGE) (p. 591)
■ port-list -- Show the ports' poe status ([ethernet] PORT-LIST) (p. 578)
■ slot -- Show poe information of specified slot (SLOT-ID-RANGE) (p. 591)
show qinq -- show qinq configuration details (p. 582)
show qos -- Show various QoS settings (p. 582)
■ device-priority -- Show the device priority table (priority based on the IP addresses) (p. 548)
■ dscp-map -- Show mappings between DSCP policy and 802 (p. 549)
■ port-priority -- Show the port-based priority table (p. 580)
■ protocol-priority -- Show the protocol priority (p. 582)
■ queue-config -- Displays outbound port queues configuration information. (p. 583)
■ resources -- Show the qos resources (p. 585)
■ tcp-udp-port-priority -- Show TCP/UDP port priorities (p. 598)
■ type-of-service -- Show QoS priorities based on IP Type-of-Service (p. 601)
■ vlan-priority -- Show the VLAN-based priority table (p. 607)
show radius -- Show RADIUS status and statistics information (p. 583)
■ accounting -- Show RADIUS accounting statistics (p. 528)
■ authentication -- Show RADIUS authentication statistics (p. 531)
■ dyn-authorization -- Show RADIUS dynamic authorization statistics (p. 549)
■ host -- Show statistics information for the RADIUS host (IP-ADDR) (p. 555)
■ dyn-authorization -- (p. 549)
show rate-limit -- Show rate limit maximum percentages (p. 584)
■ all -- Show limits for all traffic. (p. 529)
■ detailed -- Show Inbound Radius Override details. (p. 546)
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p.
578)
■ bcast -- Show limits for ingress broadcast traffic. (p. 534)
■ detailed -- Show Inbound Radius Override details. (p. 546)
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p.
578)
■ icmp -- Show only limits for icmp traffic. (p. 556)
■ detailed -- Show Inbound Radius Override details. (p. 546)
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p.
578)
© 2009 Hewlett-Packard Development Company, L.P.
519
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
show
■ mcast -- Show limits for ingress multicast traffic. (p. 569)
■ detailed -- Show Inbound Radius Override details. (p. 546)
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p.
578)
show redundancy -- Display redundant information for Management and Fabric Modules (p. 585)
show rmon -- Show detailed rmon statistics for the ports (p. 586)
■ statistics -- Show RMON statistics for the ports ([ethernet] PORT-LIST) (p. 594)
show running-config -- Show the switch running configuration (p. 588)
■ status -- Check if the running configuration differs from the statup configuration. (p. 596)
show savepower -- Shows the user configured block power status (p. 589)
show services -- Show services information (p. 589)
■ services -- Show services information (SLOT-ID) (p. 589)
■ details -- (p. 547)
show sflow -- Display information regarding the configuration, sampling, and polling with respect
to 'sflow' (p. 590)
■ agent -- Displays read-only switch agent information: The agent address is normally the ip
address of the first vlan configured. (p. 529)
■ receiver-index < 1 to 3 > -- Select one of the three possible sFlow receiver tables. (NUMBER)
(p. 584)
■ destination -- Displays information about the receiver/collector/management-station to
which the sampling-polling data is sent. (p. 546)
■ sampling-polling -- Displays information about sampling and polling. (p. 589)
■ port-list -- Displays information about sampling and polling. ([ethernet] PORT-LIST) (p.
578)
show snmp-server -- Display information on all SNMP communities, trap receivers and Snmp
response/trap source-ip policy configured on the switch (p. 591)
■ community -- Specify SNMP community to which to restrict the output. (ASCII-STR) (p. 539)
■ traps -- Show all configured traps. (p. 599)
show snmpv3 -- Show configuration of SNMPv3 features. (p. 591)
■ access-rights -- Show information about access rights. (p. 527)
■ group < ManagerPriv | ManagerAuth | OperatorAuth | ... > -- Show SNMPv3 users. (p. 553)
■ sec-model -- Set security model. (p. 589)
■ ver1-2c < ver1 | ver2c > -- Configure SNMPv3 User entry. (p. 602)
■ ver3 -- SNMP version 3 security model. (p. 602)
■ ver3 < noauth | auth | priv > -- Set security level. (p. 602)
■ community -- Show SNMPv3 Community table. (p. 539)
■ COMMUNITY-NAME -- Show a specific community entry. (ASCII-STR) (p. 539)
■ enable -- Show SNMPv3 status. (p. 550)
■ engineid -- Show switch's SNMP engineId. (p. 550)
■ group -- Show SNMPv3 User to Group mappings. (p. 553)
■ group < ManagerPriv | ManagerAuth | OperatorAuth | ... > -- Show SNMPv3 users. (p. 553)
■ user -- Show a specific user. (ASCII-STR) (p. 601)
■ sec-model < ver1 | ver2c | ver3 > -- Show a specific security model. (p. 589)
■ notify -- Show SNMPv3 notification table. (p. 574)
■ NOTIFY-NAME -- Show a specific notification entry. (ASCII-STR) (p. 574)
■ only -- Show SNMP message reception policy. (p. 574)
■ params -- Show SNMPv3 Target Parameters table. (p. 575)
■ PARAM-NAME -- Show a specific Target Parameter entry. (ASCII-STR) (p. 575)
■ restricted-access -- Show SNMPv1 and SNMPv2c access properties. (p. 586)
■ targetaddress -- Show SNMPv3 Target Address table. (p. 597)
■ TARGETADDR-NAME -- Show a specifc target address entry. (ASCII-STR) (p. 597)
■ user -- Show SNMPv3 users. (p. 601)
■ USER-NAME -- Show a specific user. (ASCII-STR) (p. 602)
© 2009 Hewlett-Packard Development Company, L.P.
520
Command Line Interface Reference Guide
show
■ view -- Show views. (p. 602)
■ VIEW-NAME -- Set view name. (ASCII-STR) (p. 603)
■ SUB-TREE -- Set the OID of the tree. (ASCII-STR) (p. 596)
■ show sntp -- Show configured time protocol and servers (p. 592)
■ show spanning-tree -- Show spanning tree information (p. 592)
■ bpdu-protection -- Show spanning tree BPDU protection status information. (p. 535)
■ port-list -- Limit the port information printed to the set of the specified ports. ([ethernet]
PORT-LIST) (p. 578)
■ config -- Show spanning tree configuration information. (p. 540)
■ instance -- Show the spanning tree instance information. (p. 557)
■ ist -- Show the information for the internal spanning tree (IST) instance. (p. 563)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information. (p.
572)
■ debug-counters -- Show spanning tree debug counters information. (p. 545)
■ instance < 0 to 16 > -- Show spanning tree instance debug counters information. (NUMBER)
(p. 557)
■ ports -- Show spanning tree port(s) debug counters information. ([ethernet] PORT-LIST)
(p. 580)
■ ports -- Show spanning tree port(s) debug counters information. ([ethernet] PORT-LIST) (p.
580)
■ instance < 0 to 16 > -- Show spanning tree instance debug counters information.
(NUMBER) (p. 557)
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report. (p. 546)
■ instance -- Show the spanning tree instance information. (p. 557)
■ ist -- Show the information for the internal spanning tree (IST) instance. (p. 563)
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report. (p. 546)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information. (p. 572)
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report. (p. 546)
■ mst-config -- Show multiple spanning tree region configuration. (p. 571)
■ pending -- Show spanning tree pending configuration (p. 576)
■ instance -- Show multiple spanning tree instance pending configuration information. (p.
557)
■ ist -- Show the information for the internal spanning tree (IST) instance. (p. 563)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information. (p.
572)
■ mst-config -- Show multiple spanning tree pending region configuration. (p. 571)
■ port-list -- Limit the port information printed to the set of the specified ports. ([ethernet]
PORT-LIST) (p. 578)
■ config -- Show spanning tree configuration information. (p. 540)
■ instance -- Show the spanning tree instance information. (p. 557)
■ ist -- Show the information for the internal spanning tree (IST) instance. (p. 563)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information.
(p. 572)
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report. (p. 546)
■ instance -- Show spanning tree instance status information. (p. 557)
■ ist -- Show the information for the internal spanning tree (IST) instance. (p. 563)
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report. (p. 546)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information. (p.
572)
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report. (p. 546)
■ pvst-filter -- Show spanning tree PVST filter status information. (p. 582)
■ port-list -- Limit the port information printed to the set of the specified ports. ([ethernet]
PORT-LIST) (p. 578)
© 2009 Hewlett-Packard Development Company, L.P.
521
Command Line Interface Reference Guide
■
■
■
■
■
■
■
show
■ pvst-protection -- Show spanning tree PVST protection status information. (p. 582)
■ port-list -- Limit the port information printed to the set of the specified ports. ([ethernet]
PORT-LIST) (p. 578)
■ root-history -- Show spanning tree Root changes history information. (p. 586)
■ cst -- Show CST Root changes history. (p. 544)
■ ist -- Show IST Regional Root changes history. (p. 563)
■ msti < 1 to 16 > -- Show MSTI Regional Root changes history. (NUMBER) (p. 572)
■ traps -- Show spanning tree trap information. (p. 599)
show stack -- Show the stack status of this switch (p. 593)
■ all -- Show information about all the stacks available on the LAN. (p. 529)
■ candidates -- Show the list of devices that are stack candidates. (p. 537)
■ view -- Show the list of devices that are stack members. (p. 602)
show static-mac -- Show the locked-down MAC addresses in all vlans (p. 594)
show statistics -- Show statistics of acl/policy. (p. 594)
■ type < aclv4 > -- (p. 600)
■ acl-name -- Enter the name of acl/policy. (ASCII-STR) (p. 528)
■ port -- Enter the statistics port. ([ethernet] PORT-NUM) (p. 577)
■ vlan -- Enter the statistics vlan. (VLAN-ID) (p. 603)
■ direction < in | out | vlan > -- (p. 548)
■ type < aclv6 > -- (p. 600)
■ acl-name -- Enter the name of acl/policy. (ASCII-STR) (p. 528)
■ port -- Enter the statistics port. ([ethernet] PORT-NUM) (p. 577)
■ vlan -- Enter the statistics vlan. (VLAN-ID) (p. 603)
■ direction < vlan > -- (p. 548)
■ type < policy > -- (p. 600)
■ policy-name -- Enter the name of acl/policy. (ASCII-STR) (p. 577)
■ port -- Enter the statistics port. ([ethernet] PORT-NUM) (p. 577)
■ vlan -- Enter the statistics vlan. (VLAN-ID) (p. 603)
■ direction < in > -- (p. 548)
show svlans -- Show status information for all VLANs (p. 597)
■ ports -- Show VLANs that have at least one port from the 'PORT-LIST' as a member. ([ethernet]
PORT-LIST) (p. 580)
■ detail -- Display more info for each port from the 'PORT-LIST' separately. (p. 546)
■ vlan -- Show detailed VLAN information for the VLAN with the ID supplied. (VLAN-ID) (p. 603)
show system -- Show global configured and operational system paramaters (default is information)
(p. 597)
■ fan-pref-airflow-dir -- Shows the user configured fan preferred airflow direction (p. 551)
■ fans -- Show system fan status (p. 551)
■ information -- Show global configured and operational system parameters (p. 557)
■ power-supply -- Show Chassis Power Supply info and settings (p. 582)
■ temperature -- Show systems temperatures and settings (p. 598)
show tacacs -- Show TACACS status and statistics (p. 597)
show tech -- Display output of a predefined command sequence used by technical support (p. 598)
■ all -- Display output of a predefined command sequence used by technical support (p. 529)
■ buffers -- Display output of a predefined command sequence used by technical support (p. 536)
■ custom -- Display output of a predefined command sequence used by technical support (p.
544)
■ instrumentation -- Display output of a predefined command sequence used by technical support
(p. 559)
■ mesh -- Display output of a predefined command sequence used by technical support (p. 569)
■ route -- Display output of a predefined command sequence used by technical support (p. 587)
■ statistics -- Display output of a predefined command sequence used by technical support (p.
594)
© 2009 Hewlett-Packard Development Company, L.P.
522
Command Line Interface Reference Guide
■
■
■
■
■
■
■
■
■
■
show
■ transceivers -- Display output of a predefined command sequence used by technical support
(p. 599)
■ vrrp -- Display output of a predefined command sequence used by technical support (p. 608)
show telnet -- Show active incoming and outgoing sessions (p. 598)
show terminal -- Show logical window dimensions (p. 598)
show time -- Show current date and time (p. 599)
show timep -- Show configured time protocol and servers (p. 599)
show trunks -- Show a list of ports and the trunks to which they belong (p. 600)
■ port-list -- Show the trunk information only for the ports specified. ([ethernet] PORT-LIST) (p.
578)
show uptime -- Displays elapsed time since last boot (p. 601)
show version -- Show software version (p. 602)
show vlans -- Show status information for all VLANs (p. 607)
■ ports -- Show VLANs that have at least one port from the 'PORT-LIST' as a member. ([ethernet]
PORT-LIST) (p. 580)
■ detail -- Display more info for each port from the 'PORT-LIST' separately. (p. 546)
■ vlan -- Show detailed VLAN information for the VLAN with the ID supplied. (VLAN-ID) (p. 603)
show vrrp -- Show VRRP configuration and statistics information (p. 608)
■ config -- Show VRRP configuration information for the device (p. 540)
■ global -- Show global VRRP configuration information. (p. 553)
■ statistics -- Show VRRP statistics information for the device (p. 594)
■ global -- Show global VRRP configuration information. (p. 553)
■ tracked-entities -- Show VRRP tracked entity information (p. 599)
■ vlan -- Show VRRP information for a VLAN. (p. 603)
■ VLAN-ID -- Specify VLAN for which to display VRRP information. (VLAN-ID) (p. 607)
■ config -- Show VRRP configuration information for the VLAN. (p. 540)
■ statistics -- Show VRRP statistics information for the VLAN. (p. 594)
■ vrid -- Show information for a virtual router. (p. 608)
■ VRID < 1 to 255 > -- Specify virtual router for which to display information. (p. 608)
■ config -- Show virtual router configuration information. (p. 540)
■ statistics -- Show virtual router statistics information. (p. 594)
show wireless-services -- Show wireless-services information (p. 610)
■ vlans -- Display all radio-port VLANs. (p. 607)
■ wireless-services -- Show wireless-services information (SLOT-ID) (p. 610)
■ radio-ports -- Display radio-ports associated with a wireless-services module. (p. 583)
■ uplinks -- Display uplink ports associated with a wireless-services module. (p. 601)
COMMAND DETAILS
(p. 525)
-a (p. 527)
access-list (p. 527)
access-rights (p. 527)
accounting (p. 528)
acl-name (p. 528)
address-table-port (p. 528)
advertise (p. 529)
agent (p. 529)
alias (p. 529)
all (p. 529)
all-hosts (p. 529)
area (p. 529)
area-id (p. 530)
general (p. 553)
global (p. 553)
group (p. 553)
gvrp (p. 554)
hc (p. 554)
helper-address (p. 555)
history (p. 555)
host (p. 555)
host-cert (p. 555)
host-public-key (p. 555)
icmp (p. 556)
if-ip (p. 556)
igmp (p. 556)
igmp-proxy (p. 557)
© 2009 Hewlett-Packard Development Company, L.P.
qos (p. 582)
queue-config (p. 583)
-r (p. 583)
radio-ports (p. 583)
radius (p. 583)
rate-limit (p. 584)
receiver-index (p. 584)
redistribute (p. 584)
redundancy (p. 585)
remote-device (p. 585)
resources (p. 585)
resptime (p. 585)
restrict (p. 586)
restricted-access (p. 586)
523
Command Line Interface Reference Guide
area-ip (p. 530)
arp (p. 530)
arp-protect (p. 530)
authentication (p. 531)
authenticator (p. 531)
authorization (p. 531)
authorized-managers (p. 532)
auth-server (p. 532)
auto-provision (p. 532)
autorun (p. 533)
autorun-cert (p. 533)
autorun-key (p. 533)
babble (p. 533)
bandwidth (p. 533)
banner (p. 533)
bcast (p. 534)
binding (p. 534)
bindings (p. 534)
blocked-hosts (p. 534)
boot-history (p. 534)
bootp-gateway (p. 534)
bpdu-protection (p. 535)
brief (p. 535)
bsr (p. 535)
buffer (p. 535)
buffers (p. 536)
-c (p. 536)
cam (p. 536)
candidates (p. 537)
cdp (p. 537)
CHAIN-NAME (p. 537)
class (p. 537)
client-public-key (p. 537)
clients (p. 538)
column-list (p. 539)
community (p. 539)
COMMUNITY-NAME (p. 539)
config (p. 540)
configuration (p. 543)
connection-rate-filter (p. 543)
console (p. 543)
counters (p. 543)
cpu (p. 543)
crypto (p. 544)
cst (p. 544)
custom (p. 544)
custom-port-list (p. 545)
debug (p. 545)
debug-counters (p. 545)
delayed-flush (p. 545)
destination (p. 546)
detail (p. 546)
detailed (p. 546)
show
INDEX (p. 557)
info (p. 557)
information (p. 557)
instance (p. 557)
instrumentation (p. 559)
interface (p. 559)
interfaces (p. 560)
intrusion-log (p. 561)
ip (p. 561)
ip-addr (p. 561)
IP-ADDR (p. 562)
ip-recv-mac-address (p. 562)
ipv4 (p. 562)
ipv6 (p. 562)
ipv6-addr (p. 563)
irdp (p. 563)
ist (p. 563)
jumbos (p. 564)
key-chain (p. 564)
keyfile (p. 564)
keylist (p. 564)
lacp (p. 565)
learned (p. 565)
licenses (p. 565)
link-keepalive (p. 565)
link-state (p. 565)
link-state-id (p. 566)
lldp (p. 566)
local (p. 566)
local-device (p. 566)
lockout-mac (p. 566)
logging (p. 567)
loop-protect (p. 567)
MAC (p. 567)
mac-address (p. 568)
mac-based (p. 568)
management (p. 569)
mcast (p. 569)
mesh (p. 569)
mirror_session_id (p. 569)
mld (p. 570)
modules (p. 570)
monitor (p. 570)
motd (p. 571)
mroute (p. 571)
mst-config (p. 571)
msti (p. 572)
MSTID (p. 572)
name (p. 572)
nd (p. 573)
neighbor (p. 573)
neighbor-ip (p. 573)
neighbors (p. 573)
© 2009 Hewlett-Packard Development Company, L.P.
rip (p. 586)
rmon (p. 586)
root-history (p. 586)
route (p. 587)
router-id (p. 587)
routers (p. 587)
rp-candidate (p. 588)
rp-pending (p. 588)
rp-set (p. 588)
running-config (p. 588)
sampling-polling (p. 589)
savepower (p. 589)
sec-model (p. 589)
sequence-number (p. 589)
services (p. 589)
session-counters (p. 590)
sessions (p. 590)
sflow (p. 590)
slave_time (p. 591)
slot (p. 591)
snmp-server (p. 591)
snmpv3 (p. 591)
sntp (p. 592)
source-binding (p. 592)
source-lockdown (p. 592)
source-port (p. 592)
spanning-tree (p. 592)
spf-log (p. 593)
ssh (p. 593)
stack (p. 593)
static (p. 594)
static-mac (p. 594)
statistics (p. 594)
stats (p. 596)
status (p. 596)
SUB-TREE (p. 596)
supplicant (p. 596)
svlans (p. 597)
system (p. 597)
tacacs (p. 597)
targetaddress (p. 597)
TARGETADDR-NAME (p. 597)
tcp-udp-port-priority (p. 598)
tech (p. 598)
telnet (p. 598)
temperature (p. 598)
terminal (p. 598)
throttled-hosts (p. 599)
time (p. 599)
timep (p. 599)
tracked-entities (p. 599)
transceivers (p. 599)
traps (p. 599)
524
Command Line Interface Reference Guide
details (p. 547)
device-priority (p. 548)
dhcp-relay (p. 548)
dhcp-snooping (p. 548)
direction (p. 548)
display (p. 549)
distributed (p. 549)
dns (p. 549)
domains (p. 549)
dscp-map (p. 549)
dyn-authorization (p. 549)
elected (p. 550)
enable (p. 550)
endpoint (p. 550)
engineid (p. 550)
entries (p. 550)
event_class (p. 550)
external-link-state (p. 550)
fan-pref-airflow-dir (p. 551)
fans (p. 551)
fastboot (p. 551)
fault-finder (p. 551)
feature-coordinator (p. 551)
filename (p. 551)
files (p. 551)
filter (p. 552)
fingerprint (p. 552)
flash (p. 552)
forward-protocol (p. 552)
front-panel-security (p. 553)
show
neighbors-port (p. 574)
notify (p. 574)
NOTIFY-NAME (p. 574)
only (p. 574)
option (p. 574)
ospf (p. 574)
output (p. 575)
PARAM-NAME (p. 575)
params (p. 575)
peer (p. 575)
peer-ip (p. 576)
pending (p. 576)
pim (p. 576)
policy (p. 576)
policy-name (p. 577)
port (p. 577)
port-access (p. 577)
portlist (p. 578)
port-list (p. 578)
portNum (p. 580)
port-priority (p. 580)
ports (p. 580)
port-security (p. 581)
port-utilization (p. 581)
power-over-ethernet (p. 581)
power-supply (p. 582)
protocol-priority (p. 582)
pvst-filter (p. 582)
pvst-protection (p. 582)
qinq (p. 582)
trunks (p. 600)
type (p. 600)
type-of-service (p. 601)
uninstalled (p. 601)
uplinks (p. 601)
uptime (p. 601)
user (p. 601)
USER-NAME (p. 602)
ver1-2c (p. 602)
ver3 (p. 602)
version (p. 602)
view (p. 602)
VIEW-NAME (p. 603)
virtual-link (p. 603)
virtual-neighbor (p. 603)
vlan (p. 603)
vlan-id (p. 606)
VLAN-ID (p. 607)
vlanNum (p. 607)
vlan-priority (p. 607)
vlans (p. 607)
vlink-ip (p. 608)
vneighbor-ip (p. 608)
vrid (p. 608)
VRID (p. 608)
vrrp (p. 608)
web-based (p. 609)
web-server (p. 610)
wireless-services (p. 610)
■ show port-access authenticator [ETHERNET] PORT-LIST
Show information for specified ports only.
Next Available Options:
■ config -- Show 802.1X authenticator configuration.(p. 540)
■ statistics -- Show authentication sessions statistics for 802.1X authenticator.(p. 594)
■ session-counters -- Show 802.1X current (or last if no current sessions open) sessions
counters.(p. 590)
■ vlan -- Show authorized and unauthorized vlans for 802.1X authenticator.(p. 603)
■ clients -- Show the current 802.1X client session statistics. (p. 538)
■ show port-access authenticator clients [ETHERNET] PORT-LIST
Show information for specified ports only.
Next Available Option:
■ detailed -- Show the current 802.1X client session detailed statistics. (p. 546)
■ show port-access supplicant [ETHERNET] PORT-LIST
Show information for specified ports only.
© 2009 Hewlett-Packard Development Company, L.P.
525
Command Line Interface Reference Guide
show
■ show port-access mac-based [ETHERNET] PORT-LIST
Specify ports for which MAC Authentication information will be shown.
Next Available Options:
■ config -- Show the current configuration of MAC Authentication.(p. 540)
■ clients -- Show the connected MAC address information.(p. 538)
■ show port-access mac-based config [ETHERNET] PORT-LIST
Specify ports for which MAC Authentication information will be shown.
Next Available Options:
■ auth-server -- Show the authentication server-related configuration items.(p. 532)
■ detailed -- Show the detailed configuration of MAC Authentication.(p. 546)
■ show port-access mac-based clients [ETHERNET] PORT-LIST
Specify ports for which MAC Authentication information will be shown.
Next Available Option:
■ detailed -- Show the connected MAC address detailed information.(p. 546)
■ show port-access web-based [ETHERNET] PORT-LIST
Specify ports for which Web Authentication information will be shown.
Next Available Options:
■ config -- Show the current configuration of Web Authentication.(p. 540)
■ clients -- Show the current web client session statistics.(p. 538)
■ show port-access web-based config [ETHERNET] PORT-LIST
Specify ports for which Web Authentication information will be shown.
Next Available Options:
■ auth-server -- Show the authentication server-related configuration items.(p. 532)
■ web-server -- Show the web server-related configuration items.(p. 610)
■ detailed -- Show the detailed configuration of Web Authentication.(p. 546)
■ show port-access web-based clients [ETHERNET] PORT-LIST
Specify ports for which Web Authentication information will be shown.
Next Available Option:
■ detailed -- Show the current web client session detailed statistics.(p. 546)
■ show port-access [ETHERNET] PORT-LIST
Usage: show port-access [PORT-LIST] <mac-based|web-based>...
show port-access <mac-based|web-based> [PORT-LIST]...
© 2009 Hewlett-Packard Development Company, L.P.
526
Command Line Interface Reference Guide
show
Description: Show Web/MAC Authentication statistics and configuration. If
PORT-LIST parameter is specified then information only for the
specified ports is shown.
Next Available Options:
■ authenticator -- Show 802(p. 531)
■ mac-based -- Show MAC Authentication statistics and configuration(p. 568)
■ web-based -- Show Web Authentication statistics and configuration(p. 609)
-a
■ show logging -a
Display all log events, including those from previous boot cycles.
access-list
■ show access-list
Usage: show access-list [config] |
[vlan <VLAN-ID>] |
[<ACL-ID> [config]] |
[resources] |
[radius] |
[ports <PORT-LIST>]
Description: Show Access Control List information. If no parameters
are specified, a summary table is displayed.
Parameters:
o config - Display all configured ACL's on the switch using
the CLI syntax used to create them.
o vlan <VLAN-ID> - Display Access Control Lists currently applied
to the specified VLAN.
o <ACL-ID> - Display detailed information on the specified ACL.
o resources - Display ACL Rules/Masks availability.
o radius - Display ACLs applied via RADIUS.
o ports - Show ACLs applied to the specified ports.
Next Available Options:
■ radius -- Display ACLs applied via RADIUS. ([ethernet] PORT-LIST) (p. 583)
■ config -- Show all configured ACL's on the switch using the CLI syntax used to create them.
(p. 540)
■ vlan -- Show ACLs applied to the specified VLAN. (VLAN-ID) (p. 603)
■ ports -- Show ACLs applied to the specified ports. ([ethernet] PORT-LIST) (p. 580)
■ acl-name -- Display detailed information on specified ACL. (ASCII-STR) (p. 528)
■ resources -- Display ACL Rules/Masks availability.(p. 585)
access-rights
■ show snmpv3 access-rights
Show information about access rights.
© 2009 Hewlett-Packard Development Company, L.P.
527
Command Line Interface Reference Guide
show
Next Available Option:
■ group < ManagerPriv | ManagerAuth | OperatorAuth | ... > -- Show SNMPv3 users. (p. 553)
accounting
■ show accounting
Usage: show accounting [sessions]
Description: Show Accounting configuration parameters.
If 'sessions' is specified then show accounting
data for all active sessions.
Next Available Option:
■ sessions -- Show accounting data for all active sessions(p. 590)
■ show radius accounting
Usage: show radius accounting
Description: Show RADIUS accounting statistics.
acl-name
■ show access-list ACL-NAME
Display detailed information on specified ACL.
Next Available Option:
■ config -- Show all configured ACL's on the switch using the CLI syntax used to create them.
(p. 540)
■ show statistics < aclv4 > ACL-NAME
Enter the name of acl/policy.
Next Available Options:
■ vlan -- Enter the statistics vlan. (VLAN-ID) (p. 603)
■ port -- Enter the statistics port. ([ethernet] PORT-NUM) (p. 577)
■ show statistics < aclv6 > ACL-NAME
Enter the name of acl/policy.
Next Available Options:
■ vlan -- Enter the statistics vlan. (VLAN-ID) (p. 603)
■ port -- Enter the statistics port. ([ethernet] PORT-NUM) (p. 577)
address-table-port
■ show mac-address [ETHERNET] PORT-LIST
Show MAC addresses learned on the specified ports.
© 2009 Hewlett-Packard Development Company, L.P.
528
Command Line Interface Reference Guide
show
advertise
■ show ip ospf external-link-state advertise
Show each LSA as a stream of bytes in hexadecimal notation.
■ show ip ospf link-state advertise
Show each LSA as a stream of bytes in hexadecimal notation.
agent
■ show sflow agent
Displays read-only switch agent information: The agent address is normally the ip
address of the first vlan configured.
alias
■ show alias
Usage: show alias
Description: Show configured alias commands.
all
■ show rate-limit all
Show limits for all traffic.
Next Available Options:
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p. 578)
■ detailed -- Show Inbound Radius Override details.(p. 546)
■ show stack all
Show information about all the stacks available on the LAN.
■ show tech all
Usage: show tech [all|custom|buffers|instrumentation|mesh|route|statistics
|transceivers|vrrp]
Description: Display output of a predefined command sequence used by
technical support.
all-hosts
■ show connection-rate-filter all-hosts
Show blocked and throttled IP addresses.
area
■ show ip ospf area
© 2009 Hewlett-Packard Development Company, L.P.
529
Command Line Interface Reference Guide
show
Usage: show ip ospf area [OSPF-AREA-ID]
Description: Show OSPF areas configured on the device. Invoked without
parameters displays all OSPF areas configured. If the
'OSPF-AREA-ID' is specified detailed information for
the correspondent OSPF area is shown.
Next Available Option:
■ area-ip -- (OSPF-AREA-ID) (p. 530)
■ show ip ospf virtual-neighbor area OSPF-AREA-ID
Specify area of the virtual neighbors to show.
■ show ip ospf virtual-link area OSPF-AREA-ID
Specify area of the virtual links to show.
area-id
■ show ip ospf link-state OSPF-AREA-ID
Show LSAs for the specified area only.
area-ip
■ show ip ospf area OSPF-AREA-ID
arp
■ show arp
Usage: show arp [vlan VLAN-ID]
Description: Show the IP ARP translation table.
If VLAN-ID is specified, the output is filtered on
the VLAN-ID.
Next Available Option:
■ vlan -- Specify VLAN for which to show ARP entries. (VLAN-ID) (p. 603)
arp-protect
■ show arp-protect
Usage: show arp-protect [stats <VLAN-ID-RANGE>]
Description: Display Dynamic ARP Protection information.
Parameters:
o stats - Display ARP Protection VLAN counters.
Next Available Option:
■ statistics -- (VLAN-ID-RANGE) (p. 594)
© 2009 Hewlett-Packard Development Company, L.P.
530
Command Line Interface Reference Guide
show
authentication
■ show authentication
Usage: show authentication
Description: Show Authentication configuration parameters.
■ show radius authentication
Usage: show radius authentication
Description: Show RADIUS authentication statistics.
authenticator
■ show port-access authenticator
Usage: show port-access authenticator [config|statistics|session-counters]
Description: Show 802.1X (Port Based Network Access) authenticator
current status, configuration or last session counters.
Next Available Options:
■ -- Show information for specified ports only. ([ethernet] PORT-LIST) (p. 525)
■ config -- Show 802.1X authenticator configuration.(p. 540)
■ statistics -- Show authentication sessions statistics for 802.1X authenticator.(p. 594)
■ session-counters -- Show 802.1X current (or last if no current sessions open) sessions
counters.(p. 590)
■ vlan -- Show authorized and unauthorized vlans for 802.1X authenticator.(p. 603)
■ clients -- Show the current 802.1X client session statistics. (p. 538)
■ show port-access [ETHERNET] PORT-LIST authenticator
Usage: show port-access authenticator [config|statistics|session-counters]
Description: Show 802.1X (Port Based Network Access) authenticator
current status, configuration or last session counters.
Next Available Options:
■ config -- Show 802.1X authenticator configuration.(p. 540)
■ statistics -- Show authentication sessions statistics for 802.1X authenticator.(p. 594)
■ session-counters -- Show 802.1X current (or last if no current sessions open) sessions
counters.(p. 590)
■ vlan -- Show authorized and unauthorized vlans for 802.1X authenticator.(p. 603)
■ clients -- Show the current 802.1X client session statistics. (p. 538)
authorization
■ show authorization
Usage: show authorization
Description: Show Authorization configuration parameters.
© 2009 Hewlett-Packard Development Company, L.P.
531
Command Line Interface Reference Guide
show
authorized-managers
■ show ip authorized-managers
Usage: show ip authorized-managers
Description: Show IPV4 addresses allowed to manage the switch.
■ show ipv6 authorized-managers
Usage: show ipv6 authorized-managers
Description: Show IPV6 addresses allowed to manage the switch.
auth-server
■ show port-access mac-based [ETHERNET] PORT-LIST config auth-server
Show the authentication server-related configuration items.
■ show port-access mac-based config [ETHERNET] PORT-LIST auth-server
Show the authentication server-related configuration items.
■ show port-access mac-based config auth-server
Show the authentication server-related configuration items.
■ show port-access web-based [ETHERNET] PORT-LIST config auth-server
Show the authentication server-related configuration items.
■ show port-access web-based config [ETHERNET] PORT-LIST auth-server
Show the authentication server-related configuration items.
■ show port-access web-based config auth-server
Show the authentication server-related configuration items.
■ show port-access [ETHERNET] PORT-LIST mac-based config auth-server
Show the authentication server-related configuration items.
■ show port-access [ETHERNET] PORT-LIST web-based config auth-server
Show the authentication server-related configuration items.
auto-provision
■ show lldp auto-provision
Usage: show lldp auto-provision radio-ports
Description: Show LLDP auto-provision related info for radio-ports.
Next Available Option:
■ radio-ports -- Show LLDP radio-ports information.(p. 583)
© 2009 Hewlett-Packard Development Company, L.P.
532
Command Line Interface Reference Guide
show
autorun
■ show autorun
Show Autorun configuration status.
autorun-cert
■ show crypto autorun-cert
Display trusted certificate.
autorun-key
■ show crypto autorun-key
Display autorun key.
babble
■ show crypto client-public-key babble
Display phonetic hash.
■ show crypto client-public-key < manager | operator > babble
Display phonetic hash.
■ show crypto client-public-key < manager | operator > KEYLIST babble
Display phonetic hash.
■ show crypto host-public-key babble
Display phonetic hash.
■ show ip client-public-key babble
Display phonetic hash.
■ show ip host-public-key babble
Display phonetic hash.
bandwidth
■ show bandwidth
Usage: show bandwidth <output> [PORT-LIST]
Description: Show queue percentages for outbound guaranteed minimum
bandwidth. If PORT-LIST parameter is specified, information
is shown only for the specified ports.
Next Available Option:
■ output -- Show outbound guaranteed minimum bandwidth.(p. 575)
banner
■ show banner
© 2009 Hewlett-Packard Development Company, L.P.
533
Command Line Interface Reference Guide
show
Usage: show banner motd
Description: show the configured banner text.
Next Available Option:
■ motd -- show the configured banner text(p. 571)
bcast
■ show rate-limit bcast
Show limits for ingress broadcast traffic.
Next Available Options:
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p. 578)
■ detailed -- Show Inbound Radius Override details.(p. 546)
binding
■ show dhcp-snooping binding
Display DHCP snooping binding information.
bindings
■ show ip source-lockdown bindings
Show source bindings for Dynamic IP Lockdown ports.
Next Available Option:
■ portlist -- Specify the ports for which source bindings need to be displayed. ([ethernet]
PORT-NUM) (p. 578)
blocked-hosts
■ show connection-rate-filter blocked-hosts
Show blocked IP addresses.
boot-history
■ show boot-history
Usage: show boot-history
Description: Display the system boot log.
bootp-gateway
■ show dhcp-relay bootp-gateway
Usage: show dhcp-relay bootp-gateway vlan <VLANID>
Description: Show the configured BOOTP gateway for configured interfaces.
© 2009 Hewlett-Packard Development Company, L.P.
534
Command Line Interface Reference Guide
show
Next Available Option:
■ vlan -- Show the configured BOOTP Gateway for VLAN.(p. 603)
bpdu-protection
■ show spanning-tree bpdu-protection
Show spanning tree BPDU protection status information.
Next Available Option:
■ port-list -- Limit the port information printed to the set of the specified ports. ([ethernet]
PORT-LIST) (p. 578)
brief
■ show interfaces brief
Usage: show interfaces brief
Description: Show the ports' operational parameters.
Next Available Option:
■ port-list -- Show summary of network traffic handled by the ports ([ethernet] PORT-LIST) (p.
578)
■ show power-over-ethernet brief
Usage: show power-over-ethernet brief
Description: Show summary of poe status.
Next Available Options:
■ port-list -- Show the ports' poe status ([ethernet] PORT-LIST) (p. 578)
■ slot -- Show summary of poe status (SLOT-ID-RANGE) (p. 591)
bsr
■ show ip pim bsr
Usage: show ip pim bsr [elected|local]
Description: Show Bootstrap Router information. When invoked without parameters
displays the information about currently elected BSR and the local
Candidate-BSR and Candidate-RP information.
Next Available Options:
■ elected -- Show elected Bootstrap Router information. (p. 550)
■ local -- Show local Candidate-BSR configuration information. (p. 566)
buffer
■ show debug buffer
© 2009 Hewlett-Packard Development Company, L.P.
535
Command Line Interface Reference Guide
show
Usage: show debug buffer [-r | -c <count> | substring ...]
Description: Show the contents of the debug log buffer.
-r - Instructs the switch to display messages
in reverse order (most recent first).
-c - Instructs the switch to stop after displaying
<count> messages.
substring - Instructs the switch to display
only those messages that contain the substring
which can contain up to 64 chars.
Next Available Options:
■ option -- Filter messages shown to those matching a string up to 64 chars. (ASCII-STR) (p. 574)
■ -r -- Display messages in reverse order (most recent first).(p. 583)
■ -c -- Stop after displaying <count> messages. (NUMBER) (p. 536)
buffers
■ show tech buffers
Usage: show tech [all|custom|buffers|instrumentation|mesh|route|statistics
|transceivers|vrrp]
Description: Display output of a predefined command sequence used by
technical support.
-c
■ show debug buffer -c NUMBER
Stop after displaying <count> messages.
cam
■ show instrumentation cam
Usage: show instrumentation
Description: Show internal version-dependant counters for debugging.
This data is for factory troubleshooting purposes. The data displayed
is dependent on which version of code is running.
Data is maintained for the current 5 minutes, hour, and day. At the end of
every 5 minutes, hour, or day, averages and min/max values are calculated
and the current interval's data is copied to the previous interval's data.
For example, the previous day's data is updated at midnight local time. The
previous hour's data is updated on the hour.
There are many situations in which data is not yet available, or data is
not maintained. In this case, an asterisk is displayed. It is never an
error condition.
Next Available Options:
■ vlan -- Show internal version-dependant counters for debugging for thespecified port or vlan
number(p. 603)
■ port -- Show internal version-dependant counters for debugging for thespecified port or vlan
number(p. 577)
© 2009 Hewlett-Packard Development Company, L.P.
536
Command Line Interface Reference Guide
show
candidates
■ show stack candidates
Show the list of devices that are stack candidates.
cdp
■ show cdp
Usage: show cdp [neighbor [PORT-NUM] [detail]]
Description: Show CDP configuration and neighbors discovered.
Legend for 'capability' field of the 'show cdp neighbor'
command output:
R - Performs level 3 routing for at least one network
layer protocol.
B - Performs level 2 transparent bridging.
Bs - Performs level 2 source-route bridging.
S - Performs level 2 switching.
P - Sends and receives packets for at least one network
layer protocol.
In - The bridge or switch does not forward IGMP Report packets.
L1 - Provides level 1 functionality.
Next Available Option:
■ neighbors -- Show CDP neighbors. See 'show cdp help' for details.(p. 573)
CHAIN-NAME
■ show key-chain CHAIN-NAME
Show the chain detailed information.
class
■ show class
Show class config.
Next Available Options:
■ ipv4 -- Enter ipv4 class. (ASCII-STR) (p. 562)
■ ipv6 -- Enter ipv6 class. (ASCII-STR) (p. 562)
client-public-key
■ show crypto client-public-key
Display ssh authorized client public keys.
Next Available Options:
■ babble -- Display phonetic hash.(p. 533)
■ fingerprint -- Display hexadecimal hash.(p. 552)
■ keyfile < manager | operator > -- Choose to display manager or operator keys.(p. 564)
© 2009 Hewlett-Packard Development Company, L.P.
537
Command Line Interface Reference Guide
show
■ show ip client-public-key
Usage: show ip client-public-key [babble|fingerprint]
Description: Show currently loaded public keys for authorized clients.
The 'babble' and 'fingerprint' options produce a phonetic or
hexadecimal hash instead of displaying the raw key file.
Next Available Options:
■ babble -- Display phonetic hash.(p. 533)
■ fingerprint -- Display hexadecimal hash.(p. 552)
clients
■ show port-access authenticator [ETHERNET] PORT-LIST clients
Show the current 802.1X client session statistics.
Next Available Option:
■ detailed -- Show the current 802.1X client session detailed statistics. (p. 546)
■ show port-access authenticator clients
Show the current 802.1X client session statistics.
Next Available Option:
■ -- Show information for specified ports only. ([ethernet] PORT-LIST) (p. 525)
■ show port-access mac-based [ETHERNET] PORT-LIST clients
Show the connected MAC address information.
Next Available Option:
■ detailed -- Show the connected MAC address detailed information.(p. 546)
■ show port-access mac-based clients
Show the connected MAC address information.
Next Available Option:
■ -- Specify ports for which MAC Authentication information will be shown. ([ethernet] PORT-LIST)
(p. 525)
■ show port-access web-based [ETHERNET] PORT-LIST clients
Show the current web client session statistics.
Next Available Option:
■ detailed -- Show the current web client session detailed statistics.(p. 546)
■ show port-access web-based clients
© 2009 Hewlett-Packard Development Company, L.P.
538
Command Line Interface Reference Guide
show
Show the current web client session statistics.
Next Available Option:
■ -- Specify ports for which Web Authentication information will be shown. ([ethernet] PORT-LIST)
(p. 525)
■ show port-access [ETHERNET] PORT-LIST authenticator clients
Show the current 802.1X client session statistics.
Next Available Option:
■ detailed -- Show the current 802.1X client session detailed statistics. (p. 546)
■ show port-access [ETHERNET] PORT-LIST mac-based clients
Show the connected MAC address information.
Next Available Option:
■ detailed -- Show the connected MAC address detailed information.(p. 546)
■ show port-access [ETHERNET] PORT-LIST web-based clients
Show the current web client session statistics.
Next Available Option:
■ detailed -- Show the current web client session detailed statistics.(p. 546)
column-list
■ show interfaces custom [ETHERNET] PORT-LIST TITLE[:NN]
The list of desired FIELD[:WIDTH] (port, type, status, speed, mode, mdi, flow, name,
vlan, enabled, intrusion, bcast)
community
■ show snmp-server COMMUNITY
Specify SNMP community to which to restrict the output.
■ show snmpv3 community
Show SNMPv3 Community table.
Next Available Option:
■ COMMUNITY-NAME -- Show a specific community entry. (ASCII-STR) (p. 539)
COMMUNITY-NAME
■ show snmpv3 community COMMUNITY-NAME
Show a specific community entry.
© 2009 Hewlett-Packard Development Company, L.P.
539
Command Line Interface Reference Guide
show
config
■ show access-list config
Show all configured ACL's on the switch using
the CLI syntax used to create them.
■ show access-list ACL-NAME config
Show all configured ACL's on the switch using
the CLI syntax used to create them.
■ show config
Usage: show config [files | FILENAME | status]
Description: Show the switch startup configuration.
Parameters:
o files - list switch configuration files. Shows which file is active
and which are associated with primary and secondary images.
o FILENAME - show specified configuration instead of active configuration.
o status - check if there are changes in running configuration not
saved to the startup configuration file.
Next Available Options:
■ status -- Check if the running configuration differs from the statup configuration.(p. 596)
■ files -- List saved configuration files.(p. 551)
■ filename < config | config1 > -- Display specified configuration.(p. 551)
■ show interfaces config
Usage: show interfaces config
Description: Show configuration information.
■ show ip igmp VLAN-ID config
Show IGMP configuration information for the VLAN specified.
■ show ip igmp config
Show IGMP configuration information.
■ show ip pim rp-candidate config
Show C-RP configuration information.
■ show ipv6 mld vlan VLAN-ID config
Show MLD configuration information for the VLAN specified.
■ show ipv6 mld config
Show MLD configuration information.
■ show lldp config
Usage: show lldp config [[ethernet] PORT-LIST]]
© 2009 Hewlett-Packard Development Company, L.P.
540
Command Line Interface Reference Guide
show
Description: Show LLDP configuration information.
o [ethernet] PORT-LIST - Show port configuration information.
Next Available Option:
■ port-list -- Specify the port or list of ports. ([ethernet] PORT-LIST) (p. 578)
■ show port-access authenticator [ETHERNET] PORT-LIST config
Show 802.1X authenticator configuration.
■ show port-access authenticator config
Show 802.1X authenticator configuration.
■ show port-access mac-based [ETHERNET] PORT-LIST config
Show the current configuration of MAC Authentication.
Next Available Options:
■ auth-server -- Show the authentication server-related configuration items.(p. 532)
■ detailed -- Show the detailed configuration of MAC Authentication.(p. 546)
■ show port-access mac-based config
Show the current configuration of MAC Authentication.
Next Available Options:
■ -- Specify ports for which MAC Authentication information will be shown. ([ethernet] PORT-LIST)
(p. 525)
■ auth-server -- Show the authentication server-related configuration items.(p. 532)
■ show port-access web-based [ETHERNET] PORT-LIST config
Show the current configuration of Web Authentication.
Next Available Options:
■ auth-server -- Show the authentication server-related configuration items.(p. 532)
■ web-server -- Show the web server-related configuration items.(p. 610)
■ detailed -- Show the detailed configuration of Web Authentication.(p. 546)
■ show port-access web-based config
Show the current configuration of Web Authentication.
Next Available Options:
■ -- Specify ports for which Web Authentication information will be shown. ([ethernet] PORT-LIST)
(p. 525)
■ auth-server -- Show the authentication server-related configuration items.(p. 532)
■ web-server -- Show the web server-related configuration items.(p. 610)
■ show port-access [ETHERNET] PORT-LIST authenticator config
Show 802.1X authenticator configuration.
© 2009 Hewlett-Packard Development Company, L.P.
541
Command Line Interface Reference Guide
show
■ show port-access [ETHERNET] PORT-LIST mac-based config
Show the current configuration of MAC Authentication.
Next Available Options:
■ auth-server -- Show the authentication server-related configuration items.(p. 532)
■ detailed -- Show the detailed configuration of MAC Authentication.(p. 546)
■ show port-access [ETHERNET] PORT-LIST web-based config
Show the current configuration of Web Authentication.
Next Available Options:
■ auth-server -- Show the authentication server-related configuration items.(p. 532)
■ web-server -- Show the web server-related configuration items.(p. 610)
■ detailed -- Show the detailed configuration of Web Authentication.(p. 546)
■ show port-access config
Show status of 802.1X, Web Auth, and MAC Auth configurations.
■ show spanning-tree [ETHERNET] PORT-LIST config
Show spanning tree configuration information.
Next Available Option:
■ instance -- Show the spanning tree instance information.(p. 557)
■ show spanning-tree config
Show spanning tree configuration information.
Next Available Option:
■ instance -- Show the spanning tree instance information.(p. 557)
■ show vrrp config
Usage: show vrrp config
Description: Show VRRP configuration information for the device.
Next Available Option:
■ global -- Show global VRRP configuration information. (p. 553)
■ show vrrp vlan VLAN-ID config
Show VRRP configuration information for the VLAN.
■ show vrrp vlan VLAN-ID vrid < 1 to 255 > config
Show virtual router configuration information.
© 2009 Hewlett-Packard Development Company, L.P.
542
Command Line Interface Reference Guide
show
configuration
■ show instrumentation monitor configuration
Usage: show instrumentation monitor configuration
Description: show configured thresholds for monitored parameters.
shows the parameter name and the configured threshold
value for all parameters.
If instrumenation monitoring for the particular paramter
is disabled then threshold for the particular parameter is
displayed as 'Not Monitored'.
connection-rate-filter
■ show connection-rate-filter
Usage: show connection-rate-filter [all-hosts] [blocked-hosts] [throttled-hosts]
Description: List the ports and the on/off connection-rate-filter status and
sensitivity.
Parameters:
o all-hosts
- Display the IP addresses of the hosts that are blocked
and throttled
o blocked-hosts
- Print the IP addresses of the hosts that are currently
blocked
o throttled-hosts - Print the IP addresses of the hosts that are currently
throttled
Next Available Options:
■ all-hosts -- Show blocked and throttled IP addresses.(p. 529)
■ blocked-hosts -- Show blocked IP addresses.(p. 534)
■ throttled-hosts -- Show throttled IP addresses.(p. 599)
console
■ show console
Usage: show console
Description: Show serial link/console settings.
counters
■ show ipv6 mld vlan VLAN-ID counters
Show MLD VLAN counter information.
cpu
■ show cpu
Usage: show cpu [<1-300>]
[slot <SLOT-LIST> [<1-90>] ]
Description: Show average CPU utilization over the last 1, 5, and 60 seconds;
or the number of seconds specified.
© 2009 Hewlett-Packard Development Company, L.P.
543
Command Line Interface Reference Guide
show
Use the 'slot' argument to display CPU utilization for the
specified modules, rather than the chassis CPU.
Next Available Options:
■ time < 1 to 300 > -- Time (seconds) over which to average CPU utilization. (NUMBER) (p. 599)
■ slot -- Display module CPU statistics. (SLOT-ID-RANGE) (p. 591)
crypto
■ show crypto
Usage: show crypto client-public-key [INDEX] [<fingerprint|babble>]
host-public-key [<fingerprint|babble>]
host-cert
autorun-key
Description: Display flash files used for authentication.
Parameters:
o client-public-key - display keys used by ssh for client public
key authentication.
o INDEX - specify a single client public key, with more detailed
output.
o <fingerprint|babble> - display a hexadecimal or phonetic hash
of the key[s].
o host-public-key - display the ssh host public key.
o host-cert - display the device's ssl host certificate.
o autorun-key - display autorun key.
o autorun-cert - display trusted certificate.
Next Available Options:
■ client-public-key -- Display ssh authorized client public keys.(p. 537)
■ host-public-key -- Display ssh host RSA public key.(p. 555)
■ host-cert -- Display https certificate information.(p. 555)
■ autorun-key -- Display autorun key.(p. 533)
■ autorun-cert -- Display trusted certificate.(p. 533)
cst
■ show spanning-tree root-history cst
Show CST Root changes history.
custom
■ show interfaces custom
Usage: show interfaces custom [PORT-LIST] [COLUMN-LIST]
Description: Show the ports' parameters in customized order.
Next Available Option:
■ custom-port-list -- Show summary of network traffic handled by the ports ([ethernet] PORT-LIST)
(p. 545)
© 2009 Hewlett-Packard Development Company, L.P.
544
Command Line Interface Reference Guide
show
■ show tech custom
Usage: show tech [all|custom|buffers|instrumentation|mesh|route|statistics
|transceivers|vrrp]
Description: Display output of a predefined command sequence used by
technical support.
custom-port-list
■ show interfaces custom [ETHERNET] PORT-LIST
Usage: show interfaces [ethernet] PORT-LIST
Description: Show summary of network traffic handled by the ports.
Next Available Option:
■ column-list -- The list of desired FIELD[:WIDTH] (port, type, status, speed, mode, mdi, flow,
name, vlan, enabled, intrusion, bcast) (TITLE[:NN]) (p. 539)
debug
■ show debug
Usage: show debug
Description: Display currently active debug log destinations and types.
Parameters:
o buffer - Show the contents of the in-memory debug buffer
Next Available Option:
■ buffer -- Show the contents of the debug log buffer(p. 535)
debug-counters
■ show spanning-tree debug-counters
Show spanning tree debug counters information.
Next Available Options:
■ instance < 0 to 16 > -- Show spanning tree instance debug counters information. (NUMBER)
(p. 557)
■ ports -- Show spanning tree port(s) debug counters information. ([ethernet] PORT-LIST) (p.
580)
delayed-flush
■ show igmp delayed-flush
Usage: show igmp delayed-flush
Description: Shows switch-wide IGMP delayed flush value.
© 2009 Hewlett-Packard Development Company, L.P.
545
Command Line Interface Reference Guide
show
destination
■ show sflow < 1 to 3 > destination
Displays information about the receiver/collector/management-station to which the
sampling-polling data is sent.
detail
■ show cdp neighbors detail
Show neighbor information field-per-line instead of shortened table format.
■ show spanning-tree [ETHERNET] PORT-LIST detail
Show spanning tree extended details Port, Bridge, Rx, and Tx report.
■ show spanning-tree [ETHERNET] PORT-LIST instance ist detail
Show spanning tree extended details Port, Bridge, Rx, and Tx report.
■ show spanning-tree [ETHERNET] PORT-LIST instance < 1 to 16 > detail
Show spanning tree extended details Port, Bridge, Rx, and Tx report.
■ show spanning-tree detail
Show spanning tree extended details Port, Bridge, Rx, and Tx report.
■ show spanning-tree instance ist detail
Show spanning tree extended details Port, Bridge, Rx, and Tx report.
■ show spanning-tree instance < 1 to 16 > detail
Show spanning tree extended details Port, Bridge, Rx, and Tx report.
■ show vlans ports [ETHERNET] PORT-LIST detail
Display more info for each port from the 'PORT-LIST' separately.
■ show svlans ports [ETHERNET] PORT-LIST detail
Display more info for each port from the 'PORT-LIST' separately.
detailed
■ show port-access authenticator [ETHERNET] PORT-LIST clients detailed
Show the current 802.1X client session detailed statistics.
■ show port-access authenticator clients [ETHERNET] PORT-LIST detailed
Show the current 802.1X client session detailed statistics.
■ show port-access mac-based [ETHERNET] PORT-LIST config detailed
Show the detailed configuration of MAC Authentication.
■ show port-access mac-based [ETHERNET] PORT-LIST clients detailed
Show the connected MAC address detailed information.
© 2009 Hewlett-Packard Development Company, L.P.
546
Command Line Interface Reference Guide
show
■ show port-access mac-based config [ETHERNET] PORT-LIST detailed
Show the detailed configuration of MAC Authentication.
■ show port-access mac-based clients [ETHERNET] PORT-LIST detailed
Show the connected MAC address detailed information.
■ show port-access web-based [ETHERNET] PORT-LIST config detailed
Show the detailed configuration of Web Authentication.
■ show port-access web-based [ETHERNET] PORT-LIST clients detailed
Show the current web client session detailed statistics.
■ show port-access web-based config [ETHERNET] PORT-LIST detailed
Show the detailed configuration of Web Authentication.
■ show port-access web-based clients [ETHERNET] PORT-LIST detailed
Show the current web client session detailed statistics.
■ show port-access [ETHERNET] PORT-LIST authenticator clients detailed
Show the current 802.1X client session detailed statistics.
■ show port-access [ETHERNET] PORT-LIST mac-based config detailed
Show the detailed configuration of MAC Authentication.
■ show port-access [ETHERNET] PORT-LIST mac-based clients detailed
Show the connected MAC address detailed information.
■ show port-access [ETHERNET] PORT-LIST web-based config detailed
Show the detailed configuration of Web Authentication.
■ show port-access [ETHERNET] PORT-LIST web-based clients detailed
Show the current web client session detailed statistics.
■ show rate-limit icmp detailed
Show Inbound Radius Override details.
■ show rate-limit all detailed
Show Inbound Radius Override details.
■ show rate-limit bcast detailed
Show Inbound Radius Override details.
■ show rate-limit mcast detailed
Show Inbound Radius Override details.
details
■ show services SLOT-ID details
© 2009 Hewlett-Packard Development Company, L.P.
547
Command Line Interface Reference Guide
show
Usage: show services details
Description: Show services software information
■ show modules details
Usage: show modules details
Description: Show miniGBIC information
device-priority
■ show qos device-priority
Usage: show qos device-priority
Description: Show the device priority table (priority based on
the IP addresses).
dhcp-relay
■ show dhcp-relay
Usage: show dhcp-relay [bootp-gateway]
Description: Shows the current status of DHCP Relay Agent,
option 82 statistics and BOOTP Gateway
for configured interfaces.
Next Available Option:
■ bootp-gateway -- Show the configured BOOTP gateway for configured interfaces(p. 534)
dhcp-snooping
■ show dhcp-snooping
Usage: show dhcp-snooping [<binding|stats>]
Description: Display DHCP snooping information.
Parameters:
o binding - Display DHCP snooping binding information.
o stats
- Display DHCP snooping events.
Next Available Options:
■ binding -- Display DHCP snooping binding information.(p. 534)
■ stats -- Display DHCP snooping events.(p. 596)
direction
■ [no] show statistics < aclv4 > ACL-NAME vlan VLAN-ID < in | out | vlan >
Supported Values:
■ in -- Match inbound packets
■ out -- Match outbound packets
© 2009 Hewlett-Packard Development Company, L.P.
548
Command Line Interface Reference Guide
show
■ vlan -- VLAN acl
■ [no] show statistics < aclv6 > ACL-NAME vlan VLAN-ID < vlan >
Supported Values:
■ vlan -- VLAN acl
■ [no] show statistics < policy > POLICY-NAME vlan VLAN-ID < in >
Supported Values:
■ in -- Match inbound packets
display
■ show interfaces display
Usage: show interfaces [ethernet] PORT-LIST
Description: Show summary of network traffic handled by the ports.
distributed
■ show lacp distributed
Usage: show lacp distributed
Description: Show distributed lacp of local and remote switch.
dns
■ show ip dns
Usage: show ip dns
Description: Show configured DNS server IP addresses on the switch.
domains
■ show igmp-proxy domains
Show all the currently configured IGMP proxy domains.
dscp-map
■ show qos dscp-map
Usage: qos dscp-map
Description: Show mappings between DSCP policy and 802.1p priority.
dyn-authorization
■ show radius dyn-authorization
Usage: show radius dynamic authorization
Description: Show RADIUS dynamic authorization statistics.
■ show radius host IP-ADDR dyn-authorization
© 2009 Hewlett-Packard Development Company, L.P.
549
Command Line Interface Reference Guide
show
elected
■ show ip pim bsr elected
Show elected Bootstrap Router information.
enable
■ show snmpv3 enable
Show SNMPv3 status.
endpoint
■ show monitor endpoint
Remote mirroring destination configuration.
engineid
■ show snmpv3 engineid
Show switch's SNMP engineId.
entries
■ show igmp-proxy entries
Show all the currently active IGMP proxy entries.
event_class
■ show logging
Specify substring to match in log entry. See 'log help' for details.
Supported Values:
■ -M -- Major event class.
■ -P -- Performance event class.
■ -W -- Warning event class.
■ -I -- Information event class.
■ -D -- Debug event class.
external-link-state
■ show ip ospf external-link-state
Usage: show ip ospf external-link-state [status|advertise]
Description: Show the Link State Advertisements from throughout
the areas to which the device is attached. The command
shows only External Link State Advertisements.
The 'status' keyword is optional and does not affect the
command output. If the 'advertise' is specified, each LSA
is shown as a stream of bytes in hexadecimal notation.
Next Available Options:
■ status -- The keyword is optional and can be omitted.(p. 596)
■ advertise -- Show each LSA as a stream of bytes in hexadecimal notation.(p. 529)
■ link-state-id -- Show LSAs with the specified ID only. (IP-ADDR) (p. 566)
© 2009 Hewlett-Packard Development Company, L.P.
550
Command Line Interface Reference Guide
show
■ router-id -- Show LSAs with the specified Router ID only. (IP-ADDR) (p. 587)
■ sequence-number -- Show LSAs with the specified sequence number only.(p. 589)
fan-pref-airflow-dir
■ show system fan-pref-airflow-dir
Usage: show system fan-pref-airflow-dir
Description: Shows the user configured fan preferred airflow direction.
fans
■ show system fans
Usage: show system fans
Description: Show system fan status.
fastboot
■ show fastboot
Usage: show fastboot
Description: Shows the current status of fastboot on switch.
fault-finder
■ show fault-finder
Usage: show fault-finder
Description: Show the fault-finder table.
feature-coordinator
■ show feature-coordinator
Display the feature coordination restrictions
filename
■ show config < config | config1 >
Display specified configuration.
Supported Values:
■ config
■ config1
files
■ show config files
List saved configuration files.
© 2009 Hewlett-Packard Development Company, L.P.
551
Command Line Interface Reference Guide
show
filter
■ show filter
Usage: show filter [INDEX]
Description: Show a table of security filters or a filter
detailed information, if the filter's INDEX is specified.
Next Available Options:
■ INDEX -- Show detailed information for the filter identified by the INDEX. The indices are
displayed by the 'show filter' command.(p. 557)
■ source-port -- (p. 592)
fingerprint
■ show crypto client-public-key fingerprint
Display hexadecimal hash.
■ show crypto client-public-key < manager | operator > fingerprint
Display hexadecimal hash.
■ show crypto client-public-key < manager | operator > KEYLIST fingerprint
Display hexadecimal hash.
■ show crypto host-public-key fingerprint
Display hexadecimal hash.
■ show ip client-public-key fingerprint
Display hexadecimal hash.
■ show ip host-public-key fingerprint
Display hexadecimal hash.
flash
■ show flash
Usage: show flash
Description: Show the version of software stored in the Primary
and Secondary image locations.
forward-protocol
■ show ip forward-protocol
Usage: show ip forward-protocol [vlan <VLAN-ID>]
Description: Show server addresses where broadcast requests received by the
switch are to be forwarded based on configured port.
Next Available Option:
■ vlan -- Specify a vlan for which to show server addresses. (VLAN-ID) (p. 603)
© 2009 Hewlett-Packard Development Company, L.P.
552
Command Line Interface Reference Guide
show
front-panel-security
■ show front-panel-security
Usage: show front-panel-security
Description: Show current security status of the front panel butons. If
'password-clear' is disabled, the password(s) cannot be reset using
the clear button on the front panel of the device. If 'factoryreset' is disabled, the configuation/password(s) can not be reset
using the clear and reset button combination at boot time. With
'password-recovery' enabled (and the front panel buttons disabled),
a lost password can be recovered by contacting HP customer support.
With 'password-recovery' disabled, there is no way to access a
device after losing a password with the front panel buttons
disabled.
general
■ show ip ospf general
Usage: show ip ospf general
Description: Show OSPF basic configuration and operational information.
■ show ip rip general
Usage: show ip rip general
Description: Show RIP basic configuration and operational information.
global
■ show vrrp config global
Show global VRRP configuration information.
■ show vrrp statistics global
Show global VRRP configuration information.
group
■ show ip igmp group IP-ADDR
Show ports the specified multicast group address is registered on.
■ show ipv6 mld vlan VLAN-ID group
Show MLD VLAN group info.
Next Available Option:
■ ipv6-addr -- Show MLD VLAN group address information. (IPV6-ADDR) (p. 563)
■ show snmpv3 access-rights < ManagerPriv | ManagerAuth | OperatorAuth | ... >
Show SNMPv3 users.
© 2009 Hewlett-Packard Development Company, L.P.
553
Command Line Interface Reference Guide
show
Supported Values:
■ ManagerPriv -- Require privacy and authentication, can access all objects.
■ ManagerAuth -- Require authentication, can access all objects.
■ OperatorAuth -- Requires authentication, limited access to objects.
■ OperatorNoAuth -- No authentication required, limited access to objects.
■ ComManagerRW -- Community with manager and unrestricted write access.
■ ComManagerR -- Community with manager and restricted write access.
■ ComOperatorRW -- Community with operator and unrestricted write access.
■ ComOperatorR -- Community with operator and restricted write access.
Next Available Option:
■ sec-model -- Set security model. (p. 589)
■ show snmpv3 group
Show SNMPv3 User to Group mappings.
Next Available Option:
■ group < ManagerPriv | ManagerAuth | OperatorAuth | ... > -- Show SNMPv3 users. (p. 553)
■ show snmpv3 group < ManagerPriv | ManagerAuth | OperatorAuth | ... >
Show SNMPv3 users.
Supported Values:
■ ManagerPriv -- Require privacy and authentication, can access all objects.
■ ManagerAuth -- Require authentication, can access all objects.
■ OperatorAuth -- Requires authentication, limited access to objects.
■ OperatorNoAuth -- No authentication required, limited access to objects.
■ ComManagerRW -- Community with manager and unrestricted write access.
■ ComManagerR -- Community with manager and restricted write access.
■ ComOperatorRW -- Community with operator and unrestricted write access.
■ ComOperatorR -- Community with operator and restricted write access.
Next Available Option:
■ user -- Show a specific user. (ASCII-STR) (p. 601)
gvrp
■ show gvrp
Usage: show gvrp
Description: Show GVRP settings.
hc
■ show interfaces [ETHERNET] PORT-LIST hc
Usage: show interfaces [ethernet] PORT-LIST
Description: Show summary of network traffic handled by the ports.
© 2009 Hewlett-Packard Development Company, L.P.
554
Command Line Interface Reference Guide
show
helper-address
■ show ip helper-address
Usage: show ip helper-address [vlan <VLAN-ID>]
Description: Show DHCP servers where DHCP requests received by the
switch are to be forwarded.
Next Available Option:
■ vlan -- Specify a vlan for which to show server addresses. (VLAN-ID) (p. 603)
history
■ show history
Usage: show history
Description: Show previously entered commands.
host
■ show radius host IP-ADDR
Usage: show radius host <IP-ADDR>
Description: Show statistics information for the RADIUS host.
Next Available Option:
■ dyn-authorization -- (p. 549)
host-cert
■ show crypto host-cert
Display https certificate information.
host-public-key
■ show crypto host-public-key
Display ssh host RSA public key.
Next Available Options:
■ babble -- Display phonetic hash.(p. 533)
■ fingerprint -- Display hexadecimal hash.(p. 552)
■ show ip host-public-key
Usage: show ip host-public-key [babble|fingerprint]
Description: Display the SSH host RSA public key. The 'babble' and
'fingerprint' options display a phonetic or hexadecimal
hash instead of displaying the numeric values.
Next Available Options:
■ babble -- Display phonetic hash.(p. 533)
© 2009 Hewlett-Packard Development Company, L.P.
555
Command Line Interface Reference Guide
show
■ fingerprint -- Display hexadecimal hash.(p. 552)
icmp
■ show ip icmp
Usage: show ip icmp
Description: Show ICMP Rate Limiting settings.
■ show rate-limit icmp
Show only limits for icmp traffic.
Next Available Options:
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p. 578)
■ detailed -- Show Inbound Radius Override details.(p. 546)
if-ip
■ show ip ospf statistics IP-ADDR
Specify IP address of the interface for which to show detailed information.
■ show ip ospf interface IP-ADDR
Specify IP address of the interface for which to show detailed information.
■ show ip rip interface IP-ADDR
Specify IP address of the interface for which to show detailed information.
igmp
■ show igmp
Usage: show igmp [...]
Description: Show global switch IGMP configuration parameters.
To get a list of all possible parameters use 'show igmp ?'.
Next Available Option:
■ delayed-flush -- Shows switch-wide IGMP delayed flush value(p. 545)
■ show ip igmp
Usage: show ip igmp [config|group IP-ADDR|VLAN-ID [config]]
Description: Invoked without any parameters, shows per-VLAN IGMP status,
or, if VLANs are disabled displays the global IGMP status.
When followed by the 'config' keyword, shows IGMP global
configuration information. VLAN-ID can be used to get
operational and configuration information for a particular
VLAN, if VLAN support is enabled. The 'group' keyword can be
used to show a list of ports where a particular multicast group
is registered.
© 2009 Hewlett-Packard Development Company, L.P.
556
Command Line Interface Reference Guide
show
Next Available Options:
■ vlan -- Show IGMP operational information for the VLAN specified. (VLAN-ID) (p. 603)
■ config -- Show IGMP configuration information.(p. 540)
■ group -- Show ports the specified multicast group address is registered on. (IP-ADDR) (p. 553)
igmp-proxy
■ show igmp-proxy
Usage: show igmp-proxy <entries|domains|vlans>
Description: Show active/configured IGMP proxy forwarder information.
When followed by the 'entries' keyword, shows all currently
active IGMP proxy entries. The 'domains' keyword can be
used to show all the currently configured IGMP proxy
domains. The 'vlans' keyword can be used to show all the
VLANs currently associated with IGMP proxy domains.
Next Available Options:
■ entries -- Show all the currently active IGMP proxy entries.(p. 550)
■ domains -- Show all the currently configured IGMP proxy domains.(p. 549)
■ vlans -- Show all the VLANs currently associated with IGMP proxy domains.(p. 607)
INDEX
■ show filter INTEGER
Show detailed information for the filter identified by the INDEX.
The indices are displayed by the 'show filter' command.
info
■ show lldp info
Usage: show lldp info <local-device | remote device> [PORT-LIST]
Description: Show LLDP information about the remote or local device.
o [ethernet] PORT-LIST - Show local or remote device information
for the specified ports.
Next Available Options:
■ remote-device -- Show LLDP remote device information.(p. 585)
■ local-device -- Show LLDP local device information.(p. 566)
information
■ show system information
Usage: show system information
Description: Show global configured and operational system parameters.
instance
■ show spanning-tree [ETHERNET] PORT-LIST config instance
© 2009 Hewlett-Packard Development Company, L.P.
557
Command Line Interface Reference Guide
show
Show the spanning tree instance information.
Next Available Options:
■ ist -- Show the information for the internal spanning tree (IST) instance.(p. 563)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information.(p. 572)
■ show spanning-tree [ETHERNET] PORT-LIST instance
Show spanning tree instance status information.
Next Available Options:
■ ist -- Show the information for the internal spanning tree (IST) instance.(p. 563)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information.(p. 572)
■ show spanning-tree config instance
Show the spanning tree instance information.
Next Available Options:
■ ist -- Show the information for the internal spanning tree (IST) instance.(p. 563)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information.(p. 572)
■ show spanning-tree instance
Show the spanning tree instance information.
Next Available Options:
■ ist -- Show the information for the internal spanning tree (IST) instance.(p. 563)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information.(p. 572)
■ show spanning-tree pending instance
Show multiple spanning tree instance pending configuration information.
Next Available Options:
■ ist -- Show the information for the internal spanning tree (IST) instance.(p. 563)
■ MSTID < 1 to 16 > -- Spanning tree instance ID for which to show the information.(p. 572)
■ show spanning-tree debug-counters instance < 0 to 16 >
Show spanning tree instance debug counters information.
Range: < 0 to 16 >
Next Available Option:
■ ports -- Show spanning tree port(s) debug counters information. ([ethernet] PORT-LIST) (p.
580)
■ show spanning-tree debug-counters ports [ETHERNET] PORT-LIST instance < 0 to 16 >
Show spanning tree instance debug counters information.
© 2009 Hewlett-Packard Development Company, L.P.
558
Command Line Interface Reference Guide
show
Range: < 0 to 16 >
instrumentation
■ show instrumentation
Usage: show instrumentation
Description: Show internal version-dependant counters for debugging.
This data is for factory troubleshooting purposes. The data displayed
is dependent on which version of code is running.
Data is maintained for the current 5 minutes, hour, and day. At the end of
every 5 minutes, hour, or day, averages and min/max values are calculated
and the current interval's data is copied to the previous interval's data.
For example, the previous day's data is updated at midnight local time. The
previous hour's data is updated on the hour.
There are many situations in which data is not yet available, or data is
not maintained. In this case, an asterisk is displayed. It is never an
error condition.
Next Available Options:
■ monitor -- Show latest values for monitored parameters(p. 570)
■ cam -- Show internal version-dependant counters for debugging(p. 536)
■ vlan -- Show internal version-dependant counters for debugging for thespecified port or vlan
number(p. 603)
■ port -- Show internal version-dependant counters for debugging for thespecified port or vlan
number(p. 577)
■ resptime -- show service response time data for performance sensitive operations registered
for response time measurement(p. 585)
■ show tech instrumentation
Usage: show tech [all|custom|buffers|instrumentation|mesh|route|statistics
|transceivers|vrrp]
Description: Display output of a predefined command sequence used by
technical support.
interface
■ show ip ospf interface
Usage: show ip ospf interface [IP-ADDR|vlan VLAN-ID]
Description: Show OSPF interfaces' information. Invoked without
parameters shows all OSPF interfaces configured. If the
'IP-ADDR' or the VLAN is specified detailed information
for the interface determined through the parameter is shown.
Next Available Options:
■ vlan -- Specify VLAN of the interface for which to show detailed information. (VLAN-ID) (p. 603)
■ if-ip -- Specify IP address of the interface for which to show detailed information. (IP-ADDR)
(p. 556)
© 2009 Hewlett-Packard Development Company, L.P.
559
Command Line Interface Reference Guide
show
■ show ip rip interface
Usage: show ip rip interface [IP-ADDR|vlan VLAN-ID]
Description: Show RIP interfaces' information. Invoked without
parameters shows all RIP interfaces configured. If the
'IP-ADDR' or the VLAN is specified detailed information
for the interface determined through the parameter is shown.
Next Available Options:
■ vlan -- Specify VLAN of the interface for which to show detailed information. (VLAN-ID) (p. 603)
■ if-ip -- Specify IP address of the interface for which to show detailed information. (IP-ADDR)
(p. 556)
■ show ip mroute interface
Usage: show ip mroute interface [VLAN-ID]
Description: Show IP multicast routing interfaces' information. Invoked
without parameters shows all IP multicast routing interfaces.
If the VLAN-ID is specified then detailed information for the
specified interface is shown.
Next Available Option:
■ VLAN-ID -- Specify the VLAN ID of the IP multicast routing interface to show. (VLAN-ID) (p. 607)
■ show ip pim interface
Usage: show ip pim interface [VLAN-ID]
Description: Show PIM interface information. Invoked without parameters
shows all enabled PIM routing interfaces. If the VLAN-ID is
specified then detailed information for the specified interface
is shown.
Next Available Option:
■ VLAN-ID -- Specify the VLAN ID of the PIM interface to show. (VLAN-ID) (p. 607)
interfaces
■ show interfaces
Usage: show interfaces [config|display|brief|custom|
[ethernet] PORT-LIST|port-utilization]
Description: Show port configuration and status information.
o
o
o
o
config
- Show configuration information.
display
- Show dynamic update of port counters.
brief
- Show the ports' operational parameters.
[ethernet] PORT-LIST - Show summary of network traffic
handled by the ports.
o port-utilization
- Show the port's bandwidth-utilization.
o custom
- Show customized set of port's data fields.
© 2009 Hewlett-Packard Development Company, L.P.
560
Command Line Interface Reference Guide
show
Next Available Options:
■ port-list -- Show summary of network traffic handled by the ports ([ethernet] PORT-LIST) (p.
578)
■ config -- Show configuration information(p. 540)
■ display -- Show summary of network traffic handled by the ports(p. 549)
■ brief -- Show the ports' operational parameters(p. 535)
■ port-utilization -- Show the ports' bandwidth-utilization(p. 581)
■ custom -- Show the ports' parameters in customized order(p. 544)
intrusion-log
■ show port-security intrusion-log
Show the intrusion log records.
ip
■ show ip
Usage: show ip [...]
Description: Show the device IP configuration. Invoked without parameters
shows IP configuration for the switch or all VLANs. When
followed by a parameter displays information for a particular
IP protocol or feature. To get a list of all possible
parameters use 'show ip ?'.
Next Available Options:
■ authorized-managers -- Show IPV4 addresses allowed to manage the switch(p. 532)
■ dns -- Show configured DNS server IP addresses on the switch(p. 549)
■ client-public-key -- Show currently loaded public keys for authorized clients (NUMBER) (p. 537)
■ helper-address -- Show DHCP servers where DHCP requests received by the switch are to be
forwarded(p. 555)
■ forward-protocol -- Show server addresses where broadcast requests received by the switch
are to be forwarded based on configured port(p. 552)
■ icmp -- Show ICMP Rate Limiting settings(p. 556)
■ host-public-key -- Display the SSH host RSA public key (NUMBER) (p. 555)
■ igmp -- Invoked without any parameters, shows per-VLAN IGMP status, or, if VLANs are disabled
displays the global IGMP status(p. 556)
■ irdp -- Show IRDP (ICMP Router Discovery Protocol) settings(p. 563)
■ ospf -- Show OSPF operational and configuration information(p. 574)
■ rip -- Show RIP operational and configuration information(p. 586)
■ route -- Show the IP routing table(p. 587)
■ ssh -- Show both current SSH configuration and the status of active connections(p. 593)
■ mroute -- Show IP multicast routing table(p. 571)
■ pim -- Show PIM protocol operational and configuration information(p. 576)
■ source-lockdown -- Show Dynamic IP Lockdown configuration. (p. 592)
■ source-binding -- Show Dynamic IP Lockdown trap status. (p. 592)
ip-addr
■ show ip route IP-ADDR
Destination IP address to display the routes to.
© 2009 Hewlett-Packard Development Company, L.P.
561
Command Line Interface Reference Guide
show
IP-ADDR
■ show ip mroute IP-ADDR
Usage: show ip mroute [GRP-ADDR SRC-ADDR]
Description: Show detailed information for the specified entry from the IP
multicast routing table. GRP-ADDR is the IP multicast group
address and SRC-ADDR is the source IP address of the entry.
Next Available Option:
■ IP-ADDR -- Specify the source IP address of the MRT entry. (IP-ADDR) (p. 562)
■ show ip mroute IP-ADDR IP-ADDR
Specify the source IP address of the MRT entry.
■ show ip pim mroute IP-ADDR
Specify the IP multicast group address of the MRT entry.
Next Available Option:
■ IP-ADDR -- Specify the source IP address of the MRT entry. (IP-ADDR) (p. 562)
■ show ip pim mroute IP-ADDR IP-ADDR
Specify the source IP address of the MRT entry.
■ show ip pim neighbor IP-ADDR
Specify the IP address of the PIM neighbor to show.
ip-recv-mac-address
■ show ip-recv-mac-address
Show VLAN L3-Mac-Address table.
ipv4
■ show class ipv4 IPV4
Enter ipv4 class.
ipv6
■ show ipv6
Usage: show ipv6
Description: Show the device IPv6 configuration. Invoked without parameters
shows IPv6 configuration for the switch or all VLANs. When
followed by a parameter displays information for a particular
IPv6 protocol or feature. To get a list of all possible
parameters use 'show ipv6 ?'.
Next Available Options:
■ vlan -- Show IPv6 status information for all VLANs(p. 603)
© 2009 Hewlett-Packard Development Company, L.P.
562
Command Line Interface Reference Guide
show
routers -- Show the IPv6 Router table entries(p. 587)
route -- Show the IPv6 routing table(p. 587)
nd -- Show the IPv6 Neighbor Discovery settings(p. 573)
mld -- Invoked without any parameters, shows per-VLAN MLD status, or, if VLANs are disabled
displays the global MLD status(p. 570)
■ neighbors -- Displays information on the IPv6 neighbor discovery cache(p. 573)
■ authorized-managers -- Show IPV6 addresses allowed to manage the switch(p. 532)
■
■
■
■
■ show class ipv6 IPV6
Enter ipv6 class.
ipv6-addr
■ show ipv6 route IPV6-ADDR
Destination IPv6 address to display the routes to.
■ show ipv6 mld vlan VLAN-ID group IPV6-ADDR
Show MLD VLAN group address information.
irdp
■ show ip irdp
Usage: show ip irdp
Description: Show IRDP (ICMP Router Discovery Protocol) settings.
ist
■ show spanning-tree [ETHERNET] PORT-LIST config instance ist
Show the information for the internal spanning tree (IST) instance.
■ show spanning-tree [ETHERNET] PORT-LIST instance ist
Show the information for the internal spanning tree (IST) instance.
Next Available Option:
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report.(p. 546)
■ show spanning-tree config instance ist
Show the information for the internal spanning tree (IST) instance.
■ show spanning-tree instance ist
Show the information for the internal spanning tree (IST) instance.
Next Available Option:
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report.(p. 546)
■ show spanning-tree pending instance ist
© 2009 Hewlett-Packard Development Company, L.P.
563
Command Line Interface Reference Guide
show
Show the information for the internal spanning tree (IST) instance.
■ show spanning-tree root-history ist
Show IST Regional Root changes history.
jumbos
■ show jumbos
Usage: show max-frame-size
Description: Show the untagged Max frame size for the switch.
This value will be effective only when Jumbo is
enabled.
key-chain
■ show key-chain
Usage: show key-chain [CHAN-NAME-STR]
Description: Display key chains. The command displays a list of key chains
configured. If a key chain name is specified the command shows
the chain keys and information of routing protocols configured
to use the chain.
Next Available Option:
■ CHAIN-NAME -- Show the chain detailed information. (ASCII-STR) (p. 537)
keyfile
■ show crypto client-public-key < manager | operator >
Choose to display manager or operator keys.
Supported Values:
■ manager -- Select manager public keys.
■ operator -- Select operator public keys.
Next Available Options:
■ babble -- Display phonetic hash.(p. 533)
■ fingerprint -- Display hexadecimal hash.(p. 552)
■ keylist -- Select keys to display (comma-delimited list). (ASCII-STR) (p. 564)
keylist
■ show crypto client-public-key < manager | operator > KEYLIST
Select keys to display (comma-delimited list).
Next Available Options:
■ babble -- Display phonetic hash.(p. 533)
■ fingerprint -- Display hexadecimal hash.(p. 552)
© 2009 Hewlett-Packard Development Company, L.P.
564
Command Line Interface Reference Guide
show
lacp
■ show lacp
Usage: show lacp
Description: Show status of LACP trunks.
Next Available Option:
■ distributed -- Show distributed lacp of local and remote switch(p. 549)
learned
■ show ip pim rp-set learned
Show RP-Set information learned from the BSR.
licenses
■ show licenses
Usage: show licenses [uninstalled]
Description: Display license status for premium features. Use 'uninstalled'
to display the uninstall verification key for features which
have been uninstalled.
Next Available Option:
■ uninstalled -- Display verification key for features which have been uninstalled. (p. 601)
link-keepalive
■ show link-keepalive
Usage: show link-keepalive [statistics]
Description: show link-keepalive information on the switch.
'show link-keepalive' command displays all the ports that are
enabled for link-keepalive. 'show link-keepalive statistics'
command displays detailed statistics like UDLD packets sent,
UDLD packets received etc for all link-keepalive enabled ports.
Next Available Option:
■ statistics -- show detailed statistics for all link-keepalive enabled ports.(p. 594)
link-state
■ show ip ospf link-state
Usage: show ip ospf link-state [OSPF-AREA-ID] [status|advertise]
Description: Show all Link State Advertisements from throughout
the areas to which the device is attached.
The 'status' keyword is optional and does not affect the
command output. If the 'advertise' is specified, each LSA
is shown as a stream of bytes in hexadecimal notation.
© 2009 Hewlett-Packard Development Company, L.P.
565
Command Line Interface Reference Guide
show
Next Available Options:
■ area-id -- Show LSAs for the specified area only. (OSPF-AREA-ID) (p. 530)
■ advertise -- Show each LSA as a stream of bytes in hexadecimal notation.(p. 529)
■ link-state-id -- Show LSAs with the specified ID only. (IP-ADDR) (p. 566)
■ router-id -- Show LSAs with the specified Router ID only. (IP-ADDR) (p. 587)
■ sequence-number -- Show LSAs with the specified sequence number only.(p. 589)
■ status -- The keyword is optional and can be omitted.(p. 596)
■ type < router | network | summary | ... > -- Show LSAs of the specified type only.(p. 600)
link-state-id
■ show ip ospf external-link-state link-state-id IP-ADDR
Show LSAs with the specified ID only.
■ show ip ospf link-state link-state-id IP-ADDR
Show LSAs with the specified ID only.
lldp
■ show lldp
Usage: show lldp ...
Description: Show various LLDP settings. Use 'show lldp ?' for the
list of all possible options.
Next Available Options:
■ config -- Show LLDP configuration information(p. 540)
■ info -- Show LLDP information about the remote or local device(p. 557)
■ stats -- Show LLDP statistics(p. 596)
■ auto-provision -- Show LLDP auto-provision related info for radio-ports(p. 532)
local
■ show ip pim bsr local
Show local Candidate-BSR configuration information.
local-device
■ show lldp info local-device
Show LLDP local device information.
Next Available Option:
■ port-list -- Show remote or local device information for the specified ports. ([ethernet]
PORT-LIST) (p. 578)
lockout-mac
■ show lockout-mac
© 2009 Hewlett-Packard Development Company, L.P.
566
Command Line Interface Reference Guide
show
Usage: show lockout-mac
Description: Show the MAC addresses that have been locked out
of the network.
logging
■ show logging
Usage: show logging [-a|-r|-m|-p|-w|-i|-d|substring ...]
Description: Display log events.
-a - Instructs the switch to display all recorded log
events, which includes events from previous boot cycles.
-r - Instructs the switch to display recorded
log events in reverse order (most recent first).
substring - Instructs the switch to display
only those events that match the substring.
The remaining event class options (listed below in
order of severity - lowest severity first) confine
output to event clases of equal or higher severity
-d - Debug
-i - Informative
-w - Warnings
-p - Performance
-m - Major
Only one of options -d,-i,-w,-p and -m may be specified.
The -a, -r, and substring options may be used in
combination with an event class option.
Next Available Options:
■ option -- Filter events shown. See 'show logging help' for details. (ASCII-STR) (p. 574)
■ -a -- Display all log events, including those from previous boot cycles.(p. 527)
■ -r -- Display log events in reverse order (most recent first).(p. 583)
■ event_class < -M | -P | -W | ... > -- Specify substring to match in log entry. See 'log help' for
details.(p. 550)
loop-protect
■ show loop-protect
Usage: show loop-protect [ethernet] PORT-LIST
Description: Show loop protection status. if no PORT-LIST is specified, then
information is shown only for the ports that have loop protection
enabled.
Next Available Option:
■ port-list -- Show loop protection summary for ports. ([ethernet] PORT-LIST) (p. 578)
MAC
■ show mac-address MAC-ADDR
Show port the specified MAC address is located on.
© 2009 Hewlett-Packard Development Company, L.P.
567
Command Line Interface Reference Guide
show
mac-address
■ show mac-address
Usage: show mac-address [[ethernet] PORT-LIST|vlan VLAN-ID|MAC-ADDR]
Description: Show MAC addresses the switch has learned.
You can display addresses learned on a particular port,
a PORT-LIST, a VLAN-ID, or a particular MAC address.
Next Available Options:
■ address-table-port -- Show MAC addresses learned on the specified ports. ([ethernet] PORT-LIST)
(p. 528)
■ vlan -- Show MAC addresses learned on the specified VLAN. (VLAN-ID) (p. 603)
■ MAC -- Show port the specified MAC address is located on. (MAC-ADDR) (p. 567)
mac-based
■ show port-access mac-based
Usage: show port-access [PORT-LIST] mac-based
[<config [auth-server|detail]>|clients]
show port-access mac-based [PORT-LIST]
[<config [auth-server|detail]>|clients]
show port-access mac-based config [PORT-LIST] [auth-server|detail]
Description: Show MAC Authentication statistics and configuration. If
PORT-LIST parameter has been specified then information only
for the specified ports is shown.
If 'config' keyword has been specified then the configuration
of MAC Authentication is shown.
If 'auth-server' keyword has been specified then the
authentication server-related configuration items are shown.
If PORT-LIST and 'detail' keyword has been specified then the
detailed configuration of MAC Authentication for the specified
ports is shown.
If 'clients' keyword has been specified then the connected MAC
address information is shown.
Next Available Options:
■ -- Specify ports for which MAC Authentication information will be shown. ([ethernet] PORT-LIST)
(p. 525)
■ config -- Show the current configuration of MAC Authentication.(p. 540)
■ clients -- Show the connected MAC address information.(p. 538)
■ show port-access [ETHERNET] PORT-LIST mac-based
Usage: show port-access [PORT-LIST] mac-based
[<config [auth-server|detail]>|clients]
show port-access mac-based [PORT-LIST]
[<config [auth-server|detail]>|clients]
show port-access mac-based config [PORT-LIST] [auth-server|detail]
Description: Show MAC Authentication statistics and configuration. If
PORT-LIST parameter has been specified then information only
for the specified ports is shown.
If 'config' keyword has been specified then the configuration
© 2009 Hewlett-Packard Development Company, L.P.
568
Command Line Interface Reference Guide
show
of MAC Authentication is shown.
If 'auth-server' keyword has been specified then the
authentication server-related configuration items are shown.
If PORT-LIST and 'detail' keyword has been specified then the
detailed configuration of MAC Authentication for the specified
ports is shown.
If 'clients' keyword has been specified then the connected MAC
address information is shown.
Next Available Options:
■ config -- Show the current configuration of MAC Authentication.(p. 540)
■ clients -- Show the connected MAC address information.(p. 538)
management
■ show management
Usage: show management
Description: Show the switch's addresses available for management
and the time server if the switch uses one.
mcast
■ show rate-limit mcast
Show limits for ingress multicast traffic.
Next Available Options:
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p. 578)
■ detailed -- Show Inbound Radius Override details.(p. 546)
mesh
■ show mesh
Usage: show mesh
Description: Show the switch mesh information such as mesh
ports, adjacent switches and their peer ports.
■ show tech mesh
Usage: show tech [all|custom|buffers|instrumentation|mesh|route|statistics
|transceivers|vrrp]
Description: Display output of a predefined command sequence used by
technical support.
mirror_session_id
■ show monitor < 1 to 4 >
Mirror destination number.
Range: < 1 to 4 >
© 2009 Hewlett-Packard Development Company, L.P.
569
Command Line Interface Reference Guide
show
mld
■ show ipv6 mld
Usage: show ipv6 mld [config|group IPV6-ADDR|VLAN-ID [config]]
Description: Invoked without any parameters, shows per-VLAN MLD status,
or, if VLANs are disabled displays the global MLD status.
When followed by the 'config' keyword, shows MLD global
configuration information. VLAN-ID can be used to get
operational and configuration information for a particular
VLAN, if VLAN support is enabled. The 'group' keyword can be
used to show a list of ports where a particular multicast group
is registered.
Next Available Options:
■ vlan -- Show MLD VLAN information.(p. 603)
■ config -- Show MLD configuration information.(p. 540)
■ statistics -- Show MLD statistics.(p. 594)
modules
■ show modules
Usage: show modules
Description: Show installed modules information
Next Available Option:
■ details -- (p. 547)
monitor
■ show instrumentation monitor
Usage: show instrumentation monitor
Description: Show latest values for monitored parameters.
The data displayed is dependent on which version of code is running.
Data is maintained for the current 5 minutes, hour, and day. At the end of
every 5 minutes, hour, or day, averages and min/max values are calculated
and the current interval's data is copied to the previous interval's data.
For example, the previous day's data is updated at midnight local time. The
previous hour's data is updated on the hour.
There are many situations in which data is not yet available, or data is
not maintained. In this case, an asterisk is displayed. It is never an
error condition.
Next Available Option:
■ configuration -- show configured thresholds for monitored parameters(p. 543)
■ show monitor
© 2009 Hewlett-Packard Development Company, L.P.
570
Command Line Interface Reference Guide
show
Usage: show monitor
Description: Show the switch network monitoring status and
configuration, if network monitoring is enabled.
Next Available Options:
■ mirror_session_id < 1 to 4 > -- Mirror destination number.(p. 569)
■ name -- Mirror destination name.(p. 572)
■ endpoint -- Remote mirroring destination configuration.(p. 550)
motd
■ show banner motd
Usage: show banner motd
Description: show the configured banner text.
mroute
■ show ip mroute
Usage: show ip mroute [command]
Description: Show IP multicast routing table. The 'command' can be used to
obtain more detailed information of the IP multicast routing
functionality. Use 'show ip mroute ?' to get a list of all
possible commands.
Next Available Options:
■ IP-ADDR -- Show detailed information for the specified entry from the IP multicast routing table
(IP-ADDR) (p. 562)
■ interface -- Show IP multicast routing interfaces' information(p. 559)
■ show ip pim mroute
Usage: show ip pim mroute [GRP-ADDR SRC-ADDR]
Description: Show PIM-specific information from the IP multicast routing
table. Invoked without parameters shows all PIM entries from
the IP MRT. If multicast group address and source address are
specified then detailed information for the specified entry is
shown.
Next Available Option:
■ IP-ADDR -- Specify the IP multicast group address of the MRT entry. (IP-ADDR) (p. 562)
mst-config
■ show spanning-tree mst-config
Show multiple spanning tree region configuration.
■ show spanning-tree pending mst-config
Show multiple spanning tree pending region configuration.
© 2009 Hewlett-Packard Development Company, L.P.
571
Command Line Interface Reference Guide
show
msti
■ show spanning-tree root-history msti < 1 to 16 >
Show MSTI Regional Root changes history.
Range: < 1 to 16 >
MSTID
■ show spanning-tree [ETHERNET] PORT-LIST config instance < 1 to 16 >
Spanning tree instance ID for which to show the information.
Range: < 1 to 16 >
■ show spanning-tree [ETHERNET] PORT-LIST instance < 1 to 16 >
Spanning tree instance ID for which to show the information.
Range: < 1 to 16 >
Next Available Option:
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report.(p. 546)
■ show spanning-tree config instance < 1 to 16 >
Spanning tree instance ID for which to show the information.
Range: < 1 to 16 >
■ show spanning-tree instance < 1 to 16 >
Spanning tree instance ID for which to show the information.
Range: < 1 to 16 >
Next Available Option:
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report.(p. 546)
■ show spanning-tree pending instance < 1 to 16 >
Spanning tree instance ID for which to show the information.
Range: < 1 to 16 >
name
■ show monitor name
Mirror destination name.
■ show name
Usage: show name [[ethernet] PORT-LIST]
Description: Show names assigned to the ports. If the PORT-LIST is not
specified the default is to list all of the ports.
Next Available Option:
■ port-list -- Show names assigned to the ports ([ethernet] PORT-LIST) (p. 578)
© 2009 Hewlett-Packard Development Company, L.P.
572
Command Line Interface Reference Guide
show
■ show policy NAME
Enter policy name.
nd
■ show ipv6 nd
Usage: show ipv6 nd
Description: Show the IPv6 Neighbor Discovery settings.
neighbor
■ show ip ospf neighbor
Usage: show ip ospf neighbor [IP-ADDR]
Description: Show all OSPF neighbors in the locality of of the
device. The 'IP-ADDR' can be specified to retrieve
detailed information for the specific neighbor only.
Next Available Option:
■ neighbor-ip -- (IP-ADDR) (p. 573)
■ show ip pim neighbor
Usage: show ip pim neighbor [IP-ADDR]
Description: Show PIM neighbor information. Invoked without parameters
shows all PIM neighbors of this device. If the IP-ADDR is
specified then detailed information for the specified neighbor
is shown.
Next Available Option:
■ IP-ADDR -- Specify the IP address of the PIM neighbor to show. (IP-ADDR) (p. 562)
neighbor-ip
■ show ip ospf neighbor IP-ADDR
neighbors
■ show cdp neighbors
Show CDP neighbors. See 'show cdp help' for details.
Next Available Options:
■ neighbors-port -- Show CDP neighbors on specified port only. ([ethernet] PORT-NUM) (p. 574)
■ detail -- Show neighbor information field-per-line instead of shortened table format.(p. 546)
■ show ipv6 neighbors
Displays information on the IPv6 neighbor discovery cache
© 2009 Hewlett-Packard Development Company, L.P.
573
Command Line Interface Reference Guide
show
Next Available Option:
■ vlan -- Displays information on the IPv6 neighbor discovery cache(p. 603)
neighbors-port
■ show cdp neighbors [ETHERNET] PORT-NUM
Show CDP neighbors on specified port only.
notify
■ show snmpv3 notify
Show SNMPv3 notification table.
Next Available Option:
■ NOTIFY-NAME -- Show a specific notification entry. (ASCII-STR) (p. 574)
NOTIFY-NAME
■ show snmpv3 notify NOTIFY-NAME
Show a specific notification entry.
only
■ show snmpv3 only
Show SNMP message reception policy.
option
■ show debug buffer OPTION
Filter messages shown to those matching a string up to 64 chars.
■ show instrumentation resptime OPTION
Filter response time metrics shown to those services whose name
contains the specified substring of up to 16 chars.
■ show logging OPTION
Filter events shown. See 'show logging help' for details.
ospf
■ show ip ospf
Usage: show ip ospf [command]
Description: Show OSPF operational and configuration information.
The 'command' can be used to obtain more detailed information
of the protocol functionality. Use 'show ip ospf ?' to get a
list of all possible commands.
Next Available Options:
■ general -- Show OSPF basic configuration and operational information(p. 553)
© 2009 Hewlett-Packard Development Company, L.P.
574
Command Line Interface Reference Guide
show
■ spf-log -- List the OSPF SPF(Shortes Path First Algorithm) run count for all OSPF areas and last
ten Reasons for running SPF(p. 593)
■ statistics -- List OSPF packet statistics( OSPF sent,recieved and error packet count) of all OSPF
enabled interfaces(p. 594)
■ area -- Show OSPF areas configured on the device(p. 529)
■ external-link-state -- Show the Link State Advertisements from throughout the areas to which
the device is attached(p. 550)
■ interface -- Show OSPF interfaces' information(p. 559)
■ link-state -- Show all Link State Advertisements from throughout the areas to which the device
is attached(p. 565)
■ neighbor -- Show all OSPF neighbors in the locality of of the device(p. 573)
■ redistribute -- List protocols which are being redistributed into OSPF(p. 584)
■ restrict -- List routes which will not be redistributed via OSPF(p. 586)
■ traps -- Show OSPF traps enabled on the device(p. 599)
■ virtual-neighbor -- Show all virtual neighbors of the device(p. 603)
■ virtual-link -- Show status of all OSPF virtual links configured(p. 603)
output
■ show bandwidth output
Show outbound guaranteed minimum bandwidth.
Next Available Option:
■ port-list -- Specify ports for which information will be shown. ([ethernet] PORT-LIST) (p. 578)
PARAM-NAME
■ show snmpv3 params PARAM-NAME
Show a specific Target Parameter entry.
params
■ show snmpv3 params
Show SNMPv3 Target Parameters table.
Next Available Option:
■ PARAM-NAME -- Show a specific Target Parameter entry. (ASCII-STR) (p. 575)
peer
■ show ip rip peer
Usage: show ip rip peer [IP-ADDR]
Description: Show RIP peers. Invoked without parameters shows all RIP
peers of the device. If 'IP-ADDR' is specified only
the peer having the address is displayed.
Next Available Option:
■ peer-ip -- Specify IP address of the RIP peer to show. (IP-ADDR) (p. 576)
© 2009 Hewlett-Packard Development Company, L.P.
575
Command Line Interface Reference Guide
show
peer-ip
■ show ip rip peer IP-ADDR
Specify IP address of the RIP peer to show.
pending
■ show ip pim pending
Show (*,G) and (S,G) Join Pending Information.
■ show spanning-tree pending
Usage: show spanning-tree pending ...
Description: Show spanning tree pending configuration.
Use 'show spanning-tree pending ?' to see a list of all
available options.
Next Available Options:
■ mst-config -- Show multiple spanning tree pending region configuration.(p. 571)
■ instance -- Show multiple spanning tree instance pending configuration information.(p. 557)
pim
■ show ip pim
Usage: show ip pim [command]
Description: Show PIM protocol operational and configuration information.
The 'command' can be used to obtain more detailed information
of the protocol functionality. Use 'show ip pim ?' to get a
list of all possible commands.
Next Available Options:
■ mroute -- Show PIM-specific information from the IP multicast routing table(p. 571)
■ interface -- Show PIM interface information(p. 559)
■ neighbor -- Show PIM neighbor information(p. 573)
■ bsr -- Show Bootstrap Router information(p. 535)
■ rp-candidate -- Show Candidate-RP operational and configuration information(p. 588)
■ rp-set -- Show RP-Set information available on the router(p. 588)
■ rp-pending -- Show (*,*,RP) Join Pending Information. (p. 588)
■ pending -- Show (*,G) and (S,G) Join Pending Information. (p. 576)
policy
■ show policy
Show policy config.
Next Available Options:
■ name -- Enter policy name. (ASCII-STR) (p. 572)
■ resources -- Show the policy resources(p. 585)
© 2009 Hewlett-Packard Development Company, L.P.
576
Command Line Interface Reference Guide
show
policy-name
■ show statistics < policy > POLICY-NAME
Enter the name of acl/policy.
Next Available Options:
■ vlan -- Enter the statistics vlan. (VLAN-ID) (p. 603)
■ port -- Enter the statistics port. ([ethernet] PORT-NUM) (p. 577)
port
■ show instrumentation cam port
Usage: show instrumentation [<group>] [port|vlan <num>]
Description: Show internal version-dependant counters for debugging for thespecified
port or vlan number.
Next Available Option:
■ portNum < 1 to 409 > -- Show internal version-dependant counters for debugging for
thespecified port or vlan number (NUMBER) (p. 580)
■ show instrumentation port
Usage: show instrumentation [<group>] [port|vlan <num>]
Description: Show internal version-dependant counters for debugging for thespecified
port or vlan number.
Next Available Option:
■ portNum < 1 to 409 > -- Show internal version-dependant counters for debugging for
thespecified port or vlan number (NUMBER) (p. 580)
■ show statistics < aclv4 > ACL-NAME port [ETHERNET] PORT-NUM
Enter the statistics port.
■ show statistics < aclv6 > ACL-NAME port [ETHERNET] PORT-NUM
Enter the statistics port.
■ show statistics < policy > POLICY-NAME port [ETHERNET] PORT-NUM
Enter the statistics port.
port-access
■ show port-access
Usage: show port-access <authenticator [...] | supplicant [...]>
Description: Show 802.1X (Port Based Network Access) supplicant or
authenticator current status and configuration.
© 2009 Hewlett-Packard Development Company, L.P.
577
Command Line Interface Reference Guide
show
Next Available Options:
■ authenticator -- Show 802(p. 531)
■ supplicant -- Show 802(p. 596)
■ mac-based -- Show MAC Authentication statistics and configuration(p. 568)
■ web-based -- Show Web Authentication statistics and configuration(p. 609)
■ -- Show Web/MAC Authentication statistics and configuration ([ethernet] PORT-LIST) (p. 525)
■ config -- Show status of 802.1X, Web Auth, and MAC Auth configurations. (p. 540)
portlist
■ show ip source-lockdown bindings [ETHERNET] PORT-NUM
Specify the ports for which source bindings need to be displayed.
port-list
■ show interfaces [ETHERNET] PORT-LIST
Usage: show interfaces [ethernet] PORT-LIST
Description: Show summary of network traffic handled by the ports.
Next Available Option:
■ hc -- Show summary of network traffic handled by the ports(p. 554)
■ show interfaces brief [ETHERNET] PORT-LIST
Usage: show interfaces [ethernet] PORT-LIST
Description: Show summary of network traffic handled by the ports.
■ show lldp config [ETHERNET] PORT-LIST
Specify the port or list of ports.
■ show lldp info remote-device [ETHERNET] PORT-LIST
Show remote or local device information for the
specified ports.
■ show lldp info local-device [ETHERNET] PORT-LIST
Show remote or local device information for the
specified ports.
■ show lldp stats [ETHERNET] PORT-LIST
Specify the port or list of ports.
■ show loop-protect [ETHERNET] PORT-LIST
Show loop protection summary for ports.
■ show name [ETHERNET] PORT-LIST
Usage: show name [[ethernet] PORT-LIST]
© 2009 Hewlett-Packard Development Company, L.P.
578
Command Line Interface Reference Guide
show
Description: Show names assigned to the ports. If the PORT-LIST is not
specified the default is to list all of the ports.
■ show port-security [ETHERNET] PORT-LIST
Usage: show port-security [intrusion-log|[ethernet] PORT-LIST]
Description: Show a table describing port security settings.
o intrusion-log - Show the intrusion log records.
o PORT-LIST
- Show detailed information on particular ports in the
PORT-LIST specified.
■ show power-over-ethernet [ETHERNET] PORT-LIST
Usage: show power-over-ethernet [ethernet] PORT-LIST
Description: Show the ports' poe status.
■ show power-over-ethernet brief [ETHERNET] PORT-LIST
Usage: show power-over-ethernet [ethernet] PORT-LIST
Description: Show the ports' poe status.
■ show bandwidth output [ETHERNET] PORT-LIST
Specify ports for which information will be shown.
■ show rate-limit icmp [ETHERNET] PORT-LIST
Specify ports for which information will be shown.
■ show rate-limit all [ETHERNET] PORT-LIST
Specify ports for which information will be shown.
■ show rate-limit bcast [ETHERNET] PORT-LIST
Specify ports for which information will be shown.
■ show rate-limit mcast [ETHERNET] PORT-LIST
Specify ports for which information will be shown.
■ show sflow < 1 to 3 > sampling-polling [ETHERNET] PORT-LIST
Displays information about sampling and polling.
■ show spanning-tree [ETHERNET] PORT-LIST
Limit the port information printed to the set of the specified ports.
Next Available Options:
■ config -- Show spanning tree configuration information.(p. 540)
■ detail -- Show spanning tree extended details Port, Bridge, Rx, and Tx report.(p. 546)
■ instance -- Show spanning tree instance status information.(p. 557)
■ show spanning-tree bpdu-protection [ETHERNET] PORT-LIST
© 2009 Hewlett-Packard Development Company, L.P.
579
Command Line Interface Reference Guide
show
Limit the port information printed to the set of the specified ports.
■ show spanning-tree pvst-filter [ETHERNET] PORT-LIST
Limit the port information printed to the set of the specified ports.
■ show spanning-tree pvst-protection [ETHERNET] PORT-LIST
Limit the port information printed to the set of the specified ports.
■ show trunks [ETHERNET] PORT-LIST
Show the trunk information only for the ports specified.
portNum
■ show instrumentation cam port < 1 to 409 >
Usage: show instrumentation [<group>] [port|vlan <num>]
Description: Show internal version-dependant counters for debugging for thespecified
port or vlan number.
Range: < 1 to 409 >
■ show instrumentation port < 1 to 409 >
Usage: show instrumentation [<group>] [port|vlan <num>]
Description: Show internal version-dependant counters for debugging for thespecified
port or vlan number.
Range: < 1 to 409 >
port-priority
■ show qos port-priority
Usage: show qos port-priority
Description: Show the port-based priority table.
ports
■ show access-list ports [ETHERNET] PORT-LIST
Show ACLs applied to the specified ports.
■ show spanning-tree debug-counters instance < 0 to 16 > ports [ETHERNET] PORT-LIST
Show spanning tree port(s) debug counters information.
■ show spanning-tree debug-counters ports [ETHERNET] PORT-LIST
Show spanning tree port(s) debug counters information.
Next Available Option:
■ instance < 0 to 16 > -- Show spanning tree instance debug counters information. (NUMBER)
(p. 557)
■ show vlans ports [ETHERNET] PORT-LIST
© 2009 Hewlett-Packard Development Company, L.P.
580
Command Line Interface Reference Guide
show
Show VLANs that have at least one port from the 'PORT-LIST' as a member.
Next Available Option:
■ detail -- Display more info for each port from the 'PORT-LIST' separately.(p. 546)
■ show svlans ports [ETHERNET] PORT-LIST
Show VLANs that have at least one port from the 'PORT-LIST' as a member.
Next Available Option:
■ detail -- Display more info for each port from the 'PORT-LIST' separately.(p. 546)
port-security
■ show port-security
Usage: show port-security [intrusion-log|[ethernet] PORT-LIST]
Description: Show a table describing port security settings.
o intrusion-log - Show the intrusion log records.
o PORT-LIST
- Show detailed information on particular ports in the
PORT-LIST specified.
Next Available Options:
■ port-list -- Show a table describing port security settings ([ethernet] PORT-LIST) (p. 578)
■ intrusion-log -- Show the intrusion log records.(p. 561)
port-utilization
■ show interfaces port-utilization
Usage: show interfaces port-utilization
Description: Show the ports' bandwidth-utilization.
power-over-ethernet
■ show power-over-ethernet
Usage: show power-over-ethernet [brief|[ethernet] PORT-LIST]
Description: Show port poe configuration and status information.
o brief
- Show summary of poe status.
o [ethernet] PORT-LIST - Show the ports' power status.
Next Available Options:
■ port-list -- Show the ports' poe status ([ethernet] PORT-LIST) (p. 578)
■ brief -- Show summary of poe status(p. 535)
■ slot -- Show poe information of specified slot (SLOT-ID-RANGE) (p. 591)
© 2009 Hewlett-Packard Development Company, L.P.
581
Command Line Interface Reference Guide
show
power-supply
■ show system power-supply
Usage: show system power-supply
Description: Show Chassis Power Supply info and settings.
protocol-priority
■ show qos protocol-priority
Usage: show qos protocol
Description: Show the protocol priority.
pvst-filter
■ show spanning-tree pvst-filter
Show spanning tree PVST filter status information.
Next Available Option:
■ port-list -- Limit the port information printed to the set of the specified ports. ([ethernet]
PORT-LIST) (p. 578)
pvst-protection
■ show spanning-tree pvst-protection
Show spanning tree PVST protection status information.
Next Available Option:
■ port-list -- Limit the port information printed to the set of the specified ports. ([ethernet]
PORT-LIST) (p. 578)
qinq
■ show qinq
Usage:
show qinq
Description:
show qinq configuration details.
qos
■ show qos
Usage: show qos ...
Description: Show various QoS settings. Use 'show qos ?' for the
list of all possible options.
Next Available Options:
■ device-priority -- Show the device priority table (priority based on the IP addresses)(p. 548)
■ dscp-map -- Show mappings between DSCP policy and 802(p. 549)
■ port-priority -- Show the port-based priority table(p. 580)
© 2009 Hewlett-Packard Development Company, L.P.
582
Command Line Interface Reference Guide
■
■
■
■
■
■
show
protocol-priority -- Show the protocol priority(p. 582)
tcp-udp-port-priority -- Show TCP/UDP port priorities(p. 598)
type-of-service -- Show QoS priorities based on IP Type-of-Service(p. 601)
vlan-priority -- Show the VLAN-based priority table(p. 607)
resources -- Show the qos resources(p. 585)
queue-config -- Displays outbound port queues configuration information. (p. 583)
queue-config
■ show qos queue-config
Displays outbound port queues configuration information.
-r
■ show debug buffer -r
Display messages in reverse order (most recent first).
■ show logging -r
Display log events in reverse order (most recent first).
radio-ports
■ show wireless-services SLOT-ID radio-ports
Display radio-ports associated with a wireless-services module.
■ show lldp auto-provision radio-ports
Show LLDP radio-ports information.
radius
■ show access-list radius [ETHERNET] PORT-LIST
Display ACLs applied via RADIUS.
■ show radius
Usage: show radius [authentication|accounting|dyn-authorization|host <IP-ADDR>]
Description: Show RADIUS status and statistics information. Invoked without
parameters shows general RADIUS configuration for the switch.
o authentication - show RADIUS authentication statistics information.
o accounting
- show RADIUS accounting statistics information.
o dyn-authorization - show RADIUS dynamic authorization statistics
information.
o host <IP-ADDR>
- show comprehensive statistics information for the
host.
© 2009 Hewlett-Packard Development Company, L.P.
583
Command Line Interface Reference Guide
show
Next Available Options:
■ authentication -- Show RADIUS authentication statistics(p. 531)
■ accounting -- Show RADIUS accounting statistics(p. 528)
■ dyn-authorization -- Show RADIUS dynamic authorization statistics(p. 549)
■ host -- Show statistics information for the RADIUS host (IP-ADDR) (p. 555)
rate-limit
■ show rate-limit
Usage: show
show
show
show
show
rate-limit
rate-limit
rate-limit
rate-limit
rate-limit
all [PORT-LIST] [detailed]
ip access-group [PORT-LIST]
icmp [PORT-LIST]
bcast [PORT-LIST] [detailed]
mcast [PORT-LIST] [detailed]
Description: Show rate limit maximum percentages. If PORT-LIST parameter is
specified, information is shown only for the specified ports.
Use
Use
Use
Use
Use
Use
'all' to show limits applied to all traffic.
'ip' to show limits applied to access control lists.
'icmp' to show limits for ICMP traffic.
'bcast' to show limits for Broadcast traffic.
'mcast' to show limits for Multicast traffic.
'detailed' to show Inbound Radius Override details.
Next Available Options:
■ icmp -- Show only limits for icmp traffic.(p. 556)
■ all -- Show limits for all traffic.(p. 529)
■ bcast -- Show limits for ingress broadcast traffic.(p. 534)
■ mcast -- Show limits for ingress multicast traffic.(p. 569)
receiver-index
■ show sflow < 1 to 3 >
Select one of the three possible sFlow receiver tables.
Range: < 1 to 3 >
Next Available Options:
■ destination -- Displays information about the receiver/collector/management-station to which
the sampling-polling data is sent.(p. 546)
■ sampling-polling -- Displays information about sampling and polling.(p. 589)
redistribute
■ show ip ospf redistribute
Usage: show ip ospf redistribute
Description: List protocols which are being redistributed into OSPF.
■ show ip rip redistribute
© 2009 Hewlett-Packard Development Company, L.P.
584
Command Line Interface Reference Guide
show
Usage: show ip rip redistribute
Description: List protocols which are being redistributed into RIP.
redundancy
■ show redundancy
Usage: show redundancy
Description: Display redundant information for Management and Fabric Modules.
remote-device
■ show lldp info remote-device
Show LLDP remote device information.
Next Available Option:
■ port-list -- Show remote or local device information for the specified ports. ([ethernet]
PORT-LIST) (p. 578)
resources
■ show access-list resources
Display ACL Rules/Masks availability.
■ show qos resources
Usage: show qos resources
Description: Show the qos resources.
■ show policy resources
Usage: show policy resources
Description: Show the policy resources.
resptime
■ show instrumentation resptime
Usage: show instrumentation resptime
Description: show service response time data for performance
sensitive operations registered for response time
measurement.
Next Available Option:
■ option -- Filter response time metrics shown to those services whose name contains the
specified substring of up to 16 chars. (ASCII-STR) (p. 574)
© 2009 Hewlett-Packard Development Company, L.P.
585
Command Line Interface Reference Guide
show
restrict
■ show ip ospf restrict
Usage: show ip ospf restrict
Description: List routes which will not be redistributed via OSPF.
■ show ip rip restrict
Usage: show ip rip restrict
Description: List routes which will not be redistributed via RIP.
restricted-access
■ show snmpv3 restricted-access
Show SNMPv1 and SNMPv2c access properties.
rip
■ show ip rip
Usage: show ip rip [command]
Description: Show RIP operational and configuration information.
The 'command' can be used to obtain more detailed information
of the protocol functionality. Use 'show ip rip ?' to get a
list of all possible commands.
Next Available Options:
■ general -- Show RIP basic configuration and operational information(p. 553)
■ interface -- Show RIP interfaces' information(p. 559)
■ peer -- Show RIP peers(p. 575)
■ redistribute -- List protocols which are being redistributed into RIP(p. 584)
■ restrict -- List routes which will not be redistributed via RIP(p. 586)
rmon
■ show rmon
Usage: show rmon statistics PORT-LIST
Description: Show detailed rmon statistics for the ports.
o statistics PORT-LIST - Show statistics measured by the
probe for the ports.
Next Available Option:
■ statistics -- Show RMON statistics for the ports ([ethernet] PORT-LIST) (p. 594)
root-history
■ show spanning-tree root-history
Show spanning tree Root changes history information.
© 2009 Hewlett-Packard Development Company, L.P.
586
Command Line Interface Reference Guide
show
Next Available Options:
■ cst -- Show CST Root changes history.(p. 544)
■ ist -- Show IST Regional Root changes history.(p. 563)
■ msti < 1 to 16 > -- Show MSTI Regional Root changes history. (NUMBER) (p. 572)
route
■ show ip route
Usage: show ip route [IP-ADDR] [static|connected|rip|ospf]
Description: Show the IP routing table.
The output may be restricted to a specific destination or
type of route.
Next Available Options:
■ ip-addr -- Destination IP address to display the routes to. (IP-ADDR) (p. 561)
■ type < static | connected | rip | ... > -- Specify type of routes to display.(p. 600)
■ show ipv6 route
Usage: show ipv6 route [IPV6-ADDR] [static|connected|ospf]
Description: Show the IPv6 routing table.
The output may be restricted to a specific destination or
type of route.
Next Available Options:
■ ipv6-addr -- Destination IPv6 address to display the routes to. (IPV6-ADDR) (p. 563)

advertisement

Was this manual useful for you? Yes No
Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Related manuals

Download PDF

advertisement