ExtremeWare XOS Command Reference Guide
Software Version 11.1
Extreme Networks, Inc.
3585 Monroe Street
Santa Clara, California 95051
(888) 257-3000
(408) 579-2800
http://www.extremenetworks.com
Published: December 2004
Part number: 100171-00 Rev 01
Alpine, Altitude, BlackDiamond, EPICenter, Ethernet Everywhere, Extreme Ethernet Everywhere, Extreme
Networks, Extreme Turbodrive, Extreme Velocity, ExtremeWare, ExtremeWorks, GlobalPx Content Director, the Go
Purple Extreme Solution Partners Logo, ServiceWatch, Summit, the Summit7i Logo, and the Color Purple, among
others, are trademarks or registered trademarks of Extreme Networks, Inc. or its subsidiaries in the United States
and other countries. Other names and marks may be the property of their respective owners.
© 2004 Extreme Networks, Inc. All Rights Reserved.
Specifications are subject to change without notice.
The ExtremeWare XOS operating system is based, in part, on the Linux operating system. The machine-readable
copy of the corresponding source code is available for the cost of distribution. Please direct requests to Extreme
Networks for more information at the following address:
Software Licensing Department
3585 Monroe Street
Santa Clara CA 95051
NetWare and Novell are registered trademarks of Novell, Inc. Merit is a registered trademark of Merit Network,
Inc. Solaris is a trademark of Sun Microsystems, Inc. F5, BIG/ip, and 3DNS are registered trademarks of F5
Networks, Inc. see/IT is a trademark of F5 Networks, Inc.
sFlow® is a registered trademark of InMon Corporation.
All other registered trademarks, trademarks and service marks are property of their respective owners.
123456789
Authors: Hugh Bussell, Megan Mahar, Peggy Murphy
Production: Megan Mahar
ExtremeWare XOS 11.1 Command Reference Guide
2
Contents
Preface......................................................................................................................................... 23
Chapter 1: Command Reference Overview....................................................................................... 25
Chapter 2: Commands for Accessing the Switch.............................................................................. 31
clear session.............................................................................................................................32
configure account .....................................................................................................................33
configure banner .......................................................................................................................35
configure cli max-sessions .........................................................................................................36
configure cli max-failed-logins....................................................................................................37
configure dns-client add ............................................................................................................38
configure dns-client default-domain............................................................................................40
configure dns-client delete.........................................................................................................41
configure failsafe-account ..........................................................................................................43
configure idletimeout ................................................................................................................45
configure time ..........................................................................................................................46
configure timezone....................................................................................................................47
create account ..........................................................................................................................51
delete account ..........................................................................................................................53
disable cli space-completion ......................................................................................................55
disable clipaging .......................................................................................................................56
disable idletimeout....................................................................................................................57
enable cli space-completion .......................................................................................................58
enable clipaging........................................................................................................................59
enable idletimeout ....................................................................................................................60
enable license ..........................................................................................................................61
history......................................................................................................................................63
ping.........................................................................................................................................64
reboot ......................................................................................................................................66
show account............................................................................................................................68
show banner .............................................................................................................................70
show dns-client.........................................................................................................................71
show licenses ...........................................................................................................................72
show switch..............................................................................................................................74
traceroute.................................................................................................................................76
Chapter 3: Commands for Managing the Switch .............................................................................. 79
configure
configure
configure
configure
node priority...............................................................................................................81
snmp add community..................................................................................................83
snmp add trapreceiver.................................................................................................85
snmp delete community ..............................................................................................87
ExtremeWare XOS 11.1 Command Reference Guide
3
Contents
configure snmp delete trapreceiver .............................................................................................89
configure snmp sysContact.........................................................................................................90
configure snmp sysLocation .......................................................................................................91
configure snmp sysName ...........................................................................................................92
configure snmpv3 add access.....................................................................................................93
configure snmpv3 add community ..............................................................................................95
configure snmpv3 add filter .......................................................................................................97
configure snmpv3 add filter-profile .............................................................................................99
configure snmpv3 add group user .............................................................................................100
configure snmpv3 add mib-view ...............................................................................................102
configure snmpv3 add notify ....................................................................................................104
configure snmpv3 add target-addr ............................................................................................105
configure snmpv3 add target-params ........................................................................................107
configure snmpv3 add user ......................................................................................................109
configure snmpv3 add user clone-from......................................................................................111
configure snmpv3 delete access ...............................................................................................112
configure snmpv3 delete community.........................................................................................114
configure snmpv3 delete filter ..................................................................................................115
configure snmpv3 delete filter-profile........................................................................................116
configure snmpv3 delete group user..........................................................................................117
configure snmpv3 delete mib-view ............................................................................................119
configure snmpv3 delete notify.................................................................................................121
configure snmpv3 delete target-addr .........................................................................................122
configure snmpv3 delete target-params .....................................................................................123
configure snmpv3 delete user...................................................................................................124
configure snmpv3 engine-boots ................................................................................................126
configure snmpv3 engine-id .....................................................................................................127
configure sntp-client ...............................................................................................................128
configure sntp-client update-interval .........................................................................................130
configure telnet port ................................................................................................................131
configure telnet vr ...................................................................................................................132
disable dhcp vlan ....................................................................................................................134
disable snmp access ...............................................................................................................135
disable snmp traps ..................................................................................................................136
disable sntp-client ..................................................................................................................137
disable telnet..........................................................................................................................138
disable watchdog ....................................................................................................................139
enable dhcp vlan.....................................................................................................................140
enable snmp access ................................................................................................................141
enable snmp traps...................................................................................................................143
enable sntp-client ...................................................................................................................144
enable telnet ..........................................................................................................................145
enable watchdog .....................................................................................................................146
exit ........................................................................................................................................147
logout ....................................................................................................................................148
quit .......................................................................................................................................149
ExtremeWare XOS 11.1 Command Reference Guide
4
Contents
show dhcp-client state.............................................................................................................150
show checkpoint-data ..............................................................................................................151
show management ..................................................................................................................153
show node ..............................................................................................................................155
show odometers ......................................................................................................................157
show power ............................................................................................................................159
show power budget..................................................................................................................161
show power controller ..............................................................................................................165
show session ..........................................................................................................................167
show snmpv3 access ...............................................................................................................169
show snmpv3 context ..............................................................................................................172
show snmpv3 counters ............................................................................................................173
show snmpv3 engine-info.........................................................................................................175
show snmpv3 filter ..................................................................................................................176
show snmpv3 filter-profile........................................................................................................178
show snmpv3 group.................................................................................................................180
show snmpv3 mib-view ............................................................................................................183
show snmpv3 notify.................................................................................................................185
show snmpv3 target-addr .........................................................................................................186
show snmpv3 extreme-target-addr-ext .......................................................................................188
show snmpv3 target-params .....................................................................................................189
show snmpv3 user...................................................................................................................191
show sntp-client......................................................................................................................193
telnet.....................................................................................................................................195
tftp ........................................................................................................................................197
Chapter 4: Commands for Managing the ExtremeWare XOS Software.............................................. 199
cp..........................................................................................................................................200
ls...........................................................................................................................................202
mv.........................................................................................................................................204
rm .........................................................................................................................................206
show heartbeat process............................................................................................................208
show memory process ..............................................................................................................211
show process ..........................................................................................................................213
start process ...........................................................................................................................217
terminate process....................................................................................................................219
Chapter 5: Commands for Configuring Slots and Ports on a Switch................................................. 221
clear counters edp...................................................................................................................223
clear slot ................................................................................................................................224
configure edp advertisement-interval.........................................................................................225
configure ip-mtu vlan ..............................................................................................................226
configure jumbo-frame-size ......................................................................................................228
configure mirroring add ...........................................................................................................230
configure mirroring delete ........................................................................................................232
configure ports auto off............................................................................................................234
ExtremeWare XOS 11.1 Command Reference Guide
5
Contents
configure ports auto on ............................................................................................................236
configure ports display-string ...................................................................................................237
configure ports redundant ........................................................................................................238
configure sharing add ports ......................................................................................................240
configure sharing address-based ...............................................................................................242
configure sharing delete ports ..................................................................................................244
configure slot..........................................................................................................................245
disable edp ports ....................................................................................................................247
disable jumbo-frame ports .......................................................................................................248
disable learning port................................................................................................................249
disable mirroring .....................................................................................................................250
disable port ............................................................................................................................251
disable sharing .......................................................................................................................252
disable slot.............................................................................................................................253
disable smartredundancy .........................................................................................................255
enable edp ports .....................................................................................................................256
enable jumbo-frame ports ........................................................................................................258
enable learning port ................................................................................................................260
enable mirroring to port ...........................................................................................................261
enable port .............................................................................................................................263
enable sharing grouping...........................................................................................................264
enable slot .............................................................................................................................267
enable smartredundancy ..........................................................................................................269
restart ports............................................................................................................................270
run msm-failover .....................................................................................................................271
show edp................................................................................................................................273
show mirroring ........................................................................................................................275
show ports collisions ...............................................................................................................277
show ports configuration ..........................................................................................................279
show ports information ............................................................................................................281
show ports packet ...................................................................................................................285
show ports redundant ..............................................................................................................287
show ports sharing ..................................................................................................................288
show slot................................................................................................................................290
unconfigure ports display string ................................................................................................295
unconfigure ports redundant ....................................................................................................296
unconfigure slot ......................................................................................................................297
Chapter 6: Power Over Ethernet Commands................................................................................... 299
clear inline-power stats ports....................................................................................................300
configure inline-power budget slot ............................................................................................302
configure inline-power disconnect-precedence ...........................................................................304
configure inline-power label ports .............................................................................................306
configure inline-power operator-limit ports.................................................................................308
configure inline-power priority ports ..........................................................................................309
configure inline-power usage-threshold......................................................................................310
ExtremeWare XOS 11.1 Command Reference Guide
6
Contents
disable inline-power ................................................................................................................311
disable inline-power legacy slot ................................................................................................313
disable inline-power ports ........................................................................................................314
disable inline-power slot ..........................................................................................................315
enable inline-power .................................................................................................................316
enable inline-power legacy slot .................................................................................................318
enable inline-power ports .........................................................................................................319
enable inline-power slot ...........................................................................................................321
reset inline-power ports ...........................................................................................................322
show inline-power ...................................................................................................................323
show inline-power configuration ports........................................................................................326
show inline-power info ports.....................................................................................................328
show inline-power slot .............................................................................................................331
show inline-power stats ports....................................................................................................333
show inline-power stats slot......................................................................................................335
unconfigure inline-power budget slot.........................................................................................336
unconfigure inline-power disconnect-precedence........................................................................337
unconfigure inline-power operator-limit ports .............................................................................338
unconfigure inline-power priority ports ......................................................................................339
unconfigure inline-power usage-threshold ..................................................................................340
Chapter 7: Commands for Status Monitoring and Statistics ............................................................ 341
clear counters .........................................................................................................................343
clear log .................................................................................................................................344
clear log counters....................................................................................................................345
configure log display ...............................................................................................................347
configure log filter events.........................................................................................................348
configure log filter events match...............................................................................................351
configure log target filter..........................................................................................................354
configure log target format .......................................................................................................357
configure log target match .......................................................................................................361
configure log target severity......................................................................................................363
configure log target syslog........................................................................................................365
configure sflow agent ipaddress ................................................................................................367
configure sflow collector ipaddress............................................................................................368
configure sflow max-cpu-sample-limit .......................................................................................369
configure sflow poll-interval .....................................................................................................370
configure sflow ports sample-rate..............................................................................................371
configure sflow sample-rate......................................................................................................373
configure sys-health-check interval ...........................................................................................374
configure sys-recovery-level ......................................................................................................377
configure syslog add ................................................................................................................378
configure syslog delete ............................................................................................................380
create log filter .......................................................................................................................381
delete log filter .......................................................................................................................383
disable cli-config-logging .........................................................................................................384
ExtremeWare XOS 11.1 Command Reference Guide
7
Contents
disable log debug-mode ...........................................................................................................385
disable log display...................................................................................................................386
disable log target ....................................................................................................................387
disable rmon ..........................................................................................................................389
disable sflow ..........................................................................................................................391
disable sflow ports ..................................................................................................................392
disable sys-health-check ..........................................................................................................393
disable syslog .........................................................................................................................395
enable cli-config-logging ..........................................................................................................396
enable log debug-mode............................................................................................................397
enable log display ...................................................................................................................398
enable log target .....................................................................................................................399
enable rmon ...........................................................................................................................401
enable sflow ...........................................................................................................................403
enable sflow ports ...................................................................................................................404
enable sys-health-check...........................................................................................................405
enable syslog ..........................................................................................................................407
show fans ...............................................................................................................................408
show log.................................................................................................................................411
show log components ..............................................................................................................415
show log configuration .............................................................................................................419
show log configuration filter .....................................................................................................421
show log configuration target....................................................................................................423
show log counters ...................................................................................................................425
show log events.......................................................................................................................427
show memory..........................................................................................................................429
show ports rxerrors ..................................................................................................................432
show ports statistics ................................................................................................................434
show ports txerrors ..................................................................................................................436
show rmon memory .................................................................................................................438
show sflow configuration ..........................................................................................................441
show sflow statistics ................................................................................................................443
show temperature....................................................................................................................445
show version ...........................................................................................................................447
unconfigure log filter ...............................................................................................................450
unconfigure log target format ...................................................................................................451
unconfigure sflow....................................................................................................................453
unconfigure sflow agent ...........................................................................................................454
unconfigure sflow collector.......................................................................................................455
unconfigure sflow ports............................................................................................................456
upload log ..............................................................................................................................457
Chapter 8: VLAN Commands......................................................................................................... 459
configure protocol add .............................................................................................................460
configure protocol delete .........................................................................................................462
configure vlan add ports ..........................................................................................................463
ExtremeWare XOS 11.1 Command Reference Guide
8
Contents
configure vlan delete ports .......................................................................................................465
configure vlan ipaddress ..........................................................................................................466
configure vlan name ................................................................................................................467
configure vlan protocol ............................................................................................................468
configure vlan tag ...................................................................................................................470
configure vman add ports.........................................................................................................471
configure vman delete ports .....................................................................................................473
configure vman ethertype.........................................................................................................474
configure vman tag..................................................................................................................475
create protocol........................................................................................................................476
create vlan .............................................................................................................................477
create vman............................................................................................................................479
delete protocol........................................................................................................................481
delete vlan .............................................................................................................................482
delete vman............................................................................................................................483
disable loopback-mode vlan .....................................................................................................484
enable loopback-mode vlan ......................................................................................................485
show protocol .........................................................................................................................486
show vlan ...............................................................................................................................487
show vman .............................................................................................................................490
unconfigure vlan ipaddress.......................................................................................................492
Chapter 9: Commands for Virtual Routers...................................................................................... 493
create virtual-router .................................................................................................................494
configure vr add protocol .........................................................................................................495
configure vr add ports..............................................................................................................496
configure vr delete protocol ......................................................................................................497
configure vr delete ports ..........................................................................................................498
delete virtual-router .................................................................................................................499
show virtual-router ..................................................................................................................500
virtual-router...........................................................................................................................502
Chapter 10: FDB Commands ......................................................................................................... 505
clear fdb ................................................................................................................................506
configure fdb agingtime ...........................................................................................................507
create fdbentry vlan ports ........................................................................................................508
delete fdbentry .......................................................................................................................510
show fdb ................................................................................................................................511
Chapter 11: Policy and ACL Commands ........................................................................................ 513
check policy ...........................................................................................................................514
check policy attribute ..............................................................................................................515
clear access-list counter ..........................................................................................................516
clear access-list meter .............................................................................................................517
configure access-list................................................................................................................518
configure meter ......................................................................................................................520
create meter ...........................................................................................................................522
ExtremeWare XOS 11.1 Command Reference Guide
9
Contents
delete meter ...........................................................................................................................523
disable access-list refresh blackhole .........................................................................................524
edit policy ..............................................................................................................................525
enable access-list refresh blackhole ..........................................................................................527
refresh policy..........................................................................................................................528
show access-list ......................................................................................................................529
show access-list configuration ..................................................................................................530
show access-list counter ..........................................................................................................531
show access-list meter.............................................................................................................533
show policy ............................................................................................................................534
unconfigure access-list ............................................................................................................535
Chapter 12: QoS Commands......................................................................................................... 537
configure diffserv examination code-point..................................................................................539
configure diffserv replacement .................................................................................................541
configure dot1p type ...............................................................................................................543
configure ports qosprofile.........................................................................................................545
configure ports rate-limit egress................................................................................................546
configure qosprofile ingress ports..............................................................................................548
configure qosprofile ports.........................................................................................................550
configure qosprofile weight ......................................................................................................552
configure qosscheduler ............................................................................................................554
configure vlan qosprofile..........................................................................................................555
create qosprofile .....................................................................................................................556
delete qosprofile .....................................................................................................................557
disable diffserv examination port ..............................................................................................558
disable diffserv replacement port ..............................................................................................559
disable dot1p replacement ports...............................................................................................560
enable diffserv examination port ...............................................................................................561
enable diffserv replacement ports .............................................................................................562
enable dot1p replacement ports ...............................................................................................564
show diffserv ..........................................................................................................................566
show dot1p ............................................................................................................................568
show ports qosmonitor .............................................................................................................570
show qosprofile .......................................................................................................................572
unconfigure diffserv ................................................................................................................575
unconfigure qosprofile .............................................................................................................576
Chapter 13: Security Commands .................................................................................................. 579
clear vlan dhcp-address-allocation ............................................................................................581
clear netlogin state..................................................................................................................582
clear netlogin state mac-address...............................................................................................583
configure dos-protect acl-expire................................................................................................584
configure dos-protect interval ...................................................................................................585
configure dos-protect trusted ports............................................................................................586
configure dos-protect type l3-protect alert-threshold ...................................................................587
ExtremeWare XOS 11.1 Command Reference Guide
10
Contents
configure dos-protect type l3-protect notify-threshold .................................................................588
configure netlogin add mac-list ................................................................................................589
configure netlogin banner ........................................................................................................590
configure netlogin base-url.......................................................................................................591
configure netlogin delete mac-list .............................................................................................592
configure netlogin dot1x eapol-transmit-version .........................................................................593
configure netlogin dot1x timers ................................................................................................594
configure netlogin redirect-page ...............................................................................................595
configure netlogin vlan ............................................................................................................596
configure ports limit-learning lock-learning ................................................................................597
configure radius server.............................................................................................................600
configure radius shared-secret ..................................................................................................601
configure radius timeout ..........................................................................................................602
configure radius-accounting server............................................................................................603
configure radius-accounting shared-secret .................................................................................604
configure radius-accounting timeout .........................................................................................605
configure ssh2 key ..................................................................................................................606
configure tacacs server ............................................................................................................608
configure tacacs shared-secret .................................................................................................610
configure tacacs timeout..........................................................................................................611
configure tacacs-accounting server ...........................................................................................612
configure tacacs-accounting shared-secret.................................................................................613
configure tacacs-accounting timeout .........................................................................................614
configure vlan dhcp-address-range............................................................................................615
configure vlan dhcp-lease-timer................................................................................................616
configure vlan dhcp-options .....................................................................................................617
configure vlan netlogin-lease-timer ...........................................................................................619
disable dos-protect..................................................................................................................620
disable dhcp ports vlan............................................................................................................621
disable netlogin ......................................................................................................................622
disable netlogin logout-privilege ...............................................................................................623
disable netlogin ports ..............................................................................................................624
disable netlogin session-refresh ................................................................................................625
disable radius .........................................................................................................................626
disable radius-accounting ........................................................................................................627
disable ssh2 ...........................................................................................................................628
disable tacacs.........................................................................................................................629
disable tacacs-accounting ........................................................................................................630
disable tacacs-authorization .....................................................................................................631
enable dos-protect ..................................................................................................................632
enable dhcp ports vlan ............................................................................................................633
enable netlogin .......................................................................................................................634
enable netlogin logout-privilege ................................................................................................635
enable netlogin ports ...............................................................................................................636
enable netlogin session-refresh.................................................................................................638
enable radius..........................................................................................................................639
ExtremeWare XOS 11.1 Command Reference Guide
11
Contents
enable radius-accounting .........................................................................................................640
enable ssh2............................................................................................................................641
enable tacacs .........................................................................................................................643
enable tacacs-accounting.........................................................................................................644
enable tacacs-authorization......................................................................................................645
show banner netlogin...............................................................................................................646
show dhcp-server ....................................................................................................................647
show dos-protect .....................................................................................................................648
show netlogin .........................................................................................................................650
show netlogin mac-list .............................................................................................................653
show radius ............................................................................................................................654
show radius-accounting ...........................................................................................................655
show tacacs............................................................................................................................657
show tacacs-accounting ...........................................................................................................658
show vlan dhcp-address-allocation ............................................................................................659
show vlan dhcp-config .............................................................................................................660
unconfigure netlogin vlan.........................................................................................................661
unconfigure radius ..................................................................................................................662
unconfigure radius-accounting..................................................................................................663
unconfigure tacacs ..................................................................................................................664
unconfigure tacacs-accounting .................................................................................................665
unconfigure vlan dhcp .............................................................................................................666
unconfigure vlan dhcp-address-range ........................................................................................667
unconfigure vlan dhcp-options..................................................................................................668
Chapter 14: CLEARFlow Commands .............................................................................................. 669
disable clear-flow ....................................................................................................................670
enable clear-flow.....................................................................................................................671
show clear-flow .......................................................................................................................672
show clear-flow acl-modified ....................................................................................................673
show clear-flow rule.................................................................................................................674
show clear-flow rule-all ............................................................................................................676
show clear-flow rule-triggered ...................................................................................................678
Chapter 15: EAPS Commands....................................................................................................... 679
configure
configure
configure
configure
configure
configure
configure
configure
configure
configure
configure
eaps
eaps
eaps
eaps
eaps
eaps
eaps
eaps
eaps
eaps
eaps
add control vlan ................................................................................................681
add protect vlan ................................................................................................683
delete control vlan.............................................................................................684
delete protect vlan.............................................................................................685
failtime ............................................................................................................686
failtime expiry-action .........................................................................................688
fast-convergence ...............................................................................................690
hellotime..........................................................................................................692
mode ...............................................................................................................694
name ...............................................................................................................695
port .................................................................................................................696
ExtremeWare XOS 11.1 Command Reference Guide
12
Contents
configure eaps shared-port link-id.............................................................................................698
configure eaps shared-port mode ..............................................................................................699
configure eaps shared-port segment-timeout expiry-action...........................................................700
create eaps.............................................................................................................................702
create eaps shared-port ...........................................................................................................703
delete eaps.............................................................................................................................704
delete eaps shared-port ...........................................................................................................705
disable eaps ...........................................................................................................................706
enable eaps ............................................................................................................................707
show eaps ..............................................................................................................................709
show eaps shared-port .............................................................................................................713
show vlan eaps .......................................................................................................................718
unconfigure eaps shared-port link-id .........................................................................................720
unconfigure eaps shared-port mode ..........................................................................................721
unconfigure eaps port ..............................................................................................................722
Chapter 16: STP Commands......................................................................................................... 723
clear counters stp ...................................................................................................................726
configure stpd add vlan ...........................................................................................................728
configure stpd default-encapsulation.........................................................................................731
configure stpd delete vlan ........................................................................................................733
configure stpd forwarddelay .....................................................................................................734
configure stpd hellotime ..........................................................................................................735
configure stpd maxage.............................................................................................................736
configure stpd mode................................................................................................................737
configure stpd ports cost..........................................................................................................738
configure stpd ports link-type ...................................................................................................740
configure stpd ports mode........................................................................................................742
configure stpd ports priority .....................................................................................................744
configure stpd priority .............................................................................................................745
configure stpd tag ...................................................................................................................746
configure vlan add ports stpd ...................................................................................................747
create stpd .............................................................................................................................749
delete stpd .............................................................................................................................751
disable stpd............................................................................................................................752
disable stpd auto-bind .............................................................................................................753
disable stpd ports ...................................................................................................................754
disable stpd rapid-root-failover .................................................................................................755
enable stpd ............................................................................................................................756
enable stpd auto-bind..............................................................................................................757
enable stpd ports ....................................................................................................................759
enable stpd rapid-root-failover ..................................................................................................760
show stpd...............................................................................................................................761
show stpd ports.......................................................................................................................763
show vlan stpd ........................................................................................................................765
ExtremeWare XOS 11.1 Command Reference Guide
13
Contents
unconfigure stpd .....................................................................................................................767
unconfigure stpd ports link-type ...............................................................................................768
Chapter 17: ESRP Commands....................................................................................................... 769
clear esrp counters ..................................................................................................................771
clear esrp neighbor..................................................................................................................773
clear esrp sticky ......................................................................................................................774
configure esrp add elrp-poll ports .............................................................................................776
configure esrp add master........................................................................................................777
configure esrp add member......................................................................................................778
configure esrp add track-environment........................................................................................779
configure esrp add track-iproute ...............................................................................................780
configure esrp add track-ping ...................................................................................................781
configure esrp add track-vlan ...................................................................................................782
configure esrp delete elrp-poll ports ..........................................................................................783
configure esrp delete master ....................................................................................................784
configure esrp delete member ..................................................................................................785
configure esrp delete track-environment ....................................................................................786
configure esrp delete track-iproute............................................................................................787
configure esrp delete track-ping................................................................................................788
configure esrp delete track-vlan ................................................................................................789
configure esrp domain-id .........................................................................................................790
configure esrp election-policy ...................................................................................................791
configure esrp elrp-master-poll disable ......................................................................................794
configure esrp elrp-master-poll enable.......................................................................................795
configure esrp elrp-premaster-poll disable .................................................................................797
configure esrp elrp-premaster-poll enable ..................................................................................798
configure esrp group................................................................................................................800
configure esrp mode ................................................................................................................802
configure esrp name ................................................................................................................804
configure esrp ports mode........................................................................................................805
configure esrp ports no-restart ..................................................................................................806
configure esrp ports restart ......................................................................................................807
configure esrp ports weight ......................................................................................................808
configure esrp priority..............................................................................................................810
configure esrp timer hello ........................................................................................................811
configure esrp timer neighbor...................................................................................................813
configure esrp timer neutral .....................................................................................................815
configure esrp timer premaster .................................................................................................816
configure esrp timer restart ......................................................................................................818
create esrp .............................................................................................................................819
delete esrp .............................................................................................................................821
disable esrp............................................................................................................................822
enable esrp ............................................................................................................................823
show esrp ...............................................................................................................................824
show esrp counters..................................................................................................................827
ExtremeWare XOS 11.1 Command Reference Guide
14
Contents
Chapter 18: VRRP Commands....................................................................................................... 829
clear counters vrrp ..................................................................................................................831
configure vrrp vlan vrid add ipaddress .......................................................................................832
configure vrrp vlan vrid add track-iproute...................................................................................833
configure vrrp vlan vrid add track-ping ......................................................................................834
configure vrrp vlan vrid add track-vlan.......................................................................................835
configure vrrp vlan vrid advertisement-interval ...........................................................................836
configure vrrp vlan vrid authentication.......................................................................................837
configure vrrp vlan vrid delete ipaddress....................................................................................838
configure vrrp vlan vrid delete track-iproute ...............................................................................839
configure vrrp vlan vrid delete track-ping ...................................................................................840
configure vrrp vlan vrid delete track-vlan ...................................................................................841
configure vrrp vlan vrid dont-preempt........................................................................................842
configure vrrp vlan vrid preempt ...............................................................................................843
configure vrrp vlan vrid priority .................................................................................................844
create vrrp vlan vrid.................................................................................................................845
delete vrrp vlan vrid.................................................................................................................846
disable vrrp vrid ......................................................................................................................847
enable vrrp vrid.......................................................................................................................848
show vrrp ...............................................................................................................................849
show vrrp vlan.........................................................................................................................851
Chapter 19: IP Unicast Commands ............................................................................................... 853
clear iparp..............................................................................................................................855
configure bootprelay add..........................................................................................................856
configure bootprelay delete ......................................................................................................857
configure bootprelay dhcp-agent information check ....................................................................858
configure bootprelay dhcp-agent information option....................................................................859
configure bootprelay dhcp-agent information policy ....................................................................861
configure iparp add .................................................................................................................862
configure iparp add proxy.........................................................................................................863
configure iparp delete..............................................................................................................865
configure iparp delete proxy .....................................................................................................866
configure iparp max_entries .....................................................................................................868
configure iparp max_pending_entries ........................................................................................869
configure iparp max_proxy_entries ............................................................................................870
configure iparp timeout ...........................................................................................................871
configure iproute add ..............................................................................................................872
configure iproute add blackhole................................................................................................873
configure iproute add blackhole default.....................................................................................874
configure iproute add default ...................................................................................................875
configure iproute delete ...........................................................................................................876
configure iproute delete blackhole ............................................................................................877
configure iproute delete blackhole default .................................................................................878
configure iproute delete default ................................................................................................879
configure iproute priority..........................................................................................................880
ExtremeWare XOS 11.1 Command Reference Guide
15
Contents
configure irdp .........................................................................................................................882
configure vlan add secondary-ipaddress.....................................................................................883
configure vlan delete secondary-ipaddress .................................................................................884
disable bootp vlan ...................................................................................................................885
disable bootprelay ...................................................................................................................886
disable icmp address-mask ......................................................................................................887
disable icmp parameter-problem...............................................................................................888
disable icmp port-unreachables ................................................................................................889
disable icmp redirects .............................................................................................................890
disable icmp time-exceeded .....................................................................................................891
disable icmp timestamp...........................................................................................................892
disable icmp unreachables.......................................................................................................893
disable icmp useredirects ........................................................................................................894
disable iparp checking.............................................................................................................895
disable iparp refresh................................................................................................................896
disable ipforwarding ................................................................................................................897
disable ip-option loose-source-route ..........................................................................................898
disable ip-option record-route...................................................................................................899
disable ip-option record-timestamp ...........................................................................................900
disable ip-option strict-source-route ..........................................................................................901
disable ip-option router-alert ....................................................................................................902
disable irdp ............................................................................................................................903
disable udp-echo-server ...........................................................................................................904
enable bootp vlan....................................................................................................................905
enable bootprelay....................................................................................................................906
enable icmp address-mask .......................................................................................................907
enable icmp parameter-problem ...............................................................................................908
enable icmp port-unreachables.................................................................................................909
enable icmp redirects ..............................................................................................................910
enable icmp time-exceeded......................................................................................................911
enable icmp timestamp ...........................................................................................................912
enable icmp unreachables .......................................................................................................913
enable icmp useredirects .........................................................................................................914
enable iparp checking .............................................................................................................915
enable iparp refresh ................................................................................................................916
enable ipforwarding .................................................................................................................917
enable ip-option loose-source-route...........................................................................................918
enable ip-option record-route ...................................................................................................919
enable ip-option record-timestamp............................................................................................920
enable ip-option strict-source-route...........................................................................................921
enable ip-option router-alert .....................................................................................................922
enable iproute sharing .............................................................................................................923
enable irdp .............................................................................................................................924
enable udp-echo-server............................................................................................................925
rtlookup .................................................................................................................................926
show bootprelay ......................................................................................................................927
ExtremeWare XOS 11.1 Command Reference Guide
16
Contents
show iparp..............................................................................................................................928
show iparp proxy .....................................................................................................................930
show ipconfig .........................................................................................................................931
show iproute ...........................................................................................................................932
show iproute origin ..................................................................................................................933
show ipstats ...........................................................................................................................934
unconfigure bootprelay dhcp-agent information check ................................................................937
unconfigure bootprelay dhcp-agent information option ................................................................938
unconfigure bootprelay dhcp-agent information policy ................................................................939
unconfigure icmp ....................................................................................................................940
unconfigure iparp....................................................................................................................941
unconfigure irdp .....................................................................................................................942
Chapter 20: IGP Commands.......................................................................................................... 943
clear ospf counters ..................................................................................................................945
clear rip counters ....................................................................................................................947
configure ospf cost ..................................................................................................................948
configure ospf priority..............................................................................................................949
configure ospf authentication ...................................................................................................950
configure ospf add virtual-link ..................................................................................................952
configure ospf add vlan area.....................................................................................................953
configure ospf add vlan area link-type .......................................................................................954
configure ospf area external-filter..............................................................................................955
configure ospf area interarea-filter ............................................................................................956
configure ospf area add range...................................................................................................957
configure ospf area delete range ...............................................................................................958
configure ospf area normal .......................................................................................................959
configure ospf area nssa stub-default-cost .................................................................................960
configure ospf area stub stub-default-cost .................................................................................962
configure ospf area timer .........................................................................................................963
configure ospf ase-limit ...........................................................................................................965
configure ospf ase-summary add...............................................................................................966
configure ospf ase-summary delete ...........................................................................................967
configure ospf delete virtual-link...............................................................................................968
configure ospf delete vlan ........................................................................................................969
configure ospf import-policy .....................................................................................................970
configure ospf lsa-batch-interval ...............................................................................................971
configure ospf metric-table ......................................................................................................972
configure ospf routerid.............................................................................................................973
configure ospf spf-hold-time.....................................................................................................974
configure ospf virtual-link timer ................................................................................................975
configure ospf vlan area ...........................................................................................................977
configure ospf vlan neighbor add ..............................................................................................978
configure ospf vlan neighbor delete...........................................................................................979
configure ospf vlan timer .........................................................................................................980
configure rip add vlan..............................................................................................................982
ExtremeWare XOS 11.1 Command Reference Guide
17
Contents
configure rip delete vlan ..........................................................................................................983
configure rip garbagetime ........................................................................................................984
configure rip import-policy .......................................................................................................985
configure rip routetimeout........................................................................................................986
configure rip vlan rxmode.........................................................................................................987
configure rip vlan txmode.........................................................................................................988
configure rip updatetime..........................................................................................................989
configure rip vlan cost .............................................................................................................990
configure rip vlan route-policy ..................................................................................................991
configure rip vlan trusted-gateway.............................................................................................993
create ospf area ......................................................................................................................994
delete ospf area ......................................................................................................................995
disable ospf............................................................................................................................996
disable ospf capability opaque-lsa ............................................................................................997
disable ospf export ..................................................................................................................998
disable ospf originate-default ...................................................................................................999
disable ospf use-ip-router-alert ...............................................................................................1000
disable rip ............................................................................................................................1001
disable rip aggregation...........................................................................................................1002
disable rip export ..................................................................................................................1003
disable rip originate-default ...................................................................................................1004
disable rip poisonreverse........................................................................................................1005
disable rip splithorizon ..........................................................................................................1006
disable rip triggerupdate ........................................................................................................1007
disable rip use-ip-router-alert .................................................................................................1008
enable ospf ..........................................................................................................................1009
enable ospf capability opaque-lsa ...........................................................................................1010
enable ospf export.................................................................................................................1011
enable ospf originate-default ..................................................................................................1013
enable ospf use-ip-router-alert ................................................................................................1014
enable rip.............................................................................................................................1015
enable rip aggregation ...........................................................................................................1016
enable rip export ...................................................................................................................1017
enable rip originate-default cost .............................................................................................1019
enable rip poisonreverse ........................................................................................................1020
enable rip splithorizon ...........................................................................................................1021
enable rip triggerupdate.........................................................................................................1022
enable rip use-ip-router-alert ..................................................................................................1023
show ospf .............................................................................................................................1024
show ospf area ......................................................................................................................1025
show ospf area detail .............................................................................................................1026
show ospf ase-summary .........................................................................................................1027
show ospf interfaces detail .....................................................................................................1028
show ospf interfaces ..............................................................................................................1029
show ospf lsdb ......................................................................................................................1030
show ospf memory.................................................................................................................1032
ExtremeWare XOS 11.1 Command Reference Guide
18
Contents
show ospf neighbor ...............................................................................................................1033
show ospf virtual-link.............................................................................................................1034
show rip ...............................................................................................................................1035
show rip interface .................................................................................................................1036
show rip interface vlan...........................................................................................................1038
show rip memory...................................................................................................................1039
show rip routes .....................................................................................................................1040
unconfigure ospf ...................................................................................................................1041
unconfigure rip .....................................................................................................................1042
Chapter 21: BGP Commands....................................................................................................... 1043
clear bgp neighbor counters ...................................................................................................1045
clear bgp flap-statistics .........................................................................................................1046
configure bgp add aggregate-address ......................................................................................1048
configure bgp add confederation-peer sub-AS-number ..............................................................1050
configure bgp add network .....................................................................................................1051
configure bgp AS-number ......................................................................................................1052
configure bgp cluster-id .........................................................................................................1053
configure bgp confederation-id ...............................................................................................1054
configure bgp delete aggregate-address ...................................................................................1055
configure bgp delete confederation-peer sub-AS-number...........................................................1056
configure bgp delete network..................................................................................................1057
configure bgp export shutdown-priority ....................................................................................1058
configure bgp import-policy....................................................................................................1060
configure bgp local-preference ...............................................................................................1061
configure bgp med ................................................................................................................1062
configure bgp neighbor dampening .........................................................................................1063
configure bgp neighbor description .........................................................................................1065
configure bgp neighbor maximum-prefix ..................................................................................1066
configure bgp neighbor next-hop-self ......................................................................................1068
configure bgp neighbor no-dampening.....................................................................................1069
configure bgp neighbor password ............................................................................................1070
configure bgp neighbor peer-group..........................................................................................1072
configure bgp neighbor route-policy ........................................................................................1074
configure bgp neighbor route-reflector-client............................................................................1075
configure bgp neighbor send-community .................................................................................1076
configure bgp neighbor shutdown-priority ................................................................................1077
configure bgp neighbor soft-reset............................................................................................1078
configure bgp neighbor source-interface ..................................................................................1080
configure bgp neighbor timer..................................................................................................1081
configure bgp neighbor weight................................................................................................1082
configure bgp peer-group dampening ......................................................................................1084
configure bgp peer-group maximum-prefix ...............................................................................1086
configure bgp peer-group next-hop-self....................................................................................1088
configure bgp peer-group no-dampening..................................................................................1089
configure bgp peer-group route-reflector-client.........................................................................1090
ExtremeWare XOS 11.1 Command Reference Guide
19
Contents
configure bgp peer-group send-community ..............................................................................1091
configure bgp peer-group password .........................................................................................1092
configure bgp peer-group remote-AS-number ...........................................................................1093
configure bgp peer-group route-policy .....................................................................................1094
configure bgp peer-group soft-reset.........................................................................................1095
configure bgp peer-group source-interface ...............................................................................1097
configure bgp peer-group timer...............................................................................................1099
configure bgp peer-group weight.............................................................................................1100
configure bgp routerid ...........................................................................................................1101
configure bgp soft-reconfiguration...........................................................................................1102
create bgp neighbor peer-group ..............................................................................................1103
create bgp neighbor remote-AS-number...................................................................................1104
create bgp peer-group............................................................................................................1105
delete bgp neighbor...............................................................................................................1106
delete bgp peer-group............................................................................................................1107
disable bgp ..........................................................................................................................1108
disable bgp aggregation .........................................................................................................1109
disable bgp always-compare-med............................................................................................1110
disable bgp community format ...............................................................................................1111
disable bgp export.................................................................................................................1112
disable bgp neighbor .............................................................................................................1114
disable bgp neighbor capability ..............................................................................................1115
disable bgp neighbor remove-private-AS-numbers.....................................................................1116
disable bgp neighbor soft-in-reset ...........................................................................................1117
disable bgp neighbor use-ip-router-alert ..................................................................................1118
disable bgp peer-group ..........................................................................................................1119
disable bgp peer-group capability ...........................................................................................1120
disable bgp peer-group remove-private-AS-numbers..................................................................1121
disable bgp peer-group soft-in-reset ........................................................................................1122
disable bgp peer-group use-ip-router-alert................................................................................1123
enable bgp ...........................................................................................................................1124
enable bgp aggregation ..........................................................................................................1125
enable bgp always-compare-med ............................................................................................1126
enable bgp community format ................................................................................................1127
enable bgp export .................................................................................................................1128
enable bgp neighbor ..............................................................................................................1130
enable bgp neighbor capability ...............................................................................................1131
enable bgp neighbor remove-private-AS-numbers .....................................................................1132
enable bgp neighbor soft-in-reset............................................................................................1133
enable bgp neighbor use-ip-router-alert ...................................................................................1134
enable bgp peer-group ...........................................................................................................1135
enable bgp peer-group capability ............................................................................................1136
enable bgp peer-group remove-private-AS-numbers ..................................................................1137
enable bgp peer-group soft-in-reset.........................................................................................1138
enable bgp peer-group use-ip-router-alert ................................................................................1139
show bgp..............................................................................................................................1140
ExtremeWare XOS 11.1 Command Reference Guide
20
Contents
show
show
show
show
show
show
show
bgp
bgp
bgp
bgp
bgp
bgp
bgp
neighbor ................................................................................................................1141
neighbor flap-statistics ............................................................................................1142
neighbor routes ......................................................................................................1144
peer-group .............................................................................................................1146
routes ....................................................................................................................1147
routes summary ......................................................................................................1149
memory .................................................................................................................1150
Chapter 22: IP Multicast Commands........................................................................................... 1151
clear igmp group ...................................................................................................................1153
clear igmp snooping ..............................................................................................................1154
clear pim cache ....................................................................................................................1155
configure igmp......................................................................................................................1156
configure igmp snooping vlan ports add static group.................................................................1158
configure igmp snooping vlan ports delete static group .............................................................1160
configure igmp snooping vlan ports add static router ................................................................1161
configure igmp snooping vlan ports delete static router .............................................................1162
configure igmp snooping vlan ports filter .................................................................................1163
configure igmp snooping flood-list ..........................................................................................1165
configure igmp snooping leave-timeout....................................................................................1167
configure igmp snooping timer ...............................................................................................1168
configure pim add vlan ..........................................................................................................1170
configure pim cbsr ................................................................................................................1171
configure pim crp static .........................................................................................................1172
configure pim crp timer .........................................................................................................1174
configure pim crp vlan ...........................................................................................................1175
configure pim delete vlan.......................................................................................................1176
configure pim register-rate-limit-interval..................................................................................1177
configure pim register-suppress-interval register-probe-interval ..................................................1178
configure pim register-checksum-to ........................................................................................1179
configure pim spt-threshold ...................................................................................................1180
configure pim timer vlan ........................................................................................................1181
configure pim vlan trusted-gateway .........................................................................................1182
disable igmp.........................................................................................................................1183
disable igmp snooping ...........................................................................................................1184
disable ipmcforwarding..........................................................................................................1186
disable pim ..........................................................................................................................1187
enable igmp .........................................................................................................................1188
enable igmp snooping............................................................................................................1189
enable igmp snooping with-proxy ............................................................................................1191
enable ipmcforwarding ..........................................................................................................1192
enable pim ...........................................................................................................................1193
show igmp............................................................................................................................1194
show igmp group...................................................................................................................1196
show igmp snooping ..............................................................................................................1197
show igmp snooping vlan filter ...............................................................................................1199
ExtremeWare XOS 11.1 Command Reference Guide
21
Contents
show igmp snooping vlan static ..............................................................................................1200
show l2stats .........................................................................................................................1201
show pim .............................................................................................................................1202
show pim cache ....................................................................................................................1203
unconfigure igmp ..................................................................................................................1204
unconfigure pim....................................................................................................................1205
Appendix A: Configuration and Image Commands ........................................................................ 1207
configure firmware installation ...............................................................................................1208
download bootrom .................................................................................................................1211
download image ....................................................................................................................1213
install bootrom......................................................................................................................1218
install firmware .....................................................................................................................1220
install image.........................................................................................................................1222
run update ...........................................................................................................................1225
save configuration .................................................................................................................1226
show configuration ................................................................................................................1229
show memorycard .................................................................................................................1231
synchronize ..........................................................................................................................1232
unconfigure switch ................................................................................................................1235
uninstall image .....................................................................................................................1236
use configuration ..................................................................................................................1238
use image ............................................................................................................................1240
Appendix B: Troubleshooting Commands .................................................................................... 1243
clear elrp counters ................................................................................................................1245
configure debug coredumps ...................................................................................................1246
configure elrp-client one-shot .................................................................................................1247
configure elrp-client periodic..................................................................................................1249
disable elrp-client .................................................................................................................1251
disable log debug-mode .........................................................................................................1252
eject memorycard..................................................................................................................1253
enable elrp-client ..................................................................................................................1255
enable log debug-mode..........................................................................................................1256
nslookup ..............................................................................................................................1257
run diagnostics .....................................................................................................................1258
run elrp................................................................................................................................1260
save debug tracefiles memorycard ..........................................................................................1262
show debug ..........................................................................................................................1263
show diagnostics ...................................................................................................................1264
show elrp .............................................................................................................................1266
show platform .......................................................................................................................1268
show tech.............................................................................................................................1269
top ......................................................................................................................................1271
unconfigure elrp-client ..........................................................................................................1273
Index of Commands ................................................................................................................... 1275
ExtremeWare XOS 11.1 Command Reference Guide
22
Preface
This preface provides an overview of this guide, describes guide conventions, and lists other
publications that may be useful.
Introduction
This guide provides the complete syntax for all the commands available in the currently-supported
versions of the ExtremeWare XOS software running on modular switches from Extreme Networks®.
This guide is intended for use as a reference by network administrators who are responsible for
installing and setting up network equipment. It assumes knowledge of Extreme Networks switch
configuration. For conceptual information and guidance on configuring Extreme Networks switches, see
the ExtremeWare XOS Concepts Guide for your version of the ExtremeWare XOS software.
Terminology
When features, functionality, or operation is specific to a switch family, the family name is used.
Explanations about features and operations that are the same across all product families simply refer to
the product as the “switch.”
Conventions
Table 1 and Table 2 list conventions that are used throughout this guide.
Table 1: Notice icons
Icon
Notice Type
Alerts you to...
Note
Important features or instructions.
Caution
Risk of personal injury, system damage, or loss of data.
Warning
Risk of severe personal injury.
ExtremeWare XOS 11.1 Command Reference Guide
23
Preface
Table 2: Text conventions
Convention
Description
Screen displays
This typeface indicates command syntax, or represents information as it appears on
the screen.
The words “enter”
and “type”
When you see the word “enter” in this guide, you must type something, and then
press the Return or Enter key. Do not press the Return or Enter key when an
instruction simply says “type.”
[Key] names
Key names are written with brackets, such as [Return] or [Esc].
If you must press two or more keys simultaneously, the key names are linked with a
plus sign (+). Example:
Press [Ctrl]+[Alt]+[Del].
Words in italicized type
Italics emphasize a point or denote new terms at the place where they are defined in
the text.
Command Titles
For clarity and brevity, the command titles omit variables, values, and optional arguments. The
complete command syntax is displayed directly below the command titles.
Related Publications
The publications related to this one are:
●
ExtremeWare XOS release notes
●
ExtremeWare XOS Concepts Guide
●
Extreme Networks Consolidated XOS Hardware Installation Guide
Documentation for Extreme Networks products is available on the World Wide Web at the following
location:
http://www.extremenetworks.com/
ExtremeWare XOS 11.1 Command Reference Guide
24
1
Command Reference Overview
Introduction
This guide provides details of the command syntax for all ExtremeWare® XOS commands as of
ExtremeWare XOS version 11.1.
This guide does not provide feature descriptions, explanations of the technologies, or configuration
examples. For information about the various features and technologies supported by Extreme Networks
switches, see the installation and user guides for your product. This guide does not replace the
installation and user guides; this guide supplements the installation and user guides.
This chapter discusses the following topics:
●
Audience on page 25
●
Structure of this Guide on page 26
●
Platforms and Required Software Versions on page 26
●
Software Licensing on page 26
●
Understanding the Command Syntax on page 27
●
Line-Editing Keys on page 30
●
Command History on page 30
Audience
This guide is intended for use by network administrators who are responsible for installing and setting
up network equipment. It assumes a basic working knowledge of the following:
●
Local area networks (LANs)
●
Ethernet concepts
●
Ethernet switching and bridging concepts
●
Routing concepts
●
Internet Protocol (IP) concepts
●
Routing Information Protocol (RIP) and Open Shortest Path First (OSPF) concepts
●
Border Gateway Protocol (BGP-4) concepts
●
IP Multicast concepts
●
Protocol Independent Multicast (PIM) concepts
●
Internet Packet Exchange (IPX) concepts
●
Simple Network Management Protocol (SNMP)
This guide also assumes that you have read the Installation and User Guide for your product.
ExtremeWare XOS 11.1 Command Reference Guide
25
Command Reference Overview
Structure of this Guide
This guide documents each ExtremeWare XOS command. Related commands are grouped together and
organized into chapters based on their most common usage. The chapters reflect the organization of the
ExtremeWare XOS Concepts Guide. If a specific command is relevant to a wide variety of functions and
could be included in a number of different chapters, we have attempted to place the command in the
most logical chapter. Within each chapter, commands appear in alphabetical order. You can use the
Index of Commands to locate specific commands if they do not appear where you expect to find them.
For each command, the following information is provided:
●
Command Syntax—The actual syntax of the command. The syntax conventions (the use of braces or
curly brackets, for example) are defined in the section “Software Licensing” on page 26.
●
Description—A brief (one sentence) summary of what the command does.
●
Syntax Description—The definition of any keywords and options used in the command.
●
Default—The defaults, if any, for this command. The default can be the default action of the
command if optional arguments are not provided, or it can be the default state of the switch (such as
for an enable/disable command).
●
Usage Guidelines—Information to help you use the command. This may include prerequisites,
prohibitions, and related commands, as well as other information.
●
Example—Examples of the command usage, including output, if relevant.
●
History—The version of ExtremeWare XOS in which the command was introduced, and version(s)
where it was modified, if appropriate.
Platforms and Required Software Versions
ExtremeWare® XOS is the full-featured software operating system that is designed to run on the
Extreme Networks® devices.
ExtremeWare XOS supports the following platforms:
® 10800 family of switches—ExtremeWare XOS 10.1 and higher
● BlackDiamond
●
Aspen 8810 switch—ExtremeWare XOS 11.1 and higher
Software Licensing
NOTE
Information on required licensing is in the Platform Availability section for each command. If there is not licensing
information for the command, you do not need a license.
Two levels of software licensing apply to ExtremeWare XOS 11.1: the Core license and the Advanced
Core license. Additionally, the U.S. government requires a security licensing to enable certain features.
ExtremeWare XOS 11.1 Command Reference Guide
26
Understanding the Command Syntax
Core License—Aspen 8810 Switch Only
With ExtremeWare XOS 11.1 on the Aspen 8810 switch, you can obtain a Core license. The Core license
provides additional functionality for some features.
The license belongs with the switch chassis, not with the particular MSM module.
The license has a license key. Keys are stored in NVRAM and, once enabled, persist through reboots,
software upgrades, power outages, and reconfigurations.
NOTE
Refer to the specific chapter of the ExtremeWare XOS Concepts Guide to determine if the Core license is required
for some functionality. If not noted, all functionality is available, and license is required.
To enable the license, use the following command:
enable license <key>
To display the current license level (as well as enabled feature packs), use the following command:
show licenses
NOTE
The Core license is the only license available on the Aspen 8810 switch; you cannot obtain an Advanced Core
license for this platform.
Advanced Core License—BlackDiamond 10K Switch Only
The Advanced Core license is hard-coded into the MSM 1XL module on the BlackDiamond 10K switch.
The only way you obtain an Advanced Core license is to purchase and MSM 1XL; you cannot obtain an
Advanced Core license without an MSM 1XL. (Similarly, you cannot purchase an MSM 1XL without an
Advanced Core license; it is hard-coded onto the module itself.)
You do not need any other licenses to run all features completely on the BlackDiamond 10K switch.
Understanding the Command Syntax
When entering a command at the prompt, ensure that you have the appropriate privilege level. Most
configuration commands require you to have the administrator privilege level.
You may see a variety of symbols shown as part of the command syntax. These symbols explain how to
enter the command, and you do not type them as part of the command itself. Table 3 summarizes
command syntax symbols.
ExtremeWare XOS 11.1 Command Reference Guide
27
Command Reference Overview
Table 3: Command syntax symbols
Symbol
Description
angle brackets < >
Enclose a variable or value. You must specify the variable or value. For example, in the
syntax
configure vlan <vlan_name> ipaddress <ip_address>
you must supply a VLAN name for <vlan_name> and an address for <ip_address>
when entering the command. Do not type the angle brackets. You may not include spaces
within angle brackets.
square brackets [ ]
Enclose a required value or list of required arguments. One or more values or arguments
can be specified. For example, in the syntax
use image [primary | secondary]
you must specify either the primary or secondary image when entering the command. Do
not type the square brackets.
vertical bar |
Separates mutually exclusive items in a list, one of which must be entered. For example,
in the syntax
configure snmp community [readonly | readwrite]
<alphanumeric_string>
you must specify either the read or write community string in the command. Do not type
the vertical bar.
braces { }
Enclose an optional value or a list of optional arguments. One or more values or arguments
can be specified. For example, in the syntax
reboot {time <month> <day> <year> <hour> <min> <sec> | cancel}
{msm <slot_id>}
you can specify either a particular date and time combination, or the keyword cancel to
cancel a previously scheduled reboot. If you do not specify an argument, the command will
prompt asking if you want to reboot the switch now. Do not type the braces.
Command Completion with Syntax Helper
The CLI has a built-in syntax helper. If you are unsure of the complete syntax for a particular command,
enter as much of the command as possible and press [Tab]. The syntax helper provides a list of options
for the remainder of the command, and places the cursor at the end of the command you have entered
so far, ready for the next option.
If the command is one where the next option is a named component, such as a VLAN, access profile, or
route map, the syntax helper will also list any currently configured names that might be used as the
next option. In situations where this list might be very long, the syntax helper will list only one line of
names, followed by an ellipses to indicate that there are more names than can be displayed.
The syntax helper also provides assistance if you have entered an incorrect command.
Abbreviated Syntax
Abbreviated syntax is the shortest unambiguous allowable abbreviation of a command or parameter.
Typically, this is the first three letters of the command. If you do not enter enough letters to allow the
switch to determine which command you mean, the syntax helper will provide a list of the options
based on the portion of the command you have entered.
ExtremeWare XOS 11.1 Command Reference Guide
28
Understanding the Command Syntax
NOTE
When using abbreviated syntax, you must enter enough characters to make the command unambiguous and
distinguishable to the switch.
Names
All named components within a category of the switch configuration, such as VLAN, must have a
unique name. Names can be re-used across categories, however. Names must begin with an alphabetical
character and cannot contain any spaces. The maximum length for a name is 32 characters. Names may
contain alphanumeric characters and underscores (_) and cannot be keywords, such as vlan, stp, and so
on.
NOTE
If you use the same name across categories (for example, STPD and EAPS names), you must specify the identifying
keyword as well as the actual name.
Command Shortcuts
All named components within a category of the switch configuration must have a unique name.
Components are named using the create command. When you enter a command to configure a named
component, you do not need to use the keyword of the component. For example, to create a VLAN, you
must enter a unique VLAN name:
create vlan engineering
Once you have created the VLAN with a unique name, you can then eliminate the keyword vlan from
all other commands that require the name to be entered (unless you used the same name for another
category such as STPD or EAPS). For example, instead of entering the modular switch command:
configure vlan engineering delete port 1:3,4:6
you could enter the following shortcut:
configure engineering delete port 1:3,4:6
Modular Switch Numerical Ranges
Commands that require you to enter one or more port numbers on a modular switch use the parameter
<port_list> in the syntax. A <port_list> can be one port on a particular slot. The syntax for the port
and slot is:
port <slot_number>:<port_number>
For example, port 1 on slot 3 would be:
port 3:1
A <port_list> can be a range of numbers. For example, ports 1 through 3 on slot 3 would be:
port 3:1-3:3
ExtremeWare XOS 11.1 Command Reference Guide
29
Command Reference Overview
You can add additional slot and port numbers to the list, separated by a comma:
port 3:1,4:8,6:10
You can specify all ports on a particular slot, using the asterisk (*) wildcard. For example,
port 3:*
indicates all ports on slot 3.
You can specify a range of slots and ports. For example,
port 2:3-4:5
indicates slot 2, port 3 through slot 4, port 5.
Line-Editing Keys
Table 4 describes the line-editing keys available using the CLI.
Table 4: Line-editing keys
Key(s)
Description
Left arrow or [Ctrl] + B
Moves the cursor one character to the left.
Right arrow or [Ctrl] + F
Moves the cursor one character to the right.
[Ctrl] + H or Backspace
Deletes character to left of cursor and shifts remainder of line to left.
Delete or [Ctrl] + D
Deletes character under cursor and shifts remainder of line to left.
[Ctrl] + K
Deletes characters from under cursor to end of line.
Insert
Toggles on and off. When toggled on, inserts text and shifts previous
text to right.
Left Arrow
Moves cursor to left.
Right Arrow
Moves cursor to right.
[Ctrl] + L
Clears screen and movers cursor to beginning of line.
[Ctrl] + P or
Up Arrow
Displays previous command in command history buffer and places cursor at end
of command.
[Ctrl] + N or
Down Arrow
Displays next command in command history buffer and places cursor at end of
command.
[Ctrl] + U
Clears all characters typed from cursor to beginning of line.
[Ctrl] + W
Deletes previous word.
[Ctrl] + C
Interrupts the current CLI command execution.
Command History
ExtremeWare XOS “remembers” all the commands you enter. You can display a list of these commands
by using the following command:
history
If you use a command more than once, consecutively, the history will only list the first instance.
ExtremeWare XOS 11.1 Command Reference Guide
30
2
Commands for Accessing the Switch
This chapter describes commands used for:
●
Accessing and configuring the switch including how to set up user accounts, passwords, date and
time settings, and software licenses
●
Configuring the Domain Name Service (DNS) client
●
Checking basic switch connectivity
ExtremeWare XOS supports the following two levels of management:
●
User
●
Administrator
A user-level account has viewing access to all manageable parameters, with the exception of:
●
User account database
●
SNMP community strings
A user-level account can change the password assigned to the account name and use the ping
command to test device reachability.
An administrator-level account can view and change all switch parameters. It can also add and delete
users and change the password associated with any account name. The administrator can disconnect a
management session that has been established by way of a Telnet connection. If this happens, the user
logged on by way of the Telnet connection is notified that the session has been terminated.
The DNS client in ExtremeWare XOS augments certain ExtremeWare XOS commands to accept either IP
addresses or host names. For example, DNS can be used during a Telnet session when you are accessing
a device or when using the ping command to check the connectivity of a device.
The switch offers the following commands for checking basic connectivity:
●
ping
●
traceroute
The ping command enables you to send Internet Control Message Protocol (ICMP) echo messages to a
remote IP device. The traceroute command enables you to trace the routed path between the switch
and a destination endstation.
ExtremeWare XOS 11.1 Command Reference Guide
31
Commands for Accessing the Switch
clear session
clear session [<sessId> | all]
Description
Terminates a Telnet session from the switch.
Syntax Description
sessId
Specifies a session number from show session output to terminate.
all
Terminates all sessions.
Default
N/A.
Usage Guidelines
An administrator-level account can disconnect a management session that has been established by way
of a Telnet connection. You can determine the session number of the session you want to terminate by
using the show session command. The show session output displays information about current
Telnet sessions including:
●
The session number
●
The login date and time
●
The user name
●
The type of Telnet session
●
Authentication information
Depending on the software version running on your switch, additional session information may be
displayed. The session number is the first number displayed in the show session output.
Example
The following command terminates session 4 from the system:
clear session 4
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
32
configure account
configure account
configure account <name>
Description
Configures a user account password.
Syntax Description
name
Specifies a user account name.
Default
N/A.
Usage Guidelines
You must create a user account before you can configure a user account. Use the create account
account command to create a user account.
The system prompts you to specify a password after you enter this command. You must enter a
password for this command; passwords cannot be null.
Passwords can have a minimum of 0 character and can have a maximum of 32 characters. Passwords
are case-sensitive; user names are not case-sensitive.
You must have administrator privileges to change passwords for accounts other than your own. User
names and passwords are case-sensitive.
Example
The following command defines a new password green for the admin account marketing:
configure account admin marketing
The switch responds with a password prompt:
password: green
Your keystrokes will not be echoed as you enter the new password. After you enter the password, the
switch will then prompt you to reenter it.
Reenter password: green
Assuming you enter it successfully a second time, the password is now changed.
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
33
Commands for Accessing the Switch
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
34
configure banner
configure banner
configure banner
Description
Configures the banner string that is displayed at the beginning of each login prompt of each session.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
Press [Return] at the beginning of a line to terminate the command and apply the banner. To clear the
banner, press [Return] at the beginning of the first line.
You can enter up to 24 rows of 79-column text that is displayed before the login prompt of each session.
Example
The following command adds a banner, Welcome to the switch, before the login prompt:
configure banner [Return]
Welcome to the switch
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
35
Commands for Accessing the Switch
configure cli max-sessions
configure cli max-sessions <num-of-sessions>
Description
Limits number of simultaneous CLI sessions on the switch.
Syntax Description
num-of-sessions
Specifies the maximum number of concurrent sessions permitted.The range is
1 to 16.
Default
The default is eight sessions.
Usage Guidelines
The value must be greater than 0; the range is 1 to 16.
Example
configure cli max-sessions 10
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
36
configure cli max-failed-logins
configure cli max-failed-logins
configure cli max-failed-logins <num-of-logins>
Description
Establishes the maximum number of failed logins permitted before the session is terminated.
Syntax Description
num-of-logins
Specifies the maximum number of failed logins permitted; the range is 1 to
10.
Default
The default is three logins.
Usage Guidelines
The value must be greater than 0; the range is 1 to 10.
Example
The following command sets the maximum number of failed logins to five:
configure cli max-failed-logins 5
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
37
Commands for Accessing the Switch
configure dns-client add
configure dns-client add [domain-suffix <domain_name> | name-server
<ip_address> {vr <vr_name>}]
Description
Adds a domain suffix to the domain suffix list or a name server to the available server list for the DNS
client.
Syntax Description
domain-suffix
Specifies adding a domain suffix.
domain_name
Specifies a domain name.
name-server
Specifies adding a name server.
ip_address
Specifies an IP address for the name server.
vr
Specifies use of a virtual router.
NOTE: User-created VRs are not available on the Aspen 8810 switch.
vr_name
Specifies a virtual router.
Default
N/A.
Usage Guidelines
NOTE
The Aspen 8810 switch does not support user-created VRs.
The domain suffix list can include up to six items. If the use of all previous names fails to resolve a
name, the most recently added entry on the domain suffix list will be the last name used during name
resolution. This command will not overwrite any exiting entries. If a null string is used as the last suffix
in the list, and all other lookups fail, the name resolver will attempt to look up the name with no suffix.
Up to eight DNS name servers can be configured. The default value for the virtual router used by the
DNS client option is VR-Default.
Examples
The following command configures a domain name and adds it to the domain suffix list:
configure dns-client add domain-suffix xyz_inc.com
The following command specifies that the switch use the DNS server 10.1.2.1:
configure dns-client add name-server 10.1.2.1
ExtremeWare XOS 11.1 Command Reference Guide
38
configure dns-client add
The following command on the BlackDiamond 10K switch specifies that the switch use the virtual
router Management:
configure dns-client add name-server 10.1.2.1 vr “VR-Management”
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
39
Commands for Accessing the Switch
configure dns-client default-domain
configure dns-client default-domain <domain_name>
Description
Configures the domain that the DNS client uses if a fully qualified domain name is not entered.
Syntax Description
domain_name
Specifies a default domain name.
Default
N/A.
Usage Guidelines
The default domain name will be used to create a fully qualified host name when a domain name is not
specified. For example, if the default domain name is set to “food.com” then when a command like
“ping dog” is entered, the ping will actually be executed as “ping dog.food.com”.
Example
The following command configures the default domain name for the server:
configure dns-client default-domain xyz_inc.com
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
40
configure dns-client delete
configure dns-client delete
configure dns-client delete [domain-suffix <domain_name> | name-server
<ip_address> {vr <vr_name>}]
Description
Deletes a domain suffix from the domain suffix list or a name server from the available server list for
the DNS client.
Syntax Description
domain-suffix
Specifies deleting a domain suffix.
domain_name
Specifies a domain name.
name-server
Specifies deleting a name server.
ip_address
Specifies an IP address for the name server.
vr
Specifies deleting a virtual router.
NOTE: User-created VRs are not available on the Aspen 8810 switch.
vr_name
Specifies a virtual router.
Default
N/A.
Usage Guidelines
NOTE
The Aspen 8810 switch does not support user-created VRs.
Specifying a domain suffix removes an entry from the domain suffix list. If the deleted item was not the
last entry in the list, all items that had been added later are moved up in the list. If no entries in the list
match the domain name specified, an error message will be displayed.
The default value for the virtual router used by the DNS client option is VR-Default.
Examples
The following command deletes a domain name from the domain suffix list:
configure dns-client delete domain-suffix xyz_inc.com
The following command removes a DNS server from the list:
configure dns-client delete name-server 10.1.2.1
ExtremeWare XOS 11.1 Command Reference Guide
41
Commands for Accessing the Switch
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
42
configure failsafe-account
configure failsafe-account
configure failsafe-account
Description
Configures a name and password for the failsafe account.
Syntax Description
This command has no arguments or variables.
Default
The failsafe account is always configured.
Usage Guidelines
The failsafe account is the account of last resort to access your switch. This account is never displayed
by the show account command, but is always present on the switch.
You will be prompted for the failsafe account name, and prompted twice to specify the password for the
account. For example:
BD-10808.1 # configure failsafe-account
enter failsafe user name: blue5green
enter failsafe password:
enter password again:
BD-10808.2
The failsafe account is immediately saved to NVRAM.
NOTE
The information that you use to configure the failsafe account cannot be recovered by Extreme Networks. Technical
support cannot retrieve passwords or account names for this account. Protect this information carefully.
To access your switch using the failsafe account, you must be connected to the serial port of the switch.
You cannot access the failsafe account through any other port.
At the switch login prompt, carefully enter the failsafe account name. If you enter an erroneous account
name, you cannot re-enter the correct name.
Once you enter the failsafe account name, you are prompted to enter the password.
Once you successfully log in to the failsafe account, you see the following prompt:
failsafe>
ExtremeWare XOS 11.1 Command Reference Guide
43
Commands for Accessing the Switch
From here, you have four command choices:
●
Login—use this command to access the switch CLI. You will have full administrator capabilities.
●
Reboot—use this command to reboot the current MSM.
●
Help—use this command to display a short help text
●
Exit—use this command to exit the failsafe account and return to the login prompt.
Typically, you would use the Login command to correct the problem that required you to use the
failsafe account.
Example
The following command defines a failsafe account:
configure failsafe-account
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
44
configure idletimeout
configure idletimeout
configure idletimeout <minutes>
Description
Configures the time-out for idle console, SSH2, and Telnet sessions.
Syntax Description
minutes
Specifies the time-out interval, in minutes. Range is 1 to 240 (1 minute to 4
hours).
Default
The default time-out is 20 minutes.
Usage Guidelines
This command configures the length of time the switch will wait before disconnecting idle console,
SSH2, or Telnet sessions. The idletimeout feature must be enabled for this command to have an effect
(the idletimeout feature is enabled by default).
Example
The following command sets the time-out for idle login and console sessions to 10 minutes:
configure idletimeout 10
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
45
Commands for Accessing the Switch
configure time
configure time <month> <day> <year> <hour> <min> <sec>
Description
Configures the system date and time.
Syntax Description
month
Specifies the month. The range is 1-12.
day
Specifies the day of the month. The range is 1-31.
year
Specifies the year in the YYYY format.The range is 2003 to 2036.
hour
Specifies the hour of the day. The range is 0 (midnight) to 23 (11 pm).
min
Specifies the minute. The range is 0-59.
sec
Specifies the second. The range is 0-59.
Default
N/A.
Usage Guidelines
The format for the system date and time is as follows:
mm dd yyyy hh mm ss
The time uses a 24-hour clock format. You cannot set the year earlier than 2003 or past 2036. You have
the choice of inputting the entire time/date string. If you provide one item at a time and press [Tab], the
screen prompts you for the next item. Press <cr> to complete the input.
Example
The following command configures a system date of February 15, 2002 and a system time of 8:42 AM
and 55 seconds:
configure time 02 15 2002 08 42 55
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
46
configure timezone
configure timezone
configure timezone {name <tz_name>} <GMT_offset>
{autodst {name <dst_timezone_ID>} {<dst_offset>}
{begins [every <floatingday> | on <absoluteday>] {at <time_of_day>}
{ends [every <floatingday> | on <absoluteday>] {at <time_of_day>}}}
| noautodst}
Description
Configures the Greenwich Mean Time (GMT) offset and Daylight Saving Time (DST) preference.
Syntax Description
GMT_offset
Specifies a Greenwich Mean Time (GMT) offset, in + or - minutes.
std-timezone-ID
Specifies an optional name for this timezone specification. May be up to six
characters in length. The default is an empty string.
autodst
Enables automatic Daylight Saving Time.
dst-timezone-ID
Specifies an optional name for this DST specification. May be up to six
characters in length. The default is an empty string.
dst_offset
Specifies an offset from standard time, in minutes. Value is in the range of 1
to 60. Default is 60 minutes.
floating_day
Specifies the day, week, and month of the year to begin or end DST each year.
Format is:
<week> <day> <month> where:
• <week> is specified as [first | second | third | fourth | last] or 1-5.
• <day> is specified as [sunday | monday | tuesday | wednesday | thursday |
friday | saturday] or 1-7 (where 1 is Sunday).
• <month> is specified as [january | february | march | april | may | june | july
| august | september | october | november | december] or 1-12.
Default for beginning is first sunday april; default for ending is last sunday
october.
absolute_day
Specifies a specific day of a specific year on which to begin or end DST.
Format is:
<month> <day> <year> where:
• <month> is specified as 1-12.
• <day> is specified as 1-31.
• <year> is specified as 2003-2035.
The year must be the same for the begin and end dates.
time_of_day
Specifies the time of day to begin or end Daylight Saving Time. May be
specified as an hour (0-23) or as hour:minutes. Default is 2:00.
noautodst
Disables automatic Daylight Saving Time.
Default
Autodst, beginning every first Sunday in April, and ending every last Sunday in October.
ExtremeWare XOS 11.1 Command Reference Guide
47
Commands for Accessing the Switch
Usage Guidelines
Network Time Protocol (NTP) server updates are distributed using GMT time. To properly display the
local time in logs and other timestamp information, the switch should be configured with the
appropriate offset to GMT based on geographic location.
The gmt_offset is specified in +/- minutes from the GMT time.
Automatic DST changes can be enabled or disabled. The default configuration, where DST begins on the
first Sunday in April at 2:00 AM and ends the last Sunday in October at 2:00 AM, applies to most of
North America, and can be configured with the following syntax:
configure timezone <gmt_offst> autodst.
The starting and ending date and time for DST may be specified, as these vary in time zones around the
world.
●
Use the every keyword to specify a year-after-year repeating set of dates (for example, the last
Sunday in March every year)
●
Use the on keyword to specify a non-repeating, specific date for the specified year. If you use this
option, you will need to specify the command again every year.
●
The begins specification defaults to every first sunday april.
●
The ends specification defaults to every last sunday october.
●
The ends date may occur earlier in the year than the begins date. This will be the case for countries
in the Southern Hemisphere.
●
If you specify only the starting or ending time (not both) the one you leave unspecified will be reset
to its default.
●
The time_of_day specification defaults to 2:00.
●
The timezone IDs are optional. They are used only in the display of timezone configuration
information in the show switch command.
To disable automatic DST changes, re-specify the GMT offset using the noautodst option:
configure timezone <gmt_offst> noautodst.
NTP updates are distributed using GMT time. To properly display the local time in logs and other
timestamp information, the switch should be configured with the appropriate offset to GMT based on
geographical location. Table 5 describes the GMT offsets.
Table 5: Greenwich Mean Time offsets
GMT Offset
in Hours
GMT Offset
in Minutes
Common Time Zone References
Cities
+0:00
+0
GMT - Greenwich Mean
London, England; Dublin, Ireland;
Edinburgh, Scotland; Lisbon, Portugal;
Reykjavik, Iceland; Casablanca, Morocco
UT or UTC - Universal (Coordinated)
WET - Western European
-1:00
-60
WAT - West Africa
Cape Verde Islands
-2:00
-120
AT - Azores
Azores
-3:00
-180
-4:00
-240
AST - Atlantic Standard
Caracas; La Paz
-5:00
-300
EST - Eastern Standard
Bogota, Columbia; Lima, Peru; New York,
NY, Trevor City, MI USA
Brasilia, Brazil; Buenos Aires, Argentina;
Georgetown, Guyana;
ExtremeWare XOS 11.1 Command Reference Guide
48
configure timezone
Table 5: Greenwich Mean Time offsets (Continued)
GMT Offset
in Hours
GMT Offset
in Minutes
Common Time Zone References
Cities
-6:00
-360
CST - Central Standard
Mexico City, Mexico
-7:00
-420
MST - Mountain Standard
Saskatchewan, Canada
-8:00
-480
PST - Pacific Standard
Los Angeles, CA, Cupertino, CA, Seattle,
WA USA
-9:00
-540
YST - Yukon Standard
-10:00
-600
AHST - Alaska-Hawaii Standard
CAT - Central Alaska
HST - Hawaii Standard
-11:00
-660
NT - Nome
-12:00
-720
IDLW - International Date Line West
+1:00
+60
CET - Central European
FWT - French Winter
MET - Middle European
MEWT - Middle European Winter
Paris, France; Berlin, Germany;
Amsterdam, The Netherlands; Brussels,
Belgium; Vienna, Austria; Madrid, Spain;
Rome, Italy; Bern, Switzerland;
Stockholm, Sweden; Oslo, Norway
SWT - Swedish Winter
+2:00
+120
EET - Eastern European, Russia Zone 1
Athens, Greece; Helsinki, Finland;
Istanbul, Turkey; Jerusalem, Israel;
Harare, Zimbabwe
+3:00
+180
BT - Baghdad, Russia Zone 2
Kuwait; Nairobi, Kenya; Riyadh, Saudi
Arabia; Moscow, Russia; Tehran, Iran
+4:00
+240
ZP4 - Russia Zone 3
Abu Dhabi, UAE; Muscat; Tblisi;
Volgograd; Kabul
+5:00
+300
ZP5 - Russia Zone 4
+5:30
+330
IST – India Standard Time
+6:00
+360
ZP6 - Russia Zone 5
+7:00
+420
WAST - West Australian Standard
+8:00
+480
CCT - China Coast, Russia Zone 7
+9:00
+540
JST - Japan Standard, Russia Zone 8
+10:00
+600
EAST - East Australian Standard
New Delhi, Pune, Allahabad, India
GST - Guam Standard
Russia Zone 9
+11:00
+660
+12:00
+720
IDLE - International Date Line East
NZST - New Zealand Standard
Wellington, New Zealand; Fiji, Marshall
Islands
NZT - New Zealand
ExtremeWare XOS 11.1 Command Reference Guide
49
Commands for Accessing the Switch
Example
The following command configures GMT offset for Mexico City, Mexico and disables automatic DST:
configure timezone -360 noautodst
The following four commands are equivalent, and configure the GMT offset and automatic DST
adjustment for the US Eastern timezone, with an optional timezone ID of EST:
configure timezone name EST -300 autodst name EDT 60 begins every first sunday april
at 2:00 ends every last sunday october at 2:00
configure timezone name EST -300 autodst name EDT 60 begins every 1 1 4 at 2:00 ends
every 5 1 10 at 2:00
configure timezone name EST -300 autodst name EDT
configure timezone -300 autodst
The following command configures the GMT offset and automatic DST adjustment for the Middle
European timezone, with the optional timezone ID of MET:
configure timezone name MET 60 autodst name MDT begins every last sunday march at 1
ends every last sunday october at 1
The following command configures the GMT offset and automatic DST adjustment for New Zealand.
The ending date must be configured each year because it occurs on the first Sunday on or after March 5:
configure timezone name NZST 720 autodst name NZDT 60 begins every first sunday
october at 2 ends on 3/16/2002 at 2
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
50
create account
create account
create account [admin | user] <account-name> {encrypted <password> }
Description
Creates a new user account.
Syntax Description
admin
Specifies an access level for account type admin.
user
Specifies an access level for account type user.
account-name
Specifies a new user account name. See “Usage Guidelines” for more
information.
encrypted
Specifies an encrypted option.
password
Specifies a user password. See “Usage Guidelines” for more information.
NOTE: On the Aspen 8810 switch, if you do not want a password associated
with the specified account, press Enter twice.
Default
By default, the switch is configured with two accounts with the access levels shown in Table 6.
Table 6: User account levels
Account Name
Access Level
admin
This user can access and change all manageable parameters. The admin account
cannot be deleted.
user
This user can view (but not change) all manageable parameters, with the following
exceptions:
• This user cannot view the user account database.
• This user cannot view the SNMP community strings.
This user has access to the ping command.
You can use the default names (admin and user), or you can create new names and passwords for the
accounts. Default accounts do not have passwords assigned to them.
Usage Guidelines
The switch can have a total of 16 user accounts. The system must have one administrator account.
You must have administrator privileges to change passwords for accounts other than your own. User
names and passwords are case-sensitive. User account names must have a minimum of 1 character and
can have a maximum of 32 characters. Passwords must have a minimum of 0 characters and can have a
maximum of 32 characters.
ExtremeWare XOS 11.1 Command Reference Guide
51
Commands for Accessing the Switch
NOTE
On the Aspen 8810 switch, if you do not want a password associated with the specified account, press Enter twice.
Example
The following command creates a new account named John2 with administrator privileges:
create account admin John2
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
52
delete account
delete account
delete account <name>
Description
Deletes a specified user account.
Syntax Description
name
Specifies a user account name.
Default
N/A.
Usage Guidelines
Use the show accounts command to determine which account you want to delete from the system. The
show accounts output displays the following information in a tabular format:
●
The user name
●
Access information associated with each user
●
User login information
●
Session information
Depending on the software version running on your switch and the type of switch you have, additional
account information may be displayed.
You must have administrator privileges to delete a user account. The system must have one
administrator account; the command will fail if an attempt is made to delete the last administrator
account on the system.
To ensure security, change the password on the default account, but do not delete it. The changed
password will remain intact through configuration uploads and downloads.
If you must delete the default account, first create another administrator-level account.
Example
The following command deletes account John2:
delete account John2
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
53
Commands for Accessing the Switch
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
54
disable cli space-completion
disable cli space-completion
disable cli space-completion
Description
Disables the ExtremeWare XOS feature that completes a command automatically with the spacebar. If
you disable this feature, The [Tab] key can still be used for auto-completion.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
None.
Example
disable cli space-completion
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
55
Commands for Accessing the Switch
disable clipaging
disable clipaging
Description
Disables pausing at the end of each show screen.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
The command line interface (CLI) is designed for use in a VT100 environment. Most show command
output will pause when the display reaches the end of a page. This command disables the pause
mechanism and allows the display to print continuously to the screen.
CLI paging is only active on a per-shell session basis. In other words, when you enable or disable CLI
paging from within the current configuration, it only affects that session. For new or existing sessions,
paging is enabled by default. This setting cannot be saved.
To view the status of CLI paging on the switch, use the show management command. The show
management command displays information about the switch including the enable/disable state for CLI
paging.
Example
The follow command disables clipaging and allows you to print continuously to the screen:
disable clipaging
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
56
disable idletimeout
disable idletimeout
disable idletimeout
Description
Disables the timer that disconnects idle sessions from the switch.
Syntax Description
This command has no arguments or variables.
Default
Enabled. Timeout 20 minutes.
Usage Guidelines
When idle time-outs are disabled, console sessions remain open until the switch is rebooted or until you
logoff. Telnet sessions remain open until you close the Telnet client.
To view the status of idle time-outs on the switch, use the show management command. The show
management command displays information about the switch including the enable/disable state for idle
time-outs.
Example
The following command disables the timer that disconnects all sessions to the switch:
disable idletimeout
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
57
Commands for Accessing the Switch
enable cli space-completion
enable cli space-completion
Description
Enables the ExtremeWare XOS feature that completes a command automatically with the spacebar. The
[Tab] key can also be used for auto-completion.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
None.
Example
enable cli space-completion
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
58
enable clipaging
enable clipaging
enable clipaging
Description
Enables the pause mechanism and does not allow the display to print continuously to the screen.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
The command line interface (CLI) is designed for use in a VT100 environment. Most show command
output will pause when the display reaches the end of a page.
To view the status of CLI paging on the switch, use the show management command. The show
management command displays information about the switch including the enable/disable state for CLI
paging.
If CLI paging is enabled and you use the show tech command to diagnose system technical problems,
the CLI paging feature is disabled.
CLI paging is only active on a per-shell session basis. In other words, when you enable or disable CLI
paging from within the current configuration, it only affects that session. For new or existing sessions,
paging is enabled by default. This setting cannot be saved.
Example
The following command enables clipaging and does not allow the display to print continuously to the
screen:
enable clipaging
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
59
Commands for Accessing the Switch
enable idletimeout
enable idletimeout
Description
Enables a timer that disconnects Telnet, SSH2, and console sessions after a period of inactivity (20
minutes is default).
Syntax Description
This command has no arguments or variables.
Default
Enabled. Timeout 20 minutes.
Usage Guidelines
You can use this command to ensure that a Telnet, SSH2, or console session is disconnected if it has
been idle for the required length of time. This ensures that there are no hanging connections.
To change the period of inactivity that triggers the timeout for a Telnet, SSH2, or console session, use
the configure timezone command.
To view the status of idle timeouts on the switch, use the show management command. The show
management command displays information about the switch including the enable/disable state for idle
timeouts. You can configure the length of the timeout interval.
Example
The following command enables a timer that disconnects any Telnet, SSH2, and console sessions after 20
minutes of inactivity:
enable idletimeout
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
60
enable license
enable license
enable license <key>
Description
Enables software license that allows you to use advanced features.
Syntax Description
key
Specifies your hexadecimal license key in format xxxx-xxxx-xxxx-xxxx-xxxx.
Default
N/A
Usage Guidelines
With ExtremeWare XOS 11.1 on the Aspen 8810 switch, you can obtain a Core license. The Core license
provides additional functionality for some features.
Specify the key in the format xxxx-xxxx-xxxx-xxxx-xxxx.
You obtain the license key either by ordering it from the factory or by obtaining a license voucher from
your Extreme Networks supplier. You can obtain a regular license; you cannot downgrade licenses.
The voucher contains all the necessary information on the license level and on obtaining the software
license key using the Extreme Network Support website at:
http://www.extremenetworks.com/support/techsupport/asp
After you enable the license by entering the software key, the system returns a message that you either
successfully or unsuccessfully set the license.
Once you enable the license (or if you do not use the correct key, attempt to downgrade the license, or
already installed the license) you see one of the following error messages:
Enabled license successfully.
Error: Unable to set license using supplied key.
Error: Unable to set license - downgrade of licenses is not supported.
Error: Unable to set license - license is already enabled.
Once installed (or enabled), the license goes with the switch chassis itself, not with the MSM module.
The license information is stored in EEPROM and persists through reboots, software upgrades, power
outages, and reconfigurations.
If you attempt to execute a command and you do not either have the required license or have reached
the limits defined by the current license level, the system returns one of the following messages:
Error: This command cannot be executed at the current license level.
Error: You have reached the maximum limit for this feature at this license level.
ExtremeWare XOS 11.1 Command Reference Guide
61
Commands for Accessing the Switch
To view the type of license you are currently running on the switch, use the show licenses command.
The license key number is not displayed, but the type of license is displayed in the show licenses
output.
Example
The following command enables a license on the switch:
enable license 2d5e-0e84-e87d-c3fe-bfff
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
62
history
history
history
Description
Displays a list of all the commands entered on the switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
ExtremeWare XOS “remembers” all the commands you entered on the switch. Use the history
command to display a list of these commands.
Example
The following command displays all the commands entered on the switch:
history
If you use a command more than once, consecutively, the history will only list the first instance.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
63
Commands for Accessing the Switch
ping
ping {count <count> {start-size <start-size>} | continuous {start-size
<start-size> | {start-size <start-size> {end-size <end-size>}}} {udp}
{dont-fragment} {ttl <ttl>} {tos <tos>} {interval <interval>} {vr <vrid>}
<host> {from <source IP address>} {with record-route}
Description
Enables you to send User Datagram Protocol (UDP) or Internet Control Message Protocol (ICMP) echo
messages or to a remote IP device.
Syntax Description
count
Specifies the number of ping requests to send.
start-size
Specifies the size, in bytes, of the packet to be sent, or the starting size if
incremental packets are to be sent.
continuous
Specifies that UDP or ICMP echo messages to be sent continuously. This
option can be interrupted by pressing [Ctrl} + C.
end-size
Specifies an end size for packets to be sent.
udp
Specifies that the ping request should use UDP instead of ICMP.
dont-fragment
Sets the IP to not fragment the bit.
ttl
Sets the TTL value.
tos
Sets the TOS value.
interval
Sets the time interval between sending out ping requests.
vr
Specifies the virtual route to use for sending out the echo message. If not
specified, VR-Default is used.
NOTE: User-created VRs are not available on the Aspen 8810 switch.
host
Specifies a IPv4 host to ping.
from
Uses the specified source address. If not specified, the address of the
transmitting interface is used.
with record-route
Sets the traceroute information.
Default
N/A.
Usage Guidelines
NOTE
The Aspen 8810 switch does not support user-created VRs.
The ping command is used to test for connectivity to a specific host.
The ping command is available for both the user and administrator privilege level.
ExtremeWare XOS 11.1 Command Reference Guide
64
ping
Example
The following command enables continuous ICMP echo messages to be sent to a remote host:
ping continuous 123.45.67.8
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
65
Commands for Accessing the Switch
reboot
reboot {time <month> <day> <year> <hour> <min> <sec> | cancel}
<slot_id>}
{msm
Description
Reboots the switch or the module in the specified slot at a specified date and time.
Syntax Description
time
Specifies a reboot date in mm dd yyyy format and reboot time in hh mm ss
format.
cancel
Cancels a previously scheduled reboot.
msm
Specifies rebooting the MSM module.
slot_id
Specifies the slot--A or B--for an MSM module.
Default
N/A.
Usage Guidelines
If you do not specify a reboot time, the switch will reboot immediately following the command, and
any previously scheduled reboots are cancelled. Prior to rebooting, the switch returns the following
message:
Do you want to save configuration changes to primary and reboot?
(y - save and reboot, n - reboot without save, <cr> - cancel command)
To cancel a previously scheduled reboot, use the cancel option.
The modules that can be rebooted are switch fabric MSM modules.
Aspen 8810 switch only. On the Aspen 8810 switch, if your default BootROM image becomes corrupted,
you can force the MSM to boot from an alternate BootROM image by inserting a sharp object into the
“A” and “R” holes on the MSM and applying slight pressure. Refer to Extreme Networks Consolidated
XOS Hardware Installation Guide for information on the MSM.
The reboot MSM option on the Aspen 8810 switch affects the entire module.
Example
The following command reboots the switch at 8:00 AM on April 15, 2005:
reboot time 04 15 2005 08 00 00
ExtremeWare XOS 11.1 Command Reference Guide
66
reboot
History
This command was first available in ExtremeWare XOS 10.1.
The alternate BootROM image was added in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
The alternate BootROM is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
67
Commands for Accessing the Switch
show account
show account
Description
Displays user account information for all users on the switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
You need to create a user account using the create account command before you can display user
account information.
To view the accounts that have been created, you must have administrator privileges.
The show accounts command displays the following information in a tabular format:
●
User Name—The name of the user. This list displays all of the users who have access to the switch.
●
Access—This may be listed as R/W for read/write or RO for read only.
●
Login OK—The number of logins that are okay.
●
Failed—The number of failed logins.
Example
The following command displays user account information on the switch:
show accounts pppuser
Output from this command looks similar to the following:
User Name
Access LoginOK Failed
---------------- ------ ------- -----admin
R/W
3
1
user
RO
0
0
dbackman
R/W
0
0
ron RO
0
0
nocteam
RO
0
0
History
This command was first available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
68
show account
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
69
Commands for Accessing the Switch
show banner
show banner
Description
Displays the user-configured banner string.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
Use this command to view the banner that is displayed before the login prompt.
Example
The following command displays the switch banner:
show banner
Output from this command looks similar to the following:
Extreme Networks Summit48i Layer 3 Switch
#########################################################
Unauthorized Access is strictly prohibited.
Violators will be persecuted
#########################################################
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
70
show dns-client
show dns-client
show dns-client
Description
Displays the DNS configuration.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following command displays the DNS configuration:
show dns-client
Output from this command looks similar to the following:
Number of domain suffixes: 2
Domain Suffix 1:
njudah.local
Domain Suffix 2:
dbackman.com
Number of name servers: 2
Name Server 1: 172.17.1.104
Name Server 2: 172.17.1.123
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
71
Commands for Accessing the Switch
show licenses
show licenses
Description
Displays current license level on your switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
The command displays information on the license level enabled on the switch.
ExtremeWare XOS 11.1 software version displays the following licenses:
●
Aspen 8810 switch
The Aspen 8810 switch ships with an Advanced Edge license. You can upgrade to a Core license.
Refer to the ExtremeWare XOS Concepts Guide for information on upgrading to a Core license.
●
BlackDiamond 10K switch with an MSM-1
The MSM-1 for the BlackDiamond 10K switch ships with a Core license. You cannot upgrade the
license on the MSM-1.
●
BlackDiamond 10K switch with an MSM-1XL
The MSM-1XL for the BlackDiamond 10K switch ships with an Advanced Core license. There is no
upgrade from this license level.
Example
The following command displays the license level configuration:
show licenses
Output from this command looks similar to the following:
Enabled License Level:
Core
Enabled Feature Packs:
SSH2
History
This command was first available in ExtremeWare XOS 11.1.
ExtremeWare XOS 11.1 Command Reference Guide
72
show licenses
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
73
Commands for Accessing the Switch
show switch
show switch {detail}
Description
Displays the current switch information.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
The show switch command displays:
●
sysName, sysLocation, sysContact
●
MAC address
●
System health check
●
Recovery mode
●
Watchdog state
●
Current date, time, system boot time, and time zone configuration
●
Any scheduled reboot information
●
MSM information
●
Software image information (primary/secondary image and version)
●
Configuration information (primary/secondary configuration and version)
This information may be useful for your technical support representative if you have a problem.
Depending on the software version running on your switch, additional or different switch information
may be displayed.
Example
The following command displays current switch information:
show switch
Output from this command looks similar to the following:
SysName:
SysLocation:
SysContact:
System MAC:
BD-10808
support@extremenetworks.com, +1 888 257 3000
00:30:48:41:ED:45
ExtremeWare XOS 11.1 Command Reference Guide
74
show switch
SysHealth check:
Recovery Mode:
System Watchdog:
Enabled
None
Enabled
Current Time:
Timezone:
Wed May 19 11:04:32 2004
[Auto DST Enabled] GMT Offset: -480 minutes, name is PST.
DST of 0 minutes is currently in effect, name is PDT.
DST begins every first Sunday April at 2:00
DST ends every last Sunday October at 2:00
Boot Time:
Next Reboot:
Sat May 15 17:19:29 2004
None scheduled
MSM:
Current State:
MSM-A *
-----------------------MASTER
Image Selected:
Image Booted:
Primary ver:
Secondary ver:
primary
primary
11.1.0.14
11.1.0.14
Config Selected:
Config Booted:
primary.cfg
primary.cfg
primary.cfg
Created by ExtremeWare XOS version 10.2.0.14
223 bytes saved on Fri May 14 13:36:37 2004
MSM-B
-----------------------INIT
The show switch detail command displays the same information shown above.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
75
Commands for Accessing the Switch
traceroute
traceroute {vr <vrid>} <host> {from <source IP address>} {ttl <number>}
{port <port> | icmp}
Description
Enables you to trace the routed path between the switch and a destination endstation.
Syntax Description
vr
Specifies a virtual router.
NOTE: User-created VRs are not available on the Aspen 8810 switch.
vrid
Specifies which virtual router.
NOTE: User-created VRs are not available on the Aspen 8810 switch
host
Specifies the hostname or IP address of the destination endstation.
from <source IP address>
Uses the specified source address in the ICMP packet. If not specified, the
address of the transmitting interface is used.
ttl <number>
Configures the switch to trace up to the time-to-live number of the switch.
port <port>
Specifies the UDP port number.
icmp
Configures the switch to send ICMP echo messages to trace the routed path
between the switch and a destination endstation.
Default
N/A.
Usage Guidelines
NOTE
The Aspen 8810 switch does not support user-created virtual routers.
Each router along the path is displayed.
Example
The following command enables the traceroute function to a destination of 123.45.67.8:
traceroute 123.45.67.8
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
76
traceroute
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
77
Commands for Accessing the Switch
ExtremeWare XOS 11.1 Command Reference Guide
78
3
Commands for Managing the Switch
This chapter describes commands for:
●
Configuring Simple Network Management Protocol (SNMP) parameters on the switch
●
Managing the switch using Telnet
●
Transferring files using the Trivial File Transfer Protocol (TFTP)
●
Configuring system redundancy
●
Displaying power management statistics on the switch
●
Configuring Simple Network Time Protocol (SNTP) parameters on the switch
SNMP
Any network manager running the Simple Network Management Protocol (SNMP) can manage the
switch, if the Management Information Base (MIB) is installed correctly on the management station.
Each network manager provides its own user interface to the management facilities.
The following SNMP parameters can be configured on the switch:
●
Authorized trap receivers— An authorized trap receiver can be one or more network management
stations on your network. The switch sends SNMP traps to all trap receivers. Entries in this list can
be created, modified, and deleted using the RMON2 trapDestTable MIB table, as described in RFC
2021, and the SNMPv3 tables.
●
Authorized managers—An authorized manager can be either a single network management station,
or a range of addresses (for example, a complete subnet) specified by a prefix and a mask.
●
Community strings—The community strings allow a simple method of authentication between the
switch and the remote network manager. The default read-only community string is public. The
default read-write community string is private. The community strings for all authorized trap
receivers must be configured on the switch for the trap receiver to receive switch-generated traps.
●
System contact (optional)—The system contact is a text field that enables you to enter the name of
the person(s) responsible for managing the switch.
●
System name (optional)—The system name enables you to enter a name that you have assigned to
this switch. The default name is the model name of the switch (for example, BD-1.2).
●
System location (optional)—Using the system location field, you can the location of the switch.
NOTE
If you specify volatile storage when configuring SNMP parameters, that configuration is not saved across a switch
reboot.
ExtremeWare XOS 11.1 Command Reference Guide
79
Commands for Managing the Switch
Telnet
Telnet allows you to access the switch remotely using TCP/IP through one of the switch ports or a
workstation with a Telnet facility. If you access the switch via Telnet, you will use the command line
interface (CLI) to manage the switch and modify switch configurations.
TFTP
ExtremeWare XOS supports the Trivial File Transfer Protocol (TFTP) based on RFC 1350. TFTP is a
method used to transfer files from one network device to another. The ExtremeWare XOS TFTP client is
a command line application used to contact an external TFTP server on the network. For example,
ExtremeWare XOS uses TFTP to download software image files, switch configuration files, and access
control lists (ACLs) from a server on the network to the switch.
System Redundancy
If you install two MSMs in the chassis, one assumes the role of primary (master) and the other assumes
the role of backup. The primary MSM provides all of the switch management functions including
bringing up and programming the I/O modules, running the bridging and routing protocols, and
configuring the switch. The primary also keeps synchronized with the backup MSM in case the backup
MSM needs to take over the management functions if the primary MSM fails.
Power Supply Management
ExtremeWare XOS monitors and manages power consumption on the BlackDiamond 10808 switch by
periodically checking the power supply units (PSUs) and testing them for failures. To determine the
health of the PSU, ExtremeWare XOS checks the voltage, current, and temperature of the PSU. The
power management capability of ExtremeWare XOS:
●
Monitors all installed PSUs
●
Powers up or down I/O modules based on available power and required power resources
Simple Network Time Protocol
ExtremeWare XOS supports the client portion of the Simple Network Time Protocol (SNTP) Version 3
based on RFC1769. SNTP can be used by the switch to update and synchronize its internal clock from a
Network Time Protocol (NTP) server. When enabled, the switch sends out a periodic query to the
indicated NTP server, or the switch listens to broadcast NTP updates. In addition, the switch supports
the configured setting for Greenwich Mean time (GMT) offset and the use of Daylight Saving Time.
ExtremeWare XOS 11.1 Command Reference Guide
80
configure node priority
configure node priority
configure node slot <slot_id> priority <node_pri>
Description
Configures the priority of the node.
Syntax Description
slot_id
Specifies the slot of the node. A is for the MSM installed in slot A. B is for the
MSM installed in slot B.
node_pri
Specifies the priority of the node. The default 0 gives MSM-A a higher priority
over MSM-B. The range is 1 to 100; 0 means you have not configured a node
priority.
Default
Default node priority is 0.
Usage Guidelines
Use this command to configure the priority of the node. The lower the number, the higher the priority.
The node priority is part of the selection criteria for the master node. The following list describes the
parameters used to determine the master node:
●
Node state—The node state must be STANDBY to participate in leader election and to be selected
master. If the node is in the INIT, DOWN, or FAIL states, the node will not participate in leader
election.
●
Configuration priority—This is a user assigned priority. The configured priority is compared only
after the node meets the minimum thresholds in each category for it to be healthy. Required
processes and devices must not fail.
●
Software health—This represents the percent of processes available.
●
Health of secondary hardware components—This represents the health of switch components, such
as the power supplies, fans, and so forth.
●
Slot ID—The MSM slot where the node is installed (MSM-A or MSM-B).
If you do not configure any priorities, MSM-A has a higher priority than MSM-B.
Example
The following command configures a priority of 2 for MSM-B:
configure node slot B priority 2
ExtremeWare XOS 11.1 Command Reference Guide
81
Commands for Managing the Switch
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
82
configure snmp add community
configure snmp add community
configure snmp add community [readonly | readwrite] <alphanumeric_string>
Description
Adds an SNMP read or read/write community string.
Syntax Description
readonly
Specifies read-only access to the system.
readwrite
Specifies read and write access to the system.
alphanumeric_string
Specifies an SNMP community string name. See “Usage Guidelines” for more
information.
Default
The default read-only community string is public. The default read/write community string is private.
Usage Guidelines
Community strings provide a simple method of authentication between a switch and a remote network
manager. Read community strings provide read-only access to the switch. The default read-only
community string is public. Read-write community strings provide read and write access to the switch.
The default read/write community string is private. Sixteen read-only and sixteen read/write
community strings can be configured on the switch, including the defaults.
An authorized trap receiver must be configured to use the correct community strings on the switch for
the trap receiver to receive switch-generated traps. In some cases, it may be useful to allow multiple
community strings so that all switches and trap receivers are not forced to use identical community
strings. The configure snmp add community command allows you to add multiple community
strings in addition to the default community string.
An SNMP community string can contain up to 32 characters.
Extreme Networks recommends that you changed the defaults of the community strings. To change the
value of the default read/write and read-only community strings, use the configure snmp delete
community command.
Example
The following command adds a read/write community string with the value extreme:
configure snmp add community readwrite extreme
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
83
Commands for Managing the Switch
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
84
configure snmp add trapreceiver
configure snmp add trapreceiver
configure snmp add trapreceiver <ip_address> community [[hex
<hex_community_name>] | <community_name>] {port <port_number>} {from
<src_ip_address>} {mode <trap_mode> [enhanced | standard]}
Description
Adds the IP address of a trap receiver to the trap receiver list and specifies which SNMPv1/v2c traps
are to be sent.
Syntax Description
ip_address
Specifies an SNMP trap receiver IP address.
hex_community_name
Specifies that the trap receiver is to be supplied as a colon separated string of
hex octets.
community_name
Specifies the community string of the trap receiver to be supplied in ASCII
format.
port_number
Specifies a UDP port to which the trap should be sent. Default is 162.
src_ip_address
Specifies the IP address of a VLAN to be used as the source address for the
trap.
trap_mode
Specifies the mode of the traps:
• enhanced—Contains extra varbinds at the end.
• standard—Does not contain extra varbinds.
Default
Trap receivers are in enhanced mode by default, and the version is SNMPv2c by default.
Usage Guidelines
The IP address can be unicast, multicast, or broadcast.
An authorized trap receiver can be one or more network management stations on your network.
Authorized trap receivers must be configured on the switch for the trap receiver to receive switchgenerated traps. The switch sends SNMP traps to all trap receivers configured to receive the specific
trap group.
To view the SNMP trap receivers configured on the switch, use the show management command. The
show management command displays information about the switch including the destination and
community of the SNMP trap receivers configured on the switch.
Example
The following command adds the IP address 10.101.0.100 as a trap receiver with community string
purple:
configure snmp add trapreceiver 10.101.0.100 community purple
ExtremeWare XOS 11.1 Command Reference Guide
85
Commands for Managing the Switch
The following command adds the IP address 10.101.0.105 as a trap receiver with community string
green, using port 3003:
configure snmp add trapreceiver 10.101.0.105 community green port 3003
The following command adds the IP address 10.101.0.105 as a trap receiver with community string blue,
and IP address 10.101.0.25 as the source:
configure snmp add trapreceiver 10.101.0.105 community blue from 10.101.0.25
History
This command was first available in ExtremeWare XOS 10.1.
The hex_community_name, from <src_ip_address>, and {mode <trap_mode> [enhanced |
standard]} parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
86
configure snmp delete community
configure snmp delete community
configure snmp delete community [readonly | readwrite] [all |
<alphanumeric_string>]
Description
Deletes an SNMP read or read/write community string.
Syntax Description
readonly
Specifies read-only access to the system.
readwrite
Specifies read and write access to the system.
all
Specifies all of the SNMP community stings.
alphanumeric_string
Specifies an SNMP community string name. See “Usage Guidelines” for more
information.
Default
The default read-only community string is public. The default read/write community string is private.
Usage Guidelines
You must have at least one community string for SNMP access. If you delete all of the community
strings on your system, you will no longer have SNMP access, even if you have SNMP enabled.
The community strings allow a simple method of authentication between the switch and the remote
network manager. There are two types of community strings on the switch. Read community strings
provide read-only access to the switch. The default read-only community string is public. read/write
community strings provide read and write access to the switch. The default read/write community
string is private. Sixteen read-only and sixteen read-write community strings can be configured on the
switch, including the defaults. The community string for all authorized trap receivers must be
configured on the switch for the trap receiver to receive switch-generated traps. SNMP community
strings can contain up to 32 characters.
It is recommended that you change the defaults of the read/write and read-only community strings.
Use the configure snmp add commands to configure an authorized SNMP management station.
Example
The following command deletes a read/write community string named extreme:
configure snmp delete community readwrite extreme
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
87
Commands for Managing the Switch
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
88
configure snmp delete trapreceiver
configure snmp delete trapreceiver
configure snmp delete trapreceiver [{<ip_address> {<port_number>}} | {all}]
Description
Deletes a specified trap receiver or all authorized trap receivers.
Syntax Description
ip_address
Specifies an SNMP trap receiver IP address.
port_number
Specifies the port associated with the receiver.
all
Specifies all SNMP trap receiver IP addresses.
Default
The default port number is 162.
Usage Guidelines
Use this command to delete a trap receiver of the specified IP address, or all authorized trap receivers.
This command deletes only the first SNMPv1/v2c trap receiver whose IP address and port number
match the specified value.
Example
The following command deletes the trap receiver 10.101.0.100 from the trap receiver list:
configure snmp delete trapreceiver 10.101.0.100
The following command deletes entries in the trap receiver list for 10.101.0.100, port 9990:
configure snmp delete trapreceiver 10.101.0.100 9990
Any entries for this IP address with a different community string will not be affected.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
89
Commands for Managing the Switch
configure snmp sysContact
configure snmp syscontact <sysContact>
Description
Configures the name of the system contact.
Syntax Description
sysContact
An alphanumeric string that specifies a system contact name.
Default
N/A.
Usage Guidelines
The system contact is a text field that enables you to enter the name of the person(s) responsible for
managing the switch. A maximum of 255 characters is allowed.
To view the name of the system contact listed on the switch, use the show switch command. The show
switch command displays switch statistics including the name of the system contact.
Example
The following command defines FredJ as the system contact:
configure snmp syscontact fredj
The following output from the show switch command displays FredJ as the system contact:
SysName:
SysLocation:
SysContact:
engineeringlab
englab
FredJ
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
90
configure snmp sysLocation
configure snmp sysLocation
configure snmp syslocation <sysLocation>
Description
Configures the location of the switch.
Syntax Description
sysLocation
An alphanumeric string that specifies the switch location.
Default
N/A.
Usage Guidelines
Use this command to indicate the location of the switch. A maximum of 255 characters is allowed.
To view the location of the switch on the switch, use the show switch command. The show switch
command displays switch statistics including the location of the switch.
Example
The following command configures a switch location name on the system:
configure snmp syslocation englab
The following output from the show switch command displays englab as the location of the switch:
SysName:
SysLocation:
SysContact:
engineeringlab
englab
FredJ
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
91
Commands for Managing the Switch
configure snmp sysName
configure snmp sysname <sysName>
Description
Configures the name of the switch.
Syntax Description
sysName
An alphanumeric string that specifies a device name.
Default
The default sysname is the model name of the device (for example, BlackDiamond10808).
Usage Guidelines
You can use this command to change the name of the switch. A maximum of 32 characters is allowed.
The sysname appears in the switch prompt.
To view the name of the system listed on the switch, use the show switch command. The show switch
command displays switch statistics including the name of the system.
Example
The following command names the switch:
configure snmp sysname engineeringlab
The following output from the show switch command displays engineeringlab as the name of the
switch:
SysName:
SysLocation:
SysContact:
engineeringlab
englab
FredJ
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
92
configure snmpv3 add access
configure snmpv3 add access
configure snmpv3 add access [[hex <hex_group_name>] | <group_name>] {secmodel [snmpv1 | snmpv2c | usm]} {sec-level [noauth | authnopriv | priv]}
{read-view [[hex <hex_read_view_name>] | <read_view_name>]} {write-view
[[hex <hex_write_view_name>]] | <write_view_name>]} {notify-view [[hex
<hex_notify_view_name]] | <notify_view_name>]} {volatile}
Description
Creates (and modifies) a group and its access rights.
Syntax Description
hex_group_name
Specifies the group name to add or modify. The value is to be supplied as a
colon separated string of hex octets.
group_name
Specifies the group name to add or modify. The value is to be supplied in
ASCII format.
sec-model
Specifies the security model to use.
snmpv1
Specifies the SNMPv1 security model.
snmpv2c
Specifies the SNMPv2c security model.
usm
Specifies the SNMPv3 User-based Security Model (USM).
sec-level
Specifies the security level for the group.
noauth
Specifies no authentication (and implies no privacy) for the security level.
authnopriv
Specifies authentication and no privacy for the security level.
priv
Specifies authentication and privacy for the security level.
read-view
Specifies the read view name:
• hex_read_view_name—Specifies a hex value supplied as a colon
separated string of hex octets
• read_view_name—Specifies an ASCII value
write-view
Specifies the write view name:
• hex_write_view_name—Specifies a hex value supplied as a colon
separated string of hex octets
• write_view_name—Specifies an ASCII value
notify-view
Specifies the notify view name:
• hex_notify_view_name—Specifies a hex value supplied as a colon
separated string of hex octets
• notify_view_name—Specifies an ASCII value
volatile
Specifies volatile storage.
Default
The default values are:
●
sec-model—USM
●
sec-level—noauth
ExtremeWare XOS 11.1 Command Reference Guide
93
Commands for Managing the Switch
●
read view name—defaultUserView
●
write view name— “”
●
notify view name—defaultNotifyView
●
non-volatile storage
Usage Guidelines
Use this command to configure access rights for a group. All access groups are created with a unique
default context, “”, as that is the only supported context.
Use more than one character when creating unique community strings and access group names.
A number of default (permanent) groups are already defined. These groups are: admin, initial, v1v2c_ro,
v1v2c_rw.
●
The default groups defined (permanent) are v1v2c_ro for security name v1v2c_ro, v1v2c_rw for
security name v1v2c_rw, admin for security name admin, and initial for security names initial,
initialmd5, initialsha, initialmd5Priv and initialshaPriv.
●
The default access defined (permanent) are admin, initial, v1v2c_ro, v1v2c_rw, and v1v2cNotifyGroup.
Example
In the following command, access for the group defaultROGroup is created with all the default values:
security model usm, security level noauth, read view defaultUserView, no write view, notify view
defaultNotifyView, and storage nonvolatile.
configure snmpv3 add access defaultROGroup
In the following command, access for the group defaultROGroup is created with the values: security
model USM, security level authnopriv, read view defaultAdminView, write view defaultAdminView, notify
view defaultAdminView, and storage nonvolatile.
configure snmpv3 add access defaultROGroup sec-model usm sec-level authnopriv readview defaultAdminView write-view defaultAdminView notify-view defaultAdminView
History
This command was first available in ExtremeWare XOS 10.1.
The hex_read_view_name, hex_write_view_name, and hex_notify_view_name parameters were added
in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
94
configure snmpv3 add community
configure snmpv3 add community
configure snmpv3 add community [[hex <hex_community_index>] |
<community_index>] name [[hex <hex_community_name>] |<community_name>] user
[[hex <hex_user_name>] | <user_name>] {tag [[hex <hex_transport_tag>] |
<transport_tag>]} {volatile}
Description
Adds an SNMPv3 community entry.
Syntax Description
hex_community_index
Specifies the row index in the snmpCommunity table as a hex value supplied
as a colon separated string of hex octets.
community_index
Specifies the row index in the snmpCommunity Table as an ASCII value.
hex_community_name
Specifies the community name as a hex value supplied as a colon separated
string of hex octets
community_name
Specifies the community name as an ASCII value.
hex_user_name
Specifies the USM user name as a hex value supplied as a colon separated
string of hex octets.
user_name
Specifies the USM user name as an ASCII value.
tag
Specifies the tag used to locate transport endpoints in SnmpTargetAddrTable.
When this community entry is used to authenticate v1/v2c messages, this tag
is used to verify the authenticity of the remote entity.
• hex_transport_tag—Specifies a hex value supplied as a colon
separated string of hex octets
• transport_tag—Specifies an ASCII value
volatile
Specifies volatile storage.
Default
N/A.
Usage Guidelines
Use this command to create or modify an SMMPv3 community in the community MIB.
Example
The following command creates an entry with the community index comm_index, community name
comm_public, and user (security) name v1v2c_user:
configure snmpv3 add community comm_index name comm_public user v1v2c_user
ExtremeWare XOS 11.1 Command Reference Guide
95
Commands for Managing the Switch
The following command creates an entry with the community index (hex) of 12:0E, community name
(hex) of EA:12:CD:CF:AB:11:3C, user (security) name v1v2c_user, using transport tag 34872 and volatile
storage:
configure snmpv3 add community hex 12:0E name hex EA:12:CD:CF:AB:11:3C user v1v2c_user
tag 34872 volatile
History
This command was first available in ExtremeWare XOS. 10.1.
The hex_community_index, hex_community_name, hex_user_name, and hex_transport_tag
parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
96
configure snmpv3 add filter
configure snmpv3 add filter
configure snmpv3 add filter [[hex <hex_profile_name>] | <profile_name>]
subtree <object_identifier> {/<subtree_mask>} type [included | excluded]
{volatile}
Description
Adds a filter to a filter profile.
Syntax Description
hex_profile_name
Specifies the filter profile that the current filter is added to. The value is to be
supplied as a colon separated string of hex octets.
profile_name
Specifies the filter profile that the current filter is added to in ASCII format.
object identifier
Specifies a MIB subtree.
subtree_mask
Specifies a hex octet string used to mask the subtree. For example, f7a
indicates 1.1.1.1.0.1.1.1.1.0.1.0.
included
Specifies that the MIB subtree defined by <object identifier>/<mask> is to be
included.
excluded
Specifies that the MIB subtree defined by <object identifier>/<mask> is to be
excluded.
volatile
Specifies volatile storage.
Default
The default values are:
●
mask value—empty string (all 1s)
●
type—included
●
storage—non-volatile
Usage Guidelines
Use this command to create a filter entry in the snmpNotifyFilterTable. Each filter includes or excludes a
portion of the MIB. Multiple filter entries comprise a filter profile that can eventually be associated with
a target address. Other commands are used to associate a filter profile with a parameter name, and the
parameter name with a target address.
This command can be used multiple times to configure the exact filter profile desired.
Example
The following command adds a filter to the filter profile prof1 that includes the MIB subtree 1.3.6.1.4.1/
f0:
configure snmpv3 add filter prof1 subtree 1.3.6.1.4.1/f0 type included
ExtremeWare XOS 11.1 Command Reference Guide
97
Commands for Managing the Switch
History
This command was first available in ExtremeWare XOS 10.1.
The hex_profile_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
98
configure snmpv3 add filter-profile
configure snmpv3 add filter-profile
configure snmpv3 add filter-profile [[hex <hex_profile_name>] |
<profile_name>] param [[hex <hex_param_name>]] | <param_name>] {volatile}
Description
Associates a filter profile with a parameter name.
Syntax Description
hex_profile_name
Specifies the filter profile name. The value is to be supplied as a colon
separated string of hex octets.
profile_name
Specifies the filter profile name in ASCII format.
hex_param_name
Specifies a parameter name to associate with the filter profile. The value to
follow is to be supplies as a colon separated string of hex octets.
param_name
Specifies a parameter name to associate with the filter profile in ASCII format.
volatile
Specifies volatile storage.
Default
The default storage type is non-volatile.
Usage Guidelines
Use this command to add an entry to the snmpNotifyFilterProfileTable. This table associates a filter
profile with a parameter name. The parameter name is associated with target addresses, and the filter
profile is associated with a series of filters, so, in effect, you are associating a series of filters with a
target address.
Example
The following command associates the filter profile prof1 with the parameter name P1:
configure snmpv3 add filter-profile prof1 param P1
History
This command was first available in ExtremeWare XOS 10.1.
The hex_profile_name and hex_param_name parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
99
Commands for Managing the Switch
configure snmpv3 add group user
configure snmpv3 add group [[hex <hex_group_name>] | <group_name>] user
[[hex <hex_user_name>] | <user_name>] {sec-model [snmpv1| snmpv2c | usm]}
{volatile}
Description
Adds a user name (security name) to a group.
Syntax Description
hex_group_name
Specifies the group name to add or modify. The value is to be supplied as a
colon separated string of hex octets.
group_name
Specifies the group name to add or modify in ASCII format.
hex_user_name
Specifies the user name to add or modify. The value to follow is to be supplies
as a colon separated string of hex octets.
user_name
Specifies the user name to add or modify in ASCII format.
sec-model
Specifies the security model to use.
snmpv1
Specifies the SNMPv1 security model.
snmpv2c
Specifies the SNMPv2c security model.
usm
Specifies the SNMPv3 User-based Security Model (USM).
volatile
Specifies volatile storage.
Default
The default values are:
●
sec-model—USM
●
non-volatile storage
Usage Guidelines
Use this command to associate a user name with a group.
As per the SNMPv3 RFC, a security name is model independent while a username is model dependent.
For simplicity, both are assumed to be same here. User names and security names are handled the same.
In other words, if a user is created with the user name username, the security name value is the same,
username.
Every group is uniquely identified by a security name and security model. So the same security name
can be associated to a group name but with different security models.
Example
The following command associates the user userV1 to the group defaultRoGroup with SNMPv1 security:
configure snmpv3 add group defaultRoGroup user userV1 sec-model snmpv1
ExtremeWare XOS 11.1 Command Reference Guide
100
configure snmpv3 add group user
The following command associates the user userv3 with security model USM and storage type volatile
to the access group defaultRoGroup:
configure snmpv3 add group defaultRoGroup user userV3 volatile
History
This command was first available in ExtremeWare XOS 10.1.
The hex_group_name and hex_user_name parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
101
Commands for Managing the Switch
configure snmpv3 add mib-view
configure snmpv3 add mib-view [[hex <hex_view_name>] | <view_name>]
subtree <object_identifier> {/<subtree_mask>} {type [included | excluded]}
{volatile}
Description
Adds (and modifies) a MIB view.
Syntax Description
hex_view_name
Specifies the MIB view name to add or modify. The value is to be supplies as
a colon separated string of hex octets.
view_name
Specifies the MIB view name to add or modify in ASCII format.
object_identifier
Specifies a MIB subtree.
subtree_mask
Specifies a hex octet string used to mask the subtree. For example, f7a
indicates 1.1.1.1.0.1.1.1.1.0.1.0.
included
Specifies that the MIB subtree defined by <subtree>/<mask> is to be included.
excluded
Specifies that the MIB subtree defined by <subtree>/<mask> is to be
excluded.
volatile
Specifies volatile storage.
Default
The default mask value is an empty string (all 1s). The other default values are included and nonvolatile.
Usage Guidelines
Use this command to create a MIB view into a subtree of the MIB. If the view already exists, this
command modifies the view to additionally include or exclude the specified subtree.
In addition to the created MIB views, there are three default views. They are of storage type permanent
and cannot be deleted, but they can be modified. The default views are: defaultUserView,
defaultAdminView, and defaultNotifyView.
Example
The following command creates the MIB view allMIB with the subtree 1.3 included as non-volatile:
configure snmpv3 add mib-view allMIB subtree 1.3
The following command creates the view extremeMib with the subtree 1.3.6.1.4.1.1916 included as nonvolatile:
configure snmpv3 add mib-view extremeMib subtree 1.3.6.1.4.1.1916
ExtremeWare XOS 11.1 Command Reference Guide
102
configure snmpv3 add mib-view
The following command creates a view vrrpTrapNewMaster which excludes VRRP notification .1 and the
entry is volatile:
configure snmpv3 add mib-view vrrpTrapNewMaster 1.3.6.1.2.1.68.0.1/ff8 type excluded
volatile
History
This command was first available in ExtremeWare XOS 10.1.
The hex_view_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
103
Commands for Managing the Switch
configure snmpv3 add notify
configure snmpv3 add notify [[hex <hex_notify_name>] | <notify_name>] tag
[[hex <hex_tag>] | <tag>] {volatile}
Description
Adds an entry to the snmpNotifyTable.
Syntax Description
hex_notify_name
Specifies the notify name to add. The value is to be supplied as a colon
separated string of hex octets.
notify_name
Specifies the notify name to add in ASCII format.
hex_tag
Specifies a string identifier for the notifications to be sent to the target. The
value is supplied as a colon separated string of octets.
tag
Specifies a string identifier for the notifications to be sent to the target in
ASCII format.
volatile
Specifies volatile storage. By specifying volatile storage, the configuration is
not saved across a switch reboot.
Default
The default storage type is non-volatile.
Usage Guidelines
Use this command to add an entry to the snmpNotifyTable. When a notification is to be sent, this table
is examined. For the target addresses that have been associated with the tags present in the table,
notifications are sent based on the filters also associated with the target addresses.
Example
The following command sends notifications to addresses associated with the tag type1:
configure snmpv3 add notify N1 tag type1
History
This command was first available in ExtremeWare XOS 10.1.
The hex_notify_name and hex_tag parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
104
configure snmpv3 add target-addr
configure snmpv3 add target-addr
configure snmpv3 add target-addr [[hex <hex_addr_name] | <addr_name>] param
[[hex <hex_param_name] | <param_name>] ipaddress [[<ip_address>
{<netmask>}] | <ip_address>] {transport-port <port_number> {from
<src_ip_address>} {tag-list <tag_list>} {volatile}
Description
Adds and configures an SNMPv3 target address and associates filtering, security, and notifications with
that address.
Syntax Description
hex_addr_name
Specifies a string identifier for the target address. The value is to be supplied
as a colon separated string of hex octets.
addr_name
Specifies a string identifier for the target address in ASCII format.
hex_param_name
Specifies the parameter name associated with the target. The value is to be
supplied as a colon separated string of hex octets.
param_name
Specifies the parameter name associated with the target in ASCII format.
ip_address
Specifies an SNMPv3 target IP address.
port_number
Specifies a UDP port. Default is 162.
src_ip_address
Specifies the IP address of a VLAN to be used as the source address for the
trap.
tag-list
Specifies a list of comma separated string identifiers for the notifications to be
sent to the target.
volatile
Specifies volatile storage. By specifying volatile storage, the configuration is
not saved across a switch reboot.
Default
The default values are:
●
transport-port—port 162
●
non-volatile storage
If you do not specify tag-list the single tag defaultNotify, a pre-defined value in the snmpNotifyTable,
is used.
Usage Guidelines
Use this command to create an entry in the SNMPv3 snmpTargetAddressTable. The param parameter
associates the target address with an entry in the snmpTargetParamsTable, which specifies security and
storage parameters for messages to the target address, and an entry in the snmpNotifyFilterProfileTable,
which specifies filter profiles to use for notifications to the target address. The filter profiles are
associated with the filters in the snmpNotifyFilterTable.
The list of tag-lists must match one or more of the tags in the snmpNotifyTable for the trap to be sent
out.
ExtremeWare XOS 11.1 Command Reference Guide
105
Commands for Managing the Switch
Example
The following command specifies a target address of 10.203.0.22 with the name A1, and associates it
with the security parameters and target address parameter P1:
configure snmpv3 add target-addr A1 param P1 ipaddress 10.203.0.22
The following command specifies a target address of 10.203.0.22 with the name A1, and associates it
with the security parameters and target address parameter P1, and the notification tags type1 and type2:
configure snmpv3 add target-addr A1 param P1 ipaddress 10.203.0.22 from 10.203.0.23
tag-list type1,type2
History
This command was first available in ExtremeWare XOS 10.1.
The hex_addr_name, hex_param_name, from <src_ip_address>, and tag-list <tag_list>
parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
106
configure snmpv3 add target-params
configure snmpv3 add target-params
configure snmpv3 add target-params [[hex <hex_param_name>] | <param_name>]
user [[hex <hex_user_name>] | <user_name>] mp-model [snmpv1 | snmpv2c |
snmpv3] sec-model [snmpv1 | snmpv2c | usm] {sec-level [noauth | authnopriv
| priv]} {volatile}
Description
Adds and configures SNMPv3 target parameters.
Syntax Description
hex_param_name
Specifies the parameter name associated with the target. The value is to be
supplied as a colon separated string of hex octets.
param_name
Specifies the parameter name associated with the target in ASCII format.
hex_user_name
Specifies a user name. The value is to be supplied as a colon separated string
of hex octets.
user_name
Specifies a user name in ASCII format.
mp-model
Specifies a message processing model; choose from SNMPv1, SNMPv2, or
SNMPv3.
sec-model
Specifies the security model to use.
snmpv1
Specifies the SNMPv1 security model.
snmpv2c
Specifies the SNMPv2c security model.
usm
Specifies the SNMPv3 User-based Security Model (USM).
sec-level
Specifies the security level for the group.
noauth
Specifies no authentication (and implies no privacy) for the security level.
authnopriv
Specifies authentication and no privacy for the security level.
authpriv
Specifies authentication and privacy for the security level.
volatile
Specifies volatile storage. By specifying volatile storage, the configuration is
not saved across a switch reboot.
Default
The default values are:
●
sec-level—noauth
●
non-volatile storage
Usage Guidelines
Use this command to create an entry in the SNMPv3 snmpTargetParamsTable. This table specifies the
message processing model, security level, security model, and the storage parameters for messages to
any target addresses associated with a particular parameter name.
To associate a target address with a parameter name, see the command configure snmpv3 add
target-addr.
ExtremeWare XOS 11.1 Command Reference Guide
107
Commands for Managing the Switch
Example
The following command specifies a target parameters entry named P1, a user name of guest, message
processing and security model of SNMPv2c, and a security level of no authentication:
configure snmpv3 add target-params P1 user guest mp-model snmpv2c sec-model snmpv2c
sec-level noauth
History
This command was first available in ExtremeWare XOS 10.1.
The hex_param_name and hex_user_name parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
108
configure snmpv3 add user
configure snmpv3 add user
configure snmpv3 add user [[hex <hex_user_name>] | <user_name>]
{authentication [md5 | sha] [hex <hex_auth_password> | <auth_password>]}
{privacy [hex <hex_priv_password> | <priv_password>]} {volatile}
Description
Adds (and modifies) an SNMPv3 user.
Syntax Description
hex_user_name
Specifies the user name to add or modify. The value is to be supplied as a
colon separated string of hex octets.
user_name
Specifies the user name to add or modify in ASCII format.
MD5
Specifies MD5 authentication.
SHA
Specifies SHA authentication.
authentication
Specifies the authentication password or hex string to use for generating the
authentication key for this user.
privacy
Specifies the privacy password or hex string to use for generating the privacy
key for this user.
volatile
Specifies volatile storage. By specifying volatile storage, the configuration is
not saved across a switch reboot.
Default
The default values are:
●
authentication—no authentication
●
privacy—no privacy
●
non-volatile storage
Usage Guidelines
Use this command to create or modify an SNMPv3 user configuration.
If hex is specified, supply a 16 octet hex string for MD5, or a 20 octet hex string for SHA.
You must specify authentication if you want to specify privacy. There is no support for privacy without
authentication.
The default user names are: admin, initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv. The initial
password for admin is password. For the other default users, the initial password is the user name.
ExtremeWare XOS 11.1 Command Reference Guide
109
Commands for Managing the Switch
Example
The following command configures the user guest on the local SNMP Engine with security level noauth
(no authentication and no privacy):
configure snmpv3 add user guest
The following command configures the user authMD5 to use MD5 authentication with the password
palertyu:·
configure snmpv3 add user authMD5 authentication md5
palertyu
The following command configures the user authShapriv to use SHA authentication with the hex key
shown below, the privacy password palertyu, and volatile storage:
configure snmpv3 add user authShapriv authentication sha hex
01:03:04:05:01:05:02:ff:ef:cd:12:99:34:23:ed:ad:ff:ea:cb:11 privacy palertyu volatile
History
This command was first available in ExtremeWare XOS 10.1.
The hex_user_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
110
configure snmpv3 add user clone-from
configure snmpv3 add user clone-from
configure snmpv3 add user [[hex <hex_user_name>] | <user_name>] clone-from
[[hex <hex_user_name>] | <user_name>]
Description
Creates a new user by cloning from an existing SNMPv3 user.
Syntax Description
hex_user_name
Specifies the user name to add or to clone from. The value is to be supplies as
a colon separated string of hex octets.
user_name
Specifies the user name to add or to clone from in ASCII format.
Default
N/A.
Usage Guidelines
Use this command to create a new user by cloning an existing one. After you have successfully cloned
the new user, you can modify its parameters using the following command:
configure snmpv3 add user [[hex <hex_user_name>] | <user_name>] {authentication [md5 |
sha] [hex <hex_auth_password> | <auth_password>]} {privacy [hex <hex_priv_password> |
<priv_password>]} {volatile}
Users cloned from the default users will have the storage type of non-volatile. The default names are:
admin, initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv.
Example
The following command creates a user cloneMD5 with same properties as the default user initalmd5. All
authorization and privacy keys will initially be the same as with the default user initialmd5.
configure snmpv3 add user cloneMD5 clone-from initialmd5
History
This command was first available in ExtremeWare XOS 10.1.
The hex_user_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
111
Commands for Managing the Switch
configure snmpv3 delete access
configure snmpv3 delete access [all-non-defaults | {[[hex <hex_group_name>]
| <group_name>] {sec-model [snmpv1 | snmpv2c | usm] sec-level [noauth |
authnopriv | priv]}}]
Description
Deletes access rights for a group.
Syntax Description
all-non-defaults
Specifies that all non-default (non-permanent) security groups are to be
deleted.
hex_group_name
Specifies the group name to be deleted. The value is to be supplies as a colon
separated string of hex octets.
group_name
Specifies the group name to be deleted in ASCII format.
sec-model
Specifies the security model to use.
snmpv1
Specifies the SNMPv1 security model.
snmpv2c
Specifies the SNMPv2c security model.
usm
Specifies the SNMPv3 User-based Security Model (USM).
sec-level
Specifies the security level for the group.
noauth
Specifies no authentication (and implies no privacy) for the security level.
authnopriv
Specifies authentication and no privacy for the security level.
priv
Specifies authentication and privacy for the security level.
Default
The default values are:
●
sec-model—USM
●
sec-level—noauth
Usage Guidelines
Use this command to remove access rights for a group. Use the all-non-defaults keyword to delete
all the security groups, except for the default groups. The default groups are: admin, initial, v1v2c_ro,
v1v2c_rw.
Deleting an access will not implicitly remove the related group to user association from the
VACMSecurityToGroupTable. To remove the association, use the following command:
configure snmpv3 delete group {[[hex <hex_group_name>] | <group_name>]} user [all-nondefaults | {[[hex <hex_user_name>] | <user_name>] {sec-model [snmpv1|snmpv2c|usm]}}]
ExtremeWare XOS 11.1 Command Reference Guide
112
configure snmpv3 delete access
Example
The following command deletes all entries with the group name userGroup:
configure snmpv3 delete access userGroup
The following command deletes the group userGroup with the security model snmpv1 and security level
of authentication and no privacy (authnopriv):
configure snmpv3 delete access userGroup sec-model snmpv1 sec-level authnopriv
History
This command was first available in ExtremeWare XOS 10.1.
The hex_group_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
113
Commands for Managing the Switch
configure snmpv3 delete community
configure snmpv3 delete community [all-non-defaults | {[[hex
<hex_community_index>] | <community_index>} | {name [[hex
<hex_community_name>] | <community_name>}]
Description
Deletes an SNMPv3 community entry.
Syntax Description
all-non-defaults
Specifies that all non-default community entries are to be removed.
hex_community_index
Specifies the row index in the snmpCommunityTable. The value is to be
supplied as a colon separated string of hex octets.
community_index
Specifies the row index in the snmpCommunityTable in ASCII format.
hex_community_name
Specifies the community name. The value is to be supplied as a colon
separated string of hex octets.
community_name
Specifies the community name in ASCII format.
Default
The default entries are public and private.
Usage Guidelines
Use this command to delete an SMMPv3 community in the community MIB.
Example
The following command deletes an entry with the community index comm_index:
configure snmpv3 delete community comm_index
The following command creates an entry with the community name (hex) of EA:12:CD:CF:AB:11:3C:
configure snmpv3 delete community name hex EA:12:CD:CF:AB:11:3C
History
This command was first available in ExtremeWare XOS 10.1.
The hex_community_index and hex_community_name parameters were added in ExtremeWare XOS
11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
114
configure snmpv3 delete filter
configure snmpv3 delete filter
configure snmpv3 delete filter [all | [[hex <hex_profile_name>] |
<profile_name>] {subtree <object_identifier>}]]
Description
Deletes a filter from a filter profile.
Syntax Description
all
Specifies all filters.
hex_profile_name
Specifies the filter profile of the filter to delete. The value is to be supplied as
a colon separated string of hex octets.
profile_name
Specifies the filter profile of the filter to delete in ASCII format.
object_identifier
Specifies the MIB subtree of the filter to delete.
Default
N/A.
Usage Guidelines
Use this command to delete a filter entry from the snmpNotifyFilterTable. Specify all to remove all
entries. Specify a profile name to delete all entries for that profile name. Specify a profile name and a
subtree to delete just those entries for that filter profile and subtree.
Example
The following command deletes the filters from the filter profile prof1 that reference the MIB subtree
1.3.6.1.4.1:
configure snmpv3 delete filter prof1 subtree 1.3.6.1.4.1
History
This command was first available in ExtremeWare XOS 10.1.
The hex_profile_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
115
Commands for Managing the Switch
configure snmpv3 delete filter-profile
configure snmpv3 delete filter-profile [all |[[hex <hex_profile_name>] |
<profile_name>] {param [[hex <hex_param_name>] | <param_name>}]]
Description
Removes the association of a filter profile with a parameter name.
Syntax Description
all
Specifies all filter profiles.
hex_profile_name
Specifies the filter profile name to delete. The value is to be supplied as a
colon separated string of hex octets.
profile_name
Specifies the filter profile name to delete in ASCII format.
hex_param_name
Specifies to delete the filter profile with the specified profile name and
parameter name. The value is to be supplied as a colon separated string of hex
octets.
param_name
Specifies to delete the filter profile with the specified profile name and
parameter name in ASCII format.
Default
The default storage type is non-volatile.
Usage Guidelines
Use this command to delete entries from the snmpNotifyFilterProfileTable. This table associates a filter
profile with a parameter name. Specify all to remove all entries. Specify a profile name to delete all
entries for that profile name. Specify a profile name and a parameter name to delete just those entries
for that filter profile and parameter name.
Example
The following command deletes the filter profile prof1 with the parameter name P1:
configure snmpv3 delete filter-profile prof1 param P1
History
This command was first available in ExtremeWare XOS 10.1.
The hex_profile_name and hex_param_name parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
116
configure snmpv3 delete group user
configure snmpv3 delete group user
configure snmpv3 delete group {[[hex <hex_group_name>] | <group_name>]}
user [all-non-defaults | {[[hex <hex_user_name>] | <user_name>] {sec-model
[snmpv1|snmpv2c|usm]}}]
Description
Deletes a user name (security name) from a group.
Syntax Description
hex_group_name
Specifies the group name to delete or modify. The value is to be supplied as a
colon separated string of hex octets.
group_name
Specifies the group name to delete or modify in ASCII format.
all-non-defaults
Specifies that all non-default (non-permanent) users are to be deleted from the
group.
hex_user_name
Specifies the user name to delete or modify. The value is to be supplied as a
colon separated string of hex octets.
user_name
Specifies the user name to delete or modify in ASCII format.
sec-model
Specifies the security model to use.
snmpv1
Specifies the SNMPv1 security model.
snmpv2c
Specifies the SNMPv2c security model.
usm
Specifies the SNMPv3 User-based Security Model (USM).
Default
The default value for sec-model is USM.
Usage Guidelines
Use this command to remove the associate of a user name with a group.
As per the SNMPv3 RFC, a security name is model independent while a username is model dependent.
For simplicity, both are assumed to be same here. User names and security names are handled the same.
In other words, if a user is created with the user name username, the security name value is the same,
username.
Every group is uniquely identified by a security name and security model. So the same security name
can be associated to a group name but with different security models.
The default groups are: admin, initial, v1v2c_ro, v1v2c_rw.
The default users are: admin, initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv.
ExtremeWare XOS 11.1 Command Reference Guide
117
Commands for Managing the Switch
Example
The following command deletes the user guest from the group UserGroup for the security model
snmpv2c:
configure snmpv3 delete group UserGroup user guest sec-model snmpv2c
The following command deletes the user guest from the group userGroup with the security model USM:
configure snmpv3 delete group userGroup user guest
History
This command was first available in ExtremeWare XOS 10.1.
The hex_group_name and the hex_user_name parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
118
configure snmpv3 delete mib-view
configure snmpv3 delete mib-view
configure snmpv3 delete mib-view [all-non-defaults | {[[hex
<hex_view_name>] | <view_name>] {subtree <object_identifier>}}]
Description
Deletes a MIB view.
Syntax Description
all-non-defaults
Specifies that all non-default (non-permanent) MIB views are to be deleted.
hex_view_name
Specifies the MIB view to delete. The value is to be supplied as a colon
separated string of hex octets.
view_name
Specifies the MIB view name to delete in ASCII format.
object_identifier
Specifies a MIB subtree.
Default
N/A.
Usage Guidelines
Use this command to delete a MIB view. Views which are being used by security groups cannot be
deleted. Use the all-non-defaults keyword to delete all the MIB views (not being used by security
groups) except for the default views. The default views are: defaultUserView, defaultAdminView, and
defaultNotifyView.
Use the configure snmpv3 add mib-view command to remove a MIB view from its security group,
by specifying a different view.
Example
The following command deletes all views (only the permanent views will not be deleted):
configure snmpv3 delete mib-view all-non-defaults
The following command deletes all subtrees with the view name AdminView:
configure snmpv3 delete mib-view AdminView
The following command deletes the view AdminView with subtree 1.3.6.1.2.1.2
configure snmpv3 delete
mib-view AdminView subtree 1.3.6.1.2.1.2
ExtremeWare XOS 11.1 Command Reference Guide
119
Commands for Managing the Switch
History
This command was first available in ExtremeWare XOS 10.1.
The hex_view_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
120
configure snmpv3 delete notify
configure snmpv3 delete notify
configure snmpv3 delete notify [{[[hex <hex_notify_name>] | <notify_name>]}
| all-non-defaults]
Description
Deletes an entry from the snmpNotifyTable.
Syntax Description
hex_notify_name
Specifies the notify name to add. The value is to be supplied as a colon
separated string of hex octets.
notify_name
Specifies the notify name to add in ASCII format.
all-non-defaults
Specifies that all non-default (non-permanent) notifications are to be deleted.
Default
N/A.
Usage Guidelines
Use this command to delete an entry from the snmpNotifyTable. When a notification is to be sent, this
table is examined. For the target addresses that have been associated with the tags present in the table,
notifications will be sent, based on the filters also associated with the target addresses.
The one default notification that cannot be deleted is defaultNotify.
Example
The following command removes the N1 entry from the table:
configure snmpv3 delete notify N1
History
This command was first available in ExtremeWare XOS 10.1.
The hex_notify_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
121
Commands for Managing the Switch
configure snmpv3 delete target-addr
configure snmpv3 delete target-addr [{[[hex <hex_addr_name>] |
<addr_name>]} | all]
Description
Deletes SNMPv3 target addresses.
Syntax Description
hex_addr_name
Specifies an identifier for the target address. The value is to be supplied as a
colon separated string of hex octets.
addr_name
Specifies a string identifier for the target address.
all
Specifies all target addresses.
Default
N/A.
Usage Guidelines
Use this command to delete an entry in the SNMPv3 snmpTargetAddressTable.
Example
The following command deletes target address named A1:
configure snmpv3 delete target-addr A1
History
This command was first available in ExtremeWare XOS 10.1.
The hex_addr_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
122
configure snmpv3 delete target-params
configure snmpv3 delete target-params
configure snmpv3 delete target-params [{[[hex <hex_param_name>] |
<param_name>]} | all]
Description
Deletes SNMPv3 target parameters.
Syntax Description
hex_param_name
Specifies the parameter name associated with the target. The value is to be
supplied as a colon separated string of hex octets.
param_name
Specifies the parameter name associated with the target in ASCII format.
Default
N/A.
Usage Guidelines
Use this command to delete an entry in the SNMPv3 snmpTargetParamsTable. This table specifies the
message processing model, security level, security model, and the storage parameters for messages to
any target addresses associated with a particular parameter name.
Example
The following command deletes a target parameters entry named P1:
configure snmpv3 delete target-params P1
History
This command was first available in ExtremeWare XOS 10.1.
The hex_param_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
123
Commands for Managing the Switch
configure snmpv3 delete user
configure snmpv3 delete user [all-non-defaults | [[hex <hex_user_name>] |
<user_name>]]
Description
Deletes an existing SNMPv3 user.
Syntax Description
all-non-defaults
Specifies that all non-default (non-permanent) users are to be deleted.
hex_user_name
Specifies the user name to delete. The value is to be supplied as a colon
separated string of hex octets.
user_name
Specifies the user name to delete.
Default
N/A.
Usage Guidelines
Use this command to delete an existing user.
Use the all-non-defaults keyword to delete all users, except for the default (permanent) users. The
default user names are: admin, initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv.
Deleting a user will not implicitly remove the related group to user association from the
VACMSecurityToGroupTable. To remove the association, use the following command:
configure snmpv3 delete group {[[hex <hex_group_name>] | <group_name>]} user [all-nondefaults | {[[hex <hex_user_name>] | <user_name>] {sec-model [snmpv1|snmpv2c|usm]}}]
Example
The following command deletes all non-default users:
configure snmpv3 delete user all-non-defaults
The following command deletes the user guest:
configure snmpv3 delete user guest
History
This command was first available in ExtremeWare XOS 10.1.
The hex_user_name parameter was added in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
124
configure snmpv3 delete user
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
125
Commands for Managing the Switch
configure snmpv3 engine-boots
configure snmpv3 engine-boots <(1-2147483647)>
Description
Configures the SNMPv3 Engine Boots value.
Syntax Description
(1-2147483647)
Specifies the value of engine boots.
Default
N/A.
Usage Guidelines
Use this command if the Engine Boots value needs to be explicitly configured. Engine Boots and Engine
Time will be reset to zero if the Engine ID is changed. Engine Boots can be set to any desired value but
will latch on its maximum, 2147483647.
Example
The following command configures Engine Boots to 4096:
configure snmpv3 engine-boots 4096
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
126
configure snmpv3 engine-id
configure snmpv3 engine-id
configure snmpv3 engine-id <hex_engine_id>
Description
Configures the SNMPv3 snmpEngineID.
Syntax Description
hex_engine_id
Specifies the colon delimited hex octet that serves as part of the
snmpEngineID (5-32 octets).
Default
The default snmpEngineID is the device MAC address.
Usage Guidelines
Use this command if the snmpEngineID needs to be explicitly configured. The first four octets of the ID
are fixed to 80:00:07:7C,which represents Extreme Networks Vendor ID. Once the snmpEngineID is
changed, default users will be reverted back to their original passwords/keys, while non-default users
will be reset to the security level of no authorization, no privacy.
In a chassis, the snmpEngineID will be generated using the MAC address of the MSM with which the
switch boots first. For MSM hitless failover, the same snmpEngineID will be propagated to both of the
MSMs.
Example
The following command configures the snmpEngineID to be 80:00:07:7C:00:0a:1c:3e:11:
configure snmpv3 engine-id 00:0a:1c:3e:11
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
127
Commands for Managing the Switch
configure sntp-client
configure sntp-client [primary | secondary] <host-name-or-ip> {vr
<vr_name>}
Description
Configures an NTP server for the switch to obtain time information.
Syntax Description
primary
Specifies a primary server name.
secondary
Specifies a secondary server name.
host-name-or-ip
Specifies a host name or IP address.
vr
Specifies use of a virtual router.
NOTE: The Aspen 8810 switch does not support user-created VRs.
vr_name
Specifies the name of a virtual router.
Default
N/A.
Usage Guidelines
NOTE
The Aspen 8810 switch does not support user-created VRs.
Queries are first sent to the primary server. If the primary server does not respond within 1 second, or if
it is not synchronized, the switch queries the second server. If the switch cannot obtain the time, it
restarts the query process. Otherwise, the switch waits for the sntp-client update interval before
querying again.
Example
The following command configures a primary NTP server:
configure sntp-client primary 10.1.2.2
The following command configures the primary NTP server to use the management virtual router VRMgmt
configure sntp-client primary 10.1.2.2 vr VR-Mgmt
ExtremeWare XOS 11.1 Command Reference Guide
128
configure sntp-client
History
This command was first available in ExtremeWare XOS 10.1.
The vr <vr_name> option was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
129
Commands for Managing the Switch
configure sntp-client update-interval
configure sntp-client update-interval <update-interval>
Description
Configures the interval between polls for time information from SNTP servers.
Syntax Description
update-interval
Specifies an interval in seconds.
Default
64 seconds.
Usage Guidelines
None.
Example
The following command configures the interval timer:
configure sntp-client update-interval 30
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
130
configure telnet port
configure telnet port
configure telnet port [<portno> | default]
Description
Configures the TCP port used by Telnet for communication.
Syntax Description
portno
Specifies a TCP port number. The default is 23. The range is 1 through
65535.
default
Specifies the default Telnet TCP port number. The default is 23.
Default
Port 23.
Usage Guidelines
You must be logged in as administrator to configure the Telnet port.
The portno range is 1 through 65535.
Example
The following command changes the port used for Telnet to port 85:
configure telnet port 85
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
131
Commands for Managing the Switch
configure telnet vr
configure telnet vr [all | default | <vr_name>]
Description
Configures the virtual router used on the switch for listening for Telnet connections.
Syntax Description
all
Specifies to use all virtual routers for Telnet connections.
default
Specifies to use the default virtual router for Telnet connections. The default
router is VR-Mgmt.
vr_name
Specifies the name of the virtual router to use for Telnet connections.
Default
If you specify default, the virtual router VR-Mgmt is used.
Usage Guidelines
You must be logged in as administrator to configure the virtual router.
If you specify all, the switch listens on all of the available virtual routers for Telnet connections.
The vr_name specifies the name of the virtual router to use for Telnet connections.
NOTE
The Aspen 8810 switch does not support user-created VRs.
If you specify a virtual router name that does not exist, an error message similar to the following
appears:
configure telnet vr vr-ttt
^
%% Invalid input detected at '^' marker.
Example
The following command configures the switch to listen for and receive Telnet requests on all virtual
routers:
configure telnet vr all
History
This command was first available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
132
configure telnet vr
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
133
Commands for Managing the Switch
disable dhcp vlan
disable dhcp vlan [<vlan_name> | all]
Description
Disables the generation and processing of DHCP packets on a VLAN to obtain an IP address for the
VLAN from a DHCP server.
Syntax Description
vlan_name
Specifies a VLAN name.
all
Specifies all VLANs
Default
Disabled for all VLANs.
Usage Guidelines
None.
Example
The following command disables the generation and processing of DHCP packets on a VLAN named
accounting:
disable dhcp vlan accounting
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
134
disable snmp access
disable snmp access
disable snmp access {snmp-v1v2c}
Description
Selectively disables SNMP on the switch.
Syntax Description
snmp-v1v2c
Disables SNMPv1/v2c access only; does not affect SNMPv3 access.
Default
Enabled.
Usage Guidelines
Disabling SNMP access does not affect the SNMP configuration (for example, community strings).
However, if you disable SNMP access, you will be unable to access the switch using SNMP.
To allow access, use the following command:
enable snmp access
By using the enable and disable commands you can enable all SNMP access, no SNMP access, or only
SNMPv3 access. You cannot enable only SNMPv1/v2c access. To enable SNMPv3 only access on the
switch, use the following commands:
enable snmp access
disable snmp access snmp-v1v2c
Example
The following command disables all SNMP access on the switch:
disable snmp access
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
135
Commands for Managing the Switch
disable snmp traps
disable snmp traps
Description
Prevents SNMP traps from being sent from the switch.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
This command does not clear the SNMP trap receivers that have been configured. The command
prevents SNMP traps from being sent from the switch even if trap receivers are configured.
To view if SNMP traps are being sent from the switch, use the show management command. The show
management command displays information about the switch including the enabled/disabled state of
SNMP traps being sent.
Example
The following command prevents SNMP traps from being sent from the switch to the trap receivers:
disable snmp traps
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
136
disable sntp-client
disable sntp-client
disable sntp-client
Description
Disables the SNTP client.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
SNTP can be used by the switch to update and synchronize its internal clock from a Network Time
Protocol (NTP) server. After the SNTP client has been enabled, the switch sends out a periodic query to
the indicated NTP server, or the switch listens to broadcast NTP updates. In addition, the switch
supports the configured setting for Greenwich Mean Time (GMT) offset and the use of Daylight Savings
Time (DST).
Example
The following command disables the SNTP client:
disable sntp-client
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
137
Commands for Managing the Switch
disable telnet
disable telnet
Description
Disables Telnet services on the system.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
You must be logged in as an administrator to enable or disable Telnet.
Example
With administrator privilege, the following command disables Telnet services on the switch:
disable telnet
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
138
disable watchdog
disable watchdog
disable watchdog
Description
Disables the system watchdog timer.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
The watchdog timer monitors the health of the switch hardware and software events. For example, the
watchdog timer reboots the switch if the system cannot reset the watchdog timer. This can be caused by
a long CPU processing loop, any unhandled exception, or a hardware problem with the communication
channel to the watchdog. In most cases, if the watchdog timer expires, the switch captures the current
CPU status and posts it to the console and the system log. In some cases, if the problem is so severe that
the switch is unable to perform any action, the switch reboots without logging any system status
information prior to reboot.
This command takes affect immediately.
The watchdog settings are saved in the configuration file.
To display the watchdog state of your system, use the show switch command.
Example
The following command disables the watchdog timer:
disable watchdog
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
139
Commands for Managing the Switch
enable dhcp vlan
enable dhcp vlan [<vlan_name> | all]
Description
Enables the generation and processing of DHCP packets on a VLAN to obtain an IP address for the
VLAN from a DHCP server.
Syntax Description
vlan_name
Specifies a VLAN name.
all
Specifies all VLANs.
Default
Disabled for all VLANs.
Usage Guidelines
None.
Example
The following command enables the generation and processing of DHCP packets on a VLAN named
accounting:
enable dhcp vlan accounting
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
140
enable snmp access
enable snmp access
enable snmp access
Description
Turns on SNMP support for SNMPv3 and v1/v2c on the switch.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
To have access to the SNMP agent residing in the switch, at least one VLAN must have an IP address
assigned to it.
Any network manager running SNMP can manage the switch (for v1/v2c), provided the MIB is
installed correctly on the management station. Each network manager provides its own user interface to
the management facilities.
For SNMPv3, additional security keys are used to control access, so an SNMPv3 manager is required for
this type of access.
This command enables both v1/v2c and v3 access, so the switch can be accessed with either method.
Use the following commands to allow only v3 access:
enable snmp access
disable snmp access snmp-v1v2c
Use the following command to prevent any SNMP access:
disable snmp access
There is no way to disable v3 access and allow v1/v2c access.
Example
The following command enables all SNMP access for the switch:
enable snmp access
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
141
Commands for Managing the Switch
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
142
enable snmp traps
enable snmp traps
enable snmp traps
Description
Turns on SNMP trap support.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
An authorized trap receiver can be one or more network management stations on your network. The
switch sends SNMP traps to all trap receivers.
To view if SNMP traps are being sent from the switch, use the show management command. The show
management command displays information about the switch including the enabled/disabled state of
SNMP traps being sent.
Example
The following command enables SNMP trap support on the switch:
enable snmp trap
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
143
Commands for Managing the Switch
enable sntp-client
enable sntp-client
Description
Enables the SNTP client.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
SNTP can be used by the switch to update and synchronize its internal clock from a Network Time
Protocol (NTP) server. After the SNTP client has been enabled, the switch sends out a periodic query to
the indicated NTP server, or the switch listens to broadcast NTP updates. In addition, the switch
supports the configured setting for Greenwich Mean Time (GMT) offset and the use of Daylight Savings
Time (DST).
Example
The following command enables the SNTP client:
enable sntp-client
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
144
enable telnet
enable telnet
enable telnet
Description
Enables Telnet services on the system.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
You must be logged in as an administrator to enable or disable Telnet.
Example
With administrator privilege, the following command enables Telnet services on the switch:
enable telnet
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
145
Commands for Managing the Switch
enable watchdog
enable watchdog
Description
Enables the system watchdog timer.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
The watchdog timer monitors the health of the switch hardware and software events. For example, the
watchdog timer reboots the switch if the system cannot reset the watchdog timer. This is caused by a
long CPU processing loop, any unhandled exception, or a hardware problem with the communication
channel to the watchdog. In most cases, if the watchdog timer expires, the switch captures the current
CPU status and posts it to the console and the system log. In some cases, if the problem is so severe that
the switch is unable to perform any action, the switch reboots without logging any system status
information prior to reboot.
This command takes affect immediately.
The watchdog settings are saved in the configuration file.
To display the watchdog state of your system, use the show switch command.
Example
The following command enables the watchdog timer:
enable watchdog
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
146
exit
exit
exit
Description
Logs out the session of a current user for CLI or Telnet.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
Use this command to log out of a CLI or Telnet session.
When you issue this command, you are asked to save your configuration changes to the current, active
configuration. Enter y if you want to save your changes. Enter n if you do not want to save your
changes.
Example
The following command logs out the session of a current user for CLI or Telnet:
exit
A message similar to the following is displayed:
Do you wish to save your configuration changes to primary.cfg? (y or n)
Enter y if you want to save your changes. Enter n if you do not want to save your changes.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
147
Commands for Managing the Switch
logout
logout
Description
Logs out the session of a current user for CLI or Telnet.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
Use this command to log out of a CLI or Telnet session.
When you issue this command, you are asked to save your configuration changes to the current, active
configuration. Enter y if you want to save your changes. Enter n if you do not want to save your
changes.
Example
The following command logs out the session of a current user for CLI or Telnet:
logout
A message similar to the following is displayed:
Do you wish to save your configuration changes to primary.cfg? (y or n)
Enter y if you want to save your changes. Enter n if you do not want to save your changes.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
148
quit
quit
quit
Description
Logs out the session of a current user for CLI or Telnet.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
Use this command to log out of a CLI or Telnet session.
When you issue this command, you are asked to save your configuration changes to the current, active
configuration. Enter y if you want to save your changes. Enter n if you do not want to save your
changes.
Example
The following command logs out the session of a current user for CLI or Telnet:
quit
A message similar to the following is displayed:
Do you wish to save your configuration changes to primary.cfg? (y or n)
Enter y if you want to save your changes. Enter n if you do not want to save your changes.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
149
Commands for Managing the Switch
show dhcp-client state
show dhcp-client state
Description
Displays the current DHCP/BOOTP client state for each vlan.
Syntax Description
This command has no arguments or variables.
Default
Displays the client state for all existing VLANs.
Usage Guidelines
None.
Example
The following command displays the DHCP/BOOTP status for all VLANs:
show dhcp-client state
Depending on your configurations, output from this command is similar to the following:
Client VLAN
Protocol Server
--------------- -------- --------------Default
BOOTP
10.1.2.3
accounting
DHCP
10.2.3.4
Mgmt
None
0.0.0.0
A total of 3 vlan(s) where displayed
Current State
--------------------------------------Received IP address configured on vlan
DHCP state; Requesting
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
150
show checkpoint-data
show checkpoint-data
show checkpoint-data {<process>}
Description
Displays the status of one or more processes being copied from the master MSM to the backup MSM.
Syntax Description
process
Specifies the name of the processes being copied.
Default
N/A.
Usage Guidelines
This command displays, in percentages, the amount of internal state copying completed by each process
and the traffic statistics between the process on both the master and the backup MSMs.
This command is also helpful in debugging synchronization problems that occur at run-time. To check
the status of synchronizing the MSMs, use the show switch command.
Depending on the software version running on your switch and the type of switch you have, additional
or different checkpoint status information may be displayed.
Example
The following command displays the checkpointing status and the traffic statics of all of the processes
between the master and the backup MSM:
show checkpoint-data
The following is sample output from this command:
Process
Tx
Rx Errors
Sent Total
% Chkpt
Debug-info
---------------------------------------------------------------------------devmgr
3812
1731
0
3
3 100% ON OK
1 (00008853)
dirser
0
0
0
0
0
0% ON OK
1 (000008D3)
ems
5
0
0
0
0 100% ON OK
1 (000008D3)
nodemgr
0
0
0
0
0
0% ON OK
1 (000008D3)
snmpSubagent
0
0
0
0
0
0% ON OK
1 (000018D3)
snmpMaster
0
0
0
0
0
0% ON OK
1 (000008D3)
cli
0
0
0
0
0
0% ON OK
1 (000018D3)
edp
0
0
0
0
0
0% ON OK
1 (000008D3)
cfgmgr
82
82
0
1
1 100% ON OK
1 (000018D3)
elrp
0
0
0
0
0
0% ON OK
1 (000008D3)
vlan
1047
1
0
0
0 100% ON OK
1 (000008D3)
aaa
0
0
0
0
0
0% ON OK
1 (000008D3)
ExtremeWare XOS 11.1 Command Reference Guide
151
Commands for Managing the Switch
fdb
msgsrv
eaps
stp
esrp
polMgr
mcmgr
acl
netLogin
ospf
netTools
telnetd
rtmgr
vrrp
tftpd
thttpd
rip
dosprotect
epm
hal
bgp
pim
etmon
957
0
0
1
1
0
2
0
0
0
1
0
4
378
0
0
0
0
0
0
0
0
185
2
0
0
0
0
0
2
0
0
0
0
0
4
0
0
0
0
0
0
0
0
0
185
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
100%
100%
0%
0%
100%
0%
100%
100%
0%
0%
100%
0%
100%
0%
0%
0%
0%
0%
0%
0%
0%
0%
100%
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
ON
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
OK
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
(000008D3)
To view the output for a specific process, use the process option. The following command displays
detailed information for the STP process:
show checkpoint-data stp
The following is sample output from this command:
Process
Tx
Rx Errors
Sent Total
% Chkpt
Debug-info
---------------------------------------------------------------------------stp
1
0
0
0
0
0% ON OK
1 (000008D3)
History
This command was first available in ExtremeWare XOS 10.1.
An error count was added to the output in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
152
show management
show management
show management
Description
Displays the SNMP settings configured on the switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines:
The following management output is displayed:
●
Enable/disable state for Telnet, and SNMP access
●
Login statistics
■
Enable/disable state for idle timeouts
■
Maximum number of CLI sessions
●
SNMP community strings
●
SNMP trap receiver list
For ExtremeWare XOS 11.0 and later, the following management output is also displayed:
●
SNMP trap receiver source IP address
●
SNMP statistics counter
●
SSH access states of enabled, disabled, and module not loaded
●
CLI configuration logging
●
SNMP access states of v1, v2c disabled and v3 enabled
If all three types of SNMP access are enabled or disabled, SNMP access is displayed as either
Enabled or Disabled.
For ExtremeWare XOS 11.1 and later, the following management output is also displayed:
●
Enable/disable state for RMON
Example
The following command displays configured SNMP settings on the switch:
show management
ExtremeWare XOS 11.1 Command Reference Guide
153
Commands for Managing the Switch
The following is sample output from this command:
show management
CLI idle timeout
CLI max number of login attempts
CLI max number of sessions
CLI paging
CLI space-completion
CLI configuration logging
Telnet access
SSH Access
SNMP access
Total Read Only Communities
Total Read Write Communities
RMON
SNMP Traps
SNMP v1/v2c TrapReceivers
SNMP stats:
SNMP traps:
InPkts 0
Gets
0
Sent
0
:
:
:
:
:
:
:
:
:
:
:
:
:
:
Enabled (20 minutes)
3
8
Enabled (this session only)
Disabled (this session only)
Disabled
Enabled (tcp port 23 vr all)
ssh module not loaded.
Enabled
1
1
Disabled
Enabled
None
OutPkts
0
Errors 0
GetNexts 0
Sets
0
AuthTraps Enabled
AuthErrors 0
History
This command was first available in ExtremeWare XOS 10.1.
The trap receiver source IP address, SNMP counter statistics, SSH access, CLI logging, and SNMP access
states was added to the show management output in ExtremeWare XOS 11.0.
The enabled/disabled state for RMON was added to the show management output in ExtremeWare XOS
11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
154
show node
show node
show node {detail}
Description
Displays the status of the nodes in the system as well as the general health of the system.
Syntax Description
detail
Displays the information on a per-node basis rather than in a tabular format.
Default
N/A.
Usage Guidelines
Use this command to display the current status of the nodes and the health of the system. The
information displayed shows the node configurations (such as node priority) and the system and
hardware health computations. You can use this information to determine which node will be elected
master in case of a failover.
Table 7 lists the node statistic information collected by the switch.
Table 7: Node states
Node State
Description
BACKUP
In the backup state, this node becomes the master node if the master fails or enters the
DOWN state. The backup node also receives the checkpoint state data from the master.
DOWN
In the down state, the node is not available to participate in leader election. The node enters
this state during any user action, other than a failure, that makes the node unavailable for
management. Examples of user actions are:
• Upgrading the software
• Rebooting the system using the reboot command
• Initiating an MSM failover using the run msm-failover command
• Synchronizing the MSMs software and configuration in non-volatile storage using the
synchronize command
FAIL
In the fail state, the node has failed and needs to be restarted or repaired. The node reaches
this state if the system has a hardware or software failure.
INIT
In the initial state, the node is being initialized. A node stays in this state when it is coming
up and remains in this state until it has been fully initialized. Being fully initialized means
that all of the hardware has been initialized correctly and there are no diagnostic faults.
MASTER
In the master state, the node is responsible for all switch management functions.
STANDBY
In the standby state, leader election occurs—the master and backup nodes are elected. The
priority of the node is only significant in the standby state.
ExtremeWare XOS 11.1 Command Reference Guide
155
Commands for Managing the Switch
Example
The following command displays the status of the node, the priority of the node, and the general health
of the system:
show node
The following is sample output from this command:
Node
State
Priority
SwHealth
HwHealth
----------------------------------------------MSM-A MASTER
0
49
7
MSM-B BACKUP
0
49
7
If you specify the detail option, the same information is displayed on a per node basis rather than in a
tabular format.
Node MSM-A information:
Node State:
MASTER
Node Priority: 0
Sw Health:
49
Hw Health:
7
Node MSM-B information:
Node State:
BACKUP
Node Priority: 0
Sw Health:
49
Hw Health:
7
History
This command was first available in an ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
156
show odometers
show odometers
show odometers
Description
Displays a counter for each component of a switch that shows how long it has been functioning since it
was manufactured.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
The output from this command displays how long each individual component in the switch has been
functioning since it was manufactured. This odometer counter is kept in the EEPROM of each
monitored component. This means that even if you plug in the component into a different chassis, the
odometer counter is available in the new switch chassis.
The following components are monitored by the odometer:
●
Chassis
●
MSMs
●
I/O modules
●
Power controllers
The following odometer statistics are collected by the switch:
●
Service Days—The amount of days that the component has been running
●
First Recorded Start Date—The date that the component was powered-up and began running
Depending on the software version running on your switch, the modules installed in your switch, and
the type of switch you have, additional or different odometer information may be displayed.
Example
The following command displays how long each component of a switch has been functioning since its
manufacture date:
show odometers
The following is sample output from a BlackDiamond 10K switch:
Field Replaceable Units
-----------------------
Service
Days
-------
ExtremeWare XOS 11.1 Command Reference Guide
First Recorded
Start Date
--------------
157
Commands for Managing the Switch
Chassis
Slot-1
Slot-2
Slot-3
Slot-4
Slot-5
Slot-6
Slot-7
Slot-8
MSM-A
MSM-B
PSUCTRL-1
PSUCTRL-2
:
:
:
:
:
:
:
:
:
:
:
:
:
BD-10808
G60X
G60X
G60X
107
99
74
151
Feb-23-2004
Dec-10-2003
Mar-22-2004
Jan-12-2004
49
Apr-09-2004
184
146
62
172
152
Dec-03-2003
Jan-12-2004
Apr-21-2004
Dec-14-2003
Mar-17-2004
10G6X
G60T
10G6X
MSM-1XL
MSM-1XL
The following is sample output from an Aspen 8810 switch
Field Replaceable Units
----------------------Chassis
: Aspen
Slot-1
: G48T
Slot-2
: G24X
Slot-3
:
Slot-4
:
Slot-5
: G8X
Slot-6
:
Slot-7
:
Slot-8
: 10G4X
Slot-9
:
Slot-10
:
MSM-A
: MSM-G8X
MSM-B
:
PSUCTRL-1 :
PSUCTRL-2 :
Service
Days
------32
11
14
First Recorded
Start Date
-------------Sep-21-2004
Sep-21-2004
Sep-21-2004
12
Sep-21-2004
27
Sep-11-2004
4
Oct-22-2004
17
4
Oct-19-2004
Sep-21-2004
History
This command was first available in ExtremeWare XOS 10.1.
Information about the power controller(s) was added to the show odometers output in ExtremeWare
XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
158
show power
show power
show power {<ps_num>} {detail}
Description
Displays the current status of the installed power supplies.
Command Syntax
ps_num
Specifies the slot number of the installed power supply.
detail
The detail option is reserved for future use.
Default
N/A.
Usage Guidelines
Use this command to view detailed information about the health of the power supplies.
This status information may be useful for your technical support representative if you have a network
problem.
The switch collects the following power supply information:
●
●
State—Indicates the current state of the power supply. Options are:
■
Empty: There is no power supply installed.
■
Power Failed: The power supply has failed.
■
Power Off: The power supply is off.
■
Power On: The power supply is on and working normally.
PartInfo—Provides information about the power supply including the:
■
Serial number, a collection of numbers and letters, that make up the serial number of the power
supply.
■
Part number, a collection of numbers and letters that make up the part number of the power
supply.
●
Revision—Displays the revision number of the power supply.
●
FailureCode—This display is reserved for future use.
●
Odometer—Specifies the date and how long the power supply has been operating.
●
Temperature—Specifies, in celsius, the current temperature of the power supply.
●
Input—Specifies the input voltage and the current requirements of the power supply.
●
Output 1 and Output 2—Specifies the output voltage and the current supplied by the power supply.
The values are only displayed if known for the platform.
In ExtremeWare XOS 10.1 and earlier, use the show powersupplies {detail} command to view
detailed health information about the power supplies.
ExtremeWare XOS 11.1 Command Reference Guide
159
Commands for Managing the Switch
Example
The following command displays the status of the power supply installed in slot 1:
show power 1
The following is sample output from this command:
PowerSupply 1 information:
State:
Powered On
PartInfo:
PS 2336 0413J-00780 4300-00137
Revision:
4.0
FailureCode:
0
Odometer:
134 days 15 hours
Temperature:
40.0 deg C
Input:
114.44 V
Output 1:
48.83 V, 7.87 A
(48V/700W Max)
Output 2:
12.36 V, 0.16 A
(12V/48W Max)
History
This command was first available in an ExtremeWare XOS 10.1.
The syntax for this command was modified in ExtremeWare XOS 11.0 from show powersupplies to
show power {<ps_num>} {detail}.
Platform Availability
This command is available on all available platforms.
ExtremeWare XOS 11.1 Command Reference Guide
160
show power budget
show power budget
show power budget
Description
Displays the power status and the amount of available and required power on the switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
Use this command to view detailed information about the amount of power available on the switch.
This status information may be useful if the show slot command displays a state of Powered OFF for
any I/O module, for monitoring power, or for power planning purposes.
The first table of the show power budget command displays:
●
Slot number of the power supply.
●
Current state of the power supply. Options are:
■
Empty: There is no power supply installed.
■
Power Failed: The power supply has failed.
■
Power Off: The power supply is off.
■
Power On: The power supply is on.
●
Watts and voltage amounts of the power supply.
●
Redundant power information. Redundant power is the amount of power available if power to one
PSU is lost.
The second table of the show power budget command displays:
●
Slot number and name of the module installed in the slot.
●
Current state of the slot. Options include, among others:
■
Empty: There is no module installed.
■
Operational: The module is installed and operational.
■
Present: The module is installed but not operational.
■
Down: The module is installed, but the administrator has taken the module offline.
■
Power ON: There is sufficient system power to power up the module.
■
Powered OFF: There is insufficient system power to keep the module up and running, or there is
a mismatch between the module configured for the slot and the actual module installed in the
slot.
ExtremeWare XOS 11.1 Command Reference Guide
161
Commands for Managing the Switch
●
Watts and voltage amounts of the modules.
●
Power Surplus or Power Shortfall.
●
■
If the amount of available power meets or exceeds the required port, the excess is displayed as
the Power Surplus.
■
If the available power is insufficient to meet the required power, the deficit is displayed as Power
Shortfall.
Redundant power information. If the amount of redundant power meets or exceeds the required
power, the system has (N+1) power.
■
Yes—The system has redundant (N+1) power.
■
No—The system does not have redundant (N+1) power.
The information contained in this display is for planning purposes since the system operates without
redundant power as long as a power surplus is shown. However, if power is lost to a single PSU
when the system is not redundant, I/O modules are powered down. Please refer to the section
"Understanding Power Supply Management" in Chapter 3 of the ExtremeWare XOS Concepts Guide.
Depending on the software version running on your switch, the modules installed in your switch, and
the type of switch you have, additional or different power information may be displayed.
Example
The following command displays the distribution of power and the available power on the switch:
show power budget
The following is sample output of this command from a BlackDiamond 10K switch:
PS State
Watts
48V
12V
--------------------------------------------------------------------------1 Powered On
656.00
608.00
48.00
2 Powered On
656.00
608.00
48.00
3 Empty
4 Empty
5 Powered On
656.00
608.00
48.00
6 Empty
--------------------------------------------------------------------------Power Available:
1968.00 1824.00
144.00
Redundant (N+1) Power Available:
1344.00 1248.00
96.00
Slots
Type
State
Watts
48V
12V
--------------------------------------------------------------------------Slot-1
Empty
Slot-2
Empty
Slot-3
Empty
Slot-4
Empty
Slot-5
Empty
Slot-6
Empty
Slot-7 G60T
Operational
225.00
220.00
5.00
Slot-8
Empty
MSM-A
MSM-1XL
Operational
444.00
444.00
0.00
MSM-B
MSM-1XL
Operational
444.00
444.00
0.00
FanTray-1
Operational
126.00
126.00
0.00
FanTray-2
Operational
126.00
126.00
0.00
---------------------------------------------------------------------------
ExtremeWare XOS 11.1 Command Reference Guide
162
show power budget
Power Required:
1365.00
Power Allocated:
1365.00
Power Surplus:
603.00
Redundant Power Supply(s) Present?: NO
1360.00
1360.00
464.00
5.00
5.00
139.00
The following is sample output of this command from an Aspen 8810 switch:
PS State
Watts
48V
12V
--------------------------------------------------------------------------1 Powered On
1152.00 1104.00
48.00
2 Powered On
1152.00 1104.00
48.00
3 Empty
4 Empty
5 Empty
6 Empty
--------------------------------------------------------------------------Power Available:
2304.00 2208.00
96.00
Redundant (N+1) Power Available:
1200.00 1152.00
48.00
Slots
Type
State
Watts
48V
12V
--------------------------------------------------------------------------Slot-1
Empty
Slot-2
Empty
Slot-3 G48P
Operational
111.00
110.00
1.00
Inline Power (budgeted + 2% loss)
51.00
51.00
0.00
Slot-4 G48P
Empty
Slot-5 G8X
Operational
0.00
0.00
0.00
Slot-6 G48T
Operational
0.00
0.00
0.00
Slot-7 G48P
Operational
111.00
110.00
1.00
Inline Power (budgeted + 2% loss)
51.00
51.00
0.00
Slot-8
Empty
Slot-9
Empty
Slot-10
Empty
MSM-A
MSM-G8X
Operational
151.00
150.00
1.00
MSM-B
Empty
151.00
150.00
1.00
FanTray
Operational
55.00
55.00
0.00
--------------------------------------------------------------------------Power Required:
681.00
677.00
4.00
Power Allocated:
681.00
677.00
4.00
Power Surplus:
1623.00 1531.00
92.00
Redundant Power Supply(s) Present?: yes
History
This command was first available in ExtremeWare XOS 11.0.
Power over Ethernet (PoE) data (inline power) was added to the show power budget output in
ExtremeWare XOS 11.1. PoE data is displayed when you install a G48P module in the Aspen 8810
switch.
Redundant (N+1) power information was added to the show power budget output in ExtremeWare
XOS 11.1.
ExtremeWare XOS 11.1 Command Reference Guide
163
Commands for Managing the Switch
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
164
show power controller
show power controller
show power controller {<num>}
Description
Displays the current status of the installed power supply controllers.
Command Syntax
num
Specifies the slot number of the installed power supply controller.
Default
N/A.
Usage Guidelines
Use this command to view detailed information about the health of the power supply controllers.
Power controllers collect data about the installed power supplies and report the results to the MSM
This status information may be useful for your technical support representative if you have a network
problem.
The switch collects the following power supply controller information:
●
●
State—Indicates the current state of the power supply controller. Options are:
■
Empty: There is no power supply controller installed.
■
Operational: The power supply controller is installed and operational.
■
Present: The power supply controller is installed.
PartInfo—Provides information about the power supply controller including the:
■
Slot number where the power supply controller is installed.
■
Serial number, a collection of numbers and letters, that make up the serial number of the power
supply controller.
■
Part number, a collection of numbers and letters that make up the part number of the power
supply controller.
●
Revision—Displays the revision number of the power supply controller.
●
FailureCode—Specifies the failure code of the power supply controller.
●
Odometer—Specifies the date and how long the power supply controller has been operating.
●
Temperature—Specifies, in celsius, the current temperature of the power supply controller.
●
Status—Specifies the status of the power supply controller.
ExtremeWare XOS 11.1 Command Reference Guide
165
Commands for Managing the Switch
Example
The following command displays the status of the installed power supply controllers:
show power controller
The following is sample output from this command:
PSUCTRL-1 information:
State:
Present
PartInfo:
Mead 1 0410F-01217 7040255-00-05
Revision:
5.0
FailureCode:
0
Odometer:
3 days 8 minutes 10 seconds since May-21-2004
Temperature:
25.0 deg C
Status:
PSU CTRL Mode: Master
PSUCTRL-2 information:
State:
Empty
If you have two power supply controllers installed, the switch displays output about both of the power
supply controllers:
PSUCTRL-1 information:
State:
Operational
PartInfo:
PSUCTRL-1 04334-00021 450117-00-01
Revision:
1.0
FailureCode:
0
Odometer:
17 days 5 hours 30 minutes since Oct-19-2004
Temperature:
35.1 deg C
Status:
PSU CTRL Mode:
Master
PSUCTRL-2 information:
State:
Operational
PartInfo:
PSUCTRL-2 04334-00068 450117-00-01
Revision:
1.0
FailureCode:
0
Odometer:
4 days 13 hours since Sep-21-2004
Temperature:
33.56 deg C
Status:
PSU CTRL Mode:
Backup
History
This command was first available in an ExtremeWare XOS 11.0.
Platform Availability
This command is available on all available platforms.
ExtremeWare XOS 11.1 Command Reference Guide
166
show session
show session
show session {{detail} {<sessID>}} {history}
Description
Displays the currently active Telnet and console sessions communicating with the switch.
Syntax Description
detail
Specifies more detailed session information.
sessID
Specifies a session ID number.
history
Displays a list of all sessions.
Default
N/A.
Usage Guidelines
The show session command displays the username and IP address of the incoming Telnet session,
whether a console session is currently active, and the login time. Each session is numbered.
You can specify the following options to alter the session output:
●
detail—The output for all current sessions is displayed in a list format.
●
sessID—The output for the specified session is displayed in a list format.
●
history—Displays a list of current and previous sessions, including the user, type of session,
location, and start and end time of the session.
The show session command fields are defined in Table 8.
Table 8: Show command field definitions
Field
Definition
#
Indicates session number.
Login Time
Indicates login time of session.
User
Indicates the user logged in for each session.
Type
Indicates the type of session.
Auth
Indicates how the user is logged in.
CLI Auth
Indicates the type of authentication (RADIUS and TACAS) if enabled.
Location
Indicates the location (IP address) from which the user logged in.
ExtremeWare XOS 11.1 Command Reference Guide
167
Commands for Managing the Switch
Example
The following command displays the active sessions on the switch:
show session
The following is sample output from this command:
CLI
#
Login Time
User
Type
Auth
Auth Location
================================================================================
*35
Thu Jun 24 10:56:24 2004 admin
console local dis serial
36
Thu Jun 24 13:30:07 2004 admin
console local dis serial
37
Fri Jun 25 11:14:27 2004 admin
telnet local dis 10.255.44.55
The following command displays a list of current and previous sessions on the switch:
show session history
The following is sample output from this command:
Session History:
admin
console
00 2004 Mon Jun 21 10:00:16 2004
admin
console
11 2004 Tue Jun 22 11:46:48 2004
admin
console
44 2004 Wed Jun 23 14:11:47 2004
admin
console
25 2004 Thu Jun 24 07:08:55 2004
admin
console
07 2004 Active
serial
Mon Jun 21 09:19:
serial
Tue Jun 22 07:28:
serial
Wed Jun 23 10:05:
serial
Thu Jun 24 07:07:
serial
Thu Jun 24 13:30:
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
168
show snmpv3 access
show snmpv3 access
show snmpv3 access {[[hex <hex_group_name>] | <group_name>]}
Description
Displays SNMPv3 access rights.
Syntax Description
hex
Specifies that the value to follow is to be supplied as a colon separated string
of hex octets.
group_name
Specifies the name of the group to display.
Default
N/A.
Usage Guidelines
The show snmpv3 access command displays the access rights of a group. If you do not specify a
group name, the command will display details for all the groups.
This command displays the SNMPv3 vacmAccessTable entries.
Example
The following command displays all the access details:
show snmpv3 access
The following is sample output from this command:
Group Name
Context Prefix
Security Model
Security Level
Context Match
Read View
Write View
Notify View
Storage Type
Row Status
:
:
:
:
:
:
:
:
:
:
admin
Group Name
Context Prefix
Security Model
Security Level
Context Match
Read View
:
:
:
:
:
:
initial
USM
Authentication Privacy
Exact
defaultAdminView
defaultAdminView
defaultNotifyView
Permanent
Active
USM
No-Authentication No-Privacy
Exact
defaultUserView
ExtremeWare XOS 11.1 Command Reference Guide
169
Commands for Managing the Switch
Write View
Notify View
Storage Type
Row Status
:
: defaultNotifyView
: Permanent
: Active
Group Name
Context Prefix
Security Model
Security Level
Context Match
Read View
Write View
Notify View
Storage Type
Row Status
:
:
:
:
:
:
:
:
:
:
v1v2c_ro
Group Name
Context Prefix
Security Model
Security Level
Context Match
Read View
Write View
Notify View
Storage Type
Row Status
:
:
:
:
:
:
:
:
:
:
v1v2c_rw
Group Name
Context Prefix
Security Model
Security Level
Context Match
Read View
Write View
Notify View
Storage Type
Row Status
:
:
:
:
:
:
:
:
:
:
v1v2cNotifyroup
Group Name
Context Prefix
Security Model
Security Level
Context Match
Read View
Write View
Notify View
Storage Type
Row Status
:
:
:
:
:
:
:
:
:
:
v1v2cNotifyGroup
snmpv1
No-Authentication No-Privacy
Exact
defaultUserView
defaultNotifyView
Permanent
Active
snmpv1
No-Authentication No-Privacy
Exact
defaultUserView
defaultUserView
defaultNotifyView
Permanent
Active
snmpv2c
No-Authentication No-Privacy
Exact
defaultNotifyView
Permanent
Active
snmpv1
No-Authentication No-Privacy
Exact
defaultNotifyView
Permanent
Active
Total num. of entries in vacmAccessTable : 6
The following command displays the access rights for the group group1:
show snmpv3 access group1
ExtremeWare XOS 11.1 Command Reference Guide
170
show snmpv3 access
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
171
Commands for Managing the Switch
show snmpv3 context
show snmpv3 context
Description
Displays information about the SNMPv3 contexts on the switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines:
This command displays the entries in the View-based Access Control Model (VACM) context table
(VACMContextTable).
Example
The following command displays information about the SNMPv3 contexts on the switch:
show snmpv3 context
The following is sample output from this command:
VACM Context Name :
Note : This Version Supports one global context ("")
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
172
show snmpv3 counters
show snmpv3 counters
show snmpv3 counters
Description
Displays SNMPv3 counters.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
The show snmpv3 counters command displays the following SNMPv3 counters:
●
snmpUnknownSecurityModels
●
snmpInvalidMessages
●
snmpUnknownPDUHandlers
●
usmStatsUnsupportedSecLevels
●
usmStatsNotInTimeWindows
●
usmStatsUnknownUserNames
●
usmStatsUnknownEngineIDs
●
usmStatsWrongDigests
●
usmStatsDecryptionErrors
Issuing the command clear counters resets all counters to zero.
Example
The following command displays all the SNMPv3 counters.
show snmpv3 counters
The following is sample output from this command:
snmpUnknownSecurityModels
snmpInvalidMessages
snmpUnknownPDUHandlers
usmStatsUnsupportedSecLevels
usmStatsNotInTimeWindows
usmStatsUnknownUserNames
usmStatsUnknownEngineIDs
ExtremeWare XOS 11.1 Command Reference Guide
:
:
:
:
:
:
:
0
0
0
0
0
0
0
173
Commands for Managing the Switch
usmStatsWrongDigests
usmStatsDecryptionErrors
: 0
: 0
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
174
show snmpv3 engine-info
show snmpv3 engine-info
show snmpv3 engine-info
Description
Displays information about the SNMPv3 engine on the switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines:
The following show engine-info output is displayed:
●
Engine-ID—Either the ID auto generated from MAC address of switch, or the ID manually
configured.
●
Engine Boots—Number of times the agent has been rebooted.
●
Engine Time—Time since agent last rebooted, in centiseconds.
●
Max. Message Size—Maximum SNMP Message size supported by the Engine (8192).
Example
The following command displays information about the SNMPv3 engine on the switch:
show snmpv3 engine-info
The following is sample output from this command:
SNMP
SNMP
SNMP
SNMP
Engine-ID
Engine Boots
Engine Time
Max. Message Size
:
:
:
:
80:0:7:7c:3:0:30:48:41:ed:97 'H'
1
866896
8192
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
175
Commands for Managing the Switch
show snmpv3 filter
show snmpv3 filter {[[hex <hex_profile_name>] | <profile_name>] {{subtree}
<object_identifier>}
Description
Displays the filters that belong a filter profile.
Syntax Description
hex_profile_name
Specifies the filter profile to display. The value is to be supplied as a colon
separated string of hex octets.
profile_name
Specifies the filter profile to display in ASCII format.
object_identifier
Specifies a MIB subtree.
Default
N/A.
Usage Guidelines
Use this command to display entries from the snmpNotifyFilterTable. If you specify a profile name and
subtree, you will display only the entries with that profile name and subtree. If you specify only the
profile name, you will display all entries for that profile name. If you do not specify a profile name,
then all the entries are displayed.
Example
The following command displays the part of filter profile prof1 that includes the MIB subtree 1.3.6.1.4.1:
show snmpv3 filter prof1 subtree 1.3.6.1.4.1
The following is sample output from this command:
Profile Name
Subtree
Mask
Type
Storage Type
Row Status
:
:
:
:
:
:
prof1
1.3.6.1.4.1
Included
NonVolatile
Active
History
This command was first available in ExtremeWare XOS 10.1.
The hex_profile_name parameter was added in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
176
show snmpv3 filter
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
177
Commands for Managing the Switch
show snmpv3 filter-profile
show snmpv3 filter-profile {[[hex <hex_profile_name>] | <profile_name>]}
{param [[hex <hex_param_name>] | <param_name>]}
Description
Displays the association between parameter names and filter profiles.
Syntax Description
hex_profile_name
Specifies the filter profile name. The value is to be supplied as a colon
separated string of hex octets.
profile_name
Specifies the filter profile name in ASCII format.
hex_param_name
Specifies the parameter name. The values is to be supplied as a colon
separated string of hex octets.
param_name
Specifies the parameter name in ASCII format.
Default
N/A.
Usage Guidelines
Use this command to display the snmpNotifyFilterProfileTable. This table associates a filter profile with
a parameter name. The parameter name is associated with target addresses, and the filter profile is
associated with a series of filters, so, in effect, you are associating a series of filters with a target address.
Example
The following command displays the entry with filter profile prof1 with the parameter name P1:
show snmpv3 filter-profile prof1 param P1
The following is sample output of this command:
Filter Profile Params Name : p1
Name
: prof1
Storage Type
: NonVolatile
Row Status
: Active
History
This command was first available in ExtremeWare XOS 10.1.
The hex_profile_name and hex_param_name parameters were added in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
178
show snmpv3 filter-profile
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
179
Commands for Managing the Switch
show snmpv3 group
show snmpv3 group {[[hex <hex_group_name>] | <group_name>] {user [[hex
<hex_user_name>] | <user_name>]}}
Description
Displays the user name (security name) and security model association with a group name.
Syntax Description
hex_group_name
Specifies the group name to display. The value is to be supplied as a colon
separated string of hex octets.
group_name
Specifies the group name to display. The value is to be supplied in ASCII
format.
hex_user_name
Specifies the user name to display. The value is to be supplied as a colon
separated string of hex octets.
user_name
Specifies the user name to display. The value is to be supplied in ASCII
format.
Default
N/A.
Usage Guidelines
The show snmpv3 group command displays the details of a group with the given group name. If you
do not specify a group name, the command will display details for all the groups.
This command displays the SNMPv3 vacmSecurityToGroupTable.
Example
The following command displays information about all groups for every security model and user name:
show snmpv3 group
The following is sample output from this command:
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
v1v2c_ro
v1v2c_ro
snmpv1
Permanent
Active
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
v1v2c_rw
v1v2c_rw
snmpv1
Permanent
Active
ExtremeWare XOS 11.1 Command Reference Guide
180
show snmpv3 group
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
v1v2c_ro
v1v2c_ro
snmpv2c
Permanent
Active
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
v1v2c_rw
v1v2c_rw
snmpv2c
Permanent
Active
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
admin
admin
USM
Permanent
Active
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
initial
initial
USM
Permanent
Active
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
initial
initialmd5
USM
Permanent
Active
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
initial
initialsha
USM
Permanent
Active
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
initial
initialmd5Priv
USM
Permanent
Active
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
initial
initialshaPriv
USM
Permanent
Active
Total num. of entries in vacmSecurityToGroupTable : 10
ExtremeWare XOS 11.1 Command Reference Guide
181
Commands for Managing the Switch
The following command shows information about the group testgroup and user name testuser:
show snmpv3 group testgroup user testuser
The following is sample output from this command:
Group Name
Security Name
Security Model
Storage Type
Row Status
:
:
:
:
:
testgroup
testuser
USM
NonVolatile
Active
History
This command was first available in ExtremeWare XOS 10.1.
The hex_group_name and hex_user_name parameters were added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
182
show snmpv3 mib-view
show snmpv3 mib-view
show snmpv3 mib-view {[[hex <hex_view_name>] | <view_name>] {subtree
<object_identifier>}}
Description
Displays a MIB view.
Syntax Description
hex_view_name
Specifies the name of the MIB view to display. The value is to be supplied as
a colon separated string of hex octets.
view_name
Specifies the name of the MIB view to display. The value is to be supplied in
ASCII format.
object_identifier
Specifies the object identifier of the view to display.
Default
N/A.
Usage Guidelines
The show snmpv3 mib-view command displays a MIB view. If you do not specify a view name, the
command will display details for all the MIB views. If a subtree is not specified, then all subtrees
belonging to the view name will be displayed.
This command displays the SNMPv3 vacmViewTreeFamilyTable.
Example
The following command displays all the view details:
show
snmpv3 mib-view
The following is sample output from this command:
View Name
MIB Subtree
View Type
Storage Type
Row Status
:
:
:
:
:
defaultUserView
1
Included
Permanent
Active
View Name
MIB Subtree
View Type
Storage Type
Row Status
:
:
:
:
:
defaultUserView
1.3.6.1.6.3.16
Excluded
Permanent
Active
ExtremeWare XOS 11.1 Command Reference Guide
183
Commands for Managing the Switch
View Name
MIB Subtree
View Type
Storage Type
Row Status
:
:
:
:
:
defaultUserView
1.3.6.1.6.3.18
Excluded
Permanent
Active
View Name
MIB Subtree
View Type
Storage Type
Row Status
:
:
:
:
:
defaultUserView
1.3.6.1.6.3.15.1.2.2.1.4
Excluded
Permanent
Active
View Name
MIB Subtree
View Type
Storage Type
Row Status
:
:
:
:
:
defaultUserView
1.3.6.1.6.3.15.1.2.2.1.6
Excluded
Permanent
Active
View Name
MIB Subtree
View Type
Storage Type
Row Status
:
:
:
:
:
defaultUserView
1.3.6.1.6.3.15.1.2.2.1.9
Excluded
Permanent
Active
View Name
MIB Subtree
View Type
Storage Type
Row Status
:
:
:
:
:
defaultAdminView
1
Included
Permanent
Active
View Name
MIB Subtree
View Type
Storage Type
Row Status
:
:
:
:
:
defaultNotifyView
1
Included
Permanent
Active
Total num. of entries in vacmViewTreeFamilyTable : 8
The following command displays a view with the view name Roview and subtree 1.3.6.1.2.1.1:
show snmpv3 mib-view Roview subtree 1.3.6.1.2.1.1
History
This command was first available in ExtremeWare XOS 10.1.
The hex_view_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
184
show snmpv3 notify
show snmpv3 notify
show snmpv3 notify {[[hex <hex_notify_name>] | <notify_name>]}
Description
Displays the notifications that are set. This command displays the snmpNotifyTable.
Syntax Description
hex_notify_name
Specifies the parameter name associated with the target. The value is to be
supplied as a colon separated string of hex octets.
notify_name
Specifies the parameter name associated with the target. The value is to be
supplied in ASCII format.
Default
N/A.
Usage Guidelines
Use this command to display entries from the SNMPv3 snmpNotifyTable. This table lists the notify tags
that the agent will use to send notifications (traps).
If no notify name is specified, all the entries are displayed.
Example
The following command displays the notify table entry for N1:
show snmpv3 notify N1
The following is sample output from this command:
Notify Name
Tag
Type
Storage Type
Row Status
:
:
:
:
:
N1
type1
Trap
NonVolatile
Active
History
This command was first available in ExtremeWare XOS 10.1.
The hex_notify_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
185
Commands for Managing the Switch
show snmpv3 target-addr
show snmpv3 target-addr {[[hex <hex_addr_name>] | <addr_name>]}
Description
Displays information about SNMPv3 target addresses.
Syntax Description
hex_addr_name
Specifies an identifier for the target address. The value is to be supplied as a
colon separated string of hex octets.
addr_name
Specifies a string identifier for the target address.
Default
N/A.
Usage Guidelines
Use this command to display entries in the SNMPv3 snmpTargetAddressTable. If no target address is
specified, the entries for all the target addresses will be displayed.
To view the source IP address, use the show management command.
Example
The following command displays the entry for the target address named A1:
show snmpv3 target-addr A1
The following is sample output from this command:
Target Addr Name
TDomain
TAddress
TMask
Timeout
Retry Count
Tag List
Params
Storage Type
Row Status
Storage Type
Row Status
:
:
:
:
:
:
:
:
:
:
:
:
A1
1.3.6.1.6.1.1
10.201.31.234, 162
1500
0
defaultNotify
v1v2cNotifyParam1
NonVolatile
Active
NonVolatile
Active
ExtremeWare XOS 11.1 Command Reference Guide
186
show snmpv3 target-addr
History
This command was first available in ExtremeWare XOS 10.1.
This command was modified in ExtremeWare XOS 11.0 to display a list of tags if more than one was
configured and to display the timeout value for the entry in the snmpTargetAddrTable. This command
was also modified to support the hex_addr_name parameter.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
187
Commands for Managing the Switch
show snmpv3 extreme-target-addr-ext
show snmpv3 extreme-target-addr-ext [[hex <hex_addr_name>] | <addr_name>]
Description
Displays information about SNMPv3 target addresses enhanced or standard mode.
Syntax Description
hex_addr_name
Specifies an identifier for the target address. The value is to be supplied as a
colon separated string of hex octets.
addr_name
Specifies a string identifier for the target address.
Default
N/A.
Usage Guidelines
Use this command to display entries in the SNMPv3 extremeTargetAddressExtTable.
Example
The following command displays the entry for the target address named A1:
show snmpv3 extreme-target-addr-ext A1
The following is sample output from this command:
Target Addr Name
Mode
IgnoreMPModel
UseEventComm
:
:
:
:
A1
Enhanced
No
Yes
History
This command was first available in ExtremeWare XOS 10.1.
The hex_addr_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
188
show snmpv3 target-params
show snmpv3 target-params
show snmpv3 target-params {[[hex <hex_target_params>] | <target_params>]}
Description
Displays the information about the options associated with the parameter name.
Syntax Description
hex_target_params
Specifies the parameter to display. The value is to be supplied as a colon
separated string of hex octets.
target_params
Specifies the parameter name to display. The value is to be supplied in ASCII
format.
Default
N/A.
Usage Guidelines
Use this command to display entries from the SNMPv3 snmpTargetParamsTable. This table specifies the
message processing model, security level, security model, and the storage parameters for messages to
any target addresses associated with a particular parameter name.
If no parameter name is specified, all the entries are displayed.
Example
The following command displays the target parameter entry named P1:
show snmpv3 target-params P1
The following is sample output from this command:
Target Params Name
MP Model
Security Model
User Name
Security Level
Storage Type
Row Status
:
:
:
:
:
:
:
p1
snmpv2c
snmpv2c
testuser
No-Authentication No-Privacy
NonVolatile
Active
History
This command was first available in ExtremeWare XOS 10.1.
The hex_target_params parameter was added in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
189
Commands for Managing the Switch
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
190
show snmpv3 user
show snmpv3 user
show snmpv3 user {[[hex <hex_user_name>] | <user_name>]}
Description
Displays detailed information about the user.
Syntax Description
hex_user_name
Specifies the user name to display. The value is to be supplied as a colon
separated string of hex octets.
user_name
Specifies the user name to display. The value is to be supplied in ASCII
format.
Default
N/A.
Usage Guidelines
The show snmpv3 user command displays the details of a user. If you do not specify a user name, the
command will display details for all the users. The authentication and privacy passwords and keys will
not be displayed.
The user entries in SNMPv3 are stored in the USMUserTable, so the entries are indexed by EngineID
and user name.
Example
The following command lists all user entries:
show snmpv3 user
The following is sample output from this command:
Engine-ID
User Name
Security Name
Authentication
Privacy
Storage Type
Row Status
:
:
:
:
:
:
:
80:00:07:7c:03:00:04:96:1f:a2:60 'H'
admin
admin
HMAC-MD5
DES
Permanent
Active
Engine-ID
User Name
Security Name
Authentication
Privacy
Storage Type
:
:
:
:
:
:
80:00:07:7c:03:00:04:96:1f:a2:60 'H'
initial
initial
No-Authentication
No-Privacy
Permanent
ExtremeWare XOS 11.1 Command Reference Guide
191
Commands for Managing the Switch
Row Status
: Active
Engine-ID
User Name
Security Name
Authentication
Privacy
Storage Type
Row Status
:
:
:
:
:
:
:
80:00:07:7c:03:00:04:96:1f:a2:60 'H'
initialmd5
initialmd5
HMAC-MD5
No-Privacy
Permanent
Active
Engine-ID
User Name
Security Name
Authentication
Privacy
Storage Type
Row Status
:
:
:
:
:
:
:
80:00:07:7c:03:00:04:96:1f:a2:60 'H'
initialsha
initialsha
HMAC-SHA
No-Privacy
Permanent
Active
Engine-ID
User Name
Security Name
Authentication
Privacy
Storage Type
Row Status
:
:
:
:
:
:
:
80:00:07:7c:03:00:04:96:1f:a2:60 'H'
initialmd5Priv
initialmd5Priv
HMAC-MD5
DES
Permanent
Active
Engine-ID
User Name
Security Name
Authentication
Privacy
Storage Type
Row Status
:
:
:
:
:
:
:
80:00:07:7c:03:00:04:96:1f:a2:60 'H'
initialshaPriv
initialshaPriv
HMAC-SHA
DES
Permanent
Active
Total num. of entries in usmUserTable : 6
The following command lists details for the specified user, testuser:
show snmpv3 user testuser
History
This command was first available in ExtremeWare XOS 10.1.
The hex_user_name parameter was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
192
show sntp-client
show sntp-client
show sntp-client
Description
Displays the DNS configuration.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
Displays configuration and statistics information of SNTP client.
Example
The following command displays the SNTP configuration:
show sntp-client
The following is sample output from this command:
SNTP client is enabled
SNTP time is valid
Primary server: 172.17.1.104
Secondary server: 172.17.1.104
Query interval: 64
Last valid SNTP update: From server 172.17.1.104, on Wed Oct 30 22:46:03 2003
SNTPC Statistics:
Packets transmitted:
to primary server:
1
to secondary server:
0
Packets received with valid time:
from Primary server:
1
from Secondary server:
0
from Broadcast server:
0
Packets received without valid time:
from Primary server:
0
from Secondary server:
0
from Broadcast server:
0
Replies not received to requests:
from Primary server:
0
from Secondary server:
0
ExtremeWare XOS 11.1 Command Reference Guide
193
Commands for Managing the Switch
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
194
telnet
telnet
telnet {vr <vr_name>} [<host_name> | <remote_ip>] {<port>}
Description
Allows you to Telnet from the current command-line interface session to another host.
Syntax Description
vr
Specifies use of a virtual router.
NOTE: The Aspen 8810 switch does not support user-created virtual routers.
vr_name
Specifies the name of the virtual router.
host_name
Specifies the name of the host.
remote_ip
Specifies the IP address of the host.
port
Specifies a TCP port number. The default is port 23.
Default
●
Telnet—enabled
●
Virtual router—Uses all virtual routers on the switch for outgoing Telnet requests
●
Port—23
Usage Guidelines
NOTE
The Aspen 8810 switch does not support user-created virtual routers.
Only VT100 emulation is supported.
Before you can start an outgoing Telnet session, you need to configure the switch IP parameters. To
open a Telnet connection, you must specify the host IP address or the host name of the device you want
to connect to. Check the user manual supplied with the Telnet facility if you are unsure of how to do
this.
You must configure DNS in order to use the host_name option.
The vr_name option specifies the name of the virtual router. The valid virtual router names at system
boot-up are VR-Mgmt, VR-Control, and VR-Default. You can also create and configure your own virtual
routers. In ExtremeWare XOS 10.1, the valid virtual routers are VR-0, VR-1, and VR-2 respectively, and
Telnet used VR-0 by default. For more information about virtual routers, see “Virtual Routers” in the
ExtremeWare XOS Concepts Guide.
ExtremeWare XOS 11.1 Command Reference Guide
195
Commands for Managing the Switch
Example
The following command starts a Telnet client communication to the host at IP address 123.45.67.8:
telnet 123.45.67.8
The following command starts a Telnet client communication with a host named sales:
telnet sales
History
This command was first available in ExtremeWare XOS 10.1.
Support for the following virtual routers was added in ExtremeWare XOS 11.0: VR-Mgmt, VR-Control,
and VR-Default.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
196
tftp
tftp
tftp [<host_name> | <ip_address>] {-v <vr_name>} [-g | -p] [{-l
[<local_file> | memorycard <local-file-memcard>]} {-r <remote_file>} | {-r
<remote_file>} {-l [<local_file> | memorycard <local-file-memcard]}]
Description
Allows you to TFTP from the current command line interface session to a TFTP server.
Syntax Description
host_name
Specifies the name of the remote host.
ip_address
Specifies the IP address of the TFTP server.
vr_name
Specifies the name of the virtual router.
-g
Gets the specified file from the TFTP server and copies it to the local host.
-p
Puts the specified file from the local host and copies it to the TFTP server.
local_file
Specifies the name of the file (configuration file, policy file) on the local host.
memorycard
Specifies the removable external compact flash card.
remote_file
Specifies the name of the file on the remote host.
Default
If you do not specify a virtual router, VR-Mgmt is used.
Usage Guidelines
NetASCII and mail file type formats are not supported.
TFTP Server Requirements. Extreme Networks recommends using a TFTP server that supports blocksize
negotiation (as described in RFC 2348, TFTP Blocksize Option), to enable faster file downloads and larger
file downloads. If the TFTP server does not support blocksize negotiation, the file size is limited to
32 MB. Older TFTP servers that do not support blocksize negotiation have additional implementation
limits that may decrease the maximum file size to only 16 MB, which may be too small to install
ExtremeWare XOS images.
If your TFTP server does not support blocksize negotiation, the switch displays a message similar to the
following when you attempt a get (-g) or put (-p) operation:
Note: The blocksize option is not supported by the remote TFTP server.
Without this option, the maximum file transfer size is limted to 32MB.
Some older TFTP servers may be limited to 16MB file.
Using TFTP. Use TFTP to download a previously saved configuration file or policy file from the TFTP
server to the switch. When you download a file, this command does not automatically apply it to the
switch. You must specify that the downloaded file be applied to the switch. For example, if you
download a configuration file, issue the use configuration command to apply the saved
configuration on the next reboot. You must use the reboot command to activate the new configuration.
ExtremeWare XOS 11.1 Command Reference Guide
197
Commands for Managing the Switch
If you download a policy file, use the refresh policy command to reprocess the text file and update
the policy database.
On the BlackDiamond 10K switch, use the download bootrom command to upgrade the BootROM. This
command utilizes TFTP to transfer the BootROM image file from your TFTP server to the switch. Only
upgrade the BootROM when asked to do so by an Extreme Networks technical representative. For more
information about this command, see “download bootrom” on page 1211.
To upgrade the image, use the download image command. This command utilizes TFTP to transfer the
software image file from your TFTP server to the switch. For more information about this command, see
“download image” on page 1213.
Up to eight active TFTP sessions can run on the switch concurrently.
Command Options . The information in this section provides more detailed information about some of
the TFTP command options.
You must configure DNS in order to use the host_name option.
If you specify the memorycard option, you can copy and transfer files to and from the external memory
card using TFTP.
The vr_name option specifies the name of the virtual router. The valid virtual router names at system
boot-up are VR-Mgmt, VR-Control, and VR-Default. You can also create and configure your own virtual
routers. In ExtremeWare XOS 10.1, the valid virtual routers are VR-0, VR-1, and VR-2 respectively. For
more information about virtual routers, see “Virtual Routers” in the ExtremeWare XOS Concepts Guide.
Example
The following command downloads the configuration file named XOS1.cfg from the TFTP server with
an IP address of 10.123.45.67:
tftp 10.123.45.67 -g -r XOS1.cfg
The following command retrieves and transfer files from the external memory card:
tftp 10.1.2.3. -g -l memorycard test.pol -r august23.pol
History
This command was first available in ExtremeWare XOS 10.1.
Support for the memorycard option was added in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
198
4
Commands for Managing the ExtremeWare XOS
Software
This chapter describes commands for:
●
Working with the configuration and policy files used by the switch
●
Starting, stopping, and displaying information about processes on the switch
NOTE
For information about downloading and upgrading a new software image, saving configuration changes, and
upgrading the BootROM, see Appendix A, “Software Upgrade and Boot Options.”
Like any advanced operating system, ExtremeWare XOS gives you the tools to manage your switch and
create your network configurations. With the introduction of ExtremeWare XOS, the following
enhancements and functionality have been added to the switch operating system:
●
File system administration—You can move, copy, and delete files from the switch. The file system
structure allows you to keep, save, rename, and maintain multiple copies of configuration files on
the switch. In addition, you can manage other entities of the switch such as policies and access
control lists (ACLs).
●
Configuration file management—You can oversee and manage multiple configuration files on your
switch. In addition, you can upload, download, modify, and name configuration files used by the
switch.
●
Process control—You can stop and start processes, restart failed processes, and update the software
for a specific process or set of processes.
●
Memory protection—With memory protection, ExtremeWare XOS protects each process from every
other process in the system. If one process experiences a memory fault, that process cannot affect the
memory space of another process.
ExtremeWare XOS 11.1 Command Reference Guide
199
Commands for Managing the ExtremeWare XOS Software
cp
cp {memorycard} <old-name> {memorycard} <new-name>
Description
Copies an existing configuration or policy file in the system.
Syntax Description
memorycard
Specifies the removable external compact flash memory card.
old-name
Specifies the name of the configuration or policy file that you want to copy.
new-name
Specifies the name of the copied configuration or policy file.
Default
N/A.
Usage Guidelines
Use this command to make a copy of an existing file before you alter or edit the file. By making a copy,
you can easily go back to the original file if needed.
Configuration files have a .cfg file extension; policy files have a .pol file extension.
When you copy a configuration or policy file from the system, make sure you specify the appropriate
file extension. For example, if you want to copy a policy file, specify the filename and .pol.
When you copy a file, the switch displays a message similar to the following:
Copy test.cfg to test_rev2.cfg on both primary and backup MSM? (y/n)
Enter y to copy the file to both the primary and backup MSMs. Enter n to cancel this process and not
copy the file.
If you enter y, the switch copies the file with the new name and keeps a backup of the original file with
the original name. After the switch copies the file, use the ls command to display a complete list of
files. In this example, the switch displays the original file named test.cfg and the copied file named
test_rev2.cfg.
The following is sample output from the ls command:
...
-rw-r--r--rw-r--r-...
1 root
1 root
root
root
100980 Sep 23 09:16 test.cfg
100980 Oct 13 08:47 test_rev2.cfg
If you enter n, the switch displays a message similar to the following:
Copy cancelled.
ExtremeWare XOS 11.1 Command Reference Guide
200
cp
For the memorycard option, the source and/or destination is the memorycard. You must mount the
memory card for this operation to succeed. The cp command copies a file from the switch to the card or
a file already on the card. If you copy a file from the switch to the external memory card, and the new
filename is identical to the source file, you do not need to re-enter the filename.
Example
The following command makes a copy of a configuration file named test.cfg and gives the copied file a
new name of test_rev2.cfg:
cp test.cfg test_rev2.cfg
The following command makes a copy of a configuration file named primary.cfg from the switch to the
external memory card with the same name, primary.cfg:
cp primary.cfg memorycard
The above command performs the same action as entering the following command:
cp primary.cfg memorycard primary.cfg
History
This command was first available in ExtremeWare XOS 11.0.
The memorycard option was added in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
201
Commands for Managing the ExtremeWare XOS Software
ls
ls {memorycard}
Description
Lists all current configuration and policy files in the system.
Syntax Description
memorycard
Lists files on the removable compact flash memory card.
Default
N/A.
Usage Guidelines
Use this command to display a list of the current configuration and policy files in the system.
Output from this command includes the following:
●
The first column displays the file permission using the following ten place holders:
■
The first place holder displays - for a file.
■
The next three place holders display r for read access and w for write access permission for the
file owner.
■
The following three place holders display r for read access permission for members of the file
owner’s group.
■
The last three place holders display r for read access for every user that is not a member of the
file owner’s group.
●
The second column displays how many links the file has to other files or directories.
●
The third column displays the file owner.
●
The remaining columns display the file size, date and time the file was last modified, and the file
name.
For the memorycard option, this command lists all the files on the card.
In ExtremeWare 10.1, this command was available only on the primary Management Switch Fabric
Module (MSM). You were unable to display a list of configuration and policy files on the backup MSM.
Example
The following command displays a list of all current configuration and policy files in the system:
ls
ExtremeWare XOS 11.1 Command Reference Guide
202
ls
The following sample output displays the configuration and policy files in the system:
total 424
-rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--
1
1
1
1
1
1
root
root
root
root
root
root
root
root
root
root
root
root
50
94256
100980
35
100980
94256
Jul
Jul
Sep
Jun
Sep
Jun
30
23
23
29
23
30
14:19
14:26
09:16
06:42
09:17
17:10
hugh.pol
hughtest.cfg
megtest.cfg
newpolicy.pol
primary.cfg
roytest.cfg
History
This command was first available in ExtremeWare XOS 10.1.
The memorycard option was added in ExtremeWare XOS 11.0.
This command was available on the backup MSM in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
203
Commands for Managing the ExtremeWare XOS Software
mv
mv {memorycard} <old-name> {memorycard} <new-name>
Description
Moves or renames an existing configuration or policy file in the system.
Syntax Description
memorycard
Specifies the removable external compact flash card.
old-name
Specifies the current name of the configuration or policy file.
new-name
Specifies the new name of the configuration or policy file.
Default
N/A.
Usage Guidelines
If you rename a file with a given extension, remember the following:
●
Configuration files use the .cfg file extension
●
Policy files use the .pol file extension
Make sure the renamed file uses the same file extension as the original file. If you change the file
extensions, the file may be unrecognized by the system. For example, if you have an existing
configuration file named test.cfg, the new filename must include the .cfg file extension.
You cannot rename an active configuration file (the configuration currently selected to boot the switch).
To verify the configuration that you are currently using, issue the show switch {detail} command. If
you attempt to rename the active configuration file, the switch displays a message similar to the
following:
Error: Cannot rename current selected active configuration file.
This command also replicates the action from the primary MSM to the backup MSM. For example, if
you rename a file on the primary MSM, the same file on the backup MSM is renamed. When you
rename a file, the switch displays a message similar to the following:
Rename test to megtest on both primary and backup MSM? (y/n)
Enter y to rename the file on your system. Enter n to cancel this process and keep the existing filename.
For the memorycard option, this command can now move files between the external memory card and
the switch. If you use the memorycard option for both the old-name and the new-name, this command
just renames a file on the external memory card.
In ExtremeWare 10.1, this command was available only on the primary MSM. For example, if you
renamed a file on the primary MSM, the same file on the backup MSM was not renamed.
ExtremeWare XOS 11.1 Command Reference Guide
204
mv
Example
The following command renames the configuration file named Testb91.cfg to Activeb91.cfg:
mv Testb91.cfg Activeb91.cfg
The following command moves the configuration file named test1.cfg from the switch to the external
memory card:
mv test1.cfg memorycard test1.cfg
If you do not change the name of the configuration file, you can also use the following command to
move the configuration file test1.cfg from the switch to the external memory card:
mv test1.cfg memorycard
The following command moves the policy file named bgp.pol from the memorycard to the switch:
mv memorycard bgp.pol bgp.pol
History
This command was first available in ExtremeWare XOS 10.1.
Support for replicating information from the primary MSM to the backup MSM was introduced in
ExtremeWare XOS 11.0.
The memorycard option was added in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
205
Commands for Managing the ExtremeWare XOS Software
rm
rm {memorycard} <file-name>
Description
Removes/deletes an existing configuration or policy file from the system.
Syntax Description
memorycard
Specifies the removable external compact flash card.
file-name
Specifies the name of the configuration or policy file.
Default
N/A.
Usage Guidelines
After you remove a configuration or policy file from the system, that file is unavailable to the system.
You cannot remove an active configuration file (the configuration currently selected to boot the switch).
To verify the configuration that you are currently using, issue the show switch {detail} command. If
you attempt to remove the active configuration file, the switch displays a message similar to the
following:
Error: Cannot remove current selected active configuration file.
This command also replicates the action from the primary MSM to the backup MSM. For example, if
you delete a file on the primary MSM, the same file on the backup MSM is deleted. When you delete a
file, the switch displays a message similar to the following:
Remove megtest2.cfg from both primary and backup MSM? (y/n)
Enter y to delete the file from your system. Enter n to cancel the process and keep the file on your
system.
For the memorycard option, this command removes/deletes an existing file on the card.
You can use the * wildcard to delete all of a particular file type on the external memory card.
In ExtremeWare 10.1, this command was available only on the primary MSM. For example, if you
deleted a file on the primary MSM, the same file on the backup MSM was not deleted.
Example
The following command removes the configuration file named Activeb91.cfg from the system:
rm Activeb91.cfg
ExtremeWare XOS 11.1 Command Reference Guide
206
rm
The following command removes the policy file named test.pol from the external memory card:
rm memorycard test.pol
The following command removes all of the configuration files from the external memory card:
rm memorycard *.cfg
History
This command was first available in ExtremeWare XOS 10.1.
Support for replicating information from the primary MSM to the backup MSM was introduced in
ExtremeWare XOS 11.0.
The memorycard option was added in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
207
Commands for Managing the ExtremeWare XOS Software
show heartbeat process
show heartbeat process {<name>}
Description
Displays the health of the ExtremeWare XOS processes.
Command Syntax
name
Specifies the name of the process.
Default
N/A.
Usage Guidelines
The software monitors all of the XOS processes running on the switch. This process monitor creates and
terminates XOS processes on demand (for example, when you log in or log out of the switch) and
restarts processes if an abnormal termination occurs (for example, if your system crashes). The process
monitor also ensures that only version-compatible processes and processes with proper licenses are
started.
The show heartbeat process command is a resource for providing background system health
information because you can view the health of ExtremeWare XOS processes on the switch.
Use this command to monitor the health of the XOS processes. The switch uses two algorithms to
collect process health information: polling and reporting. Both polling and reporting measure the
heartbeat of the process. Polling occurs when a HELLO message is sent and a HELLO_ACK message is
received. The two counts are the same. Reporting occurs when a HELLO_ACK message is sent only.
Therefore, no HELLO messages are sent and the HELLO count remains at zero.
The show heartbeat process command displays the following information in a tabular format:
●
Card—The name of the module where the process is running
●
Process Name—The name of the process
●
Hello—The number of hello messages sent to the process
●
HelloAck—The number of hello acknowledgement messages received by the process manager
●
Last Heartbeat Time—The timestamp of the last health check received by the process manager
(Unknown specifies kernel modules and they do not participate in heartbeat monitoring)
This status information may be useful for your technical support representative if you have a network
problem.
You may find it useful to capture the process information under normal operating conditions to
establish a baseline. By having a baseline, if you experience a problem, you and your technical support
representative can more easily identify the problem.
ExtremeWare XOS 11.1 Command Reference Guide
208
show heartbeat process
Example
To display the health of all processes on your system, use the following command:
show heartbeat process
The following is sample output from this command:
Card Process Name
Hello HelloAck
Last Heartbeat Time
--------------------------------------------------------------------------MSM-A aaa
0
180324
Wed Dec 10 15:06:04 2003
MSM-A acl
36069
36069
Wed Dec 10 15:05:57 2003
MSM-A bgp
0
180348
Wed Dec 10 15:06:05 2003
MSM-A cfgmgr
72139
72139
Wed Dec 10 15:06:02 2003
MSM-A cli
60116
60116
Wed Dec 10 15:06:03 2003
MSM-A devmgr
0
180339
Wed Dec 10 15:06:03 2003
MSM-A dirser
0
180324
Wed Dec 10 15:06:03 2003
MSM-A edp
36069
36069
Wed Dec 10 15:05:57 2003
MSM-A ems
45087
45087
Wed Dec 10 15:06:03 2003
MSM-A epm
0
0
Unknown
MSM-A exacl
0
0
Unknown
MSM-A exosmc
0
0
Unknown
MSM-A exosq
0
0
Unknown
MSM-A exsnoop
0
0
Unknown
MSM-A exvlan
0
0
Unknown
MSM-A fdb
0
180343
Wed Dec 10 15:06:04 2003
MSM-A hal
0
180343
Wed Dec 10 15:06:05 2003
MSM-A mcmgr
36069
36069
Wed Dec 10 15:05:57 2003
MSM-A msgsrv
0
180346
Wed Dec 10 15:06:04 2003
MSM-A netTools
90174
90174
Wed Dec 10 15:06:03 2003
MSM-A nettx
0
0
Unknown
MSM-A nodemgr
0
180344
Wed Dec 10 15:06:03 2003
MSM-A ospf
0
180345
Wed Dec 10 15:06:06 2003
MSM-A pim
0
180344
Wed Dec 10 15:06:05 2003
MSM-A polMgr
60116
60116
Wed Dec 10 15:06:04 2003
MSM-A rip
0
180343
Wed Dec 10 15:06:05 2003
MSM-A rtmgr
0
180341
Wed Dec 10 15:06:06 2003
MSM-A snmpMaster
60116
60116
Wed Dec 10 15:06:04 2003
MSM-A snmpSubagent
60116
60116
Wed Dec 10 15:06:03 2003
MSM-A stp
36069
36069
Wed Dec 10 15:05:57 2003
MSM-A tftpd
0
180346
Wed Dec 10 15:06:05 2003
MSM-A vlan
36069
36069
Wed Dec 10 15:05:57 2003
MSM-A vrrp
36069
36069
Wed Dec 10 15:05:58 2003
To display the health of the STP process on your system, use the following command:
show heartbeat process stp
The following is sample output from this command:
Card Process Name
Hello HelloAck
Last Heartbeat Time
--------------------------------------------------------------------------MSM-A stp
34921
34921
Wed Dec 10 11:54:37 2003
History
This command was first available in an ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
209
Commands for Managing the ExtremeWare XOS Software
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
210
show memory process
show memory process
show memory process <name> {slot <slotid>}
Description
Displays the current system memory and that of the specified process.
Command Syntax
name
Specifies the name of the process.
slotid
Specifies the slot number of the MSM module:
• A specifies the MSM installed in slot A.
• B specifies the MSM installed in slot B.
Default
N/A.
Usage Guidelines
Viewing statistics on a regular basis allows you to see how well your network is performing. If you
keep simple daily records, you will see trends emerging and notice problems arising before they cause
major network faults. This way, statistics can help you get the best out of your network.
This information may be useful for your technical support representative if you experience a problem.
Depending on the software version running on your switch or your switch model, additional or
different memory information might be displayed.
You can also use the show memory {slot [a | b]} command to view the system memory and the
memory used by the individual processes, even for all processes on all MSMs.
Reading the Output. The show memory process command displays the following information in a
tabular format:
●
System memory information (both total and free).
●
Current memory used by the individual processes.
The current memory statistics for the individual process also includes the following:
●
The module (whether it be MSM A or MSM B) and the slot number of the MSM.
●
The name of the process.
Example
The following command displays system memory and VRRP memory usage:
show memory process vrrp
ExtremeWare XOS 11.1 Command Reference Guide
211
Commands for Managing the ExtremeWare XOS Software
The following is sample output from this command:
System Memory Information
------------------------MSM-A
Total (KB): 512508 KB
MSM-A
Free (KB): 395796 KB
Memory Utilization Statistics
----------------------------Card Slot Process Name
Memory (KB)
--------------------------------------MSM-A 9
vrrp
6596
History
This command was first available in an ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
212
show process
show process
show process {<name>} {detail} {slot <slotid>}
Description
Displays the status of the ExtremeWare XOS processes.
Command Syntax
name
Specifies the name of the process.
detail
Specifies more detailed process information.
slotid
Specifies the slot number of the MSM module:
• A specifies the MSM installed in slot A.
• B specifies the MSM installed in slot B.
Default
N/A.
Usage Guidelines
The ExtremeWare XOS process manager monitors all of the XOS processes. The process manager also
ensures that only version-compatible processes are started.
Using this command without the optional keywords displays summary process information. If you
specify the slot keyword, summary information is displayed for that particular slot only.
The show process and show process slot <slotid> commands display the following information
in a tabular format:
●
Card—The name of the module where the processes are running
●
Process Name—The name of the process
●
Version—The version number of the process
●
Restart—The number of times the process has been restarted
●
State—The current state of the process
●
Start Time—The date and time the process began
If you specify the detail keyword, more specific and detailed process information is displayed. The
show process detail and show process slot <slotid> detail commands display the following
information in a multi-tabular format:
●
Detailed process information
●
Memory usage configurations
●
Recovery policies
●
Process statistics
●
Resource usage
ExtremeWare XOS 11.1 Command Reference Guide
213
Commands for Managing the ExtremeWare XOS Software
If you specify the version keyword, information about the version of the process is displayed. The
show process version command displays the following information in a tabular format:
●
Card—The name of the module where the processes are running
●
Process Name—The name of the process
●
Version—The version number of the process
●
BuiltBy—The name of the software build manager
●
Link Date—The date the executable was linked
This status information may be useful for your technical support representative if you have a network
problem.
Depending on the software version running on your switch or your switch model, additional or
different process information might be displayed.
You may find it useful to capture the process information under normal operating conditions to
establish a baseline. By having a baseline, if you experience a problem, you and your technical support
representative can more easily identify the problem.
Example
To display the processes on your system, use the following command:
show process
The output from this command is similar to the following:
Card Process Name
Version
Restart
State
Start Time
-----------------------------------------------------------------------------MSM-A aaa
3.0.0.2
0
Ready
Sat Dec 6 10:54:24 2003
MSM-A acl
3.0.0.2
0
Ready
Sat Dec 6 10:54:25 2003
MSM-A bgp
3.0.0.2
0
Ready
Sat Dec 6 10:54:24 2003
MSM-A cfgmgr
3.0.0.20
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A cli
3.0.0.21
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A devmgr
3.0.0.2
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A dirser
3.0.0.2
0
Ready
Sat Dec 6 10:54:21 2003
MSM-A edp
3.0.0.2
0
Ready
Sat Dec 6 10:54:24 2003
MSM-A ems
3.0.0.2
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A epm
3.0.0.2
0
Ready
Sat Dec 6 10:54:21 2003
MSM-A exacl
3.0.0.2
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A exosmc
3.0.0.2
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A exosq
3.0.0.2
0
Ready
Sat Dec 6 10:54:22 2003
MSM-A exsnoop
3.0.0.2
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A exvlan
3.0.0.2
0
Ready
Sat Dec 6 10:54:22 2003
MSM-A fdb
3.0.0.2
0
Ready
Sat Dec 6 10:54:24 2003
MSM-A hal
3.0.0.2
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A mcmgr
3.0.0.2
0
Ready
Sat Dec 6 10:54:24 2003
MSM-A msgsrv
3.0.0.2
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A netTools
3.0.0.2
0
Ready
Sat Dec 6 10:54:25 2003
MSM-A nettx
3.0.0.2
0
Ready
Sat Dec 6 10:54:22 2003
MSM-A nodemgr
3.0.0.2
0
Ready
Sat Dec 6 10:54:23 2003
MSM-A ospf
3.0.0.2
0
Ready
Sat Dec 6 10:54:24 2003
MSM-A pim
3.0.0.2
0
Ready
Sat Dec 6 10:54:25 2003
MSM-A polMgr
3.0.0.2
0
Ready
Sat Dec 6 10:54:25 2003
MSM-A rip
3.0.0.2
0
Ready
Sat Dec 6 10:54:25 2003
ExtremeWare XOS 11.1 Command Reference Guide
214
show process
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
rtmgr
snmpMaster
snmpSubagent
stp
tftpd
vlan
vrrp
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.8
3.0.0.2
3.0.0.2
3.0.0.4
0
0
0
0
0
0
0
Ready
Ready
Ready
Ready
Ready
Ready
Ready
Sat
Sat
Sat
Sat
Sat
Sat
Sat
Dec
Dec
Dec
Dec
Dec
Dec
Dec
6
6
6
6
6
6
6
10:54:24
10:54:24
10:54:24
10:54:24
10:54:25
10:54:24
10:54:26
2003
2003
2003
2003
2003
2003
2003
The following example specifies the process aaa along with the detail keyword:
show process aaa detail
The output from this command is similar to the following:
Name
PID
Path
Type Link Date
Build By
Peer
-------------------------------------------------------------------------------aaa
284
./aaa
App Thu Dec 4 13:23:07 PST 2003 release-manager 2
3
-------------------------------------------------------------------------------Configuration:
Start Priority SchedPolicy Stack TTY CoreSize Heartbeat StartSeq
-------------------------------------------------------------------------------1
0
0
0
0
0
1
1
Memory Usage Configuration:
Memory(KB) Zones: Green Yellow Orange Red
-------------------------------------------------------------------------------0
0
0
0
0
Recovery policies
-------------------------------------------------------------------------------failover-reboot
-------------------------------------------------------------------------------Statistics:
ConnetionLost Timeout Start Restart Kill Register Signal Hello Hello Ack
-------------------------------------------------------------------------------0
0
0
0
0
1
0
0
173199
Memory Zone
Green
Yellow
Orange
Red
-------------------------------------------------------------------------------Green
0
0
0
0
-------------------------------------------------------------------------------Commands:
Start
Stop
Resume
Shutdown
Kill
-------------------------------------------------------------------------------0
0
0
0
0
-------------------------------------------------------------------------------Resource Usage:
UserTime SysTime PageReclaim PageFault Up Since
Up Date Up Time
-------------------------------------------------------------------------------2.160000 0.560000
546
966
Sat Dec 6 10:54:24 2003 00/00/04 00:14:02
-------------------------------------------------------------------------------Thread Name
Pid
Tid
Delay Timeout Count
-------------------------------------------------------------------------------tacThread
0
2051
10
0
radiusThread
0
1026
10
1
ExtremeWare XOS 11.1 Command Reference Guide
215
Commands for Managing the ExtremeWare XOS Software
main
0
1024
2
1
--------------------------------------------------------------------------------
The following example specifies the version information for all processes:
show process version
The output from this command is similar to the following:
Card Process Name
Version
BuiltBy
Link Date
--------------------------------------------------------------------------MSM-A aaa
3.0.0.2
release-manager Thu Dec 4 13:23:07 PST 2003
MSM-A acl
3.0.0.2
release-manager Thu Dec 4 13:25:55 PST 2003
MSM-A bgp
3.0.0.2
release-manager Thu Dec 4 13:27:29 PST 2003
MSM-A edp
3.0.0.2
release-manager Thu Dec 4 13:25:33 PST 2003
...
History
This command was first available in an ExtremeWare XOS 10.1.
Platform Availability
This command is available on all available platforms.
ExtremeWare XOS 11.1 Command Reference Guide
216
start process
start process
start process <name> {msm <slot>}
Description
Restarts the specified process on the switch.
Syntax Description
name
Specifies the name of the process to start. You can start the following
processes:
• exsshd (only available if you have installed the SSH module)
• snmpMaster
• snmpSubagent
• telentd
• tftpd
slot
Specifies the MSM where the process should be started. A specifies the MSM
installed in slot A, and B specifies the MSM installed in slot B.
Default
N/A.
Usage Guidelines
Use this command after you have stopped a process and you want to restart it. To stop a process, use
the terminate process command.
You are unable to start a process that is already running. If you try to start a currently running process,
an error message similar to the following appears:
Error: Process
telnetd already exists!
Depending on the software version running on your switch and the type of switch you have, you can
restart different or additional processes. To see which processes you can restart, enter restart process
followed by [Tab]. The switch displays a list of available processes.
To display the status of ExtremeWare XOS processes on the switch, including how many times a process
has been restarted, use the show process {<name>} {detail} {slot <slotid>} command.
Example
The following restarts the process tftpd:
start process tftpd
ExtremeWare XOS 11.1 Command Reference Guide
217
Commands for Managing the ExtremeWare XOS Software
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
218
terminate process
terminate process
terminate process <name> [forceful | graceful] {msm <slot>}
Description
Terminates the specified process on the switch.
Syntax Description
name
Specifies the name of the process to terminate. You can terminate the
following processes:
• exsshd (only available if you have installed the SSH module)
• snmpMaster
• snmpSubagent
• telentd
• tftpd
forceful
Specifies a forceful termination.
graceful
Specifies a graceful termination.
slot
Specifies the MSM where the process should be terminated. A specifies the
MSM installed in slot A, and B specifies the MSM installed in slot B.
Default
N/A.
Usage Guidelines
The forceful option quickly terminates a process on demand. Unlike the graceful option, the process
is immediately shutdown without any of the normal process cleanup. The status of the operation is
displayed on the console. After a successful forceful termination of a process, a message similar to the
following appears:
Forceful termination success for snmpMaster
The graceful option terminates the process by allowing it to close all opened connections, notify peers
on the network, and other types of process cleanup. After this phase, the process is finally terminated.
After a successful graceful termination of a process, a message similar to the following appears:
Successful graceful termination for snmpSubagent
To display the status of ExtremeWare XOS processes on the switch, including how many times a process
has been restarted, use the show process {<name>} {detail} {slot <slotid>} command.
Depending on the software version running on your switch and the type of switch you have, you can
terminate different or additional processes. To see which processes you can terminate, enter terminate
process followed by [Tab]. The switch displays a list of available processes.
To restart a process that has been terminated, use the start process command.
ExtremeWare XOS 11.1 Command Reference Guide
219
Commands for Managing the ExtremeWare XOS Software
NOTE
Do not terminate a process that was installed since the last reboot unless you have saved your configuration. If you
have installed a software module and you terminate the newly installed process without saving your configuration,
your module may not be loaded when you attempt to restart the process with the start process command.
Example
The following initiates a graceful termination of the process tftpd:
terminate process tftpd graceful
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
220
5
Commands for Configuring Slots and Ports on a
Switch
This chapter describes commands related to:
●
Enabling, disabling, and configuring individual ports
●
Configuring port speed (Fast Ethernet ports only) and half- or full-duplex mode
●
Creating load-sharing groups on multiple ports
●
Displaying port statistics
●
Configuring switch port mirroring
●
Configuring software-controlled redundant ports and Smart Redundancy
●
Configuring Discovery Protocol
By default, all ports on the switch are enabled. After you configure the ports to your specific needs, you
can select which ports are enabled or disabled.
Fast Ethernet ports can connect to either 10Base-T or 100Base-T networks. By default, the ports
autonegotiate (automatically determine) the port speed. You can also configure each port for a particular
speed (either 10 Mbps or 100 Mbps).
Gigabit Ethernet ports with fiber interfaces are statically set, and their speed cannot be modified.
The switch comes configured to use autonegotiation to determine the port speed and duplex setting for
each port. You can select to manually configure the duplex setting and the speed of 10/100 Mbps ports,
and you can manually configure the duplex setting on gigabit Ethernet ports.
All ports on the switch (except gigabit Ethernet ports) can be configured for half-duplex or full-duplex
operation. The ports are configured to autonegotiate the duplex setting, but you can manually configure
the duplex setting for your specific needs.
Flow control is supported only on gigabit Ethernet ports. It is enabled or disabled as part of
autonegotiation. If autonegotiation is set to off, flow control is disabled. When autonegotiation is turned
on, flow control is enabled.
Load sharing with Extreme Network switches allows you to increase bandwidth and resilience between
switches by using a group of ports to carry traffic in parallel between switches. The sharing algorithm
allows the switch to use multiple ports as a single logical port. For example, VLANs see the loadsharing group as a single logical port. The algorithm also guarantees packet sequencing between clients.
If a port in a load-sharing group fails, traffic is redistributed to the remaining ports in the load-sharing
group. If the failed port becomes active again, traffic is redistributed to include that port.
Load sharing is most useful in cases where the traffic transmitted from the switch to the load-sharing
group is sourced from an equal or greater number of ports on the switch. For example, traffic
transmitted to a two-port load-sharing group should originate from a minimum of two other ports on
the same switch.
You can view port status on the switch using the show ports commands. These commands, when used
with specific keywords and parameters, allow you to view various issues such as real-time collision
statistics, link speed, flow control, and packet size.
ExtremeWare XOS 11.1 Command Reference Guide
221
Commands for Configuring Slots and Ports on a Switch
Commands that require you to enter one or more port numbers use the parameter <port_list> in the
syntax. On a modular switch, a <port_list> can be a list of slots and ports. For a detailed explanation
of port specification, see “Modular Switch Numerical Ranges” in Chapter 1.
ExtremeWare XOS 11.1 Command Reference Guide
222
clear counters edp
clear counters edp
clear counters edp {ports <ports>}
Description
Clears the counters associated with Extreme Discovery Protocol (EDP).
Syntax Description
ports
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
Default
If you do not specify a port, the EDP counters will be cleared for all slots.
Usage Guidelines
This command clears the following counters for EDP protocol data units (PDUs) sent and received per
EDP port:
●
Switch PDUs transmitted
●
VLAN PDUs transmitted
●
Transmit PDUs with errors
●
Switch PDUs received
●
VLAN PDUs received
●
Received PDUs with errors
Example
The following command clears the EDP counters on all ports:
clear counters edp
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
223
Commands for Configuring Slots and Ports on a Switch
clear slot
clear slot <slot>
Description
Clears a slot of a previously assigned module type.
Syntax Description
slot
Specifies a modular switch slot number.
Default
N/A.
Usage Guidelines
All configuration information related to the slot and the ports on the module is erased. If a module is
present when you issue this command, the module is reset to default settings.
If a slot is configured for one type of module, and a different type of module is inserted, the inserted
module is put into a mismatch state (where the inserted module does not match the configured slot),
and is not brought online. To use the new module type in a slot, the slot configuration must be cleared
or configured for the new module type. Use the configure slot command to configure the slot.
Example
The following command clears slot 2 of a previously assigned module type:
clear slot 2
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
224
configure edp advertisement-interval
configure edp advertisement-interval
configure edp advertisment-interval <timer> holddown-interval <timeout>
Description
Sets the advertisement interval and hold down interval for EDP.
Syntax Description
timer
Specifies the advertisement interval in seconds.
timeout
Specifies the hold down interval in seconds.
Default
The default setting for timer is 60 seconds, and for timeout is 180 seconds.
Usage Guidelines
Extreme Discover Protocol (EDP) is used to gather information about neighbor Extreme Networks
switches. EDP-enabled ports advertise information about the Extreme switch to other switches on the
interface and receive advertisements from other Extreme switches. Information about other Extreme
switches is discarded after the hold down interval timeout value is reached without receiving another
advertisement.
Example
The following command configures the EDP advertisement-interval to 2 minutes and the hold down
interval to 6 minutes:
configure edp advertisement-interval 120 holddown-interval 360
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
225
Commands for Configuring Slots and Ports on a Switch
configure ip-mtu vlan
configure ip-mtu <mtu> vlan <vlan_name>
Description
Sets the maximum transmission unit (MTU) for the VLAN.
Syntax Description
mtu
Specifies the IP maximum transmission unit (MTU) value. Range is from
1500 to 9216.
vlan_name
Specifies a VLAN name.
Default
The default IP MTU size is 1500.
Usage Guidelines
NOTE
The Aspen 8810 switch does not support the router specification for path MTU discovery. Also, the Aspen 8810
switch does not support fragmentation of any IP packets it forwards.
Use this command to enable jumbo frame support or for IP fragmentation with jumbo frames. Jumbo
frames are Ethernet frames that are larger than 1522 bytes, including 4 bytes used for CRC. Both
endstations involved in the transfer must be capable of supporting jumbo frames. The switch does not
perform IP fragmentation or participate in MTU negotiation on behalf of devices that do not support
jumbo frames.
When enabling jumbo frames and setting the MTU size for the VLAN, keep in mind that some network
interface cards (NICs) have a configured maximum MTU size that does not include the additional
4 bytes of CRC included in a jumbo frame configuration. Ensure that the NIC maximum MTU is at or
below the maximum MTU size configured on the switch. Frames that are larger than the MTU size
configured on the switch are dropped at the ingress port.
If you use IP fragmentation with jumbo frames and you want to set the MTU size greater than 1500, all
ports in the VLAN must have jumbo frames enabled.
Example
The following command sets the MTU size to 2000 for VLAN sales:
configure ip-mtu 2000 vlan sales
ExtremeWare XOS 11.1 Command Reference Guide
226
configure ip-mtu vlan
History
This command was available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
227
Commands for Configuring Slots and Ports on a Switch
configure jumbo-frame-size
configure jumbo-frame-size <framesize>
Description
Sets the maximum jumbo frame size for the switch.
Syntax Description
framesize
Specifies a maximum transmission unit (MTU) size for a jumbo frame. The
range is 1523 to 9216; the default is 9216.
Default
Jumbo frames are disabled by default. The default size setting is 9216.
Usage Guidelines
Jumbo frames are used between endstations that support larger frame sizes for more efficient transfers
of bulk data. Both endstations involved in the transfer must be capable of supporting jumbo frames.
The framesize keyword describes the maximum jumbo frame size “on the wire,” and includes 4 bytes
of cyclic redundancy check (CRC) plus another 4 bytes if 802.1Q tagging is being used.
To enable jumbo frame support, you must configure the maximum transmission unit (MTU) size of a
jumbo frame that will be allowed by the switch.
NOTE
Extreme Networks recommends that you set the MTU size so that fragmentation does not occur.
Some network interface cards (NICs) have a configured maximum MTU size that does not include the
additional 4 bytes of CRC. Ensure that the NIC maximum MTU size is at or below the maximum MTU
size configured on the switch. Frames that are larger than the MTU size configured on the switch are
dropped at the ingress port.
Example
The following command configures the jumbo frame size to 5500:
configure jumbo-frame-size 5500
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
228
configure jumbo-frame-size
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
229
Commands for Configuring Slots and Ports on a Switch
configure mirroring add
configure mirroring add [vlan <name> {port <port>}| port <port> {vlan
<name>}] {ingress | egress | ingress-and-egress}
Description
Adds a particular mirroring filter definition on the switch.
Syntax Description
vlan
Specifies a VLAN.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
name
Specifies a VLAN name.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
port
Specifies a slot and port.
port
Specifies a particular slot and port.
ingress
Specifies packets be mirrored as they are received on a port.
NOTE: This parameter is available only on the Aspen 8810 switch.
egress
Specifies packets be mirrored as they are sent from a port.
NOTE: This parameter is available only on the Aspen 8810 switch.
ingress-and-egress
Specifies all forwarded packets be mirrored. This is the default setting on the
Aspen 8810 switch.
NOTE: This parameter is available only on the Aspen 8810 switch.
Default
On the Aspen 8810 switch, the traffic default is ingress-and-egress.
Usage Guidelines
On a modular switch, <port> will be a slot and port in the form <slot>:<port>. For a detailed
explanation of port specification, see “Modular Switch Numerical Ranges” in Chapter 1.
You must enable port-mirroring using the enable mirroring to port command before you can
configure the mirroring filter definitions.
Port mirroring configures the switch to copy all traffic associated with one or more ports to a monitor
port on the switch. The switch uses a traffic filter that copies a group of traffic to the monitor port.
Up to 16 mirroring filters and one monitor port can be configured on the switch. After a port has been
specified as a monitor port, it cannot be used for any other function. Frames that contain errors are not
mirrored.
ExtremeWare XOS 11.1 Command Reference Guide
230
configure mirroring add
Aspen 8810 switch only. The traffic filter is defined based on physical ports. All data that traverses the
port, regardless of VLAN configuration, is copied to the monitor port. You can specify which traffic the
port mirrors:
●
Ingress—Mirrors traffic received at the port.
●
Egress—Mirrors traffic sent from the port.
●
Ingress and egress—Mirrors all traffic forwarded by the port.
If you omit the optional parameters, all traffic is forwarded; the default is ingress and egress.
BlackDiamond 10K switch only. The traffic filter can be defined based on one of the following criteria:
●
Physical port—All data that traverses the port, regardless of VLAN configuration, is copied to the
monitor port.
●
VLAN—All data to and from a particular VLAN, regardless of the physical port configuration, is
copied to the monitor port.
●
Virtual port—All data specific to a VLAN on a specific port is copied to the monitor port.
Example
The following example sends all traffic coming into an Aspen 8810 switch on slot 3, port 2 to the mirror
port:
configure mirroring add port 3:2 ingress
The following example sends all traffic coming into or out of a BlackDiamond 10K switch on slot 3, port
2 and the VLAN default to the mirror port:
configure mirroring add port 3:2 vlan default
History
This command was first available in ExtremeWare XOS 10.1.
The VLAN option was added in ExtremeWare XOS 11.0.
The ingress/egress option was added in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
231
Commands for Configuring Slots and Ports on a Switch
configure mirroring delete
configure mirroring delete [all | port <port> {vlan <name>} |vlan <name>
{port <port>}]
Description
Deletes a particular mirroring filter definition on the switch.
Syntax Description
all
Specifies all mirroring filter definitions.
port
Specifies a slot and port.
port
Specifies a particular slot and port.
vlan
Specifies a VLAN.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
name
Specifies a VLAN name.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
Default
N/A.
Usage Guidelines
On a modular switch, <port_list> must be a slot and port in the form <slot>:<port>. For a detailed
explanation of port specification, see “Modular Switch Numerical Ranges” in Chapter 1.
NOTE
The VLAN option is not available on the Aspen 8810 switch.
Example
The following example deletes the mirroring filter on an Aspen 8810 switch defined for slot 7, port 1:
configure mirroring delete ports 7:1
The following example deletes the mirroring filter on a BlackDiamond 10K switch defined for slot 3,
port 2 on VLAN default:
configure mirroring delete ports 3:2 vlan default
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
232
configure mirroring delete
The VLAN option was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
233
Commands for Configuring Slots and Ports on a Switch
configure ports auto off
configure ports <port_list> auto off speed [10 | 100 | 1000 | 10000] duplex
[half | full]
Description
Manually configures port speed and duplex setting configuration on one or more ports on a switch.
Syntax Description
port_list
Specifies one or more ports or slots and ports. On a modular switch, can be a
list of slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
speed [10]
Specifies 10 Mbps ports.
speed [100]
Specifies 100 Mbps ports.
speed [1000]
Specifies 1000 Mbps (1 Gigabit) ports.
speed [10000]
Specifies 10000 Mbps (10 Gigabit) ports.
duplex [half]
Specifies half duplex; transmitting and receiving data one direction at a time.
duplex [full]
Specifies full duplex; transmitting and receiving data at the same time.
Default
Auto on for 1 G ports.
Auto off for 10 G ports.
Usage Guidelines
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
You can manually configure the duplex setting and the speed on 10/100/1000 Mbps and fiber SFP
Gigabit Ethernet ports.
SFP Gigabit Ethernet ports are statically set to 1 Gbps, and their speed cannot be modified.
In certain interoperability situations, it is necessary to turn autonegotiation off on a fiber Gigabit
Ethernet port. (You cannot turn autonegotiation off on copper Gigabit ports.) Even though a Gigabit
Ethernet port runs only at full duplex and gigabit speeds, the command that turns off autonegotiation
must still include the duplex setting.
Gigabit Ethernet ports support flow control only when autonegotiation is turned on. When
autonegotiation is turned off, flow control is not supported.
The 10 Gbps ports always support flow control.
ExtremeWare XOS 11.1 Command Reference Guide
234
configure ports auto off
Example
The following example turns autonegotiation off for slot 2, port 1 on a modular switch:
configure ports 2:1 auto off duplex full
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
235
Commands for Configuring Slots and Ports on a Switch
configure ports auto on
configure ports <port_list> auto on
Description
Enables autonegotiation for the particular port type.
Syntax Description
port_list
Specifies one or more ports or slots and ports. On a modular switch, can be a
list of slots and ports. May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
Default
Auto on for 1 G ports.
Auto off for 10 G ports.
Usage Guidelines
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
The type of ports enabled for autonegotiation are 802.3u for 10/100 Mbps ports or 802.3z for Gigabit
Ethernet ports.
Flow control on Gigabit Ethernet ports is enabled or disabled as part of autonegotiation. If
autonegotiation is set to off, flow control is disabled. When autonegotiation is turned on, flow control is
enabled.
The 10 Gbps ports always support flow control.
Example
The following command configures the switch to autonegotiate for slot 1, ports 2 and 4 on a modular
switch:
configure ports 1:2, 1:4 auto on
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
236
configure ports display-string
configure ports display-string
configure ports <port_list> display-string <string>
Description
Configures a user-defined string for a port or group of ports.
Syntax Description
port_list
Specifies one or more ports or slots and ports. On a modular switch, can be a
list of slots and ports. May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
string
Specifies a user-defined display string.
Default
N/A.
Usage Guidelines
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
The display string can be up to 15 characters. Display strings do not need to be unique for each port—
you can assign the same string to multiple ports. For example, you could give all the ports that
connected to a particular department a common display string.
The string is displayed in certain commands such as the show ports information command.
NOTE
Do not use a port number as a display string. For example, do not assign the display string “2” to port 2.
Example
The following command configures the user-defined string corporate for ports 3, 4, and 5 on slot 1 on a
modular switch:
configure ports 1:3-5 display-string corporate
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
237
Commands for Configuring Slots and Ports on a Switch
configure ports redundant
configure ports <primaryPort> redundant <secondaryPort> {link [on | off]}
Description
Configures a software-controlled redundant port.
Syntax Description
primaryPort
Specifies one primary port or slot and port.
redundantPort
Specifies one or redundant port or slot and port.
link
Specifies state of link:
• on—Specifies keeping the redundant port active, but block traffic
• off—Specifies forcing the link down on the redundant port
NOTE: The default value is off.
Default
N/A.
Usage Guidelines
The first port specifies the primary port. The second port specifies the redundant port.
A software-controlled redundant port is configured to back up a specified primary port; both ports are
on the same device. The redundant port tracks the link state of the associated primary port, and if the
link on the primary port fails, the redundant port establishes a link and becomes active. You can back
up a specified Ethernet port with a redundant, dedicated Ethernet port.
You configure the redundant link to be always physically up but logically blocked or to be always
physically down. The default is off, or the redundant link is down.
The following criteria must be considered when configuring a software-controlled redundant port:
●
You can configure only one redundant port for each primary port.
●
You cannot have any Layer 2 protocols configured on any of the VLANs that are present on the
ports. (You will see an error message if you attempt to configure software redundant ports on ports
with VLANs running Layer 2 protocols.)
●
The primary and redundant port must have identical VLAN memberships.
●
The master port is the only port of a load-sharing group that can be configured as either a primary
or redundant port. (The entire trunk must go down before the software-controlled redundant port
takes effect.)
●
Only one side of the link should be configured as redundant.
ExtremeWare XOS 11.1 Command Reference Guide
238
configure ports redundant
NOTE
On the BlackDiamond 10K switch, 10 Gbps modules with a serial number lower than 804405-00-09 the software
redundant port feature cover only those failures where both the TX and RX paths fail. If a single strand of fiber is
pulled on these ports, the software redundant port cannot correctly recover from the failure.To display the serial
number of the module, issue the show slot <slot_number> command. (All the modules on the Aspen 8810
switch have this serial number or higher.)
Example
The following command configures a software-controlled redundant port:
configure ports 1:3 redundant 2:3
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
239
Commands for Configuring Slots and Ports on a Switch
configure sharing add ports
configure sharing <master_port> add ports <port_list>
Description
Adds ports to a load-sharing group.
Syntax Description
master_port
Specifies the master port for a load-sharing group.
port_list
Specifies one or more slots and ports to be grouped to the master port. May be
in the form 3-5, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
Use this command to dynamically add ports to a load-sharing group.
VMAN ports can belong to load-sharing groups. If any port in the load-sharing group is enabled for
VMAN, all ports in the group are automatically enabled to handle jumbo size frames. Also, VMAN is
automatically enabled on all ports of the untagged load-sharing group.
To verify your configuration, use the show ports sharing command.
Aspen 8810 switch only. The following guidelines apply to load sharing on the Aspen 8810 switch:
●
A load-sharing group can include a maximum of 8 ports.
●
The maximum number of load-sharing groups is 32.
●
Any broadcast, multicast, or unknown unicast packet is transmitted on a single port in the trunk
group.
NOTE
You cannot configure port-based load sharing algorithm on the Aspen 8810 switch; you configure only address-based
load-sharing algorithms.
The available address-based parameters on the Aspen 8810 switch are L2 for Layer 2 and L3 for Layer 3.
If the packet is not IP, the switch applies the Layer 2 algorithm, which is the default setting.
BlackDiamond 10K switch only. The following guidelines apply to load sharing on the BlackDiamond
10K switch:
●
A load-sharing group can include a maximum 16 ports.
●
The maximum number of load-sharing groups is 128.
ExtremeWare XOS 11.1 Command Reference Guide
240
configure sharing add ports
On the BlackDiamond 10K switch, if you do not explicitly select an algorithm, the port-based scheme is
used. However, the address-based algorithm has a more even distribution and is the recommended
choice.
NOTE
You must use the configure sharing address-based command to configure address-based load sharing on
the BlackDiamond 10K switch.
Example
The following example adds port 3:13 to the load-sharing group with the master port 3:9:
configure sharing 3:9 add port 3:13
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
241
Commands for Configuring Slots and Ports on a Switch
configure sharing address-based
configure sharing address-based [L2 | L2_L3 | L2_L3_L4 |L2_L3_CHK_SUM |
L2_L3_L4_CHK_SUM]
Description
Configures the part of the packet examined by the switch when selecting the egress port for
transmitting load-sharing data.
Syntax Description
L2
Indicates that the switch should examine the MAC source and destination
address.
L2_L3
Indicates that the switch should examine the MAC source and destination
address plus the IP source and destination address.
L2_L3_L4
Indicates that the switch should examine the MAC source and destination
address, the IP source and destination, plus the TCP source and destination
port number.
L2_L3_CHK_SUM
Indicates that the switch should examine the MAC source and destination
address, the IP source and destination address, plus the IP check sum.
L2_L3_L4_CHK_SUM
Indicates that the switch should examine the MAC source and destination
address, the IP source and destination, the TCP source and destination port
number, plus the IP check sum.
Default
The default setting is L2.
Usage Guidelines
This feature is available using the address-based load-sharing algorithm only. The address-based loadsharing algorithm uses addressing information to determine which physical port in the load-sharing
group to use for forwarding traffic out of the switch. Addressing information is based on the packet
protocol, as follows:
●
IP packets—Uses the source and destination MAC and IP address, and the TCP port number.
●
All other packets—Uses the source and destination MAC address.
This command specifies the part of the packet header that the switch examines to select the egress port
for address-based load-sharing trunks. The address-based load-sharing setting is global and applies to
all load-sharing trunks that are address-based. You change this setting by issuing the command again
with a different option.
To verify your configuration, use the show ports sharing command.
This is a global setting and applies to all load-sharing trunks that are address-based.
ExtremeWare XOS 11.1 Command Reference Guide
242
configure sharing address-based
Because the algorithms L2_L3__CHK_SUM and L2_L3_L4_CHK_SUM use the IP check sum as part of
the decision for the egress port selection, these algorithms do not guarantee the packet sequencing
between the clients.
If you do not explicitly select an algorithm, the port-based scheme is used. However, the address-based
algorithm has a more even distribution and is the recommended choice.
Example
The following example configures the switch to examine the MAC source and destination address:
configure sharing address-based l2
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
243
Commands for Configuring Slots and Ports on a Switch
configure sharing delete ports
configure sharing <master_port> delete ports <port_list>
Description
Deletes ports from a load-sharing group.
Syntax Description
master_port
Specifies the master port for a load-sharing group.
port_list
Specifies one or more slots and ports to be grouped to the master port. May be
in the form 3-5, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
Use this command to dynamically delete ports from a load-sharing group.
Example
The following example deletes port 3:12 from the load-sharing group with the master port 3:9:
configure sharing 3:9 delete port 3:12
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
244
configure slot
configure slot
configure slot <slot> module <module_type>
Description
Configures a slot for a particular I/O module card in a modular switch.
Syntax Description
slot
Specifies the slot number.
module_type
Specifies the type of module for which the slot should be configured. The list of
modules you can enter will vary depending on the type of switch and version of
ExtremeWare XOS you are running. Certain modules are supported only with specific
ExtremeWare XOS Technology Releases.
Default
If a slot has not been configured for a particular type of I/O module, then any type of module is
accepted in that slot, and a default port and VLAN configuration is automatically generated.
Usage Guidelines
The configure slot command displays different module parameters depending on the type of
modular switch you are configuring and the version of ExtremeWare XOS running on the switch.
You can also preconfigure the slot before inserting the module card. This allows you to begin
configuring the module and ports before installing the card in the chassis.
If a slot has not been configured for a particular type of I/O module, then any type of module is
accepted in that slot, and a default port and VLAN configuration is automatically generated. If a slot is
configured for one type of module, and a different type of module is inserted, the inserted module is
put into a mismatch state, and is not brought online. To use the new module type in a slot, the slot
configuration must be cleared or configured for the new module type.
Upon powering up the chassis, or when an I/O module is hot-swapped, ExtremeWare XOS
automatically determines the system power budget and protects the switch from any potential
overpower configurations. If power is available, ExtremeWare XOS powers on and initializes the
module. When ExtremeWare XOS detects that a module will cause an overpower condition, the module
remains powered down, and is not initialized. An entry is made to the system log indicating the
condition.
Example
The following command configures slot 2 for a 10/100/1000, 60-port, copper module:
configure slot 2 module G60T
ExtremeWare XOS 11.1 Command Reference Guide
245
Commands for Configuring Slots and Ports on a Switch
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
246
disable edp ports
disable edp ports
disable edp ports [<ports> | all]
Description
Disables the Extreme Discovery Protocol (EDP) on one or more ports.
Syntax Description
ports
Specifies one or more slots and ports. May be in the form 3-5, 2:*, 2:5, 2:62:8.
all
Specifies all ports on the switch.
Default
Enabled.
Usage Guidelines
On a modular switch, <ports> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” or “Line-Editing Keys” in Chapter 1.
You can use the disable edp ports command to disable EDP on one or more ports when you no
longer need to locate neighbor Extreme Networks switches.
Example
The following command disables EDP on slot 1, ports 2 and 4 on a modular switch:
disable edp ports 1:2, 1:4
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
247
Commands for Configuring Slots and Ports on a Switch
disable jumbo-frame ports
disable jumbo-frame ports [all | <port_list>]
Description
Disables jumbo frame support on a port.
Syntax Description
all
Specifies all ports.
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
NOTE: The Aspen 8810 switch supports only all ports; you cannot enable or
disable jumbo frames by port on the switch.
Default
Disabled.
Usage Guidelines
Aspen 8810 switch only. You must enable or disable jumbo frames for the entire switch; the Aspen 8810
switch does not support enabling or disabling jumbo frames by port.
BlackDiamond 10K switch only. On a modular switch, <port_list> can be a list of slots and ports. For a
detailed explanation of port specification, see “Modular Switch Numerical Ranges” in Chapter 1.
Example
The following command disables jumbo frame support on slot 1, port 2 on a BlackDiamond 10K switch:
disable jumbo-frame ports 1:2
The following command disables jumbo frame support on an Aspen 8810 switch:
disable jumbo-frame ports all
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
248
disable learning port
disable learning port
disable learning port [<port_list> | all]
Description
Disables MAC address learning on one or more ports for security purposes.
Syntax Description
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
all
Specifies all ports and slots.
Default
Enabled.
Usage Guidelines
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
Use this command in a secure environment where access is granted via permanent forwarding
databases (FDBs) per port.
Example
The following command disables MAC address learning on port 4:3 on a modular switch:
disable learning ports 4:3
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
249
Commands for Configuring Slots and Ports on a Switch
disable mirroring
disable mirroring
Description
Disables port mirroring.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
Use the disable mirroring command to stop all configured copied mirroring traffic. Use this
command to unconfigure all the filters on the system.
Example
The following command disables port-mirroring:
disable mirroring
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
250
disable port
disable port
disable port [<port_list> | all]
Description
Disables one or more ports on the switch.
Syntax Description
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
all
Specifies all ports on the switch.
Default
Enabled.
Usage Guidelines
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
Use this command for security, administration, and troubleshooting purposes.
When a port is disabled, the link is brought down.
Example
The following command disables slot 1, ports 3, 5, and 12 through 15 on a modular switch:
disable port 1:3,1:5,1:12-1:15
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
251
Commands for Configuring Slots and Ports on a Switch
disable sharing
disable sharing <master_port>
Description
Disables a load-sharing group of ports.
Syntax Description
master_port
Specifies the master port of a load-sharing group. On a modular switch, is a
combination of the slot and port number, in the format <slot>:<port>.
Default
Disabled.
Usage Guidelines
On a modular switch, <master_port> is specified as <slot>:<port number>. For a detailed
explanation of port specification, see “Modular Switch Numerical Ranges” in Chapter 1.
When sharing is disabled, the master port retains all configuration including VLAN membership. All
other member ports are removed from all VLANs to prevent loops and their configuration is reset to
default values.
Example
The following command disables sharing on master logical port 9 in slot 3, which contains ports 9
through 12 on a modular switch:
disable sharing 3:9
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
252
disable slot
disable slot
disable slot <slot> {offline}
Description
Disables slot and leaves that module in a power down state.
Syntax Description
slot
Specifies the slot to be disabled.
Offline
Specifies that the slot be disabled offline.
NOTE: This parameter available on the Aspen 8810 switch only.
Default
Enabled.
Usage Guidelines
This command allows the user to disable a slot. When the user types this command, the I/O card in
that particular slot number is brought down, and the slot is powered down. The LEDs on the card go
OFF.
A disabled slot can be re-enabled using the enable slot command.
The show slot command, if invoked after the user disables the slot, shows this slot state as “Power
Off/Disabled.”
If there is no I/O card present in a slot when the user disables the slot, the slot still goes to the
“Disable” state. If a card is inserted in a slot that has been disabled, the card does not come up and
stays in the “Power Off/Disabled” state until the slot is enabled by using the enable slot command.
below.
If you do not save the configuration before you do a switch reboot, the slot will be re-enabled upon
reboot. If you save the configuration after disabling a slot, the slot will remain disabled after a reboot.
On Power over Ethernet (PoE) modules, disabling a slot also disables any inline power that in flowing
to that slot.
Aspen 8810 switch only. This command applies only to the data, or I/O ports on slots holding an MSM
(would be slot 5 and/or 6). Additionally, the offline parameter is applicable on the Aspen 8810 switch.
Example
The following command disables slot 5 on the switch:
disable slot 5
ExtremeWare XOS 11.1 Command Reference Guide
253
Commands for Configuring Slots and Ports on a Switch
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
The offline parameter is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
254
disable smartredundancy
disable smartredundancy
disable smartredundancy <port_list>
Description
Disables the Smart Redundancy feature.
Syntax Description
portlist
Specifies one or more ports or slots and ports. On a modular switch, can be a
list of slots and ports. May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
Default
Enabled.
Usage Guidelines
On a modular switch, <portlist> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” or “Line-Editing Keys” in Chapter 1.
The Smart Redundancy feature works in concert with the software-controlled redundant feature. When
Smart Redundancy is disabled, the switch attempts only to reset the primary port to active if the
redundant port fails. That is, if you disable Smart Redundancy, the traffic does not automatically return
to the primary port once it becomes active again; the traffic continues to flow through the redundant
port even after the primary port comes up again.
Example
The following command disables the Smart Redundancy feature on ports 1:1 to 1:4:
disable smartredundancy 1:1-4
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
255
Commands for Configuring Slots and Ports on a Switch
enable edp ports
enable edp ports [<ports> | all]
Description
Enables the Extreme Discovery Protocol (EDP) on one or more ports.
Syntax Description
ports
Specifies one or more slots and ports. May be in the form 3-5, 2:*, 2:5, 2:62:8.
all
Specifies all ports on the switch.
Default
Enabled.
Usage Guidelines
On a modular switch, <ports> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
EDP is useful when Extreme Networks switches are attached to a port.
The EDP is used to locate neighbor Extreme Networks switches and exchange information about switch
configuration. When running on a normal switch port, EDP is used to by the switches to exchange
topology information with each other. Information communicated using EDP includes the following:
●
Switch MAC address (switch ID)
●
Switch software version information
●
Switch IP address
●
Switch VLAN information
●
Switch port number
●
Switch port configuration data: duplex, and speed
Example
The following command enables EDP on slot 1, port 3 on a modular switch:
enable edp ports 1:3
History
This command was first available in ExtremeWare XOS 10.1.
The port configuration data was added in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
256
enable edp ports
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
257
Commands for Configuring Slots and Ports on a Switch
enable jumbo-frame ports
enable jumbo-frame ports [all | <port_list>]
Description
Enables support on the physical ports that will carry jumbo frames.
Syntax Description
all
Specifies ports.
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
NOTE: The Aspen 8810 switch supports only all ports; you cannot enable or
disable jumbo frames by port on the switch. The system returns an error
message if you attempt to enter specified ports.
Default
Disabled.
Usage Guidelines
Increases performance to back-end servers or allows for VMAN 802.1Q encapsulations.
You can configure the maximum size of a jumbo frame if you want to use a different size than the
default value of 9216. Use the configure jumbo-frame-size command to configure the size.
This setting is preserved across reboots.
Aspen 8810 switch only. You must enable or disable jumbo frames for the entire switch; the Aspen 8810
switch does not support enabling or disabling jumbo frames by port. This also enables jumbo frames on
any new modules that you bring online after issuing this command.
BlackDiamond 10K switch only. On a modular switch, <port_list> can be a list of slots and ports. For a
detailed explanation of port specification, see “Modular Switch Numerical Ranges” in Chapter 1.
Example
The following command enables jumbo frame support on slot 3, port 5 on a BlackDiamond 10K switch:
enable jumbo-frame ports 3:5
The following command enables jumbo frame support on an Aspen 8810 switch:
enable jumbo-frame ports all
ExtremeWare XOS 11.1 Command Reference Guide
258
enable jumbo-frame ports
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
259
Commands for Configuring Slots and Ports on a Switch
enable learning port
enable learning port [all | <port_list>]
Description
Enables MAC address learning on one or more ports.
Syntax Description
all
Specifies all ports.
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
Default
Enabled.
Usage Guidelines
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
Example
The following command enables MAC address learning on slot 1, ports 7 and 8 on a modular switch:
enable learning ports 1:7-8
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
260
enable mirroring to port
enable mirroring to port
enable mirroring to port [<port>] [tagged | untagged]
Description
Dedicates a port on the switch to be the mirror output port, or the monitor port.
Syntax Description
port
Specifies the mirror output port.
tagged
Specifies the mirror output, or monitor, port is tagged.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
untagged
Specifies the mirror output, or monitor, port is untagged.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
Default
Disabled.
Usage Guidelines
Port mirroring configures the switch to copy all traffic associated with one or more ports to a monitor
port on the switch. The monitor port can be connected to a network analyzer or RMON probe for
packet analysis. The switch uses a traffic filter that copies a group of traffic to the monitor port.
Up to 16 mirroring filters and one monitor port can be configured on the switch. After a port has been
specified as a monitor port, it cannot be used for any other function. Frames that contain errors are not
mirrored.
Aspen 8810 switch only. The traffic filter is defined based on physical ports. All data that traverses the
port, regardless of VLAN configuration, is copied to the monitor port. You do not specify tagging or
untagging on the monitor port.
BlackDiamond 10K switch only. The traffic filter can be defined based on one of the following criteria:
●
Physical port—All data that traverses the port, regardless of VLAN configuration, is copied to the
monitor port.
●
VLAN—All data to and from a particular VLAN, regardless of the physical port configuration, is
copied to the monitor port.
●
Virtual port—All data specific to a VLAN on a specific port is copied to the monitor port.
NOTE
Beginning with ExtremeWare XOS 11.0, the monitor port must be explicitly configured for tagged or untagged.
Mirroring configurations prior to 11.0 are restored as tagged monitor ports only.
ExtremeWare XOS 11.1 Command Reference Guide
261
Commands for Configuring Slots and Ports on a Switch
The traffic egressing the monitor port can either be tagged or untagged. If the mirroring is enabled as
tagged on the monitor port of the BlackDiamond 10K switch, all traffic egressing the monitor port is
tagged. In this case, even if some untagged ports send mirrored traffic to the monitor port, that traffic
also egresses the monitor port tagged. And, if mirroring is enabled as untagged on the monitor port, all
traffic egressing the monitor port is untagged, including mirrored tagged packets.
When you upgrade to 11.0, all restored mirroring configurations are tagged monitor ports only.
Example
The following example selects slot 3, port 4 as the mirror, or monitor, port on the Aspen 8810 switch:
enable mirroring to port 3:4
The following example selects slot 1, port 3 as the tagged mirror, or monitor, port on the BlackDiamond
10K switch:
enable mirroring to port 1:3 tagged
History
This command was first available in ExtremeWare XOS 10.1.
Beginning with ExtremeWare XOS 11.0, you must configure the monitor port as tagged or untagged on
the BlackDiamond 10K switch.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
262
enable port
enable port
enable port [<port_list> | all]
Description
Enables a port.
Syntax Description
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
all
Specifies all ports on the switch.
Default
All ports are enabled.
Usage Guidelines
Use this command to enable the port(s) if you disabled the port(s) for security, administration, or
troubleshooting purposes.
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
Example
The following command enables slot 1, ports 3, 5, and 12 through 15 on the modular switch:
enable port 1:3, 1:5, 1:12-1:15
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
263
Commands for Configuring Slots and Ports on a Switch
enable sharing grouping
enable sharing <master_port> grouping <port_list> {algorithm [port-based |
address-based {L2|L3}]}
Description
Enables the switch to configure static port load sharing.
Syntax Description
master_port
Specifies the master port for a load-sharing group.
port_list
Specifies one or more slots and ports to be grouped to the master port. On a
modular switch, can be a list of slots and ports. May be in the form 3-5, 2:5,
2:6-2:8.
port-based
Specifies sharing by port-based algorithm.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
address-based
Specifies sharing by address-based algorithm.
L2 | L3
Specifies address-based load sharing by either Layer 2 or Layer 3; Layer 2 is
the default value.
NOTE: This parameter is available only on the Aspen 8810 switch.
Default
Disabled.
Usage Guidelines
Load sharing allows you to increase bandwidth and availability between switches by using a group of
ports to carry traffic in parallel between switches. The sharing algorithm allows the switch to use
multiple ports as a single logical port or a “master” port. For example, VLANs see the load-sharing
group as a single logical port. Groups can span multiple modules
If a port in a load-sharing group fails, traffic is redistributed to the remaining ports in the load-sharing
group. If the failed port becomes active again, traffic is redistributed to include that port.
Load sharing must be enabled on both ends of the link, or a network loop will result.
NOTE
See ExtremeWare XOS Concepts Guide for information on the interaction of port-based ACLs and load-sharing groups
of ports.
Modular switch load-sharing groups are defined according to the following rules:
●
The first port in the load-sharing group is configured to be the “master” logical port. This is the
reference port used in configuration commands. It can be thought of as the logical port representing
the entire port group.
ExtremeWare XOS 11.1 Command Reference Guide
264
enable sharing grouping
●
Although you can reference only the master port of a load-sharing group to a Spanning Tree Domain
(STPD), all the ports of a load-sharing group actually belong to the specified STPD.
●
When using load sharing, you should always reference the master logical port of the load-sharing
group when configuring or viewing VLANs. VLANs configured to use other ports in the loadsharing group will have those ports deleted from the VLAN when load sharing becomes enabled.
Load-sharing algorithms allow you to select the distribution technique used by the load-sharing group
to determine the output port selection. Algorithm selection is not intended for use in predictive traffic
engineering.
●
Port-based—Uses the ingress port to determine which physical port in the load-sharing group is
used to forward traffic out of the switch.
●
Address-based—Uses addressing information to determine which physical port in the load-sharing
group to use for forwarding traffic out of the switch. Refer to configure sharing address-based
for more information on using addressing information.
Aspen 8810 switch only. The following guidelines apply to load sharing on the Aspen 8810 switch:
●
A load-sharing group can include a maximum of 8 ports.
●
The maximum number of load-sharing groups is 32.
●
Any broadcast, multicast, or unknown unicast packet is queued to the master port in the trunk
group.
NOTE
You cannot configure port-based load sharing algorithm on the Aspen 8810 switch; you configure only address-based
load sharing algorithm.
The available address-based parameters on the Aspen 8810 switch are L2 for Layer 2 and L3 for Layer 3.
If the packet is not IP, the switch applies the Layer 2 algorithm, which is the default setting.
BlackDiamond 10K switch only. The following guidelines apply to load sharing on the BlackDiamond
10K switch:
●
A load-sharing group can include a maximum 16 ports.
●
The maximum number of load-sharing groups is 128.
On the BlackDiamond 10K switch, if you do not explicitly select an algorithm, the port-based scheme is
used. However, the address-based algorithm has a more even distribution and is the recommended
choice.
NOTE
You must use the configure sharing address-based command to configure address-based load sharing on
the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
265
Commands for Configuring Slots and Ports on a Switch
Example
The following example defines a load-sharing group that contains ports 9 through 12 on slot 3, ports 7
through 10 on slot 5, and uses the first port on slot 3 as the master logical port 9 on a modular switch:
enable sharing 3:9 grouping 3:9-3:12, 5:7-5:10
In this example, logical port 3:9 represents physical ports 3:9 through 3:12 and 5:7 through 5:10.
History
This command was first available in ExtremeWare XOS 10.1.
The address-based algorithm was added in ExtremeWare XOS 11.0.
The L2 and L3 optional parameters were added in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
266
enable slot
enable slot
enable slot <slot>
Description
Enables slots.
Syntax Description
slot
Specifies the slot to be enabled.
Default
Enabled.
Usage Guidelines
NOTE
On the Aspen 8810 switch, this command only applies to the data, or I/O, ports on slots holding an MSM (would be
slot 5 and/or 6).
This command allows the user to enable a slot that has been previously disabled using the disable
slot command.
NOTE
If your chassis has an inline power module and there is not enough power to supply a slot, that slot will not be
enabled; the slot will not function in data-only mode without enough power for inline power.
When the user enters the enable command, the disabled I/O card in the specified slot is brought up,
and the slot is made operational, if possible, or goes to the appropriate state as determined by the card
state machine. The LEDs on the card are brought ON as usual.
After the user enables the slot, the show slot command shows the state as “Operational” or will
display the appropriate state if the card could not be brought up successfully. Note that there is no card
state named “Enable” and the card goes to the appropriate states as determined by the card state
machine when the enable slot command is invoked.
Only slots that have their state as “disabled” can be enabled using this command. If this command is
used on slots that are in states other than “disabled,” the card state machine takes no action on these
slots.
To enable inline power to a slot, the slot must be enabled as well as inline power for that slot. Use the
enable inline-power command to enable inline power.
ExtremeWare XOS 11.1 Command Reference Guide
267
Commands for Configuring Slots and Ports on a Switch
Example
The following command enables slot 5 on the switch:
enable slot 5
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
268
enable smartredundancy
enable smartredundancy
enable smartredundancy <port_list>
Description
Enables the Smart Redundancy feature on the primary port.
Syntax Description
portlist
Specifies one or more ports or slots and ports. On a modular switch, can be a
list of slots and ports. May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
Default
Enabled.
Usage Guidelines
On a modular switch, <portlist> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” or “Line-Editing Keys” in Chapter 1.
You must configure the software-controlled redundant port using the configure ports redundant
command prior to enabling Smart Redundancy.
The Smart Redundancy feature works in concert with the software-controlled redundant port feature.
With Smart Redundancy enabled on the switch, when the primary port becomes active the switch
redirects all traffic to the primary port and blocks the redundant port again. (If you disable Smart
Redundancy, the primary port is blocked because traffic is now flowing through the redundant, port.)
Example
The following command enables the Smart Redundancy feature on slot 1, port 4 on a switch:
enable smartredundancy 1:4
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
269
Commands for Configuring Slots and Ports on a Switch
restart ports
restart ports [all | <port_list>
Description
Resets autonegotiation for one or more ports by resetting the physical link.
Syntax Description
all
Specifies all ports on the switch.
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
Example
The following command resets autonegotiation on slot 1, port 4 on a modular switch:
restart ports 1:4
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
270
run msm-failover
run msm-failover
run msm-failover {force}
Description
Causes a user-specified node failover.
Syntax Description
force
Force fail over to occur.
Default
N/A.
Usage Guidelines
Use this command to cause the primary MSM to failover to the backup MSM.
Before you initiate failover, use the show switch {detail} command to confirm that the nodes are in
sync and have identical software and switch configurations. If the output shows MASTER and
BACKUP (InSync), the two MSMs are in sync.
If the MSMs are not in sync, and both MSMs are running ExtremeWare XOS 11.0 or later, use the
synchronize command to get the two MSMs in sync. This command ensures that the backup has the
same software in flash as the master.
NOTE
Both the backup and the master MSMs must be running ExtremeWare XOS 11.0 or later to use the synchronize
command.
If the MSMs are not in sync, and one MSM is running ExtremeWare XOS 10.1 or earlier, specify the
force option of the run msm-failover command. By specifying force, failover occurs regardless of
the version of software running on the MSMs.
Example
The following command causes a user-specified MSM failover:
run msm-failover
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
271
Commands for Configuring Slots and Ports on a Switch
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
272
show edp
show edp
show edp {ports [all | <ports>] {detail}}
Description
Displays connectivity and configuration information for neighboring Extreme Networks switches.
Syntax Description
ports
Specifies one or more ports or slots and ports. On a modular switch, can be a
list of slots and ports. May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
all
Specifies all ports.
detail
Show detailed information.
Default
N/A.
Usage Guidelines
On a modular switch, <ports> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
Use the show edp command to display neighboring switches and configurations. This is most effective
with Extreme Networks switches.
Example
The following command displays the configuration of the switch:
show edp
Following is sample output from this command:
EDP advert-interval
EDP holddown-interval
EDP enabled on ports
:60 seconds
:180 seconds
:1:1 1:2 1:3
1:4
1:5
1:6
3:1
3:2
3:3
3:4
Following is sample output from the show edp ports 1:1 command:
Port
Neighbor
Remote Age
Num
Port
Vlans
=============================================================================
1:1
Oban
00:00:00:30:48:41:ed:97
1:1
54
1
=============================================================================
ExtremeWare XOS 11.1 Command Reference Guide
Neighbor-mac
273
Commands for Configuring Slots and Ports on a Switch
The following command displays the connectivity and configuration of neighboring Extreme Networks
switches:
show edp ports 1:1 detail
Following is sample output from this command:
=============================================================================
Port 1:1: EDP is Enabled
Tx stats: sw-pdu-tx=2555
Rx stats: sw-pdu-rx=2511
vlan-pdu-tx=1465
vlan-pdu-rx=2511
pdu-tx-err=0
pdu-rx-err=0
Time of last transmit error: None
Time of last receive error: None
Remote-System:
Oban
Age = 41
Remote-ID:
00:00:00:30:48:41:ed:97
Software version:
11.1.0.19
Remote-Port:
1:1
Port Type:
Ethernet
Auto Negotiation:
OFF
Flow Control:
SYMMETRIC/ASYMMETRIC
Duplex Speed:
Configured = HALF
Actual = HALF
Port Speed (MB):
Configured = ERROR
Actual = 100 Mbps
Remote-Vlans:
test (4094) Age = 41
=============================================================================
NOTE
The output differs if the port is connected to a port running ExtremeWare software; the output shown above is
displayed when both connected ports are running ExtremeWare XOS software.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
274
show mirroring
show mirroring
show mirroring
Description
Displays the port-mirroring configuration on the switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
You must enable mirroring on the switch prior to configuring mirroring, and you must configure
mirroring to display mirroring statistics. Use the enable mirroring to port command to enable
mirroring and the configure mirroring add to configure mirroring.
You can use this command to display mirroring statistics and determine if mirroring is enabled or
disabled on the switch.
Example
The following command displays switch mirroring statistics:
show mirroring
Aspen 8810 switch only. Following is sample output from this command on the Aspen 8810 switch:
Mirror port: 3:15 is up
Number of Mirroring filters: 3
Mirror Port configuration:
Port number 3:12 in all vlans ingress only
Port number 5:4 in all vlans egress only
Port number 8:30 in all vlans
BlackDiamond 10K switch only. Following is sample output from this command on the BlackDiamond
10K switch:
Mirror port: 1:5 is up tagged
Number of Mirroring filters: 1
Mirror Port configuration:
Port number 2:1 in all vlans
ExtremeWare XOS 11.1 Command Reference Guide
275
Commands for Configuring Slots and Ports on a Switch
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
276
show ports collisions
show ports collisions
show ports {<port_list>} collisions
Description
Displays real-time collision statistics.
Syntax Description
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
If you do not specify a port number or range of ports, collision statistics are displayed for all ports.
This status information may be useful for your technical support representative if you have a network
problem.
Example
The following command displays real-time collision statistics on slot 1, ports 1-2 on a modular switch:
show ports 1:1-2 collisions
Following is sample output from this command:
Port Collision Monitor
Port
Link
Collision Histogram
Status 1
2
3
4
5
6
7
8
9 10 11 12 13 14 15 16
================================================================================
1:1
A
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1:2
R
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
================================================================================
Link Status: A-Active R-Ready
The numbers 1 to 16 represent the number of collisions encountered prior to successfully transmitting
the packet; this is applicable only for half-duplex links.
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
277
Commands for Configuring Slots and Ports on a Switch
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
278
show ports configuration
show ports configuration
show ports {<port_list>} configuration
Description
Displays port configuration statistics.
Syntax Description
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
If you do not specify a port number or range of ports, configuration statistics are displayed for all ports.
This status information may be useful for your technical support representative if you have a network
problem.
This command displays port configuration, which includes:
●
Virtual router
●
Port state
●
Autonegotiation information
●
Link state
●
Link speed
●
Duplex mode
●
Flow control
●
Load sharing information
●
Link media information
NOTE
On 10 Gbps ports, the Media Primary column displays NONE when no module is installed, and SR, LR, or ER
depending on the module installed when there is one present.
Example
The following command displays the port configuration for all ports:
show ports configuration
Port Configuration
Port
Virtual
Port
Link
Auto
ExtremeWare XOS 11.1 Command Reference Guide
Speed
Duplex
Flow
Load
Media
279
Commands for Configuring Slots and Ports on a Switch
router
State State Neg Cfg Actual Cfg Actual Cntrl Master Primary
================================================================================
1:1
VR-Default
E
A
ON AUTO
100 AUTO FULL SY/ASYM
UTP
1:2
VR-Default
E
R
ON AUTO
AUTO
UTP
2:1
VR-Default
E
R
ON AUTO
AUTO
UTP
2:2
VR-Default
E
R
ON AUTO
AUTO
UTP
3:1
VR-Default
E
R
ON AUTO
AUTO
UTP
3:2
VR-Default
E
R
ON AUTO
AUTO
UTP
4:1
VR-Default
E
R
ON AUTO
AUTO
UTP
4:2
VR-Default
E
R
ON AUTO
AUTO
UTP
5:1
VR-Default
E
R
ON AUTO
AUTO
UTP
5:2
VR-Default
E
R
ON AUTO
AUTO
UTP
5:3
VR-Default
E
R
ON AUTO
AUTO
UTP
5:4
VR-Default
E
R
ON AUTO
AUTO
UTP
5:5
VR-Default
E
R
ON AUTO
AUTO
UTP
5:6
VR-Default
E
R
ON AUTO
AUTO
UTP
5:7
VR-Default
E
R
ON AUTO
AUTO
UTP
5:8
VR-Default
E
R
ON AUTO
AUTO
UTP
5:9
VR-Default
E
R
ON AUTO
AUTO
UTP
5:10
VR-Default
E
R
ON AUTO
AUTO
UTP
.
.
.
.
5:106
VR-Default
E
R
ON AUTO
AUTO
UTP
5:107
VR-Default
E
R
ON AUTO
AUTO
UTP
5:108
VR-Default
E
R
ON AUTO
AUTO
UTP
================================================================================
Link Status: A-Active R-Ready
Port State: D-Disabled E-Enabled
The following command displays the port configuration statistics for slot 2, port 2:
show ports 2:2 configuration
Following is sample output from this command:
Port Configuration
Port
Virtual
Port Link Auto
Speed
Duplex
Flow Load
Media
router
State State Neg Cfg Actual Cfg Actual Cntrl Master Primary
================================================================================
2:2
VR-Default
E
R
ON AUTO
AUTO
UTP
================================================================================
Link Status: A-Active R-Ready
Port State: D-Disabled E-Enabled
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
280
show ports information
show ports information
show ports {<port_list>} information {detail}
Description
Displays detailed system-related information.
Syntax Description
port_list
Specifies one or more slots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
detail
Specifies detailed port information.
Default
N/A.
Usage Guidelines
This command displays information, including the following:
●
Port number
●
Diagnostics
●
Port configuration
■
Virtual router
■
Admin state
■
Link state and speed
■
Link counter
■
VLAN configuration
■
STP configuration
■
Trunking
■
EDP
■
Load balancing
■
Learning
■
Flooding
■
QoS profiles
■
VMAN status
■
Smart Redundancy status
■
SRP status
■
Additional platform-specific information
If you do not specify a port number or range of ports, detailed system-related information is displayed
for all ports. The data is displayed in a table format.
ExtremeWare XOS 11.1 Command Reference Guide
281
Commands for Configuring Slots and Ports on a Switch
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
This status information may be useful for your technical support representative if you have a network
problem.
The detail parameter is used to provided more specific port information. The data is called out with
written explanations versus displayed in a table format.
The detailed output displays a link filter counter. The link filter counter is calculated at the middle layer
on receiving an event. The link filter up indicates the number of link transitions from down to up at the
middle layer filter.
Example
The following command displays port system-related information:
show port 3:1 information
Following is sample output from this command:
QB_Mariner.4 > show port 3:1 info
Port
Diag
Flags
Link
Link Num Num Num
Jumbo QOS
Load
State UPS STP VLAN Proto Size profile Master
================================================================================
3:1
P
Em------e-- ready
0
0
1
1
9216
================================================================================
Flags : a - Load Sharing Algorithm address-based, D - Port Disabled,
e - Extreme Discovery Protocol Enabled, E - Port Enabled,
f - Flooding Enabled, g - Egress TOS Enabled, j - Jumbo Frame Enabled,
l - Load Sharing Enabled, m - MACLearning Enabled,
n - Ingress TOS Enabled, o - Dot1p Replacement Enabled,
P - Software redundant port(Primary),
q - Background QOS Monitoring Enabled, R - Software redundant port(Redunda
nt),
s - diffserv Replacement Enabled,
v - Vman Enabled
NOTE
The BlackDiamond 10K switch has an additional flag: p - Load Sharing Algorithm, port-based.
Aspen 8810 Switch Only. The following command displays more specific information for slot 3, port 1
on an Aspen 8810 switch:
show ports 3:1 information detail
Following is sample output from this command:
Port:
3:1
Virtual-router: VR-Default
Type:
UTP
Random Early drop:
Disabled
Admin state:
Enabled with auto-speed sensing
Link State:
Active, 1 Gbps, full-duplex
ExtremeWare XOS 11.1 Command Reference Guide
auto-duplex
282
show ports information
Link Counter: Up
1 time(s)
VLAN cfg:
Name: Default, Internal Tag = 1, MAC-limit = No-limit
STP cfg:
s0(disable), Tag=(none), Mode=802.1D, State=FORWARDING
Protocol:
Name: Default
Protocol: ANY
Match all protocols.
Trunking:
Load sharing is not enabled.
EDP:
Enabled
DLCS:
Unsupported
lbDetect:
Unsupported
Learning:
Enabled
Flooding:
Enabled
Jumbo:
Disabled
BG QoS monitor: Unsupported
Egress Port Rate:
128 Kbps, Max Burst Size: 200 Kb
Broadcast Rate:
No-limit
Multicast Rate:
No-limit
Unknown Dest Mac Rate: No-limit
QoS Profile:
QP3 configured by user
Ingress Rate Shaping :
Unsupported
Ingress IPTOS Examination:
Disabled
Egress IPTOS Replacement:
Disabled
Egress 802.1p Replacement:
Disabled
NetLogIn:
Disabled
Smart redundancy:
Enabled
Software redundant port:
Disabled
BlackDiamond 10K Switch Only. The following command displays more specific information for slot 1,
port 1 on a BlackDiamond 10K switch:
show ports 1:1 information detail
Following is sample output from this command:
Port:
1:1
Virtual-router: VR-Default
Type:
UTP
Random Early drop:
Disabled
Admin state:
Enabled with auto-speed sensing auto-duplex
Link State:
Active, 100Mbps, full-duplex
Link Counter: Up
1 time(s)
VLAN cfg:
Name: peggy, Internal Tag = 4094, MAC-limit = No-limit
STP cfg:
Protocol:
Trunking:
EDP:
DLCS:
lbDetect:
Learning:
Name: peggy
Protocol: ANY
Load sharing is not enabled.
Enabled
Unsupported
Unsupported
Enabled
ExtremeWare XOS 11.1 Command Reference Guide
Match all protocols.
283
Commands for Configuring Slots and Ports on a Switch
Flooding:
Enabled
Jumbo:
Disabled
BG QoS monitor: Unsupported
QoS Profile:
None configured
Queue:
QP1 MinBw =
0% MaxBw =
QP2 MinBw =
0% MaxBw =
QP3 MinBw =
0% MaxBw =
QP4 MinBw =
0% MaxBw =
QP5 MinBw =
0% MaxBw =
QP6 MinBw =
0% MaxBw =
QP7 MinBw =
0% MaxBw =
QP8 MinBw =
0% MaxBw =
Ingress Rate Shaping :
Unsupported
Ingress IPTOS Examination:
Disabled
Egress IPTOS Replacement:
Disabled
Egress 802.1p Replacement:
Disabled
NetLogIn:
Disabled
Smart redundancy:
Enabled
Software redundant port:
Enabled
Primary:
1:1
Redundant:
1:2
Redundant link configuration: Off
100%
100%
100%
100%
100%
100%
100%
100%
Pri
Pri
Pri
Pri
Pri
Pri
Pri
Pri
=
=
=
=
=
=
=
=
1
2
3
4
5
6
7
8
NOTE
On the BlackDiamond 10K switch, the screen displays both ingress and egress QoS settings. The 10Gbps ports have
8 ingress queues, and the 1 Gbps ports have 2 ingress queues.(Refer to the ExtremeWare XOS Concepts Guide for
more information on ingress queues, or bi-directional rate shaping.)
History
This command was first available in ExtremeWare XOS 10.1.
Information on ingress rate shaping was added for XOS 11.0.
NetLogIn, Smart Redundancy, and rate limiting were added for XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
284
show ports packet
show ports packet
show ports {mgmt | <port_list>} packet
Description
Displays a histogram of packet statistics.
Syntax Description
mgmt
Specifies the management port.
port_list
Specifies one or more ports or slots and ports. May be in the form 1, 2, 3-5,
2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
If you do not specify a port number or range of ports, the system displays information for all ports.
This status information may be useful for your technical support representative if you have a network
problem.
The following packet statistics are displayed:
●
Port number
●
Link state
●
Packet size
Example
The following command displays packet statistics for slot 1, port 1, slot 2, port 1, and slot 5, ports 1
through 8 on a modular switch:
show ports 1:1, 2:1, 5:1-5:8 packet
Following is sample output from this command:
Port
Link
Packet Sizes
State
0-64
65-127
128-255
256-511
512-1023
1024-1518
Jumbo
================================================================================
1:1 A
0
0
0
0
0
0
0
2:1 R
0
0
0
0
0
0
0
5:1 R
0
0
0
0
0
0
0
5:2 R
0
0
0
0
0
0
0
5:3 R
0
0
0
0
0
0
0
5:4 R
0
0
0
0
0
0
0
5:5 R
0
0
0
0
0
0
0
5:6 R
0
0
0
0
0
0
0
ExtremeWare XOS 11.1 Command Reference Guide
285
Commands for Configuring Slots and Ports on a Switch
5:7 R
0
0
0
0
0
0
0
5:8 R
0
0
0
0
0
0
0
================================================================================
Link Status: A-Active R-Ready
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
286
show ports redundant
show ports redundant
show ports redundant
Description
Displays detailed information about redundant ports.
Default
N/A.
Usage Guidelines
None.
Example
The following command displays information on software-controlled redundant ports on the switch:
show ports redundant
Following is sample output from this command:
Primary: *1:1
Redundant: 3:1, Link on/off option: OFF
Flags: (*)Active, (!) Disabled, (g) Load Share Group
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
287
Commands for Configuring Slots and Ports on a Switch
show ports sharing
show ports sharing
Description
Displays port load-sharing groups.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following command displays a port load-sharing group:
show ports sharing
The following is sample output from this command on the BlackDiamond 10K switch:
Load Sharing Monitor
Config Current Ld Share Ld Share
Link
Link Up
Master Master Algorithm Group
Status
transitions
=================================================================
5:4
5:4
p
5:4
A
1
p
5:5
A
1
p
7:4
R
2
p
7:5
R
1
Link Status: (A) Active, (D) Disabled,(R) Ready
Ld Share Type: (a) address based, (p) port based
Number of load sharing trunks: 1
The following is sample output from this command on the Aspen 8810 switch:
Load Sharing Monitor
Config
Current
Ld Share
Ld Share
Link
Link Up
Master
Master
Algorithm
Group
Status transitions
===========================================================================
10:1
10:1
L2
10:1
A
2
L2
10:2
A
3
L2
10:3
R
1
L2
10:4
A
2
===========================================================================
ExtremeWare XOS 11.1 Command Reference Guide
288
show ports sharing
Link Status: (A) Active, (D) Disabled, (R) Ready
Load Sharing Algorithm: (L2) Layer 2 address based, (L3) Layer 3 address based
Default algorithm: L2
Number of load sharing trunks: 1
Platform Availability
This command is available on all platforms.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
289
Commands for Configuring Slots and Ports on a Switch
show slot
show slot {<slot> {detail} | detail }
Description
Displays the slot-specific information.
Syntax Description
slot
Specifies a slot on a modular switch.
detail
Specifies detailed port information.
Default
N/A.
Usage Guidelines
The show slot command displays the following information:
●
The slot number
●
The type of module installed in the slot
●
The type that the module is configured as
●
The state of the module, whether the power is down, if the module is operational, if a diagnostic
being run, if there is a mismatch between the slot configuration and the module in the slot
●
The number of ports on the module
If you do not specify a slot number, information for all slots is displayed.
The display also includes a notice of insufficient power, should that arise.
The show slot command displays the following states, among others:
●
Empty
●
Down
●
Power ON
●
Powered OFF
●
Booting
●
Initializing
●
VLAN sync
●
FDB sync
●
ACL sync
●
RT sync
●
Operational
ExtremeWare XOS 11.1 Command Reference Guide
290
show slot
Example
You see slightly different displays, depending on the platform.
Aspen 8810 switch only. The following example displays module information for all slots:
Slots
Type
Configured
State
Ports Flags
------------------------------------------------------------------------------Slot-1
Empty
0
Slot-2
G24X
G24X
Operational
24
M S
Slot-3
Empty
0
Slot-4
Empty
0
Slot-5
G8X
G8X
Operational
8
M S
Slot-6
Empty
0
Slot-7
G48P
Empty
48
Slot-8
G48P
Operational
48
M S
Slot-9
10G4X
10G4X
Powered OFF
4
SI
Slot-10
Empty
0
MSM-A
MSM-G8X
Operational
0
S
MSM-B
Empty
0
Flags : M
B
D
I
-
Backplane link to Master MSM is Active
Backplane link to Backup MSM is also Active
Slot Disabled, S - Slot Secured
Insufficient Power (refer to "show power budget")
The following example displays module information for a specified slot on the Aspen 8810 switch:
Aspen.3 # show slot 2
Slot-2 information:
State:
Operational
Download %:
Flags:
Serial number:
Hw Module Type:
SW Version:
SW Build:
Configured Type:
Ports available:
Flags : M
B
D
I
-
100
M S
800115-00-02 04314-00006
G24X
11.1.0.0
v11100 by Wed Oct 20 16:01:52 PDT 2004
G24X
24
Backplane link to Master MSM is Active
Backplane link to Backup MSM is also Active
Slot Disabled, S - Slot Secured
Insufficient Power (refer to "show power budget")
BlackDiamond 10K switch only. The following example displays module information for all slots:
BD-10808.2 # show slot
Slots
Type
Configured
State
Ports Flags
------------------------------------------------------------------------------Slot-1
Empty
0
Slot-2
Empty
0
Slot-3
Empty
0
Slot-4
Empty
0
Slot-5
Empty
0
Slot-6
Empty
0
Slot-7
G60T
Operational
60
M
ExtremeWare XOS 11.1 Command Reference Guide
291
Commands for Configuring Slots and Ports on a Switch
Slot-8
MSM-A
MSM-B
Flags : M
B
D
I
Empty
Operational
Present
MSM-1XL
MSM-1XL
-
0
0
0
Backplane link to Master MSM is Active
Backplane link to Backup MSM is also Active
Slot Disabled, S - Slot Secured
Insufficient Power (refer to "show power budget")
The following example displays module information for a specified slot on the BlackDiamond 10K
switch:
BD-10808.3 # show slot 7
Slot-7 information:
State:
Download %:
Flags:
Serial number:
Hw Module Type:
SW Version:
SW Build:
004
Configured Type:
Ports available:
Flags : M
B
D
I
-
Operational
100
M
804403-00-02 0330Z-00086
G60T
11.1.1.1
v1111b1 by release-manager on Fri Nov 5 06:42:22 PST 2
G60T
60
Backplane link to Master MSM is Active
Backplane link to Backup MSM is also Active
Slot Disabled, S - Slot Secured
Insufficient Power (refer to "show power budget")
You see the same output if you add the optional parameter detail to the command for displaying a
specified slot number.
The following example displays detailed module information for all slots:
BD-10808.4 # show slot detail
Slot-1 information:
State:
Flags:
Serial number:
Hw Module Type:
Configured Type:
Ports available:
Slot-2 information:
State:
Flags:
Serial number:
Hw Module Type:
Configured Type:
Ports available:
Slot-3 information:
State:
Flags:
Serial number:
Hw Module Type:
Empty
0
Empty
0
Empty
ExtremeWare XOS 11.1 Command Reference Guide
292
show slot
Configured Type:
Ports available:
Slot-4 information:
State:
Flags:
Serial number:
Hw Module Type:
Configured Type:
Ports available:
Slot-5 information:
State:
Flags:
Serial number:
Hw Module Type:
Configured Type:
Ports available:
Slot-6 information:
State:
Flags:
Serial number:
Hw Module Type:
Configured Type:
Ports available:
Slot-7 information:
State:
Download %:
Flags:
Serial number:
Hw Module Type:
SW Version:
SW Build:
004
Configured Type:
Ports available:
Slot-8 information:
State:
Flags:
Serial number:
Hw Module Type:
Configured Type:
Ports available:
MSM-A information:
State:
Download %:
Flags:
Serial number:
Hw Module Type:
Configured Type:
Ports available:
0
Empty
0
Empty
0
Empty
0
Operational
100
M
804403-00-02 0330Z-00086
G60T
11.1.1.1
v1111b1 by release-manager on Fri Nov 5 06:42:22 PST 2
G60T
60
Empty
0
Operational
100
804301-00-02 ENGSN00017
MSM-1XL
0
ExtremeWare XOS 11.1 Command Reference Guide
293
Commands for Configuring Slots and Ports on a Switch
MSM-B information:
State:
Download %:
Flags:
Serial number:
Hw Module Type:
Configured Type:
Ports available:
Flags : M
B
D
I
-
Present
0
804301-00-02 ENGSN00029
MSM-1XL
0
Backplane link to Master MSM is Active
Backplane link to Backup MSM is also Active
Slot Disabled, S - Slot Secured
Insufficient Power (refer to "show power budget")
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
294
unconfigure ports display string
unconfigure ports display string
unconfigure ports <port_list> display-string
Description
Clears the user-defined display string from one or more ports.
Syntax Description
port_list
Specifies one or more lots and ports. On a modular switch, can be a list of
slots and ports. May be in the form 3-5, 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
This command removes the display string that you configured using the configure ports displaystring command.
On a modular switch, <port_list> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” in Chapter 1.
Example
The following command clears the user-defined display string from slot 2, port 4 on a modular switch:
unconfigure ports 2:4 display-string
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
295
Commands for Configuring Slots and Ports on a Switch
unconfigure ports redundant
unconfigure ports <port_list> redundant
Description
Clears a previously configured software-controlled redundant port.
Syntax Description
port_list
This refers to the primary port of the redundant pair and specifies one or more
ports or slots and ports. On a modular switch, can be a list of slots and ports.
May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
On a modular switch, <portlist> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” or “Line-Editing Keys” in Chapter 1.
The list of port numbers or the port display string specifies the primary port(s).
Example
The following command unconfigures a software-controlled redundant port on a modular switch:
unconfigure ports 2:3 redundant
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
296
unconfigure slot
unconfigure slot
unconfigure slot <slot>
Description
Clears a slot of a previously assigned module type.
Syntax Description
slot
Specifies a slot on a modular switch.
Default
N/A.
Usage Guidelines
If you issue the unconfigure slot command on a slot containing a module with any ports configured
for software-controlled redundancy, this command wipes away all software-controlled redundancy on
both ports; both ports return to normal. Refer to ExtremeWare XOS Concepts Guide for more information
on software-controlled redundant ports.
Example
The following command clears slot 4 of a previously assigned module type:
unconfigure slot 4
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
297
Commands for Configuring Slots and Ports on a Switch
ExtremeWare XOS 11.1 Command Reference Guide
298
6
Power Over Ethernet Commands
Power over Ethernet (PoE) is an effective method of supplying 48 VDC power to certain types of
powered devices (PDs) through Category 5 or Category 3 twisted pair Ethernet cables. PDs include
wireless access points, IP telephones, laptop computers, web cameras, and other devices. With PoE, a
single Ethernet cable supplies power and the data connection, reducing costs associated with separate
power cabling and supply. PoE for ExtremeWare XOS includes a method of detection to assure that
power is delivered to devices that meet the IEEE 802.3af specification for PoE, as well as to many legacy
devices.
Summary of PoE Software Features
The Aspen G48P PoE Module supports the following PoE software features:
●
Configuration and control of the power distribution for PoE at the system, slot, and port levels
●
Real-time discovery and classification of 802.3af-compliant PDs and many legacy (non-standard)
devices
●
Monitor and control of PoE fault conditions
●
Support for configuring and monitoring PoE status at the system, slot, and port levels
●
LED control for indicating the port’s PoE inline power state
●
Management of an over-subscribed power budget
For more conceptual information about configuring and managing PoE, see the ExtremeWare XOS
Concepts Guide.
ExtremeWare XOS 11.1 Command Reference Guide
299
Power Over Ethernet Commands
clear inline-power stats ports
clear inline-power stats ports [all | <port_list>]
Description
Clears the inline statistics for the selected port to zero.
Syntax Description
all
Specifies all ports.
port_list
Specifies one or more ports or slots and ports. On a modular switch, can be a
list of slots and ports. May be in the form 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
Use this command to clear all the information displayed by the show inline-power stats ports
<port_list> command.
Example
The following command clears the inline statistics for ports 1-8 on slot 3:
clear inline-power stats ports 3:1-3:8
The following command displays cleared inline power configuration information for ports 1-8 in slot 3:
show inline-power stats ports 3:1-3:8
Following is sample output from this command:
Port
3:1
3:2
3:3
3:4
3:5
3:6
3:7
3:8
State
delivering
delivering
searching
searching
searching
searching
searching
searching
Class
class3
class3
class0
class0
class0
class0
class0
class0
STATISTICS COUNTERS
Absent InvSig
Denied
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
OverCurrent
0
0
0
0
0
0
0
0
Short
0
0
0
0
0
0
0
0
History
This command was first available in ExtremeWare XOS 11.1.
ExtremeWare XOS 11.1 Command Reference Guide
300
clear inline-power stats ports
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
301
Power Over Ethernet Commands
configure inline-power budget slot
configure inline-power budget <num_watts> slot <slot>
Description
Sets the reserved power on the specified slot to the specified watts.
Syntax Description
num_watts
Specifies the number of watts to reserve for specified slot for inline power. Enter
an integer. The minimum value is 37, or 0 if the slot is disabled; the maximum
is 768; and the default value is 50.
slot
Specifies a slot. The slot must be configured to hold a PoE module.
Default
50 W.
Usage Guidelines
This command sets the budgeted power reserved for all PDs connected to the specified slot in Watts.
None of the power budget on a specified slot can be used to power other slots or PDs on other slots.
You can modify the power budget without disabling the slot.
If you specify a slot that is not configured to hold a PoE module, the system returns the following error
message:
Error: Slot 2 is not capable of inline-power.
If the power consumption of the PDs on a specified slot exceeds this configured power budget, the
system disconnects the lowest priority ports. (Refer to configure inline-power priority ports for
information on configuring this parameter.)
If you attempt to configure this power budget for a value that the system cannot safely provide, the
system returns an error message. To display inline power settings, use the command show inlinepower; to display the power for the entire switch, use the command show power budget.
NOTE
You must disable inline power for a slot using the disable inline-power command prior to setting the budget
to 0.
To reduce the chances of ports fluctuating between powered and non-powered states, newly inserted
PDs are not powered when the actual delivered power for the module is within approximately 19 W of
the configured inline power budget for that slot. However, actual aggregate power can be delivered up
to the configured inline power budget for the slot (for example, when delivered power from ports
increases or when the configured inline power budget for the slot is reduced).
ExtremeWare XOS 11.1 Command Reference Guide
302
configure inline-power budget slot
Example
The following command sets the power for slot 4 to 150 W:
configure inline-power budget 150 slot 4
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
303
Power Over Ethernet Commands
configure inline-power disconnect-precedence
configure inline-power disconnect-precedence [deny-port | lowest-priority]
Description
Configures the disconnect precedence priority for the switch when a new PD is detected and the
measured inline power for that slot is within 19 W or the slot’s PoE power budget.
Syntax Description
deny-port
Specifies power be denied to PD requesting power, regardless of priority.
lowest-priority
Specifies power be withdrawn from lowest-priority port(s) when next PD
requesting power connects.
Default
Deny-port.
Usage Guidelines
You configure this parameter for the entire switch; you cannot configure this per slot or per port.
If the power supplied to the PDs on a slot exceeds the power that was budgeted for that slot, the system
disconnects power to one or more ports to prevent power overload. Refer to configure inline-power
budget slot for information on configuring and modifying the power budgeted for each slot.
You configure the switch to either deny power to the next PD that requests power on that slot,
regardless of the priority, or to disconnect those PDs on ports with lower priorities until there is enough
power for the new PD. If you select this argument and you did not configure port priorities or if several
ports have the same priority, the switch withdraws power (or disconnects) those ports with the highest
port number (s). Refer to configure inline-power priority ports for information on configuring
the PoE priority for the ports.
The default value is deny-port. So, if you do not change the default value and the slot’s power is
exceeded, the next PD requesting power will not be connected.
Wen the setting is lowest priority, the switch continues dropping ports with the lowest configured PoE
port priorities, or the highest port number in the case of equal PoE port priorities, until there is enough
power for the requesting PD.
Example
The following command sets the switch to withdraw power from the lowest-priority port(s) on the
switch:
configure inline-power disconnect-precedence lowest-priority
ExtremeWare XOS 11.1 Command Reference Guide
304
configure inline-power disconnect-precedence
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
305
Power Over Ethernet Commands
configure inline-power label ports
configure inline-power label <string> ports <port_list>
Description
Lets you create your own label for a specified PoE port or group of PoE ports.
Syntax Description
string
Specifies a name up to 15 characters in length to identify the specified power
port(s).
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
No label.
Usage Guidelines
Use the show inline-power configuration ports command, as shown in the following example, to
display inline power configuration information, including the label (if any) for each port:
show inline-power configuration port 3:1-10
Following is sample output from this command:
Port
3:1
3:2
3:3
3:4
3:5
3:6
3:7
3:8
3:9
3:10
Config
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Operator
16000
15000
15000
15000
15000
15000
15000
15000
15000
15000
Limit
mW
mW
mW
mW
mW
mW
mW
mW
mW
mW
Priority
Low
Low
Low
Low
Low
Low
Low
Low
Low
Low
Label
finance
finance
marketing
marketing
marketing
Example
The following command assigns the name “alpha-test_1” to port 1 on slot 4:
config inline-power label alpha-test_1 ports 4:1
History
This command was first available in ExtremeWare XOS 11.1.
ExtremeWare XOS 11.1 Command Reference Guide
306
configure inline-power label ports
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
307
Power Over Ethernet Commands
configure inline-power operator-limit ports
configure inline-power operator-limit <milliwatts> ports [all |<port_list>]
Description
Sets the power limit allowed for PDs connected to the specified ports.
Syntax Description
milliwatts
An integer specifying the maximum allowed power in milliwatts; the range is
3000 to 16800 mW.
NOTE: If you attempt to enter a higher value, the switch returns an error
message.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
15400 mW.
Usage Guidelines
This command sets the power limit that a PD can draw on the specified ports. Range is 3000 to
16800 mW; the default value is 15400 mW.
If the measured power for a specified port exceeds the port’s operator limit, the power is withdrawn
from that port and the port moves into a fault state.
If you try to set an operator-limit outside the accepted range, the system returns the following error
message:
Error: Invalid operator-limit value. Must be in the range of 3000-16800 mW
Example
The following command sets the limit for legacy PDs on ports 3 – 6 of slot 5 to 10000 mW:
configure inline-power operator-limit 10000 ports 5:3-5:6
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
308
configure inline-power priority ports
configure inline-power priority ports
configure inline-power priority [critical | high | low] ports <port_list>
Description
Sets the PoE priority on the specified ports.
Syntax Description
critical | high | low
Sets the PoE priority for the specified ports.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
Low.
Usage Guidelines
The system allocates power to those ports with the highest priorities first. This command can also be
used in conjunction with the configure inline-power disconnect-precedence command. If you
configure the disconnect precedence as lowest priority, then newly detected PDs will be powered if that
port has higher priority than the existing powered ports.
If there are multiple ports at the same priority level (either configured, or by default) and one of the
ports must have power withdrawn because of excessive power demands, those ports with the lower
port number are powered first. The higher port numbers have power withdrawn first in the case of
equal PoE port priorities.
Example
The following command assigns a critical PoE priority on ports 4 – 6 on slot 3:
configure inline-power priority critical ports 3:4-3:6
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
309
Power Over Ethernet Commands
configure inline-power usage-threshold
configure inline-power usage-threshold <threshold>
Description
Sets the inline power usage SNMP event threshold.
Syntax Description
threshold
Specifies the percentage of budgeted power used on any PoE module that causes
the system to send an SNMP event and create a log message. The range 1 to 99;
the default value is 70.
Default
70.
Usage Guidelines
This command sets the threshold for generating an SNMP event and an Event Management System
(EMS) message when the measured power for a PoE module compared to the budgeted power for that
slot exceeds a certain value. The configured threshold value initiates the event and message once that
percentage of the budgeted power is being used.
The PoE threshold applies only to the percentage per slot of measured to budgeted power use; it does
not apply systemwide.
The system generates an additional SNMP event and EMS message once the power usage falls below the
threshold again; once the condition clears.
Example
The following command sets the inline power usage alarm threshold at 75%:
configure inline-power usage-threshold 75
History
This command was first available in ExtremeWare XOS 11.1
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
310
disable inline-power
disable inline-power
disable inline-power
Description
Shuts down PoE power currently provided on all ports on all slots.
Syntax Description
This command has no arguments or variables
Default
Enable.
Usage Guidelines
You can control whether inline power is provided to the system by using the disable inline-power
command and the enable inline-power command. Using the disable inline-power command
shuts down inline power currently provided on the entire switch or to specified ports and slots.
Disabling inline power to a switch, port, or slot immediately removes power to any connected PDs. By
default, inline power provided to all ports is enabled.
Disabling inline power does not allow PoE power reserved for slots to be allocated to other slots that
may be needing more power to become operational.
Disabling inline power using the disable inline-power command does not affect the data traffic
traversing the port. And, disabling the port using the disable port command does not affect the inline
power supplied to the port.
However, when you issue the command disable slot on a slot holding a PoE module, the inline
power is also disabled; that slot is totally offline.
NOTE
Inline power cannot be delivered to connected PDs unless the Aspen chassis and module are powered.
Example
The following command shuts down inline power currently provided to all ports and all slots:
disable inline-power
History
This command was first available in ExtremeWare XOS 11.1.
ExtremeWare XOS 11.1 Command Reference Guide
311
Power Over Ethernet Commands
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
312
disable inline-power legacy slot
disable inline-power legacy slot
disable inline-power legacy slot <slot>
Description
Disables the non-standard (or capacitance) power detection mechanism for the specified slot.
Syntax Description
slot
Disables non-standard power detection for specified slot.
Default
Disable.
Usage Guidelines
This command disables the non-standard power-detection mechanism on the specified slot. Legacy PDs
do not conform to the IEEE 802.3af standard but may be detected by the switch through a capacitance
measurement.
However, measuring the power through capacitance is used only if this parameter is enabled and after
an unsuccessful attempt to discover the PD using the standard resistance measurement method. The
default for legacy is disabled.
The reason legacy detection is configurable is that it is possible for a normal (non-PoE) device to have a
capacitance signature that causes the device to be detected as a legacy PoE device and have power
delivered to it, potentially causing damage to the device.
Example
The following command disables capacitance detection of PDs on slot 3:
disable inline-power legacy slot 3
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
313
Power Over Ethernet Commands
disable inline-power ports
disable inline-power ports [all | <port_list>]
Description
Shuts down PoE power currently provided to all ports or to specified ports.
Syntax Description
all
Disables inline power to all ports on the switch.
port_list
Disables inline power to the specified ports.
Default
Enable.
Usage Guidelines
Disabling inline power to ports immediately removes power to any connected PDs. By default, the
capability to provide inline power to all ports is enabled.
Disabling inline power using the disable inline-power command does not affect the data traffic
traversing the port. And, disabling the port using the disable port command does not affect the inline
power supplied to the port.
Disabling inline power to a port providing power to a PD immediately removes power to the PD.
NOTE
PoE power removed from ports using this command can be used by other ports on the same module.
Example
The following command shuts down inline power currently provided to ports 4 and 5 on slot 3:
disable inline-power ports 3:4-5
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
314
disable inline-power slot
disable inline-power slot
disable inline-power slot <slot>
Description
Shuts down PoE power currently provided to the specified slot.
Syntax Description
slot
Disables inline power to specified slot.
Default
Enable.
Usage Guidelines
Disabling inline power to a slot immediately removes power to any connected PDs. By default, the
capability to provide inline power to a slot is enabled.
Disabling a slot using this command does not change the power budgeted to a specified slot using the
configure inline-power budget slot command; nor can that power be used by PDs connected to
any other slot.
NOTE
You can set the reserved power budget to 0 for a slot if, and only if, you first issue this command.
Example
The following command removes power to all PDs on slot 3:
disable inline-power slot 3
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
315
Power Over Ethernet Commands
enable inline-power
enable inline-power
Description
Enables PoE power to all ports on all slots.
Syntax Description
This command has no arguments or variables.
Default
Enable.
Usage Guidelines
You can control whether inline power is provided to the system by using the disable inline-power
command and the enable inline-power command. By default, inline power provided to all ports is
enabled.
Enabling inline power starts the PoE detection process used to discover, classify, and power remote PDs.
NOTE
If your chassis has an inline power module and there is not enough power to supply a slot, that slot will not be
powered on; the slot will not function in data-only mode without enough power for inline power.
Disabling inline power using the disable inline-power command does not affect the data traffic
traversing the port. And, disabling the port using the disable port command does not affect the inline
power supplied to the port.
However, when you issue the command disable slot on a slot holding a PoE module, the inline
power is also disabled; that slot is totally offline.
NOTE
Inline power cannot be delivered to connected PDs unless the Aspen chassis and module are powered.
To deliver inline power to connected PDs, you must also reserve adequate power for the slot with the
PDs using the configure inline-power budget slot command.
ExtremeWare XOS 11.1 Command Reference Guide
316
enable inline-power
Example
The following command enables inline power currently provided to all ports and all slots:
enable inline-power
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
317
Power Over Ethernet Commands
enable inline-power legacy slot
enable inline-power legacy slot <slot>
Description
Enables non-standard (or capacitance) power detection mechanism for the specified slot.
Syntax Description
slot
Enables non-standard power detection for specified slot.
Default
Disable.
Usage Guidelines
This command enables the non-standard power-detection mechanism on the specified slot. Legacy PDs
do not conform to the IEEE 802.3af standard but may be detected by the switch through a capacitance
measurement.
However, measuring the power through capacitance is used only if this parameter is enabled and after
an unsuccessful attempt to discover the PD using the standard resistance measurement method. The
default for legacy is disabled.
CAUTION
A normal (non-PoE) device may have a capacitance signature that causes the device to be detected as a legacy PoE
device (and have power supplied), potentially causing damage to the device.
Example
The following command enables capacitance detection of PDs on slot 3:
enable inline-power legacy slot 3
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
318
enable inline-power ports
enable inline-power ports
enable inline-power ports [all | <port_list>]
Description
Enables PoE power currently provided to all ports or to specified ports.
Syntax Description
all
Enables inline power to all ports on the switch.
port_list
Enables inline power to the specified ports.
Default
Enable.
Usage Guidelines
Disabling inline power to a port immediately removes power to any connected PD. By default, inline
power provided to all ports is enabled.
To deliver inline power to ports with connected PDs, you must also reserve power for the slot with the
PDs using the configure inline-power budget slot command. If you do not have enough reserved
power for the port, that port moves into a Denied state.
NOTE
If your chassis has an inline power module and there is not enough power to supply a slot, that slot will not be
powered on; the slot will not function in data-only mode without enough power for inline power.
Disabling inline power using the disable inline-power command does not affect the data traffic
traversing the port. And, disabling the port using the disable port command does not affect the inline
power supplied to the port.
Example
The following command enables inline power to ports 4 and 5 on slot 3:
enable inline-power ports 3:4-5
History
This command was first available in ExtremeWare XOS 11.1.
ExtremeWare XOS 11.1 Command Reference Guide
319
Power Over Ethernet Commands
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
320
enable inline-power slot
enable inline-power slot
enable inline-power slot <slot>
Description
Enables PoE power to the specified slot.
Syntax Description
slot
Enables inline power to specified slot.
Default
Enable.
Usage Guidelines
Disabling inline power to a slot immediately removes power to any connected PDs. By default, inline
power provided to all slots is enabled.
To deliver inline power to slots, you must reserve power for that slot using the configure inlinepower budget slot command. By default, each PoE module has 50 W of power reserved for inline
power.
NOTE
If your chassis has an inline power module and there is not enough power to supply a slot, that slot will not be
powered on; the slot will not function in data-only mode without enough power for inline power.
Disabling inline power using the disable inline-power command does not affect the data traffic
traversing the slot. And, disabling the slot using the disable slot command does not affect the inline
power supplied to the slot.
Example
The following command makes inline power available to slot 3:
enable inline-power slot 3
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
321
Power Over Ethernet Commands
reset inline-power ports
reset inline-power ports <port_list>
Description
Power cycles the specified ports.
Syntax Description
portlist
Specifies one or more slots and ports for which power is to be reset. May be in
the form 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
This command power cycles the specified ports. Ports are immediately disabled and then re-enabled,
allowing remote PDs to be power-cycled.
This command affects only inline power; it does not affect network connectivity for the port(s).
Example
The following command resets power for port 4 on slot 3:
reset inline-power ports 3:4
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
322
show inline-power
show inline-power
show inline-power
Description
Displays inline power status information for the system.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
The output indicates the following inline power status information for the system:
●
Configured inline power status—The status of the inline power for the switch: enabled or disabled.
●
System power surplus—The surplus amount of power on the system, in watts, available for
budgeting.
●
Redundant power surplus—The amount of power on the system, in watts, available for budgeting if
one power supply is lost.
●
System power usage threshold—The configured power usage threshold for each slot, shown as a
percentage of budgeted power. Once this threshold has been passed on any slot, the system sends an
SNMP alarm and logs a message.
●
Disconnect precedence—The method of denying power to PDs if the budgeted power on any slot is
exceeded.
●
Legacy mode—The status of the legacy mode, which allows detection of non-standard PDs.
The output indicates the following inline power status information for each slot:
●
●
Inline power status—The status of inline power. The status conditions are:
■
Enabled
■
Disabled
Firmware status—The operational status of the slot. The status conditions are:
■
Operational
■
Not operational
■
Disabled
■
Subsystem failure
■
Card not present
■
Slot disabled
●
Budgeted power—The amount of power, in watts, that is reserved and available to the slot.
●
Measured power—The amount of power, in watts, that currently being used by the slot.
ExtremeWare XOS 11.1 Command Reference Guide
323
Power Over Ethernet Commands
NOTE
For additional information on inline power parameters, refer to the show power budget command.
To reduce the chances of ports fluctuating between powered and non-powered states, newly inserted
PDs are not powered when the actual delivered power for the module is within approximately 19 W of
the configured inline power budget for that slot. However, actual aggregate power can be delivered up
to the configured inline power budget for the slot (for example, when delivered power from ports
increases or when the configured inline power budget for the slot is reduced).
Example
The following command displays inline power status for the system:
show inline-power
Following is sample output from this command:
Inline Power
Configured
:
System Power Surplus
:
Redundant Power Surplus
:
Power Usage Threshold
:
Disconnect Precedence
:
Legacy Mode
:
System Information
Enabled
1500 Watts available for budgeting
465 Watts available for budgeting to maintain N+1
70 percent (per slot)
lowest-priority
Disabled
Budgeted
Measured
Slot Inline-Power Firmware Status
Power (Watts) Power (Watts)
3
Enabled
Operational
50 W
9 W
4
Enabled
Card Not Present
( 50 W)
n/a
7
Enabled
Operational
50 W
0 W
Note: A budget value in parentheses is not allocated from the system power
budget because the card is not present, or the slot is disabled.
Sample output from the show power budget command is displayed below:
PS State
Watts
48V
12V
--------------------------------------------------------------------------1 Powered On
1152.00 1104.00
48.00
2 Powered On
1152.00 1104.00
48.00
3 Empty
4 Empty
5 Empty
6 Empty
--------------------------------------------------------------------------Power Available:
2304.00 2208.00
96.00
Redundant (N+1) Power Available:
1200.00 1152.00
48.00
Slots
Type
State
Watts
48V
12V
--------------------------------------------------------------------------Slot-1
Empty
Slot-2
Empty
Slot-3 G48P
Operational
111.00
110.00
1.00
Inline Power (budgeted + 2% loss)
51.00
51.00
0.00
Slot-4 G48P
Empty
Slot-5 G8X
Operational
0.00
0.00
0.00
ExtremeWare XOS 11.1 Command Reference Guide
324
show inline-power
Slot-6 G48T
Operational
0.00
0.00
0.00
Slot-7 G48P
Operational
111.00
110.00
1.00
Inline Power (budgeted + 2% loss)
51.00
51.00
0.00
Slot-8
Empty
Slot-9
Empty
Slot-10
Empty
MSM-A
MSM-G8X
Operational
151.00
150.00
1.00
MSM-B
Empty
151.00
150.00
1.00
FanTray
Operational
55.00
55.00
0.00
--------------------------------------------------------------------------Power Required:
681.00
677.00
4.00
Power Allocated:
681.00
677.00
4.00
Power Surplus:
1623.00 1531.00
92.00
Redundant Power Supply(s) Present?: yes
The term 2% loss shown in this display is the 2% associated with powering PDs. For example, when
you reserve 50 W for a particular slot, the system reserves 51 W.
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
325
Power Over Ethernet Commands
show inline-power configuration ports
show inline-power configuration ports <port_list>
Description
Displays inline power configuration information for the specified ports.
Syntax Description
port_list
Specifies one or more ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
The output displays the following inline power configuration information for the specified ports:
●
Config—Indicates whether the port is enabled to provide inline power:
■
Enabled: The port can provide inline power.
■
Disabled: The port cannot provide inline power.
●
Operator Limit—Displays the configured limit, in milliwatts, for inline power on the port.
●
Priority—Displays inline power priority of the port, which is used when the disconnect precedence
is set to lowest priority:
●
■
Low
■
High
■
Critical
Label—Displays a text string, if any, associated with the port.
Example
The following command displays inline power configuration information for ports 1 to 10 in slot 3:
show inline-power configuration port 3:1-10
Following is sample output from this command:
Port
3:1
3:2
3:3
3:4
3:5
3:6
3:7
3:8
Config
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Operator
15000
15000
15000
15000
15000
15000
15000
15000
Limit
mW
mW
mW
mW
mW
mW
mW
mW
Priority
Low
Low
Low
Low
Low
Low
Low
Low
ExtremeWare XOS 11.1 Command Reference Guide
Label
326
show inline-power configuration ports
3:9
3:10
Enabled
Enabled
15000 mW
15000 mW
Low
Low
History
This command was first available in ExtremeWare XOS 11.1
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
327
Power Over Ethernet Commands
show inline-power info ports
show inline-power info {detail} ports <port_list>
Description
Displays inline power information for the specified ports.
Syntax Description
port_list
Specifies one or more ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
NOTE
Ports in the denied or faulted state periodically display the searching state as the hardware retests the PD
state.
You can use this command to generate a summary report or a detailed report.
Summary output displays the following inline power information for the specified ports:
●
●
●
State—Displays the port power state:
■
Disabled
■
Searching
■
Delivering
■
Faulted
■
Disconnected
■
Other
■
Denied
PD’s power class—Displays the class type of the connected PD:
■
“-----”: disabled or searching
■
“class0”: class 0 device
■
“class1”: class 1 device
■
“class2”: class 2 device
■
“class3”: class 3 device
■
“class4”: class 4 device
Volts—Displays the measured voltage. A value from 0 to 2 is valid for ports that are in a searching
state.
ExtremeWare XOS 11.1 Command Reference Guide
328
show inline-power info ports
●
Curr—Displays the measured current, in milliamperes, drawn by the PD.
●
Power—Displays the measured power, in watts, supplied to the PD.
●
Fault—Displays the fault value:
■
None
■
UV/OV fault
■
UV/OV spike
■
Over current
■
Overload
■
Undefined
■
Underload
■
HW fault
■
Discovery resistance fail
■
Operator limit violation
■
Disconnect
■
Discovery resistance, A2D failure
■
Classify, A2D failure
■
Sample, A2D failure
■
Device fault, A2D failure
■
Force on error
The detail command lists all inline power information for the selected ports. Detail output displays the
following information:
●
Configured Admin State—Displays the port’s configured state; Enabled or Disabled.
●
Inline Power State—Displays the port power state.
●
MIB Detect Status—Displays the port state as reported by SNMP; valid values are as follows:
■
disabled
■
searching
■
delivering
■
fault
■
test
■
otherFault
■
denyLowPriority
●
Label—Displays the port’s configured label.
●
Operator Limit—Displays the port’s configured operator limit value.
●
PD Class—Displays the class type of connected PD:
●
Max Allowed Power—Displays the amount of maximum allowed power for a device of this class.
●
Measured Power—Displays the measured power, in watts, supplied to the PD.
●
Line Voltage—Displays the measured voltage. A value from 0 to 2 is valid for ports in a searching
state.
●
Current—Displays the measured current, in milliamperes, drawn by the PD.
●
Fault Status—Displays the fault value.
ExtremeWare XOS 11.1 Command Reference Guide
329
Power Over Ethernet Commands
●
Detailed Status
●
Priority—Displays the port’s configured PoE priority value, as follows:
■
Critical
■
High
■
Low
Example
The following command displays summary inline power information for ports 1 to 3 on slot 3:
show inline-power info ports 3:1-3
Following is sample output from this command:
Port
State
Class
Volts
3:1
3:2
3:3
delivering
delivering
searching
class3
class3
------
48.3
48.3
0.0
Curr
(mA)
192
192
0
Power
(Watts)
9.300
9.300
0.0
Fault
None
None
None
The following command displays detail inline power information for port 1 on slot 3:
show inline-power info detail port 3:1
Following is sample output from this command:
Port 3:1
Configured Admin State:
Inline Power State
:
MIB Detect Status
:
Label
:
Operator Limit
:
PD Class
:
Max Allowed Power
:
Measured Power
:
Line Voltage
:
Current
:
Fault Status
:
Detailed Status
:
Priority
:
enabled
delivering
delivering
16800 milliwatts
class3
15.400 W
9.400 W
48.3 Volts
193 mA
None
low
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
330
show inline-power slot
show inline-power slot
show inline-power slot <slot>
Description
Displays inline power information for the specified slot.
Syntax Description
slot
Specifies the slot.
Default
N/A.
Usage Guidelines
The output indicates the following inline power status information for each slot:
●
●
Inline power status—The status of inline power. The status conditions are:
■
Enabled
■
Disabled
Firmware status—The operational status of the slot. The status conditions are:
■
Operational
■
Not operational
■
Disabled
■
Subsystem failure
■
Card not present
■
Slot disabled
●
Budgeted power—The amount of power, in watts, that is available to the slot.
●
Measured power—The amount of power, in watts, that currently being used by the slot.
●
Legacy—The status of the legacy mode, which allows detection of many non-standard PDs.
Example
The following command displays inline power information for slot 3:
show inline-power slot 3
Following is sample output from this command:
Slot
3
Inline-Power
Enabled
Firmware Status
Operational
ExtremeWare XOS 11.1 Command Reference Guide
Budgeted
Power (Watts)
500 W
Measured
Power (Watts)
441 W
Legacy
Disabled
331
Power Over Ethernet Commands
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
332
show inline-power stats ports
show inline-power stats ports
show inline-power stats ports <port_list>
Description
Displays inline power statistics for the specified ports.
Syntax Description
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
The output displays the following inline power statistics for the specified ports:
●
●
State—Displays the port power state:
■
Disabled
■
Searching
■
Delivering
■
Faulted
■
Disconnected
■
Other
■
Denied
PD’s power class—Displays the class type of the connected PD:
■
“-----”: disabled or searching
■
“class0”: class 0 device
■
“class1”: class 1 device
■
“class2”: class 2 device
■
“class3”: class 3 device
■
“class4”: class 4 device
●
Absent—Displays the number of times the port was disconnected.
●
InvSig—Displays the number of times the port had an invalid signature.
●
Denied—Displays the number of times the port was denied.
●
Over-current—Displays the number of times the port entered an overcurrent state.
●
Short—Displays the number of times the port entered undercurrent state.
ExtremeWare XOS 11.1 Command Reference Guide
333
Power Over Ethernet Commands
Example
The following command displays inline power configuration information for ports 1 to 10 in slot 3:
show inline-power stats ports 3:1-10
Following is sample output from this command:
Port
3:1
3:2
3:3
3:4
3:5
3:6
3:7
3:8
3:9
3:10
State
delivering
delivering
searching
searching
searching
searching
searching
searching
searching
searching
Class
class3
class3
class0
class0
class0
class0
class0
class0
class0
class0
STATISTICS COUNTERS
Absent InvSig
Denied
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
OverCurrent
18
0
0
0
0
0
0
0
0
0
Short
0
0
0
0
0
0
0
0
0
0
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
334
show inline-power stats slot
show inline-power stats slot
show inline-power stats slot <slot>
Description
Displays inline power statistics for the specified slot.
Syntax Description
slot
Specifies the slot.
Default
N/A.
Usage Guidelines
Use this command to produce a report that shows the firmware status and version plus how many
ports are currently faulted, powered, and waiting for power for the selected slots. Unlike the values
displayed with the show inline-power stats ports command, these values (displayed with the
show inline-power stats slot command) are current readings; not cumulative counters.
Example
The following command displays inline power statistics information for slot 3:
show inline-power stats slot 3
Following is sample output from this command:
Inline-Power Slot Statistics
Slot: 3
Firmware status
Firmware revision
: Operational
: 292b1
Total
Total
Total
Total
:
:
:
:
ports
ports
ports
ports
powered
awaiting power
faulted
disabled
7
41
0
0
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
335
Power Over Ethernet Commands
unconfigure inline-power budget slot
unconfigure inline-power budget slot <slot>
Description
Unconfigures the inline reserved power on the specified slot and returns the power budget on that slot
to the default value of 50 W.
Syntax Description
slot
Specifies the slot.
Default
50 W.
Usage Guidelines
This command unconfigures any previously configured power budget for the specified slot and resets
the budgeted power reserved for all PDs connected to this slot to 50 W. The rest of the previously
configured power budget on this slot cannot be used to power other slots or PDs on other slots (unless
you explicitly reconfigure the power budget for other slots).
If you specify a slot that does not have a PoE module, the system returns the following error message:
Error: Slot 2 is not capable of inline-power.
Example
The following command resets the power for slot 4 to 50 W:
unconfigure inline-power budget slot 4
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
336
unconfigure inline-power disconnect-precedence
unconfigure inline-power disconnect-precedence
unconfigure inline-power disconnect-precedence
Description
Unconfigures the disconnect precedence setting and returns the switch to the default disconnect
precedence value of deny port.
Syntax Description
This command has no arguments or variables.
Default
Deny-port.
Usage Guidelines
You configure this parameter for the entire switch; you cannot configure this per slot or per port.
Unconfigures the PoE disconnect precedence previously set for the switch and returns the disconnect
precedence to the default value of deny port. Deny port denies power to the next PD that requests
inline power from the slot when the inline power budget for the slot is reached, regardless of the inline
power port priority.
Example
The following command resets the switch to the PoE disconnect precedence value, which is deny port:
unconfigure inline-power disconnect-precedence
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
337
Power Over Ethernet Commands
unconfigure inline-power operator-limit ports
unconfigure inline-power operator-limit ports [all |<port_list>]
Description
Unconfigures the PoE operator limit setting and resets the power limit allowed for PDs connected to the
specified ports to the default value of 15400 mW.
Syntax Description
all
Specifies all ports.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
15400 mW.
Usage Guidelines
This command unconfigures any previously configured operator limit for the specified ports. It resets
the maximum power that any PD can draw to 15400 mW.
Example
The following command resets the limit on ports 3 to 6 of slot 5 to the default value of 15400 mW:
unconfigure inline-power operator-limit ports 5:3-5:6
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
338
unconfigure inline-power priority ports
unconfigure inline-power priority ports
unconfigure inline-power priority ports [all | <port_list>]
Description
Unconfigures the PoE priority on the specified ports, and returns the ports to the default PoE port
priority value of low.
Syntax Description
all
Specifies all ports.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
Low.
Usage Guidelines
Use this to reset the PoE port priority on specified ports to the default value of low.
If there are multiple ports at the same priority level (either configured, or by default) and one of the
ports must have power withdrawn because of excessive power demands, those ports with the lower
port number are powered first. The higher port numbers have power withdrawn first in the case of
equal PoE port priorities.
Example
The following command resets the PoE priority on ports 4 – 6 on slot 3 to low:
unconfigure inline-power priority ports 3:4-3:6
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
339
Power Over Ethernet Commands
unconfigure inline-power usage-threshold
unconfigure inline-power usage-threshold
Description
Unconfigures the inline power usage alarm threshold and returns threshold to the default value of 70%.
Syntax Description
This command has no arguments or variables.
Default
70.
Usage Guidelines
This command unconfigures the PoE usage threshold setting for initiating SNMP event and EMS
messages and returns the switch’s inline power usage threshold for to 70%. The system initiates an
event and message once that percentage of the budgeted power is being used.
The PoE threshold applies only to the percentage per slot of measured to budgeted power use; it does
not apply to the entire switch.
The system generates an additional SNMP event and EMS message once the power usage falls below the
threshold again; once the condition clears.
Example
The following command resets the inline power usage alarm threshold to 70%:
unconfigure inline-power usage-threshold
History
This command was first available in ExtremeWare XOS 11.1
Platform Availability
This command is available only on the G48P module installed in the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
340
7
Commands for Status Monitoring and Statistics
This chapter describes commands for:
●
Configuring and managing the Event Management System/Logging
●
Configuring and monitoring system health and statistics
●
Enabling and disabling the collection of remote monitoring (RMON) statistics on the switch
●
Enabling, disabling, and configuring sFlow® statistics collection
Event Management System
When an event occurs on a switch, the Event Management System (EMS) allows you to send messages
generated by these events to a specified log target. You can send messages to the memory buffer,
NVRAM, the console display, the current session, to a syslog host, or to the other Management Switch
Fabric Module (MSM). The log messages contain configuration and fault information pertaining to the
device. The log messages can be formatted to contain various items of information, but typically a
message will consist of:
●
Timestamp: The timestamp records when the event occurred.
●
Severity level:
■
Critical: A desired switch function is inoperable. The switch may need to be reset.
■
Error: A problem is interfering with normal operation.
■
Warning: An abnormal condition exists that may lead to a function failure.
■
Notice: A normal but significant condition has been detected; the system is functioning as
expected.
■
Info: Actions and events that are consistent with expected behavior.
■
Debug-Summary, Debug-Verbose, and Debug -Data: Information that is useful when performing
detailed trouble shooting procedures.
By default, log entries that are assigned a critical, error, or warning level are considered static entries
and remain in the NVRAM log target after a switch reboot.
●
Component: The component refers to the specific functional area to which the error refers.
●
Message: The message contains the log information with text that is specific to the problem.
The switch maintains a configurable number of messages in its internal (memory-buffer) log (1000 by
default). You can display a snapshot of the log at any time. In addition to viewing a snapshot of the log,
you can configure the system to maintain a running real-time display of log messages on the console
display or telnet session. In addition to maintaining an internal log, the switch supports remote logging
by way of the UNIX syslog host facility.
ExtremeWare XOS 11.1 Command Reference Guide
341
Commands for Status Monitoring and Statistics
sFlow Statistics
sFlow® is a technology for monitoring traffic in data networks containing switches and routers. It relies
on statistical sampling of packets from high-speed networks, plus periodic gathering of the statistics. A
User Datagram Protocol (UDP) datagram format is defined to send the information to an external entity
for analysis. sFlow consists of a (Management Information Base) MIB and a specification of the packet
format for forwarding information to a remote agent. Details of sFlow specifications can be found in
RFC 3176 and at the following website:
http://www.sflow.org
ExtremeWare XOS allows you to collect sFlow statistics on a per port basis. An agent, residing locally
on the switch, sends data to a collector that resides on another machine. You configure the local agent,
the address of the remote collector, and the ports of interest for sFlow statistics gathering. You can also
modify default values for how frequently on average a sample is taken, how often the data is sent to the
collector, and the maximum load allowed on the CPU before throttling the statistics gathering.
RMON
RMON is the common abbreviation for the Remote Monitoring Management Information Base (MIB)
system defined by the Internet Engineering Task Force (IETF) documents RFC 1757 and RFC 2021,
which allows you to monitor LANs remotely.
Using the RMON capabilities of the switch allows network administrators to improve system efficiency
and reduce the load on the network.
The IETF defines nine groups of Ethernet RMON statistics. The switch supports the following four of
these groups, as defined in RFC 1757:
●
Statistics
●
History
●
Alarms
●
Events
The switch also supports the following parameters for configuring the RMON probe and the trap
destination table, as defined in RFC 2021:
●
probeCapabilities
●
probeSoftwareRev
●
probeHardwareRev
●
probeDateTime
●
probeResetControl
●
trapDestTable
ExtremeWare XOS 11.1 Command Reference Guide
342
clear counters
clear counters
clear counters
Description
Clears all switch statistics and port counters, including port packet statistics, bridging statistics, IP
statistics, and log event counters.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
You should view the switch statistics and port counters before you clear them. Use the show port
command to view port statistics. Use the show log counters command to show event statistics.
Viewing and maintaining statistics on a regular basis allows you to see how well your network is
performing. If you keep simple daily records, you will see trends emerging and notice problems arising
before they cause major network faults. By clearing the counters, you can see fresh statistics for the time
period you are monitoring.
Example
The following command clears all switch statistics and port counters:
clear counters
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
343
Commands for Status Monitoring and Statistics
clear log
clear log {error-led | static | messages [memory-buffer | nvram]}
Description
Clears the log messages in memory and NVRAM, and clears the ERR LED on the MSM.
Syntax Description
error-led
Clears the ERR LED on the MSM.
static
Specifies that the messages in the NVRAM and memory-buffer targets are
cleared, and the ERR LED on the MSM is cleared.
memory-buffer
Clears entries from the memory buffer.
nvram
Clears entries from NVRAM.
Default
N/A.
Usage Guidelines
The switch log tracks configuration and fault information pertaining to the device.
By default, log entries that are sent to the NVRAM remain in the log after a switch reboot. The clear
log and clear log messages memory-buffer commands remove entries in the memory buffer target;
the clear log static and clear log messages nvram commands remove messages from the
NVRAM target. In addition, the clear log static command will also clear the memory buffer target.
There are three ways to clear the ERR LED. Clear the log, reboot the switch, or use the clear log
error-led command. To clear the ERR LED without rebooting the switch or clearing the log messages,
use the clear log error-led command.
Example
The following command clears all log messages, from the NVRAM:
clear log static
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
344
clear log counters
clear log counters
clear log counters {<event-condition> | [all | <event-component>] {severity
<severity> {only}}}
Description
Clears the incident counters for events.
Syntax Description
event-condition
Specifies the event condition counter to clear.
all
Specifies that all events counters are to be cleared.
event-component
Specifies that all the event counters associated with a particular component
should be cleared.
severity
Specifies the minimum severity level of event counters to clear (if the keyword
only is omitted).
only
Specifies that only event counters of the specified severity level are to be
cleared.
Default
If severity is not specified, then the event counters of any severity are cleared in the specified
component.
Usage Guidelines
This command sets the incident counters to zero for each event specified. To display event counters, use
the following command:
show log counters
See the command show log on page 411 for more information about severity levels.
To get a listing of the event conditions in the system, use the following command:
show log events {detail}
To get a listing of the components present in the system, use the following command:
show log components
Example
The following command clears the event counters for event conditions of severity error or greater in the
component BGP:
clear log counters "BGP" severity error
ExtremeWare XOS 11.1 Command Reference Guide
345
Commands for Status Monitoring and Statistics
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
346
configure log display
configure log display
configure log display <severity>
Description
Configures the real-time log-level message to display.
Syntax Description
severity
Specifies a message severity. Severities include critical, error, warning, notice,
info, debug-summary, debug-verbose, and debug-data.
Default
If not specified, messages of all severities are displayed on the console display.
Usage Guidelines
You must enable the log display before messages are displayed on the log display. Use the enable log
display command to enable the log display. This allows you to configure the system to maintain a
running real-time display of log messages on the console.
Severity filters the log to display messages with the selected severity or higher (more critical). Severities
include critical, error, warning, info, notice, debug-summary, debug-verbose, and debug-data.
You can also control log data to different targets. The command equivalent to configure log display
is the following:
configure log target console-display severity <severity>
To display the current configuration of the log display, use the following command:
show log configuration target console-display
Example
The following command configures the system log to maintain a running real-time display of log
messages of critical severity:
configure log display critical
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
347
Commands for Status Monitoring and Statistics
configure log filter events
configure log filter <name> [add | delete] {exclude} events [<eventcondition> | [all | <event-component>] {severity <severity> {only}}]
Description
Configures a log filter to add or delete detailed feature messages based on a specified set of events.
Syntax Description
name
Specifies the filter to configure.
add
Add the specified events to the filter
delete
Remove the specified events from the filter
exclude
Events matching the specified events will be excluded
event-condition
Specifies an individual event.
all
Specifies all components and subcomponents.
event-component
Specifies all the events associated with a particular component.
severity
Specifies the minimum severity level of events (if the keyword only is omitted).
only
Specifies only events of the specified severity level.
Default
If the exclude keyword is not used, the events will be included by the filter. If severity is not
specified, then the filter will use the component default severity threshold (see the note on page 349
when delete or exclude is specified).
Usage Guidelines
This command controls the incidents that pass a filter by adding, or deleting, a specified set of events. If
you want to configure a filter to include or exclude incidents based on event parameter values (for
example, MAC address or BGP Neighbor) see the command configure log filter events match
on page 351.
When the add keyword is used, the specified event name is added to the beginning of the filter item list
maintained for this filter. The new filter item either includes the events specified, or if the exclude
keyword is present, excludes the events specified.
The delete keyword is used to remove events from the filter item list that were previously added using
the add command. All filter items currently in the filter item list that are identical to, or a subset of, the
set of events specified in the delete command will be removed.
Event Filtering Process. From a logical standpoint, the filter associated with each enabled log target is
examined to determine whether a message should be logged to that particular target. The determination
is made for a given filter by comparing the incident with the most recently configured filter item first. If
the incident matches this filter item, the incident is either included or excluded, depending on whether
ExtremeWare XOS 11.1 Command Reference Guide
348
configure log filter events
the exclude keyword was used. Subsequent filter items on the list are compared if necessary. If the list
of filter items has been exhausted with no match, the incident is excluded.
Events, Components, and Subcomponents. As mentioned, a single event can be included or excluded by
specifying the event’s name. Multiple events can be added or removed by specifying an ExtremeWare
XOS component name plus an optional severity. Some components, such as BGP, contain
subcomponents, such as Keepalive, which is specified as BGP.Keepalive. Either components or
subcomponents can be specified. The keyword all in place of a component name can be used to
indicate all ExtremeWare XOS components.
Severity Levels. When an individual event name is specified following the events keyword, no severity
value is needed since each event has pre-assigned severity. When a component, subcomponent, or the
all keyword is specified following the events keyword, a severity value is optional. If no severity is
specified, the severity used for each applicable subcomponent is obtained from the pre-assigned severity
threshold levels for those subcomponents. For example, if STP were specified as the component, and no
severity is specified for the add of an include item, then only messages with severity of error and
greater would be passed, since the threshold severity for the STP component is error. If STP.InBPDU
were specified as the component, and no severity is specified, then only messages with severity of
warning and greater would be passed, since the threshold severity for the STP.InPBDU subcomponent
is warning. Use the show log components command to see this information.
The severity keyword all can be used as a convenience when delete or exclude is specified. The use
of delete (or exclude) with severity all deletes (or excludes) previously added events of the same
component of all severity values.
NOTE
If no severity is specified when delete or exclude is specified, severity all is used
If the only keyword is present following the severity value, then only the events in the specified
component at that exact severity are included. Without the only keyword, events in the specified
component at that severity or more urgent are included. For example, using the option severity
warning implies critical, error, or warning events, whereas the option severity warning only implies
warning events only. Severity all only is not a valid choice.
Any EMS events with severity debug-summary, debug-verbose, or debug-data will not be logged
unless debug mode is enabled
Filter Optimization. Each time a configure log filter command is issued for a given filter name, the
events specified are compared against the current configuration of the filter to try to logically simplify
the configuration.
For example, if the command:
configure log filter bgpFilter1 add events bgp.keepalive severity error only
were to be followed by the command:
configure log filter bgpFilter1 add events bgp severity info
the filter item in the first command is automatically deleted since all events in the BGP.Keepalive
subcomponent at severity error would be also included as part of the second command, making the
first command redundant.
More Information. See the command show log on page 411 for more information about severity levels.
ExtremeWare XOS 11.1 Command Reference Guide
349
Commands for Status Monitoring and Statistics
To get a listing of the components present in the system, use the following command:
show log components
To get a listing of event condition definitions, use the following command:
show log events
To see the current configuration of a filter, use the following command:
show log configuration filter {<filter name>}
Example
The following command adds all STP component events at severity info to the filter mySTPFilter:
configure log filter myStpFilter add events stp severity info
The following command adds the STP.OutBPDU subcomponent, at the pre-defined severity level for
that component, to the filter myStpFilter:
configure log filter myStpFilter add events stp.outbpdu
The following command excludes one particular event, STP.InBPDU.Drop, from the filter:
configure log filter myStpFilter add exclude events stp.inbpdu.drop
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
350
configure log filter events match
configure log filter events match
configure log filter <name> [add | delete] {exclude} events [<eventcondition> | [all | <event-component>] {severity <severity> {only}}] [match
| strict-match] <type> <value>
Description
Configures a log filter to add or delete detailed feature messages based on a specified set of events and
match parameter values.
Syntax Description
name
Specifies the filter to configure.
add
Add the specified events to the filter.
delete
Remove the specified events from the filter.
exclude
Events matching the filter will be excluded.
event-condition
Specifies the event condition.
all
Specifies all events.
event-component
Specifies all the events associated with a particular component.
severity
Specifies the minimum severity level of events (if the keyword only is omitted).
only
Specifies only events of the specified severity level.
match
Specifies events whose parameter values match the <type> <value> pair.
strict-match
Specifies events whose parameter values match the <type> <value> pair, and
possess all the parameters specified.
type
Specifies the type of parameter to match.
value
Specifies the value of the parameter to match.
Default
If the exclude keyword is not used, the events will be included by the filter. If severity is not
specified, then the filter will use the component default severity threshold (see the note on on page 349
when delete or exclude is specified).
Usage Guidelines
This command controls the incidents that pass a filter by adding, or deleting, a specified set of events
that match a list of <type> <value> pairs. This command is an extension of the command configure
log filter events, and adds the ability to filter incidents based on matching specified event
parameter values to the event.
See the configure log filter events command on page 348 for more information on specifying and
using filters, on event conditions and components, and on the details of the filtering process. The
discussion here is about the concepts of matching <type> <value> pairs to more narrowly define
filters.
ExtremeWare XOS 11.1 Command Reference Guide
351
Commands for Status Monitoring and Statistics
Types and Values. Each event in ExtremeWare XOS is defined with a message format and zero or more
parameter types. The show log events command on page 427 can be used to display event definitions
(the event text and parameter types). The syntax for the parameter types (represented by <type> in the
command syntax above) is:
[bgp [neighbor | routerid] <ip address>
| eaps <eaps domain name>
| {destination | source} [ipaddress <ip address> | L4-port | mac-address ]
| esrp <esrp domain name>
| {egress | ingress} [slot <slot number> | ports <portlist>]
| ipaddress <ip address>
| L4-port <L4-port>
| mac-address <mac_address>
| netmask <netmask>
| number <number>
| port <portlist>
| process <process name>
| slot <slotid>
| string <match expression>
| vlan <vlan name>
| vlan tag <vlan tag>]
The <value> depends on the parameter type specified. As an example, an event may contain a physical
port number, a source MAC address, and a destination MAC address. To allow only those incidents
with a specific source MAC address, use the following in the command:
configure log filter myFilter add events aaa.radius.requestInit secerity notice match
source mac-address 00:01:30:23:C1:00
configure log filter myFilter add events bridge severity notice match source macaddress 00:01:30:23:C1:00
The string type is used to match a specific string value of an event parameter, such as a user name. A
string can be specified as a simple regular expression.
Match Versus Strict-Match. The match and strict-match keywords control the filter behavior for
incidents whose event definition does not contain all the parameters specified in a configure log
filter events match command. This is best explained with an example. Suppose an event in the
XYZ component, named XYZ.event5, contains a physical port number, a source MAC address, but no
destination MAC address. If you configure a filter to match a source MAC address and a destination
MAC address, XYZ.event5 will match the filter when the source MAC address matches regardless of the
destination MAC address, since the event contains no destination MAC address. If you specify the
strict-match keyword, then the filter will never match, since XYZ.event5 does not contain the
destination MAC address.
In other words, if the match keyword is specified, an incident will pass a filter so long as all parameter
values in the incident match those in the match criteria, but all parameter types in the match criteria
need not be present in the event definition.
More Information. See the command show log on page 411 for more information about severity levels.
To get a listing of the components present in the system, use the following command:
show log components
ExtremeWare XOS 11.1 Command Reference Guide
352
configure log filter events match
To get a listing of event condition definitions, use the following command:
show log events
To see the current configuration of a filter, use the following command:
show log configuration filter {<filter name>}
Example
By default, all log targets are associated with the built-in filter, DefaultFilter. Therefore, the most
straightforward way to send additional messages to a log target is to modify DefaultFilter. In the
following example, the command modifies the built-in filter to allow incidents in the STP component,
and all subcomponents of STP, of severity critical, error, warning, notice and info. For any of these
events containing a physical port number as a match parameter, limit the incidents to only those
occurring on physical ports 3, 4 and 5 on slot 1, and all ports on slot 2:
configure log filter DefaultFilter add events stp severity info match ports 1:3-1:5,
2:*
If desired, issue the unconfigure log DefaultFilter command to restore the DefaultFilter back to its
original configuration.
History
This command was first available in ExtremeWare XOS 10.1.
New parameter <type> values, including esrp and eaps were introduced in ExtremeWare XOS 11.0 and
11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
353
Commands for Status Monitoring and Statistics
configure log target filter
configure log target [console | memory-buffer | primary-msm | backup-msm |
nvram | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>}
[local0 ... local7]]] filter <filter-name> {severity <severity> {only}}
Description
Associates a filter to a target.
Syntax Description
target
Specifies the device to send the log entries.
console
Specifies the console display.
memory-buffer
Specifies the switch memory buffer.
primary-msm
Specifies the primary MSM.
backup-msm
Specifies the backup MSM.
nvram
Specifies the switch NVRAM.
session
Specifies the current session (including console display).
syslog
Specifies a syslog remote server.
all
Specifies all of the syslog remote servers.
ipaddress
Specifies the syslog IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
filter-name
Specifies the filter to associate with the target.
severity
Specifies the minimum severity level to send (if the keyword only is omitted).
only
Specifies that only the specified severity level is to be sent.
Default
If severity is not specified, the severity level for the target is left unchanged. If a virtual router is not
specified, VR-Mgmt is used.
Usage Guidelines
This command associates the specified filter and severity with the specified target. A filter limits
messages sent to a target.
Although each target can be configured with its own filter, by default, all targets are associated with the
built-in filter, DefaultFilter. Each target can also be configured with its own severity level. This provides
the ability to associate multiple targets with the same filter, while having a configurable severity level
for each target.
A message is sent to a target if the target has been enabled, the message passes the associated filter, the
message is at least as severe as the configured severity level, and the message output matches the
ExtremeWare XOS 11.1 Command Reference Guide
354
configure log target filter
regular expression specified. By default, the memory buffer, NVRAM, primary MSM, and backup MSM
targets are enabled. For other targets, use the command enable log target on page 399.
Table 9describes the default characteristics of each type of target.
Table 9: Default target log characteristics
Target
Enabled
Severity Level
console
display
no
info
memory
buffer
yes
debug-data
NVRAM
yes
warning
primary MSM
yes
error
backup MSM
yes
error
session
no
info
syslog
no
debug-data
If the condition for the backup-msm target is met by a message generated on the primary, the event is
sent to the backup MSM. When the backup MSM receives the event, it will see if any of the local targets
(nvram, memory, or console) are matched. If so it gets processed. The session and syslog targets are
disabled on the backup MSM, as they are handled on the primary. If the condition for the primary-msm
target is met by a message generated on the backup, the event is sent to the primary MSM.
Note that the backup-msm target is only active on the primary MSM, and the primary-msm target is only
active on the backup MSM.
The built-in filter, DefaultFilter, and a severity level of info are used for each new telnet session. These
values may be overridden on a per-session basis using the configure log target filter command
and specify the target as session. Use the following form of the command for per-session configuration
changes:
configure log target session filter <filter name> {severity <severity> {only}}
Configuration changes to the current session target are in effect only for the duration of the session, and
are not saved in FLASH memory. The session option can also be used on the console display, if the
changes are desired to be temporary. If changes to the console-display are to be permanent (saved to
FLASH memory), use the following form of the command:
configure log target console filter <filter name> {severity <severity> {only}}
Example
The following command sends log messages to the previously syslog host at 10.31.8.25, port 8993, and
facility local3, that pass the filter myFilter and are of severity warning and above:
configure log target syslog 10.31.8.25:8993 local3 filter myFilter severity warning
The following command sends log messages to the current session, that pass the filter myFilter and are
of severity warning and above:
configure log target session filter myFilter severity warning
ExtremeWare XOS 11.1 Command Reference Guide
355
Commands for Status Monitoring and Statistics
History
This command was first available in ExtremeWare XOS 10.1.
The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0.
The ipPort parameter was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
356
configure log target format
configure log target format
configure log target [console | memory-buffer | nvram | session | syslog
[all | <ipaddress> | <ipPort>] {vr <vr_name>} {local0 ... local7}]]
format [timestamp [seconds | hundredths | none]
| date [dd-mm-yyyy | dd-Mmm-yyyy | mm-dd-yyyy | Mmm-dd | yyyy-mm-dd | none]
| severity
| event-name [component | condition | none | subcomponent]
| host-name
| priority
| process-name
| process-slot
| source-line
Description
Configures the formats of the displayed message, on a per-target basis.
Syntax Description
console
Specifies the console display.
memory-buffer
Specifies the switch memory buffer.
nvram
Specifies the switch NVRAM.
session
Specifies the current session (including console display).
syslog
Specifies a syslog target.
all
Specifies all remote syslog servers.
ipaddress
Specifies the syslog IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
timestamp
Specifies a timestamp formatted to display seconds, hundredths, or none.
date
Specifies a date formatted as specified, or none.
severity
Specifies whether to include the severity.
event-name
Specifies how detailed the event description will be. Choose from none,
component, subcomponent, or condition.
host-name
Specifies whether to include the syslog host name.
priority
Specifies whether to include the priority.
process-name
Specifies whether to include the internal process name.
process-slot
Specifies which slot number the message was generated.
source-line
Specifies whether to include the source file name and line number.
ExtremeWare XOS 11.1 Command Reference Guide
357
Commands for Status Monitoring and Statistics
Default
The following defaults apply to console display, memory buffer, NVRAM, and session targets:
●
timestamp—hundredths
●
date—mm-dd-yyyy
●
severity—on
●
event-name—condition
●
host-name—off
●
priority—off
●
process-name—off
●
process-slot—off
●
source-line—off
The following defaults apply to syslog targets (per RFC 3164):
●
timestamp—seconds
●
date—mmm-dd
●
severity—on
●
event-name—none
●
host-name—off
●
priority—on
●
process-name—off
●
process-slot—off
●
source-line—off
If a virtual router is not specified, VR-Mgmt is used.
Usage Guidelines
This command configures the format of the items that make up log messages. You can choose to include
or exclude items and set the format for those items, but you cannot vary the order in which the items
are assembled.
When applied to the targets console or session, the format specified is used for the messages sent to
the console display or telnet session. Configuration changes to the session target, be it either a telnet or
console display target session, are in effect only for the duration of the session, and are not saved in
FLASH.
When this command is applied to the target memory-buffer, the format specified is used in subsequent
show log and upload log commands. The format configured for the internal memory buffer can be
overridden by specifying a format on the show log and upload log commands.
When this command is applied to the target syslog, the format specified is used for the messages sent
to the specified syslog host.
Timestamps. Timestamps refer to the time an event occurred, and can be output in either seconds as
described in RFC 3164 (for example, “13:42:56”), hundredths of a second (for example, “13:42:56.98”), or
suppressed altogether. To display timestamps as hh:mm:ss, use the seconds keyword, to display as
ExtremeWare XOS 11.1 Command Reference Guide
358
configure log target format
hh:mm:ss.HH, use the hundredths keyword, or to suppress timestamps altogether, use the none
keyword. Timestamps are displayed in hundredths by default.
Date. The date an event occurred can be output as described in RFC 3164. Dates are output in different
formats, depending on the keyword chosen. The following lists the date keyword options, and how the
date “March 26, 2005” would be output:
●
Mmm-dd—Mar 26
●
mm-dd-yyyy—03/26/2005
●
dd-mm-yyyy—26-03-2005
●
yyyy-mm-dd—2005-03-26
●
dd-Mmm-yyyy—26-Mar-2005
Dates are suppressed altogether by specifying none. Dates are displayed as mm-dd-yyyy by default.
Severity. A four-letter abbreviation of the severity of the event can be output by specifying severity
on or suppressed by specifying severity off. The default setting is severity on. The abbreviations
are: Crit, Erro, Warn, Noti, Info, Summ, Verb, and Data. These correspond to: Critical, Error, Warning,
Notice, Informational, Debug-Summary, Debug-Verbose, and Debug-Data.
Event Names. Event names can be output as the component name only by specifying event-name
component and as component and subcomponent name with condition mnemonic by specifying eventname condition, or suppressed by specifying event-name none. The default setting is event-name
condition to specify the complete name of the events.
Host Name. The configured SNMP name of the switch can be output as HOSTNAME described in RFC
3164 by specifying host-name. The default setting is off.
Process Name. For providing detailed information to technical support, the (internal) ExtremeWare XOS
task names of the applications detecting the events can be displayed by specifying process-name. The
default setting is off.
Process Slot. For providing detailed information to technical support, the slot from which the logged
message was generated can be displayed by specifying process-slot. The default setting is off.
Process ID. For providing detailed information to technical support, the (internal) ExtremeWare XOS
task identifiers of the applications detecting the events can be displayed by specifying process-id. The
default setting is off.
Source Line. For providing detailed information to technical support, the application source file names
and line numbers detecting the events can be displayed by specifying source-line. The default setting
is off. You must enable debug mode using the enable log debug-mode command to view the source
line information. For messages generated prior to enabling debug mode, the source line information is
not displayed.
ExtremeWare XOS 11.1 Command Reference Guide
359
Commands for Status Monitoring and Statistics
Example
In the following example, the switch generates the identical event from the component SNTP, using
three different formats.
Using the default format for the session target, an example log message might appear as:
05/29/2005 12:15:25.00 <Warn:SNTP.RslvSrvrFail> The SNTP server parameter value
(TheWrongServer.example.com) can not be resolved.
If you set the current session format using the following command:
configure log target session format timestamp seconds date mm-dd-yyyy event-name
component
The same example would appear as:
05/29/2005 12:16:36 <Warn:SNTP> The SNTP server parameter value
(TheWrongServer.example.com) can not be resolved.
To provide some detailed information to technical support, you set the current session format using the
following command:
configure log target session format timestamp hundredths date mmm-dd event-name
condition source-line process-name
The same example would appear as:
May 29 12:17:20.11 SNTP: <Warn:SNTP.RslvSrvrFail> tSntpc: (sntpcLib.c:606) The SNTP
server parameter value (TheWrongServer.example.com) can not be resolved.
History
This command was first available in ExtremeWare XOS 10.1.
The ipPort and host-name parameters were first introduced in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
360
configure log target match
configure log target match
configure log target [console | memory-buffer | nvram | primary-msm |
backup-msm | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>}
[local0 ... local7]]] match [any |<match-expression>]
Description
Associates a match expression to a target.
Syntax Description
console
Specifies the console display.
memory-buffer
Specifies the switch memory buffer.
nvram
Specifies the switch NVRAM.
primary-msm
Specifies the primary MSM.
backup-msm
Specifies the backup MSM.
session
Specifies the current session (including console display).
syslog
Specifies a syslog target.
all
Specifies all of the remote syslog servers.
ipaddress
Specifies the syslog IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
any
Specifies that any messages will match. This effectively removes a previously
configured match expression.
match-expression
Specifies a regular expression. Only messages that match the regular
expression will be sent.
Default
By default, targets do not have a match expression. If a virtual router is not specified, VR-Mgmt is used.
Usage Guidelines
This command configures the specified target with a match expression. The filter associated with the
target is not affected. A message is sent to a target if the target has been enabled, the message passes the
associated filter, the message is at least as severe as the configured severity level, and the message
output matches the regular expression specified.
See the command show log on page 411 for a detailed description of simple regular expressions. By
default, targets do not have a match expression.
Specifying any instead of match-expression effectively removes a match expression that had been
previously configured, causing any message to be sent that has satisfied all of the other requirements.
ExtremeWare XOS 11.1 Command Reference Guide
361
Commands for Status Monitoring and Statistics
To see the configuration of a target, use the following command:
show log configuration target {console | memory-buffer | nvram | primary-msm | backupmsm | session | syslog {<ipaddress> | <ipPort> | vr <vr_name>} [local0 ... local7]}
To see the current configuration of a filter, use the following command:
show log configuration filter {<filter name>}
Example
The following command sends log messages to the current session, that pass the current filter and
severity level, and contain the string user5:
configure log target session match user5
History
This command was first available in ExtremeWare XOS 10.1.
The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0.
The ipPort parameter was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
362
configure log target severity
configure log target severity
configure log target [console | memory-buffer | nvram | primary-msm |
backup-msm | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>}
[local0 ... local7]]] {severity <severity> {only}}
Description
Sets the severity level of messages sent to the target.
Syntax Description
console
Specifies the console display.
memory-buffer
Specifies the switch memory buffer.
nvram
Specifies the switch NVRAM.
primary-msm
Specifies the primary MSM.
backup-msm
Specifies the backup MSM.
session
Specifies the current session (including console display).
syslog
Specifies a syslog target.
all
Specifies all of the remote syslog servers.
ipaddress
Specifies the syslog IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
severity
Specifies the least severe level to send (if the keyword only is omitted).
only
Specifies that only the specified severity level is to be sent.
Default
By default, targets are sent messages of the following severity level and above:
●
console display—info
●
memory buffer—debug-data
●
NVRAM—warning
●
session—info
●
syslog—debug-data
●
primary MSM—error
●
backup MSM—error
If a virtual router is not specified, VR-Mgmt is used.
Usage Guidelines
This command configures the specified target with a severity level. The filter associated with the target
is not affected. A message is sent to a target if the target has been enabled, the message passes the
ExtremeWare XOS 11.1 Command Reference Guide
363
Commands for Status Monitoring and Statistics
associated filter, the message is at least as severe as the configured severity level, and the message
output matches the regular expression specified.
See the command show log on page 411 for a detailed description of severity levels.
To see the current configuration of a target, use the following command:
show log configuration target {console | memory-buffer | nvram | primary-msm | backupmsm | session | syslog {<ipaddress> | <ipPort> | vr <vr_name>} [local0 ... local7]}
To see the current configuration of a filter, use the following command:
show log configuration filter {<filter name>}
Example
The following command sends log messages to the current session, that pass the current filter at a
severity level of info or greater, and contain the string user5:
configure log target session severity info
History
This command was first available in ExtremeWare XOS 10.1.
The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0.
The ipPort parameter was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
364
configure log target syslog
configure log target syslog
configure log target syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>}
{local0 ... local7} from <source-ip-address>
Description
Configures the syslog server’s IP address for one or all syslog targets.
Syntax Description
syslog
Specifies a syslog target.
all
Specifies all of the remote syslog servers.
ipaddress
Specifies the syslog server’s IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
source-ip-address
Specifies the local source IP address to use.
Default
If a virtual router is not specified, the following virtual routers are used:
●
ExtremeWare XOS 10.1—VR-0
●
ExtremeWare XOS 11.0 and later—VR-Mgmt
Usage Guidelines
Use this command to identify and configure the syslog server’s IP address. By configuring a source IP
address, the syslog server can identify from which switch it received the log message.
Options for configuring the remote syslog server include:
●
all—Specifies all of the remote syslog server hosts.
●
ipaddress—The IP address of the remote syslog server host.
●
ipPort—The UDP port.
●
vr_name—The virtual router that can reach the syslog host.
●
local0-local7—The syslog facility level for local use.
●
from—The local source IP address.
If you do not configure a source IP address for the syslog target, the switch uses the IP address in the
configured VR that has the closed route to the destination.
ExtremeWare XOS 11.1 Command Reference Guide
365
Commands for Status Monitoring and Statistics
Example
The following command configures the IP address for the specified syslog target named orange:
configure log target syslog orange from 10.234.56.78
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
366
configure sflow agent ipaddress
configure sflow agent ipaddress
configure sflow agent {ipaddress} <ip-address>
Description
Configures the sFlow agent’s IP address.
Syntax Description
ip-address
Specifies the IP address from which sFlow data is sent on the switch.
Default
The default configured IP address is 0.0.0.0, but the effective IP address is the management port IP
address.
Usage Guidelines
This command allows you to configure the IP address of the sFlow agent. Typically, you would set this
to the IP address used to identify the switch in the network management tools that you use. The agent
address is stored in the payload of the sFlow data, and is used by the sFlow collector to identify each
agent uniquely. The default configured value is 0.0.0.0, but the switch will use the management port IP
address if it exists.
Both the commands unconfigure sflow and unconfigure sflow agent will reset the agent
parameter to the default.
Example
The following command sets the sFlow agent’s IP address to 10.2.0.1:
configure sflow agent ipaddress 10.2.0.1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
367
Commands for Status Monitoring and Statistics
configure sflow collector ipaddress
configure sflow collector {ipaddress} <ip-address> {port <udp-port-number>}
{vr <vrname>}
Description
Configures the sFlow collector IP address.
Syntax Description
ip-address
Specifies the IP address to send the sFlow data.
udp-port-number
Specifies the UDP port to send the sFlow data.
vrname
Specifies from which virtual router to send the sFlow data.
Default
The following values are the defaults for this command:
●
UDP port number—6343
●
Virtual router—VR-Mgmt (previously called VR-0).
Usage Guidelines
This command allows you to configure where to send the sFlow data. You must specify an IP address
for the sFlow data collector, and you may specify a particular UDP port, if your collector uses a nonstandard port. You may also need to specify from which virtual router to send the data.
You can configure up to four sFlow collectors. Each unique IP address/UDP port/virtual router
combination identifies a collector.
Both the commands unconfigure sflow and unconfigure sflow collector will reset the collector
parameters to the default.
Example
The following command specifies that sFlow data should be sent to port 6343 at IP address 192.168.57.1
using the virtual router VR-Mgmt:
configure sflow collector ipaddress 192.168.57.1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
368
configure sflow max-cpu-sample-limit
configure sflow max-cpu-sample-limit
configure sflow max-cpu-sample-limit <rate>
Description
Configures the maximum number of sFlow samples handled by the CPU per second.
Syntax Description
rate
Specifies the maximum sFlow samples per second.
Default
The default value is 2000 samples per second.
Usage Guidelines
This command configures the maximum number of samples sent to the CPU per second. If this rate is
exceeded, the internal sFlow CPU throttling mechanism kicks in to limit the load on the CPU. Every
time the limit is reached, the sample rate is halved (the value of number in the configure sflow
sample-rate <number> or configure sflow ports <portlist> sample-rate <number> command
is doubled), on the slot on which maximum number of packets were received during the last snapshot.
This effectively halves the sampling frequency of all the ports on that slot with a sub-sampling factor of
1. The sampling frequency of ports on that slot with a sub-sampling factor greater than 1 will not
change; the sub-sampling factor is also halved so the that the same rate of samples are sent from that
port.
The maximum CPU sample rate is based on the total number of samples received from all the sources.
The valid range is 100 to 5000 samples per second.
Example
The following command specifies that the sFlow maximum CPU sample rate should be set to 4000
samples per second:
configure sflow max-cpu-sample-limit 4000
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
369
Commands for Status Monitoring and Statistics
configure sflow poll-interval
configure sflow poll-interval <seconds>
Description
Configures the sFlow counter polling interval.
Syntax Description
seconds
Specifies the number of seconds between polling each counter. The value can
range from 0 to 3600 seconds.
Default
The default polling interval is 20 seconds.
Usage Guidelines
Each sFlow statistics counter is polled at regular intervals, and this data is then sent to the sFlow
collector. This command is used to set the polling interval. To manage CPU load, polling for sFlow
enabled ports are distributed over the polling interval, so that all ports are not polled at the same
instant. For example, if the polling interval is 20 seconds and there are twenty counters, data is collected
successively every second.
Specifying a poll interval of 0 (zero) seconds disables polling.
Example
The following command sets the polling interval to 60 seconds:
configure sflow poll-interval 60
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
370
configure sflow ports sample-rate
configure sflow ports sample-rate
configure sflow ports <portlist> sample-rate <number>
Description
Configures the sFlow per-port sampling rate.
Syntax Description
portlist
Specifies a list of ports.
number
Specifies the fraction (1/number) of packets to be sampled.
Default
The default number is 8192, unless modified by the configure sflow sample-rate command.
Usage Guidelines
This command configures the sampling rate on a particular set of ports, and overrides the system-wide
value set in the configure sflow sample-rate command. The rate is rounded off to the next power
of two, so if 400 is specified, the sample rate is configured as 512. The valid range is 1 to 536870912.
For BlackDiamond 10K only—At the hardware level, the sampling rate for all ports on a slot is the
same. Ports that are configured for fewer samples than other ports on the slot (the number parameter is
larger) still take the same amount of samples at the hardware level as ports configured for more
samples. The excess samples are discarded. This mechanism is displayed in the show sflow
{configuration} command as the sub-sampling factor. For example, if one port is configured for a
sample rate of 1024, and a second port on the same slot is configured for a sample rate of 4096, the
second port’s hardware actually samples one out of 1024 packets, but only saves the information for one
out of four of those samples. In this example, the sub-sampling factor is four.
Configuring a lower number for the sample rate means that more samples will be taken, increasing the
load on the switch. Do not configure the sample rate to a number lower than the default unless you are
sure that the traffic rate on the source is low.
If the rate of samples going to the CPU exceeds a limit, set with the configure sflow max-cpusample-limit command, then the sample rate number will be doubled, effectively reducing the rate by
one-half. Under those conditions, the configured rate may not be the actual rate of sampling. The output
of the show sflow configuration command will display the configured and actual rate of sampling.
Example
The following command sets the sample rate for the ports 4:6 to 4:10 to one packet out of every 16384:
configure sflow ports 4:6-4:10 sample-rate 16384
ExtremeWare XOS 11.1 Command Reference Guide
371
Commands for Status Monitoring and Statistics
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
372
configure sflow sample-rate
configure sflow sample-rate
configure sflow sample-rate <number>
Description
Configures the sFlow default sampling rate.
Syntax Description
number
Specifies the fraction (1/number) of packets to be sampled.
Default
The default number is 8192.
Usage Guidelines
This command configures the default sampling rate. This is the rate that newly enabled sFlow ports will
have their sample rate set to. Changing this rate will not affect currently enabled sFlow ports. The rate
is rounded off to the next power of two, so if 400 is specified, the sample rate is configured as 512. The
valid range is 1 to 536870912.
Configuring a lower number for the sample rate means that more samples will be taken, increasing the
load on the switch. Do not configure the sample rate to a number lower than the default unless you are
sure that the traffic rate on the source is low.
Example
The following command sets the sample rate to one packet out of every 16384:
configure sflow sample-rate 16384
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
373
Commands for Status Monitoring and Statistics
configure sys-health-check interval
configure sys-health-check interval <interval>
Description
Configures the frequency of sending backplane diagnostic packets and the polling interval.
Syntax Description
interval
BlackDiamond 10K switch—Specifies the frequency of sending backplane
diagnostic packets and polling the ASIC counters.
• If backplane diagnostic packets are enabled on a particular slot, the default
value for sending diagnostic packets and polling the ASIC counters is 6
seconds on that slot.
• If only polling occurs (this is the system default), the default value is 60
seconds. The polling interval is interval*10 seconds.
Aspen 8810 switch—Specifies the frequency of sending backplane diagnostic
packets.
• If backplane diagnostic packets are enabled on a particular slot, the default
value for sending diagnostic packets is 5 seconds on that slot.
• If only polling occurs (this is the system default), the default value is
5 seconds. (The polling interval is not a user-configured parameter, and
polling always occurs.)
Default
Depending upon your platform, the following defaults apply:
BlackDiamond 10K switch:
●
If backplane diagnostics packets are enabled on a particular slot, the default for sending packets and
for polling is 6 seconds on that slot.
●
If only polling occurs, the default polling interval is 60 seconds (interval*10 seconds).
Aspen 8810 switch:
●
If backplane diagnostics are enabled on a particular slot, the default for sending packets is 5 seconds
on that slot.
●
The polling interval is always 5 seconds (this is a not a user-configured parameter).
Usage Guidelines
Use this command with the guidance of Extreme Networks Technical Support personnel.
The system health checker tests I/O modules and the backplane by forwarding backplane diagnostic
packets. On the BlackDiamond 10K switch, additional checking for the validity of these packets is
completed by performing a checksum. Use this command to configure the amount of time it takes for
the packets to be forwarded and returned to the MSM.
ExtremeWare XOS 11.1 Command Reference Guide
374
configure sys-health-check interval
To enable backplane diagnostic packets, use the enable sys-health-check slot <slot> command.
With backplane diagnostic packets enabled on a specific slot, the interval option of the configure
sys-health-check interval command specifies the frequency of sending backplane diagnostic
packets. For example, if you specify an interval of 9, backplane diagnostic packets are sent every 9
seconds on only the enabled slot.
NOTE
Extreme Networks does not recommend configuring an interval of less than the default interval. Doing this can cause
excessive CPU utilization.
BlackDiamond 10K Switch Only. If backplane diagnostic packets are disabled, you can use this command
to configure the global polling interval on the switch.
When you enable backplane diagnostic packets with the enable sys-health-check slot <slot>
command, the interval option also specifies the polling frequency on that slot. For example, if you
specify an interval of 9, backplane diagnostic packets are sent and polling occurs every 9 seconds for
only the enabled slot.
You can also use the configure sys-health-check interval command to modify the global polling
interval on the switch. With only polling enabled, the interval option specifies the frequency of polling
on all slots. Therefore, if you configure the interval to 8 seconds, the polling interval is updated to 80
seconds (interval*10 seconds).
If backplane diagnostic packets are enabled on a slot and you modify the polling interval on the switch,
the new interval value takes precedence. For example, if you configure the interval to 7 seconds, the
polling interval is updated to 70 seconds on all slots with backplane diagnostics disabled. On the slot
with backplane diagnostic packets enabled, backplane diagnostic packets are sent and polling occurs
every 7 seconds.
To return to the default of sending diagnostic packets every 6 seconds and the system polling every 60
seconds, specify 6 for the interval.
By default, the system health checker always polls and tracks the ASIC counters that collect correctable
and uncorrectable packet memory errors, checksum errors, and parity errors on a per ASIC basis. You
must enable the backplane diagnostic packets feature to send backplane diagnostic packets.
Aspen 8810 Switch Only. By default, the system health checker always polls the control plane health
between MSMs and I/O modules, monitors memory levels on the I/O module, monitors the health of
the I/O module, and checks the health of applications and processes running on the I/O module. If the
system health checker detects an error, the health checker notifies the MSM.
You must enable the backplane diagnostic packets feature to send backplane diagnostic packets. If you
enable this feature, the system health checker tests the data link for a specific I/O module every 5
seconds by default. The MSM sends and receives diagnostic packets from the I/O module to determine
the state and connectivity. If you disable backplane diagnostics, the system health checker stops sending
backplane diagnostic packets.
ExtremeWare XOS 11.1 Command Reference Guide
375
Commands for Status Monitoring and Statistics
Example
The following examples assume that you enabled backplane diagnostic packets on a specific I/O slot.
On the BlackDiamond 10K switch, the following command configures the backplane diagnostic packet
interval to 8 seconds and the polling interval to 80 seconds:
configure sys-health-check interval 8
On the Aspen 8810 switch, the following command configures the backplane diagnostic packet interval
to 8 seconds:
configure sys-health-check interval 8
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
376
configure sys-recovery-level
configure sys-recovery-level
configure sys-recovery-level [all | none]
Description
Configures a recovery option for instances where an exception occurs in ExtremeWare XOS.
Syntax Description
all
Configures ExtremeWare XOS to log an error into the syslog and either
shutdown or reboot the system after any task exception occurs.
none
Configures the level to no recovery. No action is taken when a task exception
occurs; there is no system shutdown or reboot.
Default
All.
Usage Guidelines
This command is used for system troubleshooting. If the system fails, the switch will automatically
reboot or leave the system in its current state. You must specify one of the following parameters for the
system to respond to software failures:
●
all—The system will reboot or shut down if any task exception occurs.
●
none—No action is taken when a task exception occurs.
The system will always reboot after a task exception when the system recovery level is specified as all.
Example
The following command configures a switch to not take an action when any task exception occurs:
configure sys-recovery-level none
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
377
Commands for Status Monitoring and Statistics
configure syslog add
configure syslog {add} [<ipaddress> | <ipPort>] {vr <vr_name>} [local0 ...
local7] {<severity>}
Description
Configures the remote syslog server host address, and filters messages to be sent to the remote syslog
target.
Syntax Description
ipaddress
Specifies the remote syslog server IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
severity
Specifies a message severity. Severities include critical, error, warning, notice,
info, debug-summary, debug-verbose, and debug-data.
Default
If a severity level is not specified, all messages are sent to the remote syslog server target. If a virtual
router is not specified, VR-Mgmt is used. If UDP port is not specified, 514 is used.
Usage Guidelines
Options for configuring the remote syslog server include:
●
ipaddress—The IP address of the remote syslog server host.
●
ipPort—The UDP port.
●
local0-local7—The syslog facility level for local use.
●
vr_name—The virtual router that can reach the syslog host.
●
severity—Filters the messages sent to the remote syslog server target to have the selected severity or
higher (more critical). Severities include critical, error, warning, notice, info, debug-summary, debugverbose, and debug-data.
The switch log overwrites existing log messages in a wrap-around memory buffer, which may cause
you to lose valuable information once the buffer becomes full. The remote syslog server does not
overwrite log information, and can store messages in non-volatile files (disks, for example).
The enable syslog command must be issued in order for messages to be sent to the remote syslog
server(s). Syslog is disabled by default. A total of four syslog servers can be configured at one time.
When a syslog server is added, it is associated with the filter DefaultFilter. Use the configure log
target filter command to associate a different filter.
The syslog facility level is defined as local0 – local7. The facility level is used to group syslog data.
ExtremeWare XOS 11.1 Command Reference Guide
378
configure syslog add
Example
The following command configures the remote syslog server target with a critical severity:
configure syslog 123.45.67.78 local1 critical
History
This command was first available in ExtremeWare XOS 10.1.
The ipPort parameter was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
379
Commands for Status Monitoring and Statistics
configure syslog delete
configure syslog delete [all | <ipaddress> | <ipPort>] {vr <vr_name>}
{local0 ... local7}
configure syslog delete <host name/ip> {: <udp-port>} [local0 ... local7]
Description
Deletes a remote syslog server address.
Syntax Description
all
Specifies all remote syslog servers.
ipaddress
Specifies the remote syslog server IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
Default
If a virtual router is not specified, VR-Mgmt is used.
If a UDP port number is not specified, 514 is used.
Usage Guidelines
This command is used to delete a remote syslog server target.
Example
The following command deletes the remote syslog server with an IP address of 10.0.0.1:
configure syslog delete 10.0.0.1 local1
History
This command was first available in ExtremeWare XOS 10.1.
The ipPort parameter was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
380
create log filter
create log filter
create log filter <name> {copy <filter name>}
Description
Creates a log filter with the specified name.
Syntax Description
name
Specifies the name of the filter to create.
copy
Specifies that the new filter is to be copied from an existing one.
filter name
Specifies the existing filter to copy.
Default
N/A.
Usage Guidelines
This command creates a filter with the name specified. A filter is a customizable list of events to include
or exclude, and optional parameter values. The list of events can be configured by component or
subcomponent with optional severity, or individual condition, each with optional parameter values. See
the commands configure log filter events and configure log filter events match for
details on how to add items to the filter.
The filter can be associated with one or more targets using the configure log target filter
command to control the messages sent to those targets. The system has one built-in filter named
DefaultFilter, which itself may be customized. Therefore, the create log filter command can be used
if a filter other than DefaultFilter is desired. As its name implies, DefaultFilter initially contains the
default level of logging in which every ExtremeWare XOS component and subcomponent has a preassigned severity level.
If another filter needs to be created that will be similar to an existing filter, use the copy option to
populate the new filter with the configuration of the existing filter. If the copy option is not specified,
the new filter will have no events configured and therefore no incidents will pass through it.
The total number of supported filters, including DefaultFilter, is 20.
Example
The following command creates the filter named fdb2, copying its configuration from the filter
DefaultFilter:
create log filter fdb2 copy DefaultFilter
ExtremeWare XOS 11.1 Command Reference Guide
381
Commands for Status Monitoring and Statistics
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
382
delete log filter
delete log filter
delete log filter [<filter name> | all]
Description
Deletes a log filter with the specified name.
Syntax Description
filter name
Specifies the filter to delete.
all
Specifies that all filters, except DefaultFilter, are to be deleted
Default
N/A.
Usage Guidelines
This command deletes the specified filter, or all filters except for the filter DefaultFilter. The specified
filter must not be associated with a target. To remove that association, associate the target with
DefaultFilter instead of the filter to be deleted, using the following command:
configure log target <target> filter DefaultFilter
Example
The following command deletes the filter named fdb2:
delete log filter fdb2
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
383
Commands for Status Monitoring and Statistics
disable cli-config-logging
disable cli-config-logging
Description
Disables the logging of CLI configuration commands to the switch Syslog.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
Every command is displayed in the log window which allows you to view every command executed on
the switch.
The disable cli-config-logging command discontinues the recording of all switch configuration
changes and their sources that are made using the CLI via Telnet or the local console. After you disable
configuration logging, no further changes are logged to the system log.
To view the status of configuration logging on the switch, use the show management command. The
show management command displays information about the switch including the enable/disable state
for configuration logging.
Example
The following command disables the logging of CLI configuration command to the Syslog:
disable cli-config-logging
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
384
disable log debug-mode
disable log debug-mode
disable log debug-mode
Description
Disables debug mode. The switch stops logging events of severity debug-summary, debug-verbose, and
debug-data.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
This command disables debug mode. Debug mode must be enabled prior to logging debug messages,
which can severely degrade performance. For typical network device monitoring, debug mode should
remain disabled, the default setting. Debug mode should only be enabled when advised by technical
support, or when advanced diagnosis is required. The debug mode setting is saved to FLASH.
The following configuration options require that debug mode be enabled:
●
Including a severity of debug-summary, debug-verbose, or debug-data when configuring filters
●
Target format options process-name, process-id, source-function, and source-line
Example
The following command disables debug mode:
disable log debug-mode
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
385
Commands for Status Monitoring and Statistics
disable log display
disable log display
Description
Disables the sending of messages to the console display.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
If the log display is disabled, log information is no longer written to the serial console.
This command setting is saved to FLASH and determines the initial setting of the console display at
boot up.
You can also use the following command to control logging to different targets:
disable log display
The disable log display command is equivalent to disable log target console-display
command.
Example
The following command disables the log display:
disable log display
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
386
disable log target
disable log target
disable log target [console | memory-buffer | nvram | primary-msm | backupmsm | session | syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>}
[local0 ... local7]]]
Description
Stops sending log messages to the specified target.
Syntax Description
console
Specifies the console display.
memory-buffer
Specifies the switch memory buffer.
nvram
Specifies the switch NVRAM.
primary-msm
Specifies the primary MSM.
backup-msm
Specifies the backup MSM.
session
Specifies the current session (including console display).
syslog
Specifies a syslog target.
all
Specifies all of the remote syslog servers.
ipaddress
Specifies the syslog host name or IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
Default
Enabled, for memory buffer, NVRAM, primary MSM, and backup MSM; all other targets are disabled
by default.
Usage Guidelines
This command stops sending messages to the specified target. By default, the memory buffer, NVRAM,
primary MSM, and backup MSM targets are enabled. Other targets must be enabled before messages
are sent to those targets.
Configuration changes to the session target are in effect only for the duration of the console display or
telnet session, and are not saved in FLASH. Changes to the other targets are saved to FLASH.
Note that the backup-msm target is only active on the primary MSM, and the primary-msm target is only
active on the backup MSM.
You can also use the following command to disable displaying the log on the console:
disable log display
The disable log display command is equivalent to disable log target console-display
command.
ExtremeWare XOS 11.1 Command Reference Guide
387
Commands for Status Monitoring and Statistics
Example
The following command disables log messages to the current session:
disable log target session
History
This command was first available in ExtremeWare XOS 10.1.
The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0.
The ipPort parameter was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
388
disable rmon
disable rmon
disable rmon
Description
Disables the collection of RMON statistics on the switch.
Syntax Description
This command has no arguments or variables.
Default
By default, RMON is disabled. However, even in the disabled state, the switch responds to RMON
queries and sets for alarms and events.
Usage Guidelines
The switch supports four out of nine groups of Ethernet RMON statistics. In a disabled state, the switch
continues to respond to the following two groups:
●
Alarms—The Alarms group provides a versatile, general mechanism for setting threshold and
sampling intervals to generate events on any RMON variable. Both rising and falling thresholds are
supported, and thresholds can be on the absolute value of a variable or its delta value. In addition,
alarm thresholds may be auto calibrated or set manually.
●
Events—The Events group creates entries in an event log and/or sends SNMP traps to the
management workstation. An event is triggered by an RMON alarm. The action taken can be
configured to ignore it, to log the event, to send an SNMP trap to the receivers listed in the trap
receiver table, or to both log and send a trap. The RMON traps are defined in RFC 1757 for rising
and falling thresholds.
To view the status of RMON polling on the switch, use the show management command. The show
management command displays information about the switch including the enable/disable state for
RMON polling.
To view the RMON memory usage statistics for a specific memory type (for example, statistics, events,
logs, history, or alarms) or for all memory types, use the following command:
show rmon memory {detail | <memoryType>}
Example
The following command disables the collection of RMON statistics on the switch:
disable rmon
History
This command was first available in ExtremeWare XOS 11.1.
ExtremeWare XOS 11.1 Command Reference Guide
389
Commands for Status Monitoring and Statistics
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
390
disable sflow
disable sflow
disable sflow
Description
Globally disables sFlow statistical packet sampling.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
This command disables sFlow globally on the switch.
Example
The following command disables sFlow sampling globally:
disable sflow
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
391
Commands for Status Monitoring and Statistics
disable sflow ports
disable sflow ports <portlist>
Description
Disables sFlow statistical packet sampling and statistics gathering on a particular list of ports.
Syntax Description
portlist
Specifies a list of ports.
Default
Disabled.
Usage Guidelines
This command disables sFlow on a particular list of ports. Once sFlow is disabled on a port, sampling
and polling will stops. If sFlow is disabled globally, all sampling and polling stops
Use the following command to disable sFlow globally:
disable sflow
Example
The following command disables sFlow sampling on port 3:1:
disable sflow ports 3:1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
392
disable sys-health-check
disable sys-health-check
disable sys-health-check slot <slot>
Description
Discontinues sending backplane diagnostic packets on the specified slot.
Syntax Description
slot
Specifies the slot to disable sending backplane diagnostic packets.
Default
Polling is enabled, backplane diagnostic packets are disabled.
Depending upon your platform, when disabling backplane diagnostic packets, the following defaults
apply:
●
BlackDiamond 10K switch—By default, the system health checker discontinues sending backplane
diagnostic packets and returns the polling frequency to 60 seconds on the specified slot. Only polling
is enabled.
●
Aspen 8810 switch—By default, the system health checker discontinues sending backplane
diagnostic packets to the specified slot. Only polling is enabled.
Usage Guidelines
When you use this command, backplane diagnostic packets are disabled and no longer sent by the
system health checker.
BlackDiamond 10K Switch Only. If you use this command, in addition to disabling backplane diagnostic
packets, the polling frequency returns to the default of 60 seconds for the specified slot.
If you modify the interval in the configure sys-health-check interval <interval> command,
the polling frequency is interval*10 seconds. For example, if you configured an interval of 7, the
polling frequency is now 70 seconds.
Aspen 8810 Switch Only. If you modify the interval in the configure sys-health-check interval
<interval> command and later disable backplane diagnostics, the configured interval for sending
backplane diagnostic packets remains. The next time you enable backplane diagnostic packets, the
health checker sends backplane diagnostics packets at the configured interval. For example, if you
configure an interval of 8 seconds, the system health checker sends backplane diagnostic packets every
8 seconds.
To return to the "default" interval of 5 seconds, configure the frequency of sending backplane diagnostic
packets to 5 seconds using the following command:
configure sys-health-check interval 5
ExtremeWare XOS 11.1 Command Reference Guide
393
Commands for Status Monitoring and Statistics
Example
On the BlackDiamond 10K switch, the following example assumes that you did not modify the
interval option in the configure sys-health-check interval <interval> command.
The following command disables backplane diagnostic packets on slot 3 and returns the polling
frequency on slot 3 to 60 seconds:
disable sys-health-check slot 3
On the Aspen 8810 switch, the following example assumes that you did not modify the interval
option in the configure sys-health-check interval <interval> command.
The following command disables backplane diagnostics on slot 3, polling is always enabled and occurs
every 5 seconds.
disable sys-health-check slot 3
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
394
disable syslog
disable syslog
disable syslog
Description
Disables logging to all remote syslog server targets.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
Disables logging to all remote syslog server targets, not to the switch targets. This setting is saved in
FLASH, and will be in effect upon boot up.
Example
The following command disables logging to all remote syslog server targets:
disable syslog
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
395
Commands for Status Monitoring and Statistics
enable cli-config-logging
enable cli-config-logging
Description
Enables the logging of CLI configuration commands to the Syslog for auditing purposes.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
ExtremeWare XOS allows you to record all configuration changes and their sources that are made using
the CLI by way of Telnet or the local console. The changes are logged to the system log. Each log entry
includes the user account name that performed the changes and the source IP address of the client (if
Telnet was used). Configuration logging applies only to commands that result in a configuration
change.
To view the status of configuration logging on the switch, use the show management command. The
show management command displays information about the switch including the enable/disable state
for configuration logging.
Example
The following command enables the logging of CLI configuration commands to the Syslog:
enable cli-config-logging
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
396
enable log debug-mode
enable log debug-mode
enable log debug-mode
Description
Enables debug mode. The switch allows debug events included in log filters to be logged.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
This command enables debug mode. Debug mode must be enabled prior to logging debug messages,
which can severely degrade performance. For typical network device monitoring, debug mode should
remain disabled, the default setting. Debug mode should only be enabled when advised by technical
support, or when advanced diagnosis is required. The debug mode setting is saved to FLASH.
The following configuration options require that debug mode be enabled:
●
Including a severity of debug-summary, debug-verbose, or debug-data when configuring filters
●
Target format options process-name, process-id, source-function, and source-line
Example
The following command enables debug mode:
enable log debug-mode
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
397
Commands for Status Monitoring and Statistics
enable log display
enable log display
Description
Enables a running real-time display of log messages on the console display.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
If you enable the log display on a terminal connected to the console port, your settings will remain in
effect even after your console session is ended (unless you explicitly disable the log display).
You configure the messages displayed in the log using the configure log display, or configure log
target console-display commands.
You can also use the following command to control logging to different targets:
enable log display
The enable log display command is equivalent to enable log target console-display
command.
To change the log filter association, severity threshold, or match expression for messages sent to the
console display, use the configure log target console-display command
Example
The following command enables a real-time display of log messages:
enable log display
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
398
enable log target
enable log target
enable log target [console | memory-buffer | nvram | primary-msm | backupmsm | session | syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>}
[local0 ... local7]]]
Description
Starts sending log messages to the specified target.
Syntax Description
console
Specifies the console display.
memory-buffer
Specifies the switch memory buffer.
nvram
Specifies the switch NVRAM.
primary-msm
Specifies the primary MSM.
backup-msm
Specifies the backup MSM.
session
Specifies the current session (including console display).
syslog
Specifies a syslog target.
all
Specifies all of the remote syslog servers.
ipaddress
Specifies the syslog IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
Default
Enabled, for memory buffer and NVRAM; all other targets are disabled by default.
Usage Guidelines
This command starts sending messages to the specified target. By default, the memory-buffer, NVRAM,
primary MSM, and backup MSM targets are enabled. Other targets must be enabled before messages
are sent to those targets.
Configuration changes to the session target are in effect only for the duration of the console display or
Telnet session, and are not saved in FLASH. Others are saved in FLASH.
Note that the backup-msm target is only active on the primary MSM, and the primary-msm target is only
active on the backup MSM.
You can also use the following command to enable displaying the log on the console:
enable log display
The enable log display command is equivalent to the enable log target console-display
command.
ExtremeWare XOS 11.1 Command Reference Guide
399
Commands for Status Monitoring and Statistics
Example
The following command enables log messages on the current session:
enable log target session
History
This command was first available in ExtremeWare XOS 10.1.
The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0.
The ipPort parameter was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
400
enable rmon
enable rmon
enable rmon
Description
Enables the collection of RMON statistics on the switch.
Syntax Description
This command has no arguments or variables.
Default
By default, RMON is disabled. However, even in the disabled state, the switch responds to RMON
queries and sets for alarms and events. By enabling RMON, the switch begins the processes necessary
for collecting switch statistics.
Usage Guidelines
The switch supports four out of nine groups of Ethernet RMON statistics. In an enabled state, the
switch responds to the following four groups:
●
Statistics—The RMON Ethernet Statistics group provides traffic and error statistics showing packets,
bytes, broadcasts, multicasts, and errors on a LAN segment or VLAN.
●
History—The History group provides historical views of network performance by taking periodic
samples of the counters supplied by the Statistics group. The group features user-defined sample
intervals and bucket counters for complete customization of trend analysis.
●
Alarms—The Alarms group provides a versatile, general mechanism for setting threshold and
sampling intervals to generate events on any RMON variable. Both rising and falling thresholds are
supported, and thresholds can be on the absolute value of a variable or its delta value. In addition,
alarm thresholds may be auto calibrated or set manually.
●
Events—The Events group creates entries in an event log and/or sends SNMP traps to the
management workstation. An event is triggered by an RMON alarm. The action taken can be
configured to ignore it, to log the event, to send an SNMP trap to the receivers listed in the trap
receiver table, or to both log and send a trap. The RMON traps are defined in RFC 1757 for rising
and falling thresholds.
The switch also supports the following parameters for configuring the RMON agent, as defined in
RFC 2021:
●
probeCapabilities—If you configure the probeCapabilities object, you can view the RMON MIB
groups supported on at least one interface by the probe.
●
probeSoftwareRev—If you configure the probeSoftwareRev object, you can view the current software
version of the monitored device.
●
probeHardwareRev—If you configure the probeHardwareRev object, you can view the current
hardware version of the monitored device.
ExtremeWare XOS 11.1 Command Reference Guide
401
Commands for Status Monitoring and Statistics
●
probeDateTime—If you configure the probeDateTime object, you can view the current date and time
of the probe.
●
probeResetControl—If you configure the probeResetControl object, you can restart a managed device
that is not running normally. Depending on your configuration, you can do one of the following:
■
Warm boot—A warm boot restarts the device using the current configuration saved in nonvolatile memory.
■
Cold boot—A cold boot causes the device to reset the configuration parameters stored in nonvolatile memory to the factory defaults and then restarts the device using the restored factory
default configuration.
NOTE
You can only use the RMON features of the system if you have an RMON management application and have enabled
RMON on the switch.
RMON requires one probe per LAN segment, and standalone RMON probes have traditionally been
expensive. Therefore, the approach taken by Extreme Networks has been to build an inexpensive
RMON probe into the agent of each system. This allows RMON to be widely deployed around the
network without costing more than traditional network management. The switch accurately maintains
RMON statistics at the maximum line rate of all of its ports.
For example, statistics can be related to individual ports. Also, because a probe must be able to see all
traffic, a stand-alone probe must be attached to a nonsecure port. Implementing RMON in the switch
means that all ports can have security features enabled.
To view the status of RMON polling on the switch, use the show management command. The show
management command displays information about the switch including the enable/disable state for
RMON polling.
To view the RMON memory usage statistics for a specific memory type (for example, statistics, events,
logs, history, or alarms) or for all memory types, use the following command:
show rmon memory {detail | <memoryType>}
Example
The following command enables the collection of RMON statistics on the switch:
enable rmon
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
402
enable sflow
enable sflow
enable sflow
Description
Globally enables sFlow statistical packet sampling.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
This command enables sFlow globally on the switch.
NOTE
On an Aspen 8810 switch, sFlow and mirroring are mutually exclusive. You can enable either sFlow, or mirroring,
but not both.
Example
The following command enables sFlow sampling globally:
enable sflow
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
403
Commands for Status Monitoring and Statistics
enable sflow ports
enable sflow ports <port_list>
Description
Enables sFlow statistical packet sampling on a particular list of ports.
Syntax Description
port_list
Specifies a list of ports.
Default
Disabled.
Usage Guidelines
This command enables sFlow on a particular list of ports. You will also need to enable sFlow globally in
order to gather statistics and send the data to the collector. Once sFlow is enabled globally, and on the
ports of interest, sampling and polling will begin.
Use the following command to enable sFlow globally:
enable sflow
NOTE
On an Aspen 8810 switch, sFlow and mirroring are mutually exclusive. You can enable either sFlow, or mirroring,
but not both.
Example
The following command enables sFlow sampling on the port 3:1:
enable sflow ports 3:1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
404
enable sys-health-check
enable sys-health-check
enable sys-health-check slot <slot>
Description
Enables backplane diagnostic packets on the specified slot.
Syntax Description
slot
Specifies the slot to participate in sending backplane diagnostic packets.
Default
Polling is enabled, backplane diagnostic packets are disabled.
Depending upon your platform, when enabling backplane diagnostic packets, the following defaults
apply:
●
BlackDiamond 10K switch—The system health checker tests the packet path every 6 seconds for the
specified slot.
●
Aspen 8810 switch—The system health checker tests the data link every 5 seconds for the specified
slot.
Usage Guidelines
Configure the system health checker with guidance from Extreme Networks Technical Support
personnel.
The system health checker tests I/O modules and the backplane by sending diagnostic packets. On the
BlackDiamond 10K switch, additional checking for the validity of these packets is completed by
performing a checksum. By isolating faults to a specific module or backplane connection, the system
health checker notifies you of a possible hardware failure.
System health check errors are reported to the syslog. Syslog output includes the slot number where the
problem occurred, the loopback packet ID number, and a notification that the MSM did not receive the
last packet. If you see an error, please contact Extreme Networks Technical Support.
NOTE
Enabling backplane diagnostic packets increases CPU utilization and competes with network traffic for resources.
The system health checker continues to periodically forward test packets to failed components.
To configure the frequency of the backplane diagnostic packets, use the configure sys-health-check
interval command.
BlackDiamond 10K Switch Only. If you enable backplane diagnostic packets on a slot, the polling timer
changes from its current value to the current backplane diagnostic packet interval configured on that
ExtremeWare XOS 11.1 Command Reference Guide
405
Commands for Status Monitoring and Statistics
slot. For example, if the frequency of sending backplane diagnostic packets is 7 seconds, the polling
value is 7 seconds.
Example
The following command enables backplane diagnostic packets on slot 6:
enable sys-health-check slot 6
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
406
enable syslog
enable syslog
enable syslog
Description
Enables logging to all remote syslog host targets.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
To enable remote logging, you must do the following:
●
Configure the syslog host to accept and log messages.
●
Enable remote logging by using the enable syslog command.
●
Configure remote logging by using the configure syslog command.
When you use the enable syslog command, the exporting process of the syslog begins. This command
also determines the initial state of an added remote syslog target.
Example
The following command enables logging to all remote syslog hosts:
enable syslog
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
407
Commands for Status Monitoring and Statistics
show fans
show fans {detail}
Description
Displays the status of the fans in the system.
Syntax Description
detail
The detail option is reserved for future use.
Default
N/A.
Usage Guidelines
Use this command to view detailed information about the health of the fans.
This status information may be useful for your technical support representative if you have a network
problem.
The following fan information is collected by the switch:
●
State—The current state of the power supply. Options are:
■
Empty: There is no fan installed.
■
Failed: The fan failed.
■
Operational: The fan is installed and working normally.
●
NumFan—The number of fans in the fan tray.
●
PartInfo—Information about the fan tray including the:
■
Serial number, a collection of numbers and letters, that make up the serial number of the fan.
■
Part number, a collection of numbers and letters, that make up the part number of the fan.
●
Revision—The revision number of the fan.
●
FailureCode—Specifies the diagnostic failure code of the fan.
●
Odometer—Specifies the power-on date and how long the fan tray has been operating since it first
powered-on.
●
Temperature—Specifies, in celsius, the current temperature of the fan.
●
Fan Name—Specifies the individual state for each fan in a fan tray and its current speed in round
per minutes (rpm).
ExtremeWare XOS 11.1 Command Reference Guide
408
show fans
Example
The following command displays the status of the installed fans. If a fan is not installed, the state of the
fan is Empty.
show fans
The following is sample output from a BlackDiamond 10K switch:
Right(Rear-facing) FanTray 1 information:
State:
Operational
NumFan:
2
PartInfo:
0340F-00046 454301-00-03
Revision:
3.0
FailureCode:
0
Odometer:
555 days 4 hours 45 minutes 16 seconds since Mar-19-2004
Temperature:
34.25 deg C
Upper Fan 1:
Operational at 4380 rpms
Lower Fan 2:
Operational at 4380 rpms
Left(Rear-facing) FanTray 2 information:
State:
Operational
NumFan:
2
PartInfo:
0340F-00047 454301-00.03
FailureCode:
0
Odometer:
11845 days 6 hours 55 minutes 39 seconds since Mar-08-2004
Temperature:
28.93 deg C
Upper Fan 1:
Operational at 4380 rpms
Lower Fan 2:
Operational at 4320 rpms
The following is sample output from an Aspen 8810 switch:
FanTray information
State:
NumFan:
PartInfo:
Revision:
FailureCode:
Odometer:
Temperature:
Upper-Left
Fan-1:
Middle-Left Fan-2:
Lower-Left
Fan-3:
Upper-Center Fan-4:
Center
Fan-5:
Lower-Center Fan-6:
Upper-Right Fan-7:
Middle-Right Fan-8:
Lower-Right Fan-9:
Operational
9
04334-00019 450102-00-03
3.0
0
17 days 7 hours since Oct-07-2004
22.0 deg C
Operational at 3000 RPM
Operational at 2940 RPM
Operational at 2940 RPM
Operational at 3000 RPM
Operational at 2940 RPM
Operational at 2940 RPM
Operational at 2940 RPM
Operational at 2940 RPM
Operational at 2940 RPM
History
This command was first available in an ExtremeWare XOS 10.1.
Information about the location of the fan tray for the BlackDiamond 10K switch (right or left fan tray)
was added to the show fans output in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
409
Commands for Status Monitoring and Statistics
Information about the location of the fan tray for the Aspen 8810 switch (upper-left, middle left, lowerleft, upper-center, center, lower-center, upper-right, middle-right, and lower-right) was added to the
show fans output in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
410
show log
show log
show log {messages [memory-buffer | nvram]} {events {<event-condition> |
<event-component>]} {<severity> {only}} {starting [date <date> time <time>
| date <date> | time <time>]} {ending [date <date> time <time> | date
<date> | time <time>]} {match <regex>} {chronological}
Description
Displays the current log messages.
Syntax Description
messages
Specifies the target location from which to display the log messages.
memory-buffer
Show messages stored in volatile memory (default).
nvram
Show messages stored in NVRAM.
events
Show event messages.
event-condition
Specifies the event condition to display.
event-component
Specifies the event component to display.
severity
Specifies the minimum severity level to display (if the keyword only is
omitted).
only
Specifies that only the specified severity level is to be displayed
starting
Show messages with timestamps equal to or greater than that specified
date
Specifies the date, where date is <month (1-12)> / <day (1-31)> {/ <year
(yyyy)>}.
time
Specifies the time, where time is <hour (0-23)> {: <minute (0-59)> {:
<seconds (0-59)> {. <hundredths>}}}
ending
Show messages with timestamps equal to or less than that specified.
regex
Specifies a regular expression. Only messages that match the regular
expression will be displayed.
chronological
Specifies displaying log messages in ascending chronological order (oldest to
newest).
Default
The following defaults apply:
●
messages—memory buffer
●
event—no restriction (displays user-specified event)
●
severity—none (displays everything stored in the target)
●
starting, ending—if not specified, no timestamp restriction
●
match—no restriction
●
chronological—if not specified, show messages in order from newest to oldest
ExtremeWare XOS 11.1 Command Reference Guide
411
Commands for Status Monitoring and Statistics
Usage Guidelines
Switch configuration and fault information is filtered and saved to target logs, in a memory buffer, and
in NVRAM. Each entry in the log contains the following information:
●
Timestamp—records the month and day of the event, along with the time (hours, minutes, seconds,
and hundredths).
●
Severity Level—indicates the urgency of a condition reported in the log. Table 10 describes the
severity levels assigned to events.
●
Component, Subcomponent, and Condition Name—describes the subsystem in the software that
generates the event. This provides a good indication of where a fault might lie.
●
Message—a description of the event occurrence. If the event was caused by a user, the user name is
also provided.
This command displays the messages stored in either the internal memory buffer or in NVRAM. The
messages shown can be limited by specifying a severity level, a time range, or a match expression.
Messages stored in the target have already been filtered as events occurred, and specifying a severity or
match expression on the show log command can only further limit the messages shown.
If the messages keyword is not present, the messages stored in the memory-buffer target are displayed.
Otherwise, the messages stored in the specified target are displayed.
If the only keyword is present following the severity value, then only the events at that exact severity
are included. Without the only keyword, events at that severity or more urgent are displayed. For
example, severity warning implies critical, error, or warning, whereas severity warning only implies
only warning.
Messages whose timestamps are equal or later than the starting time and are equal or earlier than the
specified ending time will be shown if they also pass the severity requirements and match expression, if
specified.
If a match phrase is specified, the formatted message must match the simple regular expression
specified by match-expression for it to be shown.
A simple regular expression is a string of single characters including the dot character (.), which are
optionally combined with quantifiers and constraints. A dot matches any single character while other
characters match only themselves (case is significant). Quantifiers include the star character (*) that
matches zero or more occurrences of the immediately preceding character or dot. Constraints include
the caret character (^) that matches at the beginning of a message, and the currency character ($) that
matches at the end of a message. Bracket expressions are not supported. There are a number of sources
available on the Internet and in various language references describing the operation of regular
expressions.
If the chronological keyword is specified, messages are shown from oldest to newest; otherwise,
messages are displayed newest to oldest.
Severity Level. The severity levels are critical, error, warning, notice, and info, plus three severity
levels for extended debugging, debug-summary, debug-verbose, and debug-data. In log messages, the
severity levels are shown by four letter abbreviations. The abbreviated forms are:
●
Critical—Crit
●
Error—Erro
●
Warning—Warn
●
Notice—Noti
ExtremeWare XOS 11.1 Command Reference Guide
412
show log
●
Info—Info
●
Debug-Summary—Summ
●
Debug-Verbose—Verb
●
Debug-Data—Data
The three severity levels for extended debugging, debug-summary, debug-verbose, and debug-data,
require that debug mode be enabled (which may cause a performance degradation). See the command
enable log debug-mode on page 397. Table 10 describes the security levels.
Table 10: Severity levels assigned by the switch
Level
Description
Critical
A serious problem has been detected that is compromising the operation of the system
and that the system cannot function as expected unless the situation is remedied. The
switch may need to be reset.
Error
A problem has been detected that is interfering with the normal operation of the
system and that the system is not functioning as expected.
Warning
An abnormal condition, not interfering with the normal operation of the system, has
been detected that may indicate that the system or the network in general may not be
functioning as expected.
Notice
A normal but significant condition has been detected, which signals that the system is
functioning as expected.
Info (Informational)
A normal but potentially interesting condition has been detected, which signals that
the system is functioning as expected and simply provides information or confirmation
about the condition.
Debug-Summary
A condition has been detected that may interest a developer determining the reason
underlying some system behavior.
Debug-Verbose
A condition has been detected that may interest a developer analyzing some system
behavior at a more verbose level than provided by the debug summary information.
Debug-Data
A condition has been detected that may interest a developer inspecting the data
underlying some system behavior.
Log entries remain in the NVRAM log after a switch reboot. Issuing a clear log command does not
remove these static entries. To remove log entries from NVRAM, use the following command:
clear log messages nvram
Example
The following command displays messages with a critical severity:
show log critical
The following command displays messages with warning, error, or critical severity:
show log warning
The following is sample output from this command:
11/12/2004 00:38:10.30 <Warn:dm.Warn> MSM-A: Insufficient Power to power-on Slot-7
11/12/2004 00:38:08.77 <Warn:dm.Warn> MSM-A: Slot-7 being Powered OFF due to insuf
ficient power
ExtremeWare XOS 11.1 Command Reference Guide
413
Commands for Status Monitoring and Statistics
11/12/2004 00:36:23.77 <Warn:dm.Warn> MSM-A: Slot-7 being Powered OFF due to insuf
ficient power
...
A total of 83 log messages were displayed.
The following command displays messages containing the string “slot 2”:
show log match "slot 2"
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
414
show log components
show log components
show log components {<event component>} {version}
Description
Displays the name, description and default severity for all components.
Syntax Description
event component
Specifies the component to display.
version
Specifies the version number of the component.
Default
N/A.
Usage Guidelines
This command displays the name, description, and default severity defined for the specified
components or subcomponents.
Depending on the software version running on your switch or your switch model, additional or
different component information might be displayed.
Example
The following command displays the log components:
show log components
The following is sample output from this command:
Component
------------------aaa
radius
tacacs
acl
cflow
bootp
relay
server
Card
Kern
cli
shell
subagent
cm
file
Title
---------------------------------------------AAA
Radius Events
Tacacs Events
ACL
ClearFlow user log
BOOTP, DHCP Component
BOOTP Relay trace component
DHCP Server subcomponent
User application messages from I/O modules
Kernel messages from I/O modules
Command Line Interface
CLI configuration shell.
CLI application subagent
Configuration Manager
CM file operation events
ExtremeWare XOS 11.1 Command Reference Guide
Threshold
------------Info
Error
Info
Error
Info
Error
Error
Info
Error
Error
Info
Error
Error
Warning
Warning
415
Commands for Status Monitoring and Statistics
sys
dm
card
dosprot
ds
EAPS
SharedPort
EDP
ELRP
Report
epm
depend
mod
msg
upgrade
ESRP
Aware
InPdu
Nbr
OutPdu
State
System
Track
Vlan
fdb
HAL
Card
FDB
IPv4ACL
IPv4Adj
IPv4FIB
IPv4Mc
Mirror
Msg
Port
SM
Sys
VLAN
Kern
log
mcmgr
snoop
vlan
netTool
sntp
nl
dot1x
mac
web
nm
ospf
event
hello
lsa
neighbor
spf
CM system events
Device Manager
Device Manger Card State Machine
dosprot
Directory Services
Ethernet Automatic Protection Switching
EAPS SharedPort Domain
Extreme DIscovery Protocol (EDP)
Warning
Info
Info
Info
Error
Info
Info
Error
Extreme Loop Recognition Protocol
Main EPM functionality
EPM dependency run-time checking
EPM Kernel Loadable module
EPM Message processing
Upgrade procedure
Extreme Standby Router Protocol
Subsystem description
Subsystem description
Subsystem description
Subsystem description
ESRP State Transitions
Subsystem description
Subsystem description
Extreme Standby Router Protocol
fdb module event
Hardware Abstraction Layer
Card Module
Forwarding Database Hardware Driver
IPv4 ACL Module
IPv4 Adjacency Module
IPv4 FIB Module
IPv4 Multicast Module
mirroring subcomponent
Message Component
Port Module
Switch Manager
System Module
Vlan Module
Kernel messages
Log server messages
Subsystem description
Subsystem description
Subsystem description
netTools framework
Sntp client
Network Login
802.1x-based Network Login
MAC-based Network Login
Web-based Network Login
Node Manager
open shortest path first
ospf events
ospf hello
ospf link-state advertisement
ospf neighbor
ospf shortest path first
Warning
Info
Critical
Notice
Info
Info
Error
Info
Info
Info
Info
Warning
Warning
Warning
Debug-Summary
Error
Error
Info
Info
Info
Info
Info
Info
Error
Info
Info
Info
Info
Info
Error
Warning
Info
Error
Error
Error
Warning
Info
Warning
Warning
Warning
Info
Error
Error
Error
Error
Error
Error
ExtremeWare XOS 11.1 Command Reference Guide
416
show log components
pim
cache
debug
hello
mcdbg
msg
nbr
rpm
pm
config
poe
rip
cfg
event
inUpdt
msgs
outUpdt
sys
rmon
alarm
estat
event
history
rtmgr
vlan
sflow
debug
extended
msg
sample
statistics
STP
InBPDU
OutBPDU
System
System
telnetd
tftpd
thttpd
trace
vlan
ack
dbg
err
msgs
VRRP
Advert
System
Pim Protocol Events
PIM cache maintenance.
PIM debug messages
Hello messages
multicast forwarding engine
Trace for pim control packtes
Neighbor creation/deletion etc
RP message exchange.
Policy Manager
Policy file events
Inline-Power
RIP routing
rip configuration
rip events
rip - inbound route updates
rip - socket messages in and out
rip - outbound route updates
rip - exos kernel interface
RMON general info
RMON alarm info
RMON statistics info
RMON event info
RMON history
EXOS route manager
rtmgr vlan interface
Sflow Protocol Events
SFLOW debug messages
SFLOW extended data collection
SFLOW process initializaion related message
SFLOW sample collection related messages
SFLOW port statistics related message
Spanning-Tree Protocol
STP In Bridge Protocol Data Unit
STP Out Bridge Protocol Data Unit
STP System
XOS system related log messages
telnet server
tftp server
thttp server
Debug trace messages
Vlan mgr
vlan ack
Debug information
errors
Messages
Config/State messages
Subsystem description
System/Library messages
Warning
Warning
Notice
Warning
Warning
Notice
Warning
Warning
Error
Info
Notice
Error
Warning
Warning
Warning
Warning
Warning
Warning
Error
Error
Error
Error
Error
Info
Info
Warning
Notice
Notice
Warning
Warning
Warning
Error
Warning
Warning
Error
Info
Info
Info
Info
Warning
Info
Error
Info
Error
Info
Warning
Warning
Warning
A total of 118 component(s) were displayed.
ExtremeWare XOS 11.1 Command Reference Guide
417
Commands for Status Monitoring and Statistics
The following command displays the version number of the VRRP component:
show log components vrrp version
The following is sample output from this command:
Component
------------------VRRP
Advert
System
Title
Version
---------------------------------------------- ------Config/State messages
2.4
Subsystem description
3.1
System/Library messages
3.2
A total of 3 component(s) were displayed.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
418
show log configuration
show log configuration
show log configuration
Description
Displays the log configuration for switch log settings, and for certain targets.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
This command displays the log configuration for all targets. The state of the target, enabled or disabled
is displayed. For the enabled targets, the associated filter, severity, match expression, and format is
displayed. The debug mode state of the switch is also displayed.
Example
The following command displays the configuration of all the log targets and all existing filters:
show log configuration
The following is sample output from this command:
Debug-Mode: Enabled
Log Target
Enabled ?
Filter Name
Match regex
Severity
Format
ion>
Buffer size
:
:
:
:
:
:
memory-buffer
yes
DefaultFilter
Any
Debug-Data (through Critical)
MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit
Log Target
Enabled ?
Filter Name
Match regex
Severity
Format
ion>
:
:
:
:
:
:
Log Target
Enabled ?
: console
: no
: 1000 messages
nvram
yes
DefaultFilter
Any
Warning (through Critical)
MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit
ExtremeWare XOS 11.1 Command Reference Guide
419
Commands for Status Monitoring and Statistics
Filter Name
Match regex
Severity
Format
:
:
:
:
DefaultFilter
Any
Info (through Critical)
MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit
ion>
Log Filter Name: DefaultFilter
I/
E Comp.
Sub-comp.
Condition
- ------- ----------- ----------------------I All
Severity
CEWNISVD
---------------
Log Filter Name: myFilter
I/
E Comp.
Sub-comp.
Condition
- ------- ----------- ----------------------I STP
Severity
CEWNISVD
---------------
Include/Exclude:
Component Unreg:
Severity Values:
Debug Severity :
I - Include, E - Exclude
* - Component/Subcomponent is not currently registered
C - Critical, E - Error, W - Warning, N - Notice, I - Info
S - Debug-Summary, V - Debug-Verbose, D - Debug-Data
+ - Debug Severities, but log debug-mode not enabled
If Match parameters present:
Parameter Flags: S - Source, D - Destination, (as applicable)
I - Ingress, E - Egress, B - BGP
Parameter Types: Port - Physical Port list, Slot - Physical Slot #
MAC - MAC address, IP - IP Address/netmask, Mask - Netmask
VID - Virtual LAN ID (tag), VLAN - Virtual LAN name
L4
- Layer-4 Port #, Num - Number, Str - String
Nbr - Neighbor, Rtr - Routerid, EAPS - EAPS Domain
Proc - Process Name
Strict Match
: Y - every match parameter entered must be present in the event
N - match parameters need not be present in the event
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
420
show log configuration filter
show log configuration filter
show log configuration filter {<filter name>}
Description
Displays the log configuration for the specified filter.
Syntax Description
filter name
Specifies the filter to display.
Default
If no options are specified, the command displays the configuration for all filters.
Usage Guidelines
This command displays the configuration for filters.
Example
The following command displays the configuration for the filter, myFilter:
show log configuration filter myFilter
The following is sample output from this command:
Log Filter Name: myFilter
I/
E Comp.
Sub-comp.
Condition
- ------- ----------- ----------------------I STP
I aaa
Severity
CEWNISVD
----------------------
Include/Exclude:
Component Unreg:
Severity Values:
Debug Severity :
I - Include, E - Exclude
* - Component/Subcomponent is not currently registered
C - Critical, E - Error, W - Warning, N - Notice, I - Info
S - Debug-Summary, V - Debug-Verbose, D - Debug-Data
+ - Debug Severities, but log debug-mode not enabled
If Match parameters present:
Parameter Flags: S - Source, D - Destination, (as applicable)
I - Ingress, E - Egress, B - BGP
Parameter Types: Port - Physical Port list, Slot - Physical Slot #
MAC - MAC address, IP - IP Address/netmask, Mask - Netmask
VID - Virtual LAN ID (tag), VLAN - Virtual LAN name
L4
- Layer-4 Port #, Num - Number, Str - String
Nbr - Neighbor, Rtr - Routerid, EAPS - EAPS Domain
Proc - Process Name
ExtremeWare XOS 11.1 Command Reference Guide
421
Commands for Status Monitoring and Statistics
Strict Match
: Y - every match parameter entered must be present in the event
N - match parameters need not be present in the event
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
422
show log configuration target
show log configuration target
show log configuration target {console | memory-buffer | nvram | primarymsm | backup-msm | session | syslog {<ipaddress> | <ipPort> | vr <vr_name>}
[local0 ... local7]}
Description
Displays the log configuration for the specified target.
Syntax Description
console
Show the log configuration for the console display.
memory-buffer
Show the log configuration for volatile memory.
nvram
Show the log configuration for NVRAM.
primary-msm
Specifies the primary MSM.
backup-msm
Specifies the backup MSM.
session
Show the log configuration for the current session (including console display).
syslog
Show the configuration for the specified syslog target.
ipaddress
Specifies the syslog IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
Default
If no options are specified, the command displays the configuration for the current session and console
display.
If a virtual router is not specified, VR-Mgmt is used.
Usage Guidelines
This command displays the log configuration for the specified target. The associated filter, severity,
match expression, and format is displayed.
Example
The following command displays the log configuration:
show log configuration target
The following is sample output from this command:
Log Target
: memory-buffer
Enabled ?
: yes
Filter Name : DefaultFilter
ExtremeWare XOS 11.1 Command Reference Guide
423
Commands for Status Monitoring and Statistics
Match regex : Any
Severity
: Debug-Data (through Critical)
Format
: MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit
ion>
Buffer size : 1000 messages
Log Target
Enabled ?
Filter Name
Match regex
Severity
Format
ion>
:
:
:
:
:
:
nvram
yes
DefaultFilter
Any
Warning (through Critical)
MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit
Log Target
Enabled ?
Filter Name
Match regex
Severity
Format
ion>
:
:
:
:
:
:
console
no
DefaultFilter
Any
Info (through Critical)
MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit
Log Target
Enabled
Filter Name
Match regex
Severity
:
:
:
:
:
primary-msm
yes
DefaultFilter
Any
Error (through Critical)
Log Target
Enabled
Filter Name
Match regex
Severity
:
:
:
:
:
backup-msm
yes
DefaultFilter
Any
Error (through Critical)
History
This command was first available in ExtremeWare XOS 10.1.
The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0.
The ipPort parameter was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
424
show log counters
show log counters
show log counters {<event condition> | [all | <event component>]} {include
| notified | occurred} {severity <severity> {only}}}
Description
Displays the incident counters for events.
Syntax Description
event condition
Specifies the event condition to display.
all
Specifies that all events are to be displayed.
event component
Specifies that all the events associated with a particular component or
subcomponent should be displayed.
include
Specifies if one or more targets should be included in this event.
notified
Specifies the number of times this event has occurred.
occurred
Specifies the number of times this event has occurred since the last clear or
reboot.
severity
Specifies the minimum severity level of events to display (if the keyword only
is omitted).
only
Specifies that only events of the specified severity level are to be displayed
Default
If severity is not specified, then events of all severity are displayed.
Usage Guidelines
This command displays the incident counters for each event specified. Two incident counters are
displayed. One counter displays the number of times an event has occurred, and the other displays the
number of times that notification for the event was made to the system (an incident record was injected
into the system for further processing). Both incident counters reflect totals accumulated since reboot or
since the counters were cleared using the clear log counters or clear counters command,
regardless of whether it was filtered or not.
The keywords include, notified, and occurred only display events with non-zero counter values for
the corresponding counter.
This command also displays a reference count (the column titled Rf in the output). The reference count
is the number of enabled targets receiving notifications of this event.
See the command show log on page 411 for more information about severity levels.
To get a listing of the event conditions in the system, use the following command:
show log events
ExtremeWare XOS 11.1 Command Reference Guide
425
Commands for Status Monitoring and Statistics
To get a listing of the components present in the system, use the following command:
show log components
Example
The following command displays the event counters for event conditions of severity debug-summary or
greater in the component STP.InBPDU:
show log counters stp.inbpdu severity debug-summary
The following is sample output from this command:
Comp
------STP
STP
STP
SubComp
----------InBPDU
InBPDU
InBPDU
Occurred :
Flags
:
In(cluded):
Notified :
Condition
----------------------Drop
Ign
Mismatch
Severity
Occurred
------------- -------Error
0
Debug-Summary
0
Warning
0
In Notified
-- -------Y
0
N
0
Y
0
# of times this event has occurred since last clear or reboot
(*) Not all applications responded in time with there count values
Set to Y(es) if one or more targets filter includes this event
# of times this event has occurred when 'Included' was Y(es)
The following command displays the event counters for the event condition PDUDrop in the component
STP.InBPDU:
show log counters "STP.InBPDU.Drop"
The following is sample output from this command:
Comp
SubComp
Condition
Severity
Occurred
------- ----------- ----------------------- ------------- -------STP
InBPDU
Drop
Error
0
Occurred :
Flags
:
In(cluded):
Notified :
In Notified
-- -------Y
0
# of times this event has occurred since last clear or reboot
(*) Not all applications responded in time with there count values
Set to Y(es) if one or more targets filter includes this event
# of times this event has occurred when 'Included' was Y(es)
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
426
show log events
show log events
show log events [<event condition> | [all | <event component>] {severity
<severity> {only}}] {details}
Description
Displays information about the individual events (conditions) that can be logged.
Syntax Description
event condition
Specifies the event condition to display.
all
Specifies that all events are to be displayed.
event component
Specifies that all the events associated with a particular component should be
displayed.
severity
Specifies the minimum severity level of events to display (if the keyword only
is omitted).
only
Specifies that only events of the specified severity level are to be displayed.
details
Specifies that detailed information, including the message format and
parameter types, be displayed.
Default
If severity is not specified, then events of all severity are displayed. If detail is not specified, then
summary only information is displayed.
Usage Guidelines
This command displays the mnemonic, message format, severity, and parameter types defined for each
condition in the event set specified.
See the command show log on page 411 for more information about severity levels.
When the detail option is specified, the message format is displayed for the event conditions specified.
The message format parameters are replaced by the value of the parameters when the message is
generated.
To get a listing of the components present in the system, use the following command:
show log components
Example
The following command displays the event conditions of severity debug-summary or greater in the
component STP.InBPDU:
show log events stp.inbpdu severity debug-summary
ExtremeWare XOS 11.1 Command Reference Guide
427
Commands for Status Monitoring and Statistics
The following is sample output from this command:
Comp
------STP
STP
STP
SubComp
----------InBPDU
InBPDU
InBPDU
Condition
----------------------Drop
Ign
Mismatch
Severity
Parameters
------------- ---------Error
2 total
Debug-Summary 2 total
Warning
2 total
The following command displays the details of the event condition PDUTrace in the component
STP.InBPDU:
show log events stp.inbpdu.pdutrace details
The following is sample output from this command:
Comp
SubComp
Condition
Severity
Parameters
------- ----------- ----------------------- ------------- ---------STP
InBPDU
Trace
Debug-Verbose 2 total
0 - string
1 - string (printf)
Port=%0%: %1%
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
428
show memory
show memory
show memory {slot [a | b]}
Description
Displays the current system memory information.
Syntax Description
slot a
Specifies the MSM module installed in slot A.
slot b
Specifies the MSM module installed in slot B.
Default
N/A.
Usage Guidelines
Viewing statistics on a regular basis allows you to see how well your network is performing. If you
keep simple daily records, you will see trends emerging and notice problems arising before they cause
major network faults. This way, statistics can help you get the best out of your network.
This information may be useful for your technical support representative if you experience a problem.
If you issue the command without any parameters, the switch displays information about all of the
MSMs installed in your system.
Depending on the software version running on your switch or your switch model, additional or
different memory information might be displayed.
You can also use the show memory process <name> {slot <slotid>} command to view the system
memory and the memory used by the individual processes.
Reading the Output. The show memory command displays the following information in a tabular format:
●
System memory information (both total and free).
●
Current memory used by the individual processes.
In general, the free memory count for an MSM decreases when one or more processes running on that
MSM experiences an increase in memory usage.
If you observe a continuous decrease in the free memory over an extended period of time, and you
have not altered your switch configuration, please contact Extreme Networks Technical Support.
Example
The following command displays current system memory information:
show memory slot a
ExtremeWare XOS 11.1 Command Reference Guide
429
Commands for Status Monitoring and Statistics
The following is sample output from this command:
System Memory Information
------------------------MSM-A
Total DRAM (KB):
MSM-A
System
(KB):
MSM-A
User
(KB):
MSM-A
Free
(KB):
524288
45912
102264
376112
Memory Utilization Statistics
----------------------------Card Slot Process Name
Memory (KB)
--------------------------------------MSM-A 9
aaa
7772
MSM-A 9
acl
6716
MSM-A 9
bgp
16708
MSM-A 9
cfgmgr
3484
MSM-A 9
cli
33964
MSM-A 9
devmgr
3656
MSM-A 9
dirser
3072
MSM-A 9
eaps
9136
MSM-A 9
edp
4644
MSM-A 9
elrp
4608
MSM-A 9
ems
5832
MSM-A 9
epm
8084
MSM-A 9
esrp
11004
MSM-A 9
etmon
11356
MSM-A 9
exacl
13
MSM-A 9
exosmc
22
MSM-A 9
exosq
29
MSM-A 9
exsflow
8
MSM-A 9
exsnoop
15
MSM-A 9
exvlan
252
MSM-A 9
fdb
8760
MSM-A 9
hal
22624
MSM-A 9
mcmgr
13128
MSM-A 9
msgsrv
2972
MSM-A 9
netLogin
4564
MSM-A 9
netTools
4696
MSM-A 9
nettx
56
MSM-A 9
nodemgr
5388
MSM-A 9
ospf
12476
MSM-A 9
pim
10012
MSM-A 9
polMgr
3272
MSM-A 9
rip
10392
MSM-A 9
rtmgr
9748
MSM-A 9
snmpMaster
6400
MSM-A 9
snmpSubagent
8104
MSM-A 9
stp
6896
MSM-A 9
telnetd
3236
MSM-A 9
tftpd
3080
MSM-A 9
vlan
5816
MSM-A 9
vrrp
6584
ExtremeWare XOS 11.1 Command Reference Guide
430
show memory
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
431
Commands for Status Monitoring and Statistics
show ports rxerrors
show ports {<port_list>} rxerrors
Description
Displays real-time receive error statistics.
Syntax Description
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
If you do not specify a port number or range of ports, receive error statistics are displayed for all ports.
This status information may be useful for your technical support representative if you have a network
problem.
The switch collects the following port receive error information:
●
Port Number
●
Link Status—The current status of the link. Options are:
■
Ready (R): The port is ready to accept a link.
■
Active (A): The link is present at this port.
●
Receive Bad CRC Frames (RX CRC)—The total number of frames received by the port that were of
the correct length, but contained a bad FCS value.
●
Receive Oversize Frames (RX Over)—The total number of good frames received by the port greater
than the supported maximum length of 1,522 bytes.
●
Receive Undersize Frames (RX Under)—The total number of frames received by the port that were
less than 64 bytes long.
●
Receive Fragmented Frames (RX Frag)—The total number of frames received by the port were of
incorrect length and contained a bad FCS value.
●
Receive Jabber Frames (RX Jabber)—The total number of frames received by the port that was of
greater than the support maximum length and had a Cyclic Redundancy Check (CRC) error.
●
Receive Alignment Errors (RX Align)—The total number of frames received by the port that occurs if
a frame has a CRC error and does not contain an integral number of octets.
●
Receive Frames Lost (RX Lost)—The total number of frames received by the port that were lost
because of buffer overflow in the switch.
ExtremeWare XOS 11.1 Command Reference Guide
432
show ports rxerrors
Example
The following command displays receive error statistics for slot 5, ports 4 through 7:
show ports 5:4-5:7 rxerrors
The following is sample output from this command:
Port Rx Error monitor
Port
Link
Rx
Rx
Rx
Rx
Rx
Rx
Rx
State
Crc
Over
Under
Frag
Jabber
Align
Lost
================================================================================
5:4
R
0
0
0
0
0
0
0
5:5
R
0
0
0
0
0
0
0
5:6
R
0
0
0
0
0
0
0
5:7
R
0
0
0
0
0
0
0
================================================================================
Link Status: A-Active R-Ready
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
433
Commands for Status Monitoring and Statistics
show ports statistics
show ports <port_list> statistics
Description
Displays real-time port statistics.
Syntax Description
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
If you do not specify a port number or range of ports, statistics are displayed for all ports.
Jumbo frame statistics are displayed for switches only that are configured for jumbo frame support.
This status information may be useful for your technical support representative if you have a network
problem.
The switch collects the following port statistic information:
●
Port Number
●
Link Status—The current status of the link. Options are:
■
Ready (R): The port is ready to accept a link.
■
Active (A): The link is present at this port.
●
Transmitted Packet Count (Tx Pkt Count)—The number of packets that have been successfully
transmitted by the port.
●
Transmitted Byte Count (Tx Byte Count)—The total number of data bytes successfully transmitted
by the port.
●
Received Packet Count (Rx Pkt Count)—The total number of good packets that have been received
by the port.
●
Received Byte Count (RX Byte Count)—The total number of bytes that were received by the port,
including bad or lost frames. This number includes bytes contained in the Frame Check Sequence
(FCS), but excludes bytes in the preamble.
●
Received Broadcast (RX Bcast)—The total number of frames received by the port that are addressed
to a broadcast address.
●
Received Multicast (RX Mcast)—The total number of frames received by the port that are addressed
to a multicast address.
ExtremeWare XOS 11.1 Command Reference Guide
434
show ports statistics
Example
The following command displays port statistics for slot 5, ports 4 through 7:
show ports 5:4-5:7 statistics
The following is sample output from this command:
Port Statistics
Port
Link
Tx Pkt
Tx Byte
Rx Pkt
Rx Byte
Rx
Rx
Status Count
Count
Count
Count
Bcast
Mcast
========================================================================
5:4
R
0
0
0
0
0
0
5:5
R
0
0
0
0
0
0
5:6
R
0
0
0
0
0
0
5:7
R
0
0
0
0
0
0
================================================================================
Link Status: A-Active R-Ready
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
435
Commands for Status Monitoring and Statistics
show ports txerrors
show ports {<port_list>} txerrors
Description
Displays real-time transmit error statistics.
Syntax Description
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
If you do not specify a port number or range of ports, error statistics are displayed for all ports.
This status information may be useful for your technical support representative if you have a network
problem.
The switch collects the following port transmit error information:
●
Port Number
●
Link Status—The current status of the link. Options are:
■
Ready (R): The port is ready to accept a link.
■
Active (A): The link is present at this port.
●
Transmit Collisions (TX Coll)—The total number of collisions seen by the port, regardless of whether
a device connected to the port participated in any of the collisions.
●
Transmit Late Collisions (TX Late Coll)—The total number of collisions that have occurred after the
port’s transmit window has expired.
●
Transmit Deferred Frames (TX Deferred)—The total number of frames that were transmitted by the
port after the first transmission attempt was deferred by other network traffic.
●
Transmit Errored Frames (TX Error)—The total number of frames that were not completely
transmitted by the port because of network errors (such as late collisions or excessive collisions).
●
Transmit Lost Frames (TX Lost)—The total number of transmit frames that do not get completely
transmitted because of buffer problems (FIFO underflow).
●
Transmit Parity Frames (TX Parity)—The bit summation has a parity mismatch.
Example
The following command displays transmit error statistics for slot 5, ports 4 through 7:
show ports 5:4-5:7 txerrors
ExtremeWare XOS 11.1 Command Reference Guide
436
show ports txerrors
The following is sample output from this command:
Port Configuration
Port
Link
Tx
Tx
Tx
Tx
Tx
Tx
State
Coll
Late coll
Deferred
Errors
Lost
Parity
================================================================================
5:4
R
0
0
0
0
0
0
5:5
R
0
0
0
0
0
0
5:6
R
0
0
0
0
0
0
5:7
R
0
0
0
0
0
0
================================================================================
Link Status: A-Active R-Ready
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
437
Commands for Status Monitoring and Statistics
show rmon memory
show rmon memory {detail | <memoryType>}
Description
Displays RMON specific memory usage and statistics.
Syntax Description
detail
Displays detailed information.
memoryType
Specifies the type of memory usage and statistics to display.
Default
N/A.
Usage Guidelines
If you do not specify the detailed keyword or a enter a specific RMON memory type, the output
contains usage information for all memory types.
Example
The following command displays RMON memory statistics:
show rmon memory
The following is sample output from this command:
RMON Memory Information
---------------------Bytes Allocated: 6616400 AllocFailed: 0
Current Memory Utilization Level: GREEN
Memory Utilization Statistics
----------------------------Size
16
32
48
64
80
96
112
128
144
176
208
256
384
512
768
1024
2048
4096
8192 16384 18432 40960 64000
--------- ------ ------ ------ ------ ------ ------ ------ ------ ------ ------ ----- ------ ------ ------ ----------- ------ ------ ------ ------ ------ ------ -----Used Blocks
807
1510
2130
1
0
0
0
1457
52
0
27132
1
1070
0
266
0
0
0
0
0
0
0
0
rmonEstat
0
0
0
0
0
0
0
0
0
0
0
0
267
0
0
0
0
0
0
0
0
0
0
ExtremeWare XOS 11.1 Command Reference Guide
438
show rmon memory
rmonOwner
804
0
0
0
0
0
0
0
0
0
0
0
rmonHisc
0
0
0
0
0
532
0
0
0
0
0
0
0
rmonHist
0
0
0
27132
0
0
0
0
0
0
0
0
0
rmonAlarm
0
0
0
0
0
5
0
0
0
0
0
0
0
rmonLogDescription
0
0
0
0
0
0
0
0
0
0
0
0
rmonLog
0
1508
0
0
0
0
0
0
0
0
0
0
0
rmonEvent
0
0
0
0
0
0
0
0
0
0
0
0
0
rmonEventDescription
0
1
0
0
0
0
0
0
0
0
0
0
rmonEventCommunity
0
1
0
0
0
0
0
0
0
0
0
0
rmonCommunity
1
0
0
0
0
0
0
0
0
0
0
0
0
rmonDs
0
0
0
0
0
0
0
266
0
0
0
0
0
rmonDbx
0
0
2130
0
0
0
0
0
0
0
0
0
0
rmonOid
0
0
0
0
0
266
0
0
0
0
0
0
0
rmonMdbIndexOid
2
0
0
0
0
0
0
0
0
0
0
0
0
rmonMdbString
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1456
52
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
The following command displays RMON Alarm statistics:
show rmon memory rmonAlarm
The following is sample output from this command:
RMON Memory Information
---------------------Bytes Allocated: 6616080 AllocFailed: 0
Current Memory Utilization Level: GREEN
ExtremeWare XOS 11.1 Command Reference Guide
439
Commands for Status Monitoring and Statistics
Memory Utilization Statistics
----------------------------Memory Statistics for rmonAlarm
-------------------------------Size
16
32
48
64
80
96
112
128
144
176
208
256
384
512
768
1024
2048
4096
8192 16384 18432 40960 64000
--------- ------ ------ ------ ------ ------ ------ ------ ------ ------ ------ ----- ------ ------ ------ ----------- ------ ------ ------ ------ ------ ------ -----Alloced
0
0
0
0
0
0
0
0
0
0
0
0
5
0
0
0
0
0
0
0
0
0
0
AllocedPeak
0
0
0
0
0
0
0
0
0
0
0
0
6
0
0
0
0
0
0
0
0
0
0
AllocSuccess
0
0
0
0
0
0
0
0
0
0
0
0
9
0
0
0
0
0
0
0
0
0
0
FreeSuccess
0
0
0
0
0
0
0
0
0
0
0
0
4
0
0
0
0
0
0
0
0
0
0
AllocFail
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
FreeFail
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
440
show sflow configuration
show sflow configuration
show sflow {configuration}
Description
Displays the current sFlow configuration.
Syntax Description
This command has no arguments or variables
Default
N/A.
Usage Guidelines
This command displays the sFlow configuration of your system.
The following fields are displayed:
●
Global Status—sFlow is globally enabled or disabled
●
Polling interval—How often the hardware is polled for statistics, in seconds
●
Sampling rate—Packets are sampled, on average, once for every rate-number of packets
●
Maximum cpu sample limit—Maximum number of packets per second sampled before sample
throttling takes effect
●
Agent IP—IP address inserted into the sFlow data packets to identify the sFlow switch
●
Collectors—To which IP address and port, and from which virtual router, the sFlow packets are sent
●
Port Status—Enabled or disabled for statistics gathering
●
Port Sample-rate—Shows the sampling rate configured for the port and the actual rate if CPU
throttling has taken effect
●
Port Subsampling factor—See the command configure sflow ports sample-rate for details
Example
To display the sFlow configuration on your system, use the following command:
show sflow
The output from this command is similar to the following:
SFLOW Global Configuration
Global Status: enabled
Polling interval: 20
Sampling rate: 8192
Maximum cpu sample limit: 2000
SFLOW Configured Agent IP: 10.203.2.38 Operational Agent IP: 10.203.2.38
Collectors
ExtremeWare XOS 11.1 Command Reference Guide
441
Commands for Status Monitoring and Statistics
Collector IP 10.201.6.250, Port 6343, VR "VR-Mgmt"
SFLOW Port Configuration
Port
Status
Sample-rate
Subsampling
Config / Actual
factor
1:41
enabled
8192
/ 8192
1
2:40
enabled
1024
/ 1024
1
2:58
enabled
8192
/ 8192
8
2:59
enabled
8192
/ 8192
8
History
This command was first available in an ExtremeWare XOS 11.0.
Platform Availability
This command is available on all available platforms.
ExtremeWare XOS 11.1 Command Reference Guide
442
show sflow statistics
show sflow statistics
show sflow statistics
Description
Displays sFlow statistics.
Syntax Description
This command has no arguments or variables
Default
N/A.
Usage Guidelines
This command displays sFlow statistics for your system.
The following fields are displayed:
●
Received frames—Number of frames received on sFlow enabled ports
●
Sampled Frames—Number of packets that have been sampled by sFlow
●
Transmitted Frames—Number of UDP packets sent to remote collector(s)
●
Broadcast Frames—Number of broadcast frames received on sFlow enabled ports
●
Multicast Frames—Number of multicast frames received on sFlow enabled ports
●
Packet Drops—Number of samples dropped
Example
To display sFlow statistics for your system, use the following command:
show sflow statistics
The output from this command is similar to the following:
SFLOW Statistics
Received frames
Sampled Frames
Transmitted Frames
Broadcast Frames
Multicast Frames
Packet Drops
:
:
:
:
:
:
1159044921
104944
10518
0
1055652
0
History
This command was first available in an ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
443
Commands for Status Monitoring and Statistics
Platform Availability
This command is available on all available platforms.
ExtremeWare XOS 11.1 Command Reference Guide
444
show temperature
show temperature
show temperature
Description
Displays the current temperature of the I/O modules, management modules, and the power supply
controllers.
Syntax Description
This command has no arguments or variables
Default
N/A.
Usage Guidelines
Use this command to display the temperature in Celsius and the current status of the following
installed components in the switch:
●
MSM
●
I/O modules
●
Power controllers
The switch monitors the temperature of each component and generates a warning if the temperature
exceeds the normal operating range. If the temperature exceeds the minimum/maximum limits, the
switch shuts down the overheated module.
You can also view the temperature of the power supplies and fan trays in the switch.
To view the temperature of the powersupplies, use the following command:
show power {<ps_num>} {detail}
To view the temperature of the fan trays, use the following command:
show fans {detail}
Depending on the software version running on your switch or your switch model, additional or
different temperature information might be displayed.
Example
The following command displays the temperature of the system and I/O and management modules:
show temperature
ExtremeWare XOS 11.1 Command Reference Guide
445
Commands for Status Monitoring and Statistics
The following is sample output from this command:
Field Replaceable Units
Temp (C)
Status
-----------------------------------------------Slot-1
: 10G6X
36.37
Normal
Slot-2
: G60X
35.31
Normal
Slot-3
:
Slot-4
:
Slot-5
:
Slot-6
: G60X
34.68
Normal
Slot-7
: G60X
34.31
Normal
Slot-8
:
MSM-A
: MSM-1XL
31.37
Normal
MSM-B
: MSM-1XL
29.75
Normal
PSUCTRL-1 :
PSUCTRL-2 :
29.00
Normal
Temp Range: -10.00 (Min), 0.00-50.00 (Normal), 60.00 (Max)
History
This command was first available in an ExtremeWare XOS 10.1.
Information about the power controller(s), a component status column, and the minimum, normal, and
maximum temperature ranges of the components was added to the show temperature output in
ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
446
show version
show version
show version {detail | process <name> | images {partition <partition>} {msm
<slotid>} }
Description
Displays the hardware serial numbers and versions, and software versions currently running on the
switch, and (if applicable) the modules.
Syntax Description
detail
Specifies display of slot board name and chassis or platform name.
process
Specifies display of all of the processes on the switch.
name
Specifies display of a specific process on the switch.
images
Specifies the display of installed images.
partition
Specifies display of a specific partition (primary or secondary).
slotid
Specifies display of am MSM in a specific slot (A or B).
Default
N/A.
Usage Guidelines
On chassis-based switches, displays the switch serial number and version numbers of MSM modules
and I/O modules.
The following is an example of the type of information displayed when you execute the show version
or show version detail commands:
●
Part Number—A collection of numbers and letters that make up the part number of the switch and
the hardware components.
●
Serial Number—A collection of numbers and letters that make up the serial number of the switch
and the hardware components.
●
Image—The ExtremeWare XOS software version currently running on the switch. If you have two
software images downloaded on the switch, only the currently running ExtremeWare XOS version
information is displayed. The information displayed includes the version number, build number, and
the software build date.
●
BootROM—The BootROM version currently running on the switch.
Depending on the model of your switch and the software running on your switch, different version
information may be displayed.
ExtremeWare XOS 11.1 Command Reference Guide
447
Commands for Status Monitoring and Statistics
If you use the process option, you will see the following information about the processes running on
the switch:
●
Card—The module that is running the process
●
Process Name—The name of the process
●
Version—The version number of the process
●
BuiltBy—The name of the software build manager
●
Link Date—The date the executable was linked
Example
The following command displays the hardware and software versions currently running on the switch:
show version
The following is sample output from this command:
Chassis
Slot-1
Slot-2
Slot-3
Slot-4
Slot-5
Slot-6
Slot-7
Slot-8
Slot-9
Slot-10
MSM-A
MSM-B
PSUCTRL-1
PSUCTRL-2
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
800129-00-01 04224-00008 Rev 1.0
800115-00-02 04314-00005 Rev 2.0 BootROM: 1.0.0.22
800115-00-02 04314-00061 Rev 2.0 BootROM: 1.0.0.22
800112-00-02 04304-00005 Rev 2.0 BootROM: 1.0.0.20
IMG: 11.1.0.14
IMG: 11.1.0.14
IMG: 11.1.0.14
800113-00-03 04284-00010 Rev 3.0 BootROM: 1.0.0.20
800113-00-03 04304-00031 Rev 3.0 BootROM: 1.0.0.22
IMG: 11.1.0.14
IMG: 11.1.0.14
800112-00-02 04304-00005 Rev 2.0 BootROM: 1.0.0.14
IMG: 11.1.0.14
700087-00-03 04254-00033 Rev 3.0 BootROM: 0.0
700087-00-03 04254-00096 Rev 3.0 BootROM: 0.0
IMG:
IMG:
Image
: ExtremeWare XOS version 11.1.0.14 v1110b14 by release-manager
on Fri Sep 17 00:33:41 PDT 2004
BootROM : 1.0.0.14
Using the process option in the show version command produces output similar to the following:
Card Process Name
Version
BuiltBy
Link Date
--------------------------------------------------------------------------MSM-A aaa
3.0.0.2
release-manager Tue Nov 4 16:22:25 PST 2003
MSM-A acl
3.0.0.2
release-manager Tue Nov 4 16:25:57 PST 2003
MSM-A bgp
3.0.0.2
release-manager Tue Nov 4 16:27:22 PST 2003
MSM-A cfgmgr
3.0.0.8
release-manager Tue Nov 4 16:22:09 PST 2003
MSM-A cli
3.0.0.2
release-manager Tue Nov 4 16:22:01 PST 2003
MSM-A devmgr
3.0.0.2
release-manager Tue Nov 4 16:21:41 PST 2003
MSM-A dirser
3.0.0.2
release-manager Tue Nov 4 16:22:38 PST 2003
MSM-A edp
3.0.0.2
release-manager Tue Nov 4 16:25:34 PST 2003
MSM-A ems
3.0.0.2
release-manager Tue Nov 4 16:32:31 PST 2003
MSM-A epm
3.0.0.2
release-manager Tue Nov 4 16:21:30 PST 2003
MSM-A exacl
3.0.0.2
Unknown
Unknown
MSM-A exosmc
3.0.0.2
Unknown
Unknown
MSM-A exosq
3.0.0.2
Unknown
Unknown
MSM-A exsnoop
3.0.0.2
Unknown
Unknown
ExtremeWare XOS 11.1 Command Reference Guide
448
show version
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
MSM-A
exvlan
fdb
hal
mcmgr
msgsrv
netTools
nettx
nodemgr
ospf
pim
polMgr
rip
rtmgr
snmpMaster
snmpSubagent
stp
tftpd
vlan
vrrp
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.2
3.0.0.4
3.0.0.2
3.0.0.2
3.0.0.4
Unknown
release-manager
release-manager
release-manager
release-manager
release-manager
Unknown
release-manager
release-manager
release-manager
release-manager
release-manager
release-manager
release-manager
release-manager
release-manager
release-manager
release-manager
release-manager
Unknown
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Unknown
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Tue Nov
Tue Nov
4
4
4
4
4
16:23:54
16:22:58
16:30:50
16:21:55
16:31:57
PST
PST
PST
PST
PST
2003
2003
2003
2003
2003
4
4
4
4
4
4
4
4
4
4
4
4
16:21:52
16:28:33
16:31:35
16:22:34
16:30:30
16:26:11
16:33:21
16:33:27
16:24:53
16:32:09
16:23:22
16:25:24
PST
PST
PST
PST
PST
PST
PST
PST
PST
PST
PST
PST
2003
2003
2003
2003
2003
2003
2003
2003
2003
2003
2003
2003
If you specify the name option, only the process you select is displayed.
Using the images option in the show version command produces output similar to the following:
BD-10808.3 # show version images
Card Partition
Installation Date
Version
Name
-------------------------------------------------------------------MSM-A primary
Wed Jun 30 22:30:22 UTC 2004 11.0.0.24 bd10K-11.0.0.24.xos
MSM-A primary
Thu Jul 1 03:29:41 UTC 2004 11.0.0.24 bd10K-11.0.0.24-ssh.xmod
MSM-A secondary Tue Jun 29 06:09:26 UTC 2004 11.0.0.23 bd10K-11.0.0.23.xos
MSM-A secondary Tue Jun 29 06:29:14 UTC 2004 11.0.0.23 bd10K-11.0.0.23-ssh.xmod
If you specify the partition option, only images on the specified partition will be shown.
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
449
Commands for Status Monitoring and Statistics
unconfigure log filter
unconfigure log filter <filter name>
Description
Resets the log filter to its default values; removes all filter items.
Syntax Description
filter name
Specifies the log filter to unconfigure.
Default
N/A.
Usage Guidelines
If the filter name specified is DefaultFilter, this command restores the configuration of DefaultFilter back
to its original settings.
If the filter name specified is not DefaultFilter, this command sets the filter to have no events configured
and therefore, no incidents will pass. This is the configuration of a newly created filter that was not
copied from an existing one.
See the delete log filter command for information about deleting a filter.
Example
The following command sets the log filter myFilter to stop passing any events:
unconfigure log filter myFilter
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
450
unconfigure log target format
unconfigure log target format
unconfigure log target [console | memory-buffer | nvram | session | syslog
[all | <ipaddress> | <ipPort> {vr <vr_name>} [local0 ... local7]]] format
Description
Resets the log target format to its default values.
Syntax Description
console
Specifies the console display format.
memory-buffer
Specifies the switch memory buffer format.
nvram
Specifies the switch NVRAM format.
session
Specifies the current session (including console display) format.
syslog
Specifies a syslog target format.
all
Specifies all remote syslog servers.
ipaddress
Specifies the syslog IP address.
ipPort
Specifies the UDP port number for the syslog target.
vr_name
Specifies the virtual router that can reach the server IP address.
local0 ... local7
Specifies the local syslog facility.
format
Specifies that the format for the target will be reset to the default value.
Default
When a target format is unconfigured, it is reset to the default values.
The following defaults apply to console display, memory buffer, NVRAM, and session targets:
●
timestamp—hundredths
●
date—mm-dd-yyyy
●
severity—on
●
event-name—condition
●
host-name—off
●
sequence-number—off
●
process-name—off
●
process-slot—on
●
process-id—off
●
source-line—off
The following defaults apply to syslog targets (per RFC 3164):
●
timestamp—seconds
●
date—mmm-dd
●
severity—on
ExtremeWare XOS 11.1 Command Reference Guide
451
Commands for Status Monitoring and Statistics
●
event-name—none
●
host-name—off
●
sequence-number—off
●
process-name—off
●
process-slot—on
●
process-id—off
●
source-line—off
Usage Guidelines
Use this command to reset the target format to the default format.
Example
The following command sets the log format for the target session (the current session) to the default:
unconfigure log target session format
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
452
unconfigure sflow
unconfigure sflow
unconfigure sflow
Description
Resets all the sFlow values to the default values.
Syntax Description
This command has no arguments or variables
Default
The default values are as follows
●
sFlow agent IP address—0.0.0.0
●
sampling frequency—sample one every 8196 packets
●
polling interval—20 seconds
●
sFlow collector UDP port—6343
●
maximum CPU sample limit—2000 samples per second
Usage Guidelines
This command resets sFlow values to default value, and removes any port configurations, and any
sFlow collectors configured on the switch.
Example
The following command unconfigures sFlow:
unconfigure sflow
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
453
Commands for Status Monitoring and Statistics
unconfigure sflow agent
unconfigure sflow agent
Description
Resets the sFlow agent’s IP address to the default value.
Syntax Description
This command has no arguments or variables.
Default
The default IP address is 0.0.0.0.
Usage Guidelines
This command resets the sFlow agent IP address to its default value.
Example
The following command resets the source IP address to 0.0.0.0 for UDP datagrams sent out by the sFlow
agent:
unconfigure sflow agent
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
454
unconfigure sflow collector
unconfigure sflow collector
unconfigure sflow collector {ipaddress} <ip-address> {port <udp-portnumber>} {vr <vrname>}
Description
Unconfigures the sFlow collector.
Syntax Description
ip-address
Specifies the IP address of the collector to reset.
udp-port-number
Specifies the UDP port.
vrname
Specifies which virtual router.
Default
The following values are the defaults for this command:
●
UDP port number—6343
●
Virtual router—VR-Mgmt (previously called VR-0).
Usage Guidelines
This command allows you to reset the specified sFlow collector parameters to the default values.
Both the commands unconfigure sflow and unconfigure sflow collector will reset the collector
parameters to the default.
Example
The following command removes the collector at IP address 192.168.57.1:
unconfigure sflow collector ipaddress 192.168.57.1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
455
Commands for Status Monitoring and Statistics
unconfigure sflow ports
unconfigure sflow ports <port_list>
Description
Removes the specified ports from the sFlow configuration, and stops sampling them.
Syntax Description
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
This command removes the specified ports from the sFlow configuration, and stops sampling them.
Example
The following command unconfigures sFlow on the ports 2:5-2:7:
unconfigure sflow ports 2:5-2:7
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
456
upload log
upload log
upload log <ipaddress> {vr <vr_name>} <filename> {messages [memory-buffer |
nvram] {events {<event-condition> | <event_component>}}} {<severity>
{only}} {match <regex>} {chronological}
Description
Uploads the current log messages to a TFTP server.
Syntax Description
ipaddress
Specifies the ipaddress of the TFTP server.
vr_name
Specifies the virtual router that can reach the TFTP server.
filename
Specifies the file name for the log stored on the TFTP server.
messages
Specifies the location from which to display the log messages.
memory-buffer
Show messages stored in volatile memory.
nvram
Show messages stored in NVRAM
events
Show event messages.
event-condition
Specifies the event condition to display.
event-component
Specifies the event component to display.
severity
Specifies the minimum severity level to display (if the keyword only is
omitted).
only
Specifies that only the specified severity level is to be displayed.
regex
Specifies a regular expression. Only messages that match the regular
expression will be displayed.
chronological
Specifies uploading log messages in ascending chronological order (oldest to
newest).
Default
The following defaults apply:
●
messages—memory buffer
●
severity—none (displays everything stored in the target)
●
match—no restriction
●
chronological—if not specified, show messages in order from newest to oldest
Usage Guidelines
This command is similar to the show log command, but instead of displaying the log contents on the
command line, this command saves the log to a file on the TFTP server you specify. For more details on
most of the options of this command, see the command show log on page 411.
ExtremeWare XOS 11.1 Command Reference Guide
457
Commands for Status Monitoring and Statistics
Example
The following command uploads messages with a critical severity to the filename switch4critical.log on
TFTP server at 10.31.8.25:
upload log 10.31.8.25 switch4critical.log critical
The following command uploads messages with warning, error, or critical severity to the filename
switch4warn.log on TFTP server at 10.31.8.25:
upload log 10.31.8.25 switch4warn.log warning
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
458
8
VLAN Commands
This chapter describes commands for:
●
Creating and deleting VLANs and performing basic VLAN configuration
●
Defining protocol filters for use with VLANs
●
Creating and deleting VMANs and performing basic VMAN configuration
VLANs can be created according to the following criteria:
●
Physical port—A port-based VLAN consists of a group of one or more ports on the switch. A port
can be a member of only one port-based VLAN, and is by default a member of the VLAN named
“Default.”
●
802.1Q tag—Tagging is most commonly used to create VLANs that span switches.
●
Ethernet, LLC SAP, or LLC/SNAP Ethernet protocol type—Protocol-based VLANs are most often
used in situations where network segments contain hosts running multiple protocols.
●
A combination of these criteria.
ExtremeWare XOS 11.1 Command Reference Guide
459
VLAN Commands
configure protocol add
configure protocol <name> add [etype | llc | snap] <hex> {[etype | llc |
snap] <hex>} ...
Description
Configures a user-defined protocol filter.
Syntax Description
name
Specifies a protocol filter name.
hex
Specifies a four-digit hexadecimal number between 0 and FFFF that
represents:
• The Ethernet protocol type taken from a list maintained by the IEEE.
• The DSAP/SSAP combination created by concatenating a two-digit LLC
Destination SAP (DSAP) and a two-digit LLC Source SAP (SSAP).
• The SNAP-encoded Ethernet protocol type.
Default
N/A.
Usage Guidelines
Supported protocol types include:
●
etype – IEEE Ethertype.
●
llc – LLC Service Advertising Protocol.
●
snap – Ethertype inside an IEEE SNAP packet encapsulation.
A maximum of 15 protocol filters, each containing a maximum of six protocols, can be defined.
The protocol filter must already exist before you can use this command: use the create protocol
command to create the protocol filter.
No more than seven protocols can be active and configured for use.
Example
The following command configures a protocol named Fred by adding protocol type LLC SAP with a
value of FFEF:
configure protocol fred add llc 0xfeff
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
460
configure protocol add
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
461
VLAN Commands
configure protocol delete
configure protocol <name> delete [etype | llc | snap] <hex> {[etype | llc |
snap] <hex>} ...
Description
Deletes the specified protocol type from a protocol filter.
Syntax Description
name
Specifies a protocol filter name.
hex
Specifies a four-digit hexadecimal number between 0 and FFFF that
represents:
• The Ethernet protocol type taken from a list maintained by the IEEE.
• The DSAP/SSAP combination created by concatenating a two-digit LLC
Destination SAP (DSAP) and a two-digit LLC Source SAP (SSAP).
• The SNAP-encoded Ethernet protocol type.
Default
N/A.
Usage Guidelines
Supported protocol types include:
●
etype – IEEE Ethertype.
●
llc – LLC Service Advertising Protocol.
●
snap – Ethertype inside an IEEE SNAP packet encapsulation.
Example
The following command deletes protocol type LLC SAP with a value of FEFF from protocol fred:
configure protocol fred delete llc feff
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
462
configure vlan add ports
configure vlan add ports
configure vlan <vlan_name> add [ports <port_list> | all] {tagged |
untagged} {stpd <stpd_name> {dot1d | emistp | pvst-plus}} {nobroadcast}
Description
Adds one or more ports in a VLAN.
Syntax Description
vlan_name
Specifies a VLAN name.
port_list
Specifies a list of slots and ports. May be in the form 3-5, 2:5, 2:6-2:8.
all
Specifies all ports.
tagged
Specifies the ports should be configured as tagged.
untagged
Specifies the ports should be configured as untagged.
stpd_name
Specifies an STP domain name.
dot1d | emistp | pvst-plus
Specifies the BPDU encapsulation mode for these STP ports.
nobroadcast
Prevents broadcasts, multicasts, and unknowns from being transmitted on
these ports.
NOTE: This option is available only on the BlackDiamond 10K switch.
Default
Untagged.
Usage Guidelines
NOTE
You cannot have both VLANs and VMANs on the same module on the Aspen 8810 switch; each module can have
only VLANs or VMANs (although these can span modules).
The VLAN must already exist before you can add (or delete) ports: use the create vlan command to
create the VLAN.
NOTE
The nobroadcast option is available only on the BlackDiamond 10K switch.
If the VLAN uses 802.1Q tagging, you can specify tagged or untagged port(s). If the VLAN is untagged,
the ports cannot be tagged.
Untagged ports can only be a member of a single VLAN. By default, they are members of the default
VLAN (named Default). In order to add untagged ports to a different VLAN, you must first remove
them from the default VLAN. You do not need to do this to add them to another VLAN as tagged
ExtremeWare XOS 11.1 Command Reference Guide
463
VLAN Commands
ports. if you attempt to add an untagged port to a VLAN prior to removing it from the default VLAN,
you see the following error message:
Error: Protocol conflict when adding untagged port 1:2. Either add this port as
tagged or assign another protocol to this VLAN.
As each port can belong to only one virtual router, ports within one VLAN must all be in the same
virtual router.
NOTE
All ports and VLANs are in VR-Default in the Aspen 8810 switch and cannot be moved.
Refer to Chapter 16 for more information on configuring Spanning Tree Domains.
NOTE
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends
that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may
return an error message.
Example
The following command assigns tagged ports 1:1, 1:2, 1:3, and 1:6 to a VLAN named accounting:
configure vlan accounting add ports 1:1, 1:2, 1:3, 1:6 tagged
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
464
configure vlan delete ports
configure vlan delete ports
configure vlan <vlan_name> delete ports [all | <port_list>]
Description
Deletes one or more ports in a VLAN.
Syntax Description
vlan_name
Specifies a VLAN name.
all
Specifies all ports.
port_list
A list of ports or slots and ports. May be in the form 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
None.
Example
The following command removes ports 1:1, 1:2, 4:3, and 5:6 from a VLAN named accounting:
configure accounting delete port 1:1, 1:2, 4:3, 5:6
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
465
VLAN Commands
configure vlan ipaddress
configure vlan <vlan_name> ipaddress <ipaddress> {<netmask>}
Description
Assigns an IP address and an optional subnet mask to the VLAN.
Syntax Description
vlan_name
Specifies a VLAN name.
ipaddress
Specifies an IP address.
netmask
Specifies a subnet mask in dotted-quad notation (e.g. 255.255.255.0).
Default
N/A.
Usage Guidelines
The VLAN must already exists before you can assign an IP address: use the create vlan command to
create the VLAN.
NOTE
If you plan to use the VLAN as a control VLAN for an EAPS domain, do NOT configure the VLAN with an IP
address.
Example
The following commands are equivalent; both assign an IP address of 10.12.123.1 to a VLAN named
accounting:
configure vlan accounting ipaddress 10.12.123.1/24
configure vlan accounting ipaddress 10.12.123.1 255.255.255.0
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
466
configure vlan name
configure vlan name
configure vlan <vlan_name> name <name>
Description
Renames a previously configured VLAN.
Syntax Description
vlan_name
Specifies the current (old) VLAN name.
name
Specifies a new name for the VLAN.
Default
N/A.
Usage Guidelines
You cannot change the name of the default VLAN “Default.”
NOTE
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends
that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may
return an error message.
Example
The following command renames VLAN vlan1 to engineering:
configure vlan vlan1 name engineering
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
467
VLAN Commands
configure vlan protocol
configure vlan <vlan_name> protocol <protocol_name>
Description
Configures a VLAN to use a specific protocol filter.
Syntax Description
vlan_name
Specifies a VLAN name.
protocol_name
Specifies a protocol filter name. This can be the name of a predefined protocol
filter, or one you have defined.
The following protocol filters are predefined:
• IP
• IPX
• NetBIOS
• DECNet
• IPX_8022
• IPX_SNAP
• AppleTalk
any indicates that this VLAN should act as the default VLAN for its member
ports.
Default
Protocol any.
Usage Guidelines
If the keyword any is specified, all packets that cannot be classified into another protocol-based VLAN
are assigned to this VLAN as the default for its member ports.
Use the configure protocol command to define your own protocol filter.
Example
The following command configures a VLAN named accounting as an IP protocol-based VLAN:
configure accounting protocol ip
History
This command was first available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
468
configure vlan protocol
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
469
VLAN Commands
configure vlan tag
configure vlan <vlan_name> tag <tag>
Description
Assigns a unique 802.1Q tag to the VLAN.
Syntax Description
vlan_name
Specifies a VLAN name.
tag
Specifies a value to use as an 802.1Q tag. The valid range is from 2 to 4095.
Default
The default VLAN uses an 802.1Q tag (and an internal VLANid) of 1.
Usage Guidelines
If any of the ports in the VLAN will use an 802.1Q tag, a tag must be assigned to the VLAN. The valid
range is from 2 to 4095 (tag 1 is assigned to the default VLAN).
The 802.1Q tag will also be used as the internal VLANid by the switch.
You can specify a value that is currently used as an internal VLANid on another VLAN; it will become
the VLANid for the VLAN you specify, and a new VLANid will be automatically assigned to the other
untagged VLAN.
Example
The following command assigns a tag (and internal VLANid) of 120 to a VLAN named accounting:
configure accounting tag 120
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
470
configure vman add ports
configure vman add ports
configure vman <vlan_name> add ports [ all | <port_list> ] {untagged |
tagged | nobroadcast }
Description
Adds one or more ports in a VMAN.
Syntax Description
vlan_name
Specifies a VMAN name.
all
Specifies all ports.
port_list
Specifies a list of slots and ports. May be in the form 3-5, 2:5, 2:6-2:8.
NOTE: On the Aspen 8810 switch, ports on a given slot can be either VLAN
members or VMAN members, but not both.
untagged
Specifies that the ports are untagged.
tagged
Specifies that the ports are tagged.
nobroadcast
Specifies that the ports do not forward broadcast, multicast, or unknown
unicast packets.
NOTE: This option is available only on the BlackDiamond 10K switch.
Default
N/A.
Usage Guidelines
If you do not specify a parameter, the default value is untagged. If you specify the parameter
nobroadcast, the system used the default value of untagged; you cannot add nobroadcast once you
have specified tagged packets.
NOTE
The nobroadcast option is available only on the BlackDiamond 10K switch.
The VMAN tunnel begins at the ingress, or customer access, port and terminates at the egress, or trunk,
port. Traffic flows from the egress trunk port onto the network thereafter without the VMAN tag.
Ensure that all the switch-to-switch ports in the VMAN tunnel are configured as tagged ports.
Configure the VMAN ingress, or customer access, port as an untagged port (although this port does
accept tagged packets). You must configure the VMAN tunnel egress, or trunk, port as an untagged port
so that the VMAN header is stripped from the frame.
NOTE
You must configure the VMAN tunnel egress, or trunk, port as untagged so that the VMAN header is stripped from
the frame.
ExtremeWare XOS 11.1 Command Reference Guide
471
VLAN Commands
The VMAN must already exists before you can add (or delete) ports: use the create vman command to
create the VLAN. VMAN ports can belong to load-sharing groups. If any port in the load-sharing group
is enabled for VMAN, all ports in the group are automatically enabled to handle jumbo size frames.
Also, VMAN is automatically enabled on all ports of the untagged load-sharing group.
The Extreme Networks default Ethernet type for VMAN is 088a8.
NOTE
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends
that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may
return an error message.
Aspen 8810 switch only. You cannot configure VLANs and VMANs on the same module, or slot.
Although VLANs and VMANs can span modules, the cannot co-exist on the same module.
BlackDiamond 10K only. All VMAN ports are automatically enabled for jumbo frames to accommodate
the extra VMAN tag. All ports added to a specified VMAN must be in the same virtual router. For more
information on displaying, configuring, and using virtual routers, see Chapter 9.
Example
The following command assigns ports 1:1, 1:2, 1:3, and 1:6 to a VMAN named accounting:
configure vlan accounting add ports 1:1, 1:2, 1:3, 1:6 tag 100
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
472
configure vman delete ports
configure vman delete ports
configure vman <vlan_name> delete ports [ all | <port_list> ]
Description
Deletes one or more ports in a VMAN.
Syntax Description
vlan_name
Specifies a VMAN name.
all
Specifies all ports.
port_list
Specifies a list of slots and ports. May be in the form 3-5, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
The VMAN must already exist before you can add (or delete) ports: use the create vman command to
create the VLAN.
Example
The following command deletes ports 1:1, 1:2, 1:3, and 1:6 to a VMAN named accounting:
configure vman accounting delete ports 1:1, 1:2, 1:3, 1:6
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
473
VLAN Commands
configure vman ethertype
configure vman ethertype <value>
Description
Configures the Ethernet type for the VMAN header.
Syntax Description
value
Specifies an Ethertype value in the format of 0xffff.
Default
Ethertype value of 0x88a8.
Usage Guidelines
The default VMAN Ethernet type on Extreme devices is 0x88a8.
If your VMAN transits a third-party device (other than an Extreme Networks device), you must
configure the EtherType for the VMAN tag as 8100 for third-party those switches (or as the Ethernet
type that the third-party device uses).
Example
The following command, followed by a switch reboot, changes the Ethertype value to 8100:
configure vman ethertype 0x8100
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
474
configure vman tag
configure vman tag
configure vman <vlan_name> tag <tag>
Description
Assigns a unique 802.1Q tag to the VMAN.
Syntax Description
vlan_name
Specifies a VMAN name.
tag
Specifies a value to use as VMAN tag 802.1Q tag. The valid range is from 2 to
4094.
Default
N/A.
Usage Guidelines
You add a tag value to each VMAN you configure. This is then carried in the 4-byte VMAN header,
which is added to all packets (both tagged and untagged) that arrive on the port you added to the
VMAN.
You can specify a value that is currently used as an internal VLANid on another VLAN; it will become
the VLANid for the VLAN you specify, and a new VLANid will be automatically assigned to the other
untagged VLAN.
Example
The following command assigns a tag of 120 to a VMAN named accounting:
configure vman accounting tag 120
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
475
VLAN Commands
create protocol
create protocol <name>
Description
Creates a user-defined protocol filter.
Syntax Description
name
Specifies a protocol filter name. The protocol filter name can have a maximum
of 31 characters.
Usage Guidelines
Protocol-based VLANs enable you to define packet filters that the switch can use as the matching
criteria to determine if a particular packet belongs to a particular VLAN.
After you create the protocol, you must configure it using the configure protocol command. To
assign it to a VLAN, use the configure vlan <vlan_name> protocol <protocol_name> command.
Example
The following command creates a protocol named fred:
create protocol fred
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
476
create vlan
create vlan
create vlan <vlan_name> {vr <vr-name>}
Description
Creates a named VLAN.
Syntax Description
vlan_name
Specifies a VLAN name (up to 32 characters).
vr
Specifies a virtual router.
vr-name
Specifies in which virtual router to create the VLAN.
NOTE: On the Aspen 8810 switch, all VLANs are created in VR-Default and
cannot be moved.
Default
A VLAN named Default exists on all new or initialized Extreme switches:
●
It initially contains all ports on a new or initialized switch, except for the management port(s), if
there are any.
●
It has an 802.1Q tag of 1.
●
The default VLAN is untagged on all ports.
●
It uses protocol filter any.
A VLAN named Mgmt exists on switches that have management modules or management ports.
●
It initially contains the management port(s) the switch.
●
It is assigned the next available internal VLANid as an 802.1Q tag.
If you do not specify the virtual router, the VLAN is created in the current virtual router.
Usage Guidelines
A newly-created VLAN has no member ports, is untagged, and uses protocol filter any until you
configure it otherwise. Use the various configure vlan commands to configure the VLAN to your
needs.
Internal VLANids are assigned automatically using the next available VLANid starting from the high
end (4095) of the range.
Each VLAN name can be up to 32 standard alphanumeric characters, but must begin with an
alphabetical letter. Quotation marks can be used to enclose a VLAN name that does not begin with an
alphabetical character, or that contains a space, comma, or other special character.
ExtremeWare XOS 11.1 Command Reference Guide
477
VLAN Commands
NOTE
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends
that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may
return an error message.
VLAN names are locally significant. That is, VLAN names used on one switch are only meaningful to
that switch. If another switch is connected to it, the VLAN names have no significance to the other
switch.
If you do not specify a virtual router when you create a VLAN, the system creates that VLAN in the
default virtual router (VR-Default). The management VLAN is always in the management virtual router
(VR-Mgmt).
Once you create virtual routers, ExtremeWare XOS software allows you to designate one of these as the
domain in which all your subsequent configuration commands, including VLAN commands, are
applied. If you create virtual routers, ensure that you are creating the VLANs in the desired virtualrouter domain.
NOTE
The Aspen 8810 switch does not support user-created virtual routers; all user-created VLANs are in VR-Default.
For information on configuring virtual routers, see Chapter 9.
Example
The following command creates a VLAN named accounting on the current virtual router:
create vlan accounting
History
This command was first available in ExtremeWare XOS 10.1.
The virtual router option vr, was added in ExtremeWare XOS 11.0
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
478
create vman
create vman
create vman <vlan_name> {vr <vr_name>}
Description
Creates a VMAN, which allows you to create a "tunnel" through the public network.
Syntax Description
vlan_name
Specifies a VMAN name. Up to 32 characters.
vr
Specifies a virtual router.
vr_name
Specifies the virtual router.
NOTE: On the Aspen 8810 switch, all VMANs are created in VR-Default and
cannot be moved.
Usage Guidelines
VMANs allow you to establish a private path through the public network.
After you create the VMAN, you must configure the VMAN tag plus adding the ports that you want.
NOTE
On the BlackDiamond 10K switch, all VMAN ports are automatically enabled for jumbo frames to accommodate the
added VMAN tag. On the Aspen 8810 switch, you must enable jumbo frames on the switch
If you do not specify the virtual router, the VMAN is created in the current virtual router.
NOTE
You cannot have both VLANs and VMANs on the same module on the Aspen 8810 switch. Although both VLANs and
VMANs can span modules, they cannot co-exist on the same module.
To configure a VMAN, follow these steps:
1 Create the tunnel by creating the VMAN.
2 If you are working on the Aspen 8810 switch, enable jumbo frames.
Use the following command:
enable jumbo-frames ports all
3 Assign a tag value to the VMAN.
Use the following command:
configure vman <vlan_name> tag <tag>
ExtremeWare XOS 11.1 Command Reference Guide
479
VLAN Commands
4 Add the ports in the tunnel to the VMAN.
5 Configure VMAN member ports as tagged on switch-to-switch ports and untagged on the ingress
and egress ports of the tunnel.
Use the following command:
configure vman <vlan_name> add ports [ all | <port_list> ] {untagged | tagged |
nobroadcast }
NOTE
You must configure the VMAN tunnel egress, or trunk, port as untagged so that the VMAN header is stripped from
the frame.
The Extreme Networks default Ethernet type for VMAN is 088a8.
Example
The following command creates a VMAN named fred:
create vman fred
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
480
delete protocol
delete protocol
delete protocol <name>
Description
Deletes a user-defined protocol.
Syntax Description
name
Specifies a protocol name.
Default
N/A.
Usage Guidelines
If you delete a protocol that is in use by a VLAN, the protocol associated with than VLAN will become
none.
Example
The following command deletes a protocol named fred:
delete protocol fred
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
481
VLAN Commands
delete vlan
delete vlan <vlan_name>
Description
Deletes a VLAN.
Syntax Description
vlan_name
Specifies a VLAN name.
Default
N/A.
Usage Guidelines
If you delete a VLAN that has untagged port members and you want those ports to be returned to the
default VLAN, you must add them back explicitly using the configure vlan add ports command.
NOTE
The default VLAN cannot be deleted.
Example
The following command deletes the VLAN accounting:
delete accounting
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
482
delete vman
delete vman
delete vman <vlan_name>
Description
Deletes a previously created VMAN.
Syntax Description
vlan_name
Specifies a VMAN name.
Default
N/A.
Usage Guidelines
None.
Example
The following command deletes the VMAN accounting:
delete vman accounting
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
483
VLAN Commands
disable loopback-mode vlan
disable loopback-mode vlan <vlan_name>
Description
Disallows a VLAN to be placed in the UP state without an external active port. This allows (disallows)
the VLANs routing interface to become active.
Syntax Description
vlan_name
Specifies a VLAN name.
Default
N/A.
Usage Guidelines
Use this command to specify a stable interface as a source interface for routing protocols. This decreases
the possibility of route flapping, which can disrupt connectivity.
Example
The following command disallows the VLAN accounting to be placed in the UP state without an
external active port:
disable loopback-mode vlan accounting
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
484
enable loopback-mode vlan
enable loopback-mode vlan
enable loopback-mode vlan <vlan_name>
Description
Allows a VLAN to be placed in the UP state without an external active port. This allows (disallows) the
VLANs routing interface to become active.
Syntax Description
vlan_name
Specifies a VLAN name.
Default
N/A.
Usage Guidelines
Use this command to specify a stable interface as a source interface for routing protocols. This decreases
the possibility of route flapping, which can disrupt connectivity.
Example
The following command allows the VLAN accounting to be placed in the UP state without an external
active port:
enable loopback-mode vlan accounting
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
485
VLAN Commands
show protocol
show protocol {<name>}
Description
Displays protocol filter definitions.
Syntax Description
name
Specifies a protocol filter name.
Default
Displays all protocol filters.
Usage Guidelines
Displays the defined protocol filter(s) with the types and values of its component protocols.
Example
The following is an example of the show protocol command:
Protocol Name
Type
Value
-----------------------------------------------IP
etype
0x0800
etype
0x0806
ANY
ANY
0xffff
ipx
etype
0x8137
decnet
etype
0x6003
etype
0x6004
netbios
llc
0xf0f0
llc
0xf0f1
ipx_8022
llc
0xe0e0
ipx_snap
snap
0x8137
appletalk
snap
0x809b
snap
0x80f3
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
486
show vlan
show vlan
show vlan {detail |<vlan_name> {stpd}}
Description
Displays information about VLANs.
Syntax Description
detail
Specifies that detailed information should be displayed for each VLAN.
vlan_name
Specifies a VLAN name.
stpd
Specifies that STP domains displays for each VLAN.
Default
Summary information for all VLANs on the device.
Usage Guidelines
Unlike many other VLAN-related commands, the keyword “vlan” is required in all forms of this
command except when requesting information for a specific vlan.
Use the command show vlan to display summary information for all VLANs. It shows various
configuration options as a series of “flags” (see the example below). VLAN and protocol names may be
abbreviated in this display.
Use the command show vlan detail to display detailed information for all VLANs. This displays the
same information as for an individual VLAN, but shows every VLAN, one-by-one. After each VLAN
display you can elect to continue or quit.
Protocol none indicates that this VLAN was configured with a user-defined protocol that has
subsequently been deleted.
NOTE
The Aspen 8810 switch displays the Mgmt VLAN in the VR-Mgmt; it displays all other VLANs in the VR-Default.
Example
The following is an example of the show vlan command on the BlackDiamond 10K switch:
-------------------------------------------------------------------------------Name
VID Protocol Addr
Flags
Proto Ports Virtual
Active router
/Total
-------------------------------------------------------------------------------Default
1
-------------------- ---------T--- ANY
0 /771 VR-Default
ExtremeWare XOS 11.1 Command Reference Guide
487
VLAN Commands
hugheapscontrol 4092 -------------------- ------------C ANY
0 /0
VR-Default
Mgmt
4095 -------------------- ------------- ANY
1 /1
VR-Mgmt
peggy
4094 10.0.0.1
/8
-L----------- ANY
1 /2
VR-Default
santaclara
4091 -------------------- ------------- ANY
0 /1
benton
-------------------------------------------------------------------------------Flags : (C) EAPS Control vlan, (E) ESRP Enabled, (f) IP Forwarding Enabled,
(i) ISIS Enabled, (I) IP Forwarding lpm-routing Enabled, (L) Loopback
Enabled, (m) IPmc Forwarding Enabled,
(n) IP Multinetting Enabled, (N) Network LogIn vlan,
(o) OSPF Enabled, (p) PIM Enabled,
(P) EAPS protected vlan, (r) RIP Enabled, (T) Member of STP Domain,
(v) VRRP Enabled
Total number of Vlan(s) : 5
The following is an example of the show vlan Default command:
VLAN Interface with name Default created by user
Tagging:
802.1Q Tag 1
Priority:
802.1P Priority 0
Virtual router: VR-Default
Primary IP:
10.0.0.1/8
Secondary IPs: 12.0.0.5/8
STPD:
s0(Disabled,Auto-bind)
Protocol:
Match all unfiltered protocols
Loopback:
Disable
NetLogIn:
Enabled
Rate Shape:
Disable
QosProfile:
QP1
Ports:
771.
(Number of active ports=0)
Untag:
3:2,
4:1,
4:2,
5:1,
5:2,
5:3,
5:4,
5:5,
5:6,
5:7,
5:8,
5:9,
5:10,
5:11,
5:12,
5:13,
5:14,
5:15,
5:16,
5:17,
5:18,
5:19,
5:20,
5:21,
5:22,
5:23,
5:24,
5:25,
5:26,
5:27,
5:28,
5:29,
5:30,
5:31,
5:32,
5:33,
5:34,
5:35,
5:36,
5:37,
5:38,
5:39,
5:40,
5:41,
5:42,
5:43,
5:44,
5:45,
5:46,
5:47,
5:48,
5:49,
5:50,
5:51,
5:52,
5:53,
5:54,
5:55,
5:56,
5:57,
5:58,
5:59,
5:60,
5:61,
5:62,
5:63,
5:64,
5:65,
5:66,
5:67,
5:68,
5:69,
5:70,
5:71,
5:72,
5:73,
5:74,
5:75,
5:76,
5:77,
5:78,
5:79,
5:80,
5:81,
5:82,
5:83,
5:84,
5:85,
5:86,
5:87,
5:88,
Flags:
(*) Active, (!) Disabled
(g) Load Sharing port
(b) Port blocked on the vlan,
(a) Authenticated NetLogin port (u) Unauthenticated NetLogin port
NOTE
The number of active ports line displays the number of ports presently in forwarding state on this VLAN.
The output for the show vlan detail command displays the same information for all VLANs
configured on the switch.
ExtremeWare XOS 11.1 Command Reference Guide
488
show vlan
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
489
VLAN Commands
show vman
show vman {<vlan_name> | etherType | detail}
Description
Displays VMAN information including configuration and Ethertype.
Syntax Description
vlan_name
Specifies information is displayed for particular VMAN.
etherType
Specifies that Ethertype information is displayed for each VMAN.
detail
Specifies all information is displayed for each VMAN.
Default
Summary information for all VMANs on the device.
Usage Guidelines
None.
Example
The following is an example of the display from the show vman command:
------------------------------------------------------------------------------Name
VID Protocol Addr
Flags
Proto Ports Virtual
Active router
/Total
------------------------------------------------------------------------------peggy
4092 -------------------- ------------- ANY
0 /0
VR-Default
------------------------------------------------------------------------------Flags : (E) ESRP Slave, (f) IP Forwarding Enabled, (i) ISIS Enabled,
(I) IP Forwarding lpm-routing Enabled, (L) Loopback Enabled,
(m) IPmc Forwarding Enabled, (M) ESRP Master,
(n) IP Multinetting Enabled, (o) OSPF Enabled, (p) PIM Enabled,
(r) RIP Enabled, (T) Member of STP Domain, (v) VRRP Enabled
Total number of Vlan(s) : 3
The following is an example of the display from the show vman <vlan_name> command:
VLAN Interface with name test created by user
Tagging:Untagged (Internal tag 4090)
Priority:
802.1P Priority 0
Virtual router: VR-Default
STPD:
None
Protocol:
Match all unfiltered protocols
Loopback:
Disable
NetLogIn:
Enabled
ExtremeWare XOS 11.1 Command Reference Guide
490
show vman
Rate Shape:
Disable
QosProfile:
QP1
Ports:
2.
(Number of active ports=2)
Flags:
(*) Active, (!) Disabled
(g) Load Sharing port
Untag:
*3:1
Tag:
*3:2
The following is an example of the display from the show vman etherType command:
vMan EtherType: 0x88a8
The display from the show vman detail command shows all the information shown in the show vman
<vlan_name> command, but displays information for all configured VMANs.
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
491
VLAN Commands
unconfigure vlan ipaddress
unconfigure vlan <vlan_name> ipaddress
Description
Removes the IP address of the VLAN.
Syntax Description
vlan_name
Specifies a VLAN name.
Default
N/A.
Usage Guidelines
None.
Example
The following command removes the IP address from the VLAN accounting:
unconfigure vlan accounting ipaddress
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
492
9
Commands for Virtual Routers
This chapter describes commands for:
●
Creating and deleting virtual routers
●
Configuring and managing virtual routers
●
Displaying information about virtual routers
Virtual Routers
ExtremeWare XOS supports virtual routers. This capability allows a single physical switch to be split
into multiple virtual routers. This feature separates the traffic forwarded by a virtual router from the
traffic on a different virtual router. Each virtual router maintains a separate logical forwarding table,
which allows the virtual routers to have overlapping address spaces. Since each virtual router maintains
its own separate routing information, and switch ports can belong to one and only one virtual router,
packets arriving at a port on one virtual router can never be switched to the ports on another. With
multiple virtual routers contained on a single physical switch, some commands in ExtremeWare XOS
now require you to specify to which virtual router the command applies. For example, when you use
the ping command, you must specify from which virtual router the ping packets are generated. Many
commands that deal with switch management use the management virtual router by default.
ExtremeWare XOS 11.1 Command Reference Guide
493
Commands for Virtual Routers
create virtual-router
create virtual-router <vr-name>
Description
Creates a user virtual router.
Syntax Description
vr-name
Specifies the name of the user virtual router.
Default
N/A.
Usage Guidelines
This command creates a new user virtual router. The three default system virtual routers, VR-Mgmt,
VR-Control, and VR-Default always exist and cannot be deleted or renamed.
A virtual router is identified by a name (up to 32 characters long). The name must be unique among the
VLAN and virtual router names on the switch. For backward compatibility, you cannot name a virtual
router VR-0, VR-1, or VR-2, as they were the original names of the system virtual routers. Virtual router
names are case insensitive.
When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created,
and no support for any routing protocols is added.-
Example
The following command creates the virtual router vr-acme:
create virtual-router vr-acme
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
494
configure vr add protocol
configure vr add protocol
configure vr <vr-name> add protocol <protocol-name>
Description
Starts the layer 3 protocol on a virtual router.
Syntax Description
vr-name
Specifies the name of the virtual router.
protocol-name
Specifies the layer 3 protocol.
Default
N/A.
Usage Guidelines
When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created,
and no support for any routing protocols is added. Use this command to start the layer 3 protocol
specified on the virtual router. The choices for protocol-name are:
●
RIP
●
OSPF
●
BGP
●
PIM
You cannot add or delete protocols from the system virtual routers, VR-Mgmt, VR-Control, VR-Default.
Example
The following command starts RIP on the virtual router vr-acme:
configure vr vr-acme add protocol rip
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
495
Commands for Virtual Routers
configure vr add ports
configure vr <vr-name> add ports <portlist>
Description
Assigns a list of ports to the virtual router specified.
Syntax Description
vr-name
Specifies the name of the virtual router.
portlist
Specifies the ports to add to the virtual router.
Default
By default, all ports are assigned to the virtual router, VR-Default.
Usage Guidelines
When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created,
and no support for any routing protocols is added. Use this command to assign ports to a virtual router.
Since all ports are initially assigned to VR-Default, you may need to delete the desired ports first from
the virtual router where they reside, before you add them to the desired virtual router.
Example
The following command adds all the ports on slot 2 to the virtual router vr-acme:
configure vr vr-acme add ports 2:*
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
496
configure vr delete protocol
configure vr delete protocol
configure vr <vr-name> delete protocol <protocol-name>
Description
Stops and removes the layer 3 protocol on a virtual router.
Syntax Description
vr-name
Specifies the name of the virtual router.
protocol-name
Specifies the layer 3 protocol.
Default
N/A.
Usage Guidelines
You cannot add or delete protocols from the system virtual routers, VR-Mgmt, VR-Control, VR-Default.
Example
The following command shutdowns and removes RIP from the virtual router vr-acme:
configure vr vr-acme delete protocol rip
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
497
Commands for Virtual Routers
configure vr delete ports
configure vr <vr-name> delete ports <portlist>
Description
Removes a list of ports from the virtual router specified.
Syntax Description
vr-name
Specifies the name of the virtual router.
portlist
Specifies the ports to remove from the virtual router.
Default
By default, all ports are assigned to the virtual router, VR-Default.
Usage Guidelines
When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created,
and no support for any routing protocols is added. Use this command to remove ports from a virtual
router. Since all ports are initially assigned to VR-Default, you may need to delete the desired ports first
from the virtual router where they reside, before you add them to the desired virtual router.
Example
The following command removes all the ports on slot 2 from the virtual router vr-acme:
configure vr vr-acme delete ports 2:*
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
498
delete virtual-router
delete virtual-router
delete virtual-router <vr-name>
Description
Deletes a virtual router.
Syntax Description
vr-name
Specifies the name of the virtual router.
Default
N/A.
Usage Guidelines
Only user virtual routers can be deleted. When a virtual router gets deleted, all of the VLANs in the
virtual router will be deleted. All of the ports assigned to this virtual router will be deleted and made
available to assign to other virtual routers. Any routing protocol that is running on the virtual router
will be shutdown and deleted gracefully.
Example
The following command creates the virtual router vr-acme:
delete virtual-router vr-acme
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
499
Commands for Virtual Routers
show virtual-router
show virtual-router {<vr-name>}
Description
Displays information about the virtual routers.
Syntax Description
vr-name
Specifies the name of the virtual router.
Default
N/A.
Usage Guidelines
During system boot up, ExtremeWare XOS creates three system virtual routers: VR-Mgmt, VR-Control,
and VR-Default (previous to release 11.0 these virtual routers were named VR-0, VR-1, and VR-2,
respectively). The following defines each system virtual router:
●
The management port on both the primary and backup MSMs and the VLAN mgmt belong to VRMgmt.
●
Internal system operations use VR-Control.
●
The default VLAN belongs to VR-Default.
Beginning with release 11.0, you can create additional virtual routers, called user virtual routers. User
virtual routers are created without any routing protocols, so the protocols must be added. The protocols
on the system virtual routers are predefined and cannot be changed.
The output displays, in tabular format, the:
●
Name of the virtual router
●
Number of VLANs that belong to that virtual router
●
Number of ports that belong to that virtual router
●
Which routing protocols have been added to that virtual router
When you specify a particular virtual router, the output displays:
●
The number of ports
●
A list of ports
●
The protocols configured
●
The name of the process supporting the protocol on that virtual router
ExtremeWare XOS 11.1 Command Reference Guide
500
show virtual-router
Example
The following command displays the virtual router configurations on the switch:
show virtual-router
The following is sample output from this command:
--------------------------------------------------------Virtual Router
Number of
Number of
Flags
Vlans
Ports
--------------------------------------------------------VR-Control
0
0
---VR-Default
4
776
bopr
VR-Mgmt
1
0
-----------------------------------------------------------Flags : Routing protocols configured on the virtual router
(b) BGP, (o) OSPF, (r) RIP, (p) PIM
The following command displays the virtual router helix:
show virtual-router helix
The following is sample output from this command:
Virtual router : helix
No of ports
: 2
Port List
: 3:1-2
Protocols Configured:
Protocol: BGP, Process Name: bgp-4
Protocol: RIP, Process Name: rip-4
History
A command similar to this command was available in ExtremeWare XOS 10.1 (show vr).
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
501
Commands for Virtual Routers
virtual-router
virtual-router {<vr-name>}
Description
Changes the virtual router domain context.
Syntax Description
vr-name
Specifies the name of the virtual router.
Default
N/A.
Usage Guidelines
Use this command to change the virtual router context for subsequent commands. When you issue the
command, the prompt changes to reflect the virtual router domain. Configuration commands for layer 3
routing protocols, creating VLANs, and deleting VLANs apply only to the current virtual router
domain.
Under a virtual router configuration domain, any virtual router commands are applied only to that
virtual router. The virtual router commands consist of all the BGP, OSPF, PIM and RIP commands, and
the commands listed in Table 11.
Table 11: Virtual router commands
[enable | disable] ipforwarding
clear iparp *
clear counters iparp *
configure iparp *
configure iparp [add | delete] *
[enable | disable] iparp *
show iparp *
configure iproute [add | delete] *
show iproute *
show ipstats *
rtlookup
create [vlan | vman] <vlan-name>
[enable | disable] igmp
[enable | disable] igmp snooping
[enable | disable] ipmcforwarding
show igmp
ExtremeWare XOS 11.1 Command Reference Guide
502
virtual-router
show igmp snooping
show igmp group
show igmp snooping cache
* means that other commands are available with these listed.
The virtual router configuration domain simplifies configuration because you do not have to specify the
virtual router for each individual protocol configuration command. The current configuration domain is
indicated in the command line interface (CLI) prompt.
For example, if you wish to configure OSPF for the user virtual router vr-manufacturing, you would
change the virtual router context to that of vr-manufacturing. All the subsequent OSPF commands would
apply to that virtual router, unless the context is changed again.
A virtual router is identified by a name (up to 32 characters long). The name must be unique among the
VLAN and virtual router names on the switch. For backward compatibility, you cannot name a virtual
router VR-0, VR-1, or VR-2. Virtual router names are case insensitive.
When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created,
and no support for any routing protocols is added.
Example
The following command changes the virtual router context to vr-acme:
virtual-router vr-acme
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
503
Commands for Virtual Routers
ExtremeWare XOS 11.1 Command Reference Guide
504
10 FDB Commands
This chapter describes commands for:
●
Configuring FDB entries
●
Displaying FDB entries
●
Configuring and enabling FDB scanning
The switch maintains a database of all media access control (MAC) addresses received on all of its ports.
It uses the information in this database to decide whether a frame should be forwarded or filtered.
Each FDB entry consists of the MAC address of the device, an identifier for the port on which it was
received, and an identifier for the VLAN to which the device belongs. Frames destined for devices that
are not in the FDB are flooded to all members of the VLAN.
The FDB has three types of entries:
●
Dynamic entries—Initially, all entries in the database are dynamic. Entries in the database are
removed (aged-out) if, after a period of time (aging time), the device has not transmitted. This
prevents the database from becoming full of obsolete entries by ensuring that when a device is
removed from the network, its entry is deleted from the database. Dynamic entries are deleted from
the database if the switch is reset or a power off/on cycle occurs.
●
Nonaging entries—If the aging time is set to zero, all aging entries in the database are defined as
static, nonaging entries. This means that they do not age, but they are still deleted if the switch is
reset.
●
Permanent entries—Permanent entries are retained in the database if the switch is reset or a power
off/on cycle occurs. The system administrator must create permanent entries. A permanent entry can
either be a unicast or multicast MAC address. All entries entered through the command line
interface (CLI) are stored as permanent.
Entries are added into the FDB in the following two ways:
●
The switch can learn entries. The system updates its FDB with the source MAC address from a
packet, the VLAN, and the port identifier on which the source packet is received.
●
You can enter and update entries using the CLI.
ExtremeWare XOS 11.1 Command Reference Guide
505
FDB Commands
clear fdb
clear fdb {<mac_addr> | broadcast-mac | ports <port_list> | <vlan_name>}
Description
Clears dynamic FDB entries that match the filter.
Syntax Description
mac_addr
Specifies a MAC address, using colon-separated bytes.
broadcast-mac
Specifies the blackhole entries.
port_list
Specifies one or more ports. May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
vlan_name
Specifies a VLAN name.
Default
Clears all dynamic FDB entries.
Usage Guidelines
This command clears FDB entries based on the specified criteria. When no options are specified, the
command clears all dynamic FDB entries.
Example
The following command clears any FDB entries associated with ports 4:3-4:5:
clear fdb ports 4:3-4:5
The following command clears any FDB entries associated with VLAN corporate:
clear fdb vlan corporate
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
506
configure fdb agingtime
configure fdb agingtime
configure fdb agingtime <seconds>
Description
Configures the FDB aging time for dynamic entries.
Syntax Description
seconds
Specifies the aging time in seconds. Range is 15 through 1,000,000. A value
of 0 indicates that the entry should never be aged out.
Default
300 seconds.
Usage Guidelines
The range is 15 through 1,000,000 seconds.
If the aging time is set to zero, all aging entries in the database are defined as static, nonaging entries.
This means that they do not age out, but non-permanent static entries can be deleted if the switch is
reset.
The software flushes the FDB table once the aging timeout parameter is reached, even if the switch is
running traffic and populating addresses in the FDB table.
Example
The following command sets the FDB aging time to 3,000 seconds:
configure fdb agingtime 3000
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
507
FDB Commands
create fdbentry vlan ports
create fdbentry <mac_addr> vlan <vlan_name> ports <ports>
Description
Creates a permanent static FDB entry, and optionally associates it with an ingress and/or egress QoS
profile.
Syntax Description
mac_addr
Specifies a device MAC address, using colon-separated bytes.
vlan_name
Specifies a VLAN name associated with a MAC address.
ports
Specifies one or more slots and ports associated with the MAC address. May
be in the form 3-5, 2:5, 2:6-2:8.
Default
N/A.
Usage Guidelines
If more than one port number is associated with a permanent MAC entry, packets are multicast to the
multiple destinations.
Permanent entries are retained in the database if the switch is reset or a power off/on cycle occurs. A
permanent static entry can either be a unicast or multicast MAC address. After they have been created,
permanent static entries stay the same as when they were created. If the same MAC address is
encountered on another virtual port that is not included in the permanent MAC entry, it is handled as a
blackhole entry. The static entry is not updated when any of the following take place:
●
A VLAN is deleted.
●
A VLAN identifier (VLANid) is changed.
●
A port mode is changed (tagged/untagged).
●
A port is deleted from a VLAN.
●
A port is disabled.
●
A port enters blocking state.
●
A port goes down (link down).
Permanent static entries are designated by “spm” in the flags field of the show fdb output. You can use
the show fdb permanent command to display permanent FDB entries, including their QoS profile
associations.
ExtremeWare XOS 11.1 Command Reference Guide
508
create fdbentry vlan ports
Example
The following command adds a permanent, static entry to the FDB for MAC address is 00 E0 2B 12 34
56, in VLAN marketing on slot 2, port 4:
create fdbentry 00:E0:2B:12:34:56 vlan marketing port 2:4
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
509
FDB Commands
delete fdbentry
delete fdbentry [<mac_address> [vlan <vlan name>]| broadcast-mac [vlan
<vlan name>]]
Description
Deletes one or all permanent FDB entries.
Syntax Description
mac_address
Specifies a device MAC address, using colon-separated bytes.
vlan
Specifies a VLAN.
vlan_name
Specifies the specific VLAN name.
broadcast-mac
Specifies the broadcast MAC address. May be used as an alternate to the
colon-separated byte form of the address ff:ff:ff:ff:ff:ff.
Default
N/A.
Usage Guidelines
None.
Example
The following example deletes a permanent entry from the FDB:
delete fdbentry 00:E0:2B:12:34:56 vlan marketing
The following example deletes all permanent entry from the FDB:
delete fdbentry all
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
510
show fdb
show fdb
show fdb {<mac_addr> | broadcast-mac | permanent | ports <portlist> | vlan
<vlan_name>}
Description
Displays FDB entries.
Syntax Description
mac_addr
Specifies a MAC address, using colon-separated bytes, for which FDB entries
should be displayed.
broadcast-mac
Specifies the broadcast MAC address. May be used as an alternate to the
colon-separated byte form of the address ff:ff:ff:ff:ff:ff.
permanent
Displays all permanent entries, including the ingress and egress QoS profiles.
portlist
Displays the entries for one or more ports. May be in the form 1, 2, 3-5, 2:5,
2:6-2:8.
vlan_name
Displays the entries for a specific VLAN.
Default
All.
Usage Guidelines
Displays FDB entries as specified, or displays all FDB entries.
The show output displays the following information:
Index
The FDB hash index, in the format <bucket>-<entry>.
Mac
The MAC address that defines the entry.
Vlan
The VLAN for the entry.
Age
The age of the entry, in seconds (does not appear if the keyword permanent is
specified). The age parameter does not display for the backup MSM.
Use
The number of IP FDB entries that use this MAC address as a next hop or last
hop (does not appear if the keyword permanent is specified).
ExtremeWare XOS 11.1 Command Reference Guide
511
FDB Commands
Flags
Flags that define the type of entry:
• B - Egress Blackhole
• b - Ingress Blackhole
• d - Dynamic
• s - Static
• p - Permanent
• m - MAC
• l - lockdown MAC
• M - Mirror
• i - an entry also exists in the IP FDB
• x - an entry also exists in the IPX FDBs
Port List
The ports on which the MAC address has been learned
Example
The following command displays information about all the entries in the FDB:
show fdb
It produces output similar to the following:
Mac
Vlan
Age
Use
Flags
Port List
-----------------------------------------------------------------------------------00:a0:23:12:34:56
peggy(4094)
0000
0000
spm
5:11
Flags : d - Dynamic, s - Static, p - Permanent, m - MAC, i - IP,
x - IPX, l - lockdown MAC, M - Mirror, B - Egress Blackhole,
b - Ingress Blackhole.
Total: 1 Static: 1 Perm: 1 Dyn: 0 Dropped: 0
FDB Aging time: 300
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
512
11 Policy and ACL Commands
This chapter describes commands for:
●
Creating and configuring policies
●
Creating and configuring IP access lists (ACLs)
●
Creating and configuring routing policies
Policies are a generalized category of features that impact forwarding and route forwarding decisions.
Access policies are used primarily for security and quality of service (QoS) purposes.
IP access lists (also referred to as Access Lists or ACLs) consist of IP access rules and are used to perform
packet filtering and forwarding decisions on incoming traffic. Each packet arriving on an ingress port is
compared to the access list in sequential order and is either forwarded to a specified QoS profile or
dropped. Additionally, for the Aspen 8810 only, packets can be metered using ACLs. Using access lists
has no impact on switch performance.
Access lists are typically applied to traffic that crosses layer 3 router boundaries, but it is possible to use
access lists within a layer 2 VLAN. Extreme products are capable of performing this function with no
additional configuration.
Routing policies are used to control the advertisement or recognition of routes from routing protocols,
such as RIP, OSPF, or BGP. Routing policies can be used to ‘hide’ entire networks or to trust only
specific sources for routes or ranges of routes. The capabilities of routing policies are specific to the type
of routing protocol involved, but are sometimes more efficient and easier to implement than access lists.
NOTE
Although ExtremeWare XOS does not prohibit mixing ACL and routing type entries in a policy file, it is strongly
recommended that you do not mix the entries, and you use separate policy files for ACL and routing policies.
ExtremeWare XOS 11.1 Command Reference Guide
513
Policy and ACL Commands
check policy
check
policy
<policy-name>
Description
Checks the syntax of the specified policy.
Syntax Description
policy-name
Specifies the policy to check.
Default
N/A.
Usage Guidelines
Use this command to check the policy syntax before applying it. If any errors are found, the line
number and a description of the syntax error are displayed. A policy that contains syntax errors will not
be applied.
This command can only determine if the syntax of the policy file is correct and can be loaded into the
policy manager database. Since a policy can be used by multiple applications, a particular application
may have additional constraints on allowable policies.
Example
The following example checks the syntax of the policy zone5:
check policy zone5
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
514
check policy attribute
check policy attribute
check
policy
attribute {<attr>}
Description
Displays the syntax of the specified policy attribute.
Syntax Description
attr
Specifies the attribute check.
Default
N/A.
Usage Guidelines
Use this command to check the syntax of policy attributes. The command displays any additional
keywords to use with this attribute, and the types of values expected.
Policy attributes are used in the rule entries that make up a policy file.
Example
The following example checks the syntax of the policy attribute nrli:
check policy attribute nlri
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
515
Policy and ACL Commands
clear access-list counter
clear access-list counter {<countername>} {any | ports <portlist> | vlan
<vlanname>} {ingress}
Description
Clears the specified access list counters.
Syntax Description
countername
Specifies the ACL counter to clear.
any
Specifies the wildcard ACL.
portlist
Specifies to clear the counters on these ports.
vlanname
Specifies to clear the counters on the VLAN.
Default
The default direction is ingress.
Usage Guidelines
Use this command to clear the ACL counters. If you do not specify an interface, or the any option, you
will clear all the counters.
Example
The following example clears all the counters of the ACL on port 2:1:
clear access-list counter port 2:1
The following example clears the counter counter2 of the ACL on port 2:1
clear access-list counter counter2 port 2:1
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
516
clear access-list meter
clear access-list meter
clear access-list meter {<metername>} [any | ports <portlist> | vlan
<vlanname>]
Description
Clears the specified access list meters.
Syntax Description
metername
Specifies the ACL counter to clear.
portlist
Specifies to clear the counters on these ports.
vlanname
Specifies to clear the counters on the VLAN.
Default
N/A.
Usage Guidelines
Use this command to clear the out-of-profile counters associated with the meter configuration.
Example
The following example clears all the out-of-profile counters for the meters of the ACL on port 2:1:
clear access-list meter port 2:1
The following example clears the out-of-profile counters for the meter meter2 of the ACL on port 2:1
clear access-list meter meter2 port 2:1
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
517
Policy and ACL Commands
configure access-list
configure access-list <aclname> [any | ports <portlist> | vlan <vlanname>]
{ingress}
Description
Configures an access list to the specified interface.
Syntax Description
aclname
Specifies the ACL name. The name can be from 1-32 characters long.
portlist
Specifies the ports on which this ACL is applied.
vlanname
Specifies the VLAN on which this ACL is applied.
Default
The default direction is ingress.
Usage Guidelines
The access list applied in this command is contained in a text file created either externally to the switch
or using the edit policy command. The file is transferred to the switch using TFTP before it is applied
to the ports. The ACL name is the file name without its “.pol” extension. For example, the ACL
blocknetfour would be in the file blocknetfour.pol. For more information on policy files, see the
ExtremeWare XOS Concepts Guide.
Specifying the keyword any applies the ACL to all the ports, and is referred to as the wildcard ACL.
This ACL is evaluated for ports without a specific ACL applied to it, and is also applied to packets that
do not match the ACL applied to the interface.
Example
The following command configures the ACL test to port 1:2 at ingress:
configure access-list test ports 1:2
The following command configures the ACL mydefault as the wildcard ACL:
configure access-list mydefault any
History
This command was available in ExtremeWare XOS 10.1.
The VLAN option was first available in ExtremeWare XOS 11.0
ExtremeWare XOS 11.1 Command Reference Guide
518
configure access-list
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
519
Policy and ACL Commands
configure meter
configure meter <metername> {max-burst-size <burst-size> [Gb | Kb | Mb]}
{committed-rate <cir-rate> [Gbps | Mbps | Kbps]} {out-actions [drop | setdrop-precedence {dscp [none | <dscp-value>]}}
Description
Configures an ACL meter.
Syntax Description
metername
Specifies the ACL meter name.
max-burst-size
Specifies the maximum burst size.
committed-rate
Specifies the committed rate.
out-actions
Specifies actions to take if traffic exceeds the profile.
drop
Specifies to drop out of profile traffic.
set-drop-precedence
Specifies to mark packet for high drop precedence.
dscp
Specifies to set DSCP.
none
Specifies to leave the DSCP value unchanged.
Default
By default, a newly committed meter has no maximum burst size, no committed rate, and a default
action of drop.
Usage Guidelines
The ACL meter configured with this command will be associated with an ACL by specifying the meter
name in the action modifier field of the ACL entry. The deny keyword should not be an action for the
ACL, or the packet will be dropped regardless of the metering state.
The committed-rate keyword specifies the traffic rate allowed for this meter. The committed traffic rate
may be specified in Kbps, Mbps, or Gbps. The committed-rate parameter range is 64Kbps to 1 Gbps
for GE ports and 1 Mbps to 10 Gbps for 10GE ports. The max-burst-size keyword specifies the
maximum number of consecutive bits that are allowed to be in-profile at wire-speed. The burst-size
parameter may be specified in Kb, Mb, or Gb. The specified burst-size will be rounded down to the
nearest supported size. For GE ports, the burst sizes are rounded down to the nearest 32Kb, 64Kb,
128Kb, 256Kb, 512Kb, 1Mb, 2Mb, 4Mb, and additionally 8Mb, 16Mb, 32Mb, 64Mb, 128Mb, 256Mb,
512Mb, or 1Gb for 10 GE ports.
The keyword out-actions specifies the action that is taken when a packet is out-of-profile. The
supported actions include dropping the packet, marking the drop precedence for the packet, or setting
the DSCP value in the packet. The keyword drop indicates that any out-of-profile packet is immediately
dropped. The keyword set-drop-precedence marks out-of-profile packets with high drop precedence.
If the optional keyword set-dscp is specified, the DSCP value, as specified by the parameter dscpvalue, is written into the out-of-profile packet. Setting the DSCP value to none leaves the DSCP value in
the packet unchanged.
ExtremeWare XOS 11.1 Command Reference Guide
520
configure meter
Example
The following command configures the ACL meter maximum_bandwidth, assigns it a rate of 10 Mbps,
and sets the out of profile action to drop:
configure meter maximum_bandwidth committed-rate 10 Mbps out-action drop
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
521
Policy and ACL Commands
create meter
create meter <metername>
Description
Creates an ACL meter to limit the rate of packet flow associated with an ACL rule.
Syntax Description
metername
Specifies the ACL meter name.
Default
N/A.
Usage Guidelines
The ACL meter created with this command will be associated with an ACL by specifying the meter
name in the action modifier field of the ACL entry. The deny keyword should not be an action for the
ACL, or the packet will be dropped regardless of the metering state.
Example
The following command creates the ACL meter maximum_bandwidth:
create meter maximum_bandwidth
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
522
delete meter
delete meter
delete meter <metername>
Description
Deletes an ACL meter.
Syntax Description
metername
Specifies the ACL meter name.
Default
N/A.
Usage Guidelines
None.
Example
The following command deletes the ACL meter maxbw:
delete meter maxbw
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
523
Policy and ACL Commands
disable access-list refresh blackhole
disable access-list refresh blackhole
Description
Disables blackholing of packets during ACL refresh.
Syntax Description
This command has no arguments or variables.
Default
The feature is enabled.
Usage Guidelines
When access control lists (ACLs) are refreshed, this feature provides that any packets arriving during
the refresh will be blackholed. As the ACL is being refreshed, packets may arrive while the ACL is in an
indeterminate state, and packets may be permitted that otherwise are dropped. This feature protects the
switch during an ACL refresh.
If you disable this feature, you may get unexpected results as the ACL is refreshed.
To enable this feature, use the following command:
enable access-list refresh blackhole
Example
The following command disables dropping of packets during an ACL refresh:
disable access-list refresh blackhole
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
524
edit policy
edit policy
edit policy <filename>
Description
Edits a policy text file.
Syntax Description
filename
Specifies the filename of the policy text file.
Default
N/A.
Usage Guidelines
This command edits policy text files that are on the switch. All policy files use “.pol” as the filename
extension, so to edit the text file for the policy boundary use boundary.pol as the filename. If you
specify the name of a file that does not exist, you will be informed and the file will be created.
This command spawns a VI-like editor to edit the named file. For information on using VI, if you are
not familiar with it, do a web search for “VI editor basic information”, and you should find many
resources. The following is only a short introduction to the editor.
Edit operates in one of two modes; command and input. When a file first opens, you are in the
command mode. To write in the file, use the keyboard arrow keys to position your cursor within the
file, then press one of the following keys to enter input mode:
●
i - To insert text ahead of the initial cursor position
●
a- To append text after the initial cursor position
To escape the input mode and return to the command mode, press the Escape key.
There are several commands that can be used from the command mode. The following are the most
commonly used:
●
dd - To delete the current line
●
yy - To copy the current line
●
p - To paste the line copied
●
:w - To write (save) the file
●
:q - To quit the file if no changes were made
●
:q! - To forcefully quit the file without saving changes
●
:wq - To write and quit the file
Refresh Policy. After you have edited the text file for a policy you will need to refresh the policy. When
you refresh the policy, the text file is read, the syntax is checked, the policy information is added to the
ExtremeWare XOS 11.1 Command Reference Guide
525
Policy and ACL Commands
policy manager database, and the policy then takes effect. Use the following command to refresh a
policy:
refresh policy <policy-name>
If you just want to check to be sure the policy contains no syntax errors, use the following command:
check policy <policy-name>
Example
The following command allows you to begin editing the text file for the policy boundary:
edit policy boundary.pol
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
526
enable access-list refresh blackhole
enable access-list refresh blackhole
enable access-list refresh blackhole
Description
Enables blackholing of packets during ACL refresh.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
When access control lists (ACLs) are refreshed, this command provides that any packets arriving during
the refresh will be blackholed. As the ACL is being refreshed, packets may arrive while the ACL is in an
indeterminate state, and packets may be permitted that otherwise are dropped. This feature protects the
switch during an ACL refresh. To disable this feature, use the following command:
disable access-list refresh blackhole
Example
The following command enables dropping of packets during an ACL refresh:
enable access-list refresh blackhole
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
527
Policy and ACL Commands
refresh policy
refresh policy <policy-name>
Description
Refreshes the specified policy.
Syntax Description
policy-name
Specifies the policy to refresh.
Default
N/A.
Usage Guidelines
Use this command when a new policy file has been downloaded to the switch, or when an existing
policy has been edited. This command reprocesses the text file and updates the policy database.
For an ACL policy, the command is rejected if there is a configuration error or hardware resources are
not available.
Example
The following example refreshes the policy zone5:
refresh policy zone5
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
528
show access-list
show access-list
show access-list
Description
Displays all the interfaces configured with an ACL.
Syntax Description
There are no arguments or variables for this command.
Default
N/A.
Usage Guidelines
The ACL with the port and VLAN displayed as an asterisk (*) is the wildcard ACL.
Example
The following command displays the all the interfaces configured with an ACL:
show access-list
The output from this command is similar to:
Vlan Name
Port
Policy Name
Dir
Num Rules
================================================================
*
3:6
TCP_flag
ingress 3
*
3:8
qos_hongkong
ingress 3
*
2:1
tc_2.4
ingress 4
*
2:7
tcp
ingress 1
v1
*
tcp
ingress 1
*
*
firewall1
ingress 2
History
This command was available in ExtremeWare XOS 10.1.
The <aclname> option was removed in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
529
Policy and ACL Commands
show access-list configuration
show access-list configuration
Description
Displays the ACL configuration. Currently only the state of refresh blackhole is displayed.
Syntax Description
There are no arguments or variables for this command.
Default
N/A.
Usage Guidelines
This command displays the state of the ACL refresh blackhole, set by the enable access-list
refresh blackhole command.
Example
The following command displays state of the ACL configuration:
show access-list configuration
The output from this command is similar to:
Access-list Refresh Blackhole: Enabled
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
530
show access-list counter
show access-list counter
show access-list counter {<countername>} {any | ports <portlist> | vlan
<vlanname>} {ingress}
Description
Displays the specified access list counters.
Syntax Description
countername
Specifies the ACL counter to display.
portlist
Specifies to display the counters on these ports.
vlanname
Specifies to display the counters on the VLAN.
Default
The default direction is ingress.
Usage Guidelines
Use this command to display the ACL counters.
Example
The following example displays all the counters for all ACLs:
show access-list counter
The output of this command is similar to the following:
Policy Name
Vlan Name
Port
Direction
Counter Name
Packet Count
Byte Count
=====================================================================
firewall1
*
*
ingress
DENY_SYN
0
0
PERMIT_SYN_ACK
1228300404
1920048848
tc_2.4
*
2:1
ingress
arp192
3
204
denyAll
0
0
destIp
0
0
destIp2
0
0
tcp
*
2:7
ingress
PERMIT_SYN_ACK
0
0
TCP_flag
*
3:6
ingress
denyAll
0
0
ipArp
0
0
tcpflags-syn
0
0
qos_hongkong
*
3:8
ingress
qp2cnt
0
0
ExtremeWare XOS 11.1 Command Reference Guide
531
Policy and ACL Commands
qp4cnt
qp5cnt
tcp
v1
PERMIT_SYN_ACK
0
0
*
ingress
3759119344
0
0
2217044928
The following example displays all the counters for the ACL on port 2:1
show access-list counter port 2:1
The output of this command is similar to the following:
Policy Name
Vlan Name
Port
Direction
Counter Name
Packet Count
Byte Count
=====================================================================
tc_2.4
*
2:1
ingress
arp192
3
204
denyAll
0
0
destIp
0
0
destIp2
0
0
History
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
532
show access-list meter
show access-list meter
show access-list counter {<metername>} [any | ports <portlist> | vlan
<vlanname>]
Description
Displays the specified access list meter statistics and configurations.
Syntax Description
metername
Specifies the ACL meter to display.
portlist
Specifies to display the meters on these ports.
vlanname
Specifies to display the meters on the VLAN.
Default
N/A.
Usage Guidelines
Use this command to display the ACL meters.
Example
The following example displays all the counters the ACL on port 7:1
show access-list meter port 2:1
The output of this command is similar to the following:
ACL Name
Vlan
Port
Committed
Max Burst Out-of-Profile Out-of-Profile
Meter
Rate (Kbps) Size (K)
Action
DSCP Packet Count
===============================================================================
donacl
*
7:1
m1
10000
Max
Drop
0
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
533
Policy and ACL Commands
show policy
show policy {<policy-name> | detail}
Description
Displays the specified policy.
Syntax Description
policy-name
Specifies the policy to display.
detail
Show the policy in detail.
Default
If no policy name is specified, all policies are shown
Usage Guidelines
Use this command to display which clients are using the specified policy. The detail option displays the
rules that make up the policy.
Example
The following example displays the policy zone5:
show policy zone5 detail
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
534
unconfigure access-list
unconfigure access-list
unconfigure access-list {any | ports <portlist> | vlan <vlanname>}
{ingress}
Description
Removes an access list from the specified interface.
Syntax Description
aclname
Specifies the ACL name. The name can be from 1-32 characters long.
portlist
Specifies the ports on which this ACL is applied.
vlanname
Specifies the VLAN on which this ACL is applied.
Default
The default direction is ingress.
Usage Guidelines
To remove all ACLs from all interfaces, do not specify any ports or VLANs.
Example
The following command removes the ACL from port 1:2:
unconfigure access-list ports 1:2
The following command removes the ACLs from ports 1:2-6:3 and 7:1:
unconfigure access-list ports 1:2-2:2,7:1
The following command removes the wildcard ACL:
unconfigure access-list any
The following command removes all ACLs from all the interfaces, including the wildcard ACL:
unconfigure access-list
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
535
Policy and ACL Commands
ExtremeWare XOS 11.1 Command Reference Guide
536
12 QoS Commands
This chapter describes commands for:
●
Configuring Quality of Service (QoS) profiles
●
Configuring and displaying bidirectional rate-shaping
●
Creating traffic groupings and assigning the groups to QoS profiles
●
Configuring, enabling and disabling explicit class-of-service traffic groupings (802.1p and DiffServ)
●
Configuring traffic grouping priorities
●
Verifying configuration and performance
●
Configuring and displaying bidirectional rate-shaping
●
Egress traffic rate limiting
Qualify of Service (QoS) is a feature of ExtremeWare XOS that allows you to specify different service
levels for outbound and inbound traffic. QoS is an effective control mechanism for networks that have
heterogeneous traffic patterns. Using QoS, you can specify the service that a traffic type receives.
Policy-based QoS allows you to protect bandwidth for important categories of applications or
specifically limit the bandwidth associated with less critical traffic. The switch contains separate
hardware queues on every physical port. Each hardware queue is programmed by ExtremeWare XOS
with bandwidth management and prioritization parameters, defined as a QoS profile. The bandwidth
management and prioritization parameters that modify the forwarding behavior of the switch affect
how the switch transmits traffic for a given hardware queue on a physical port. Up to eight physical
queues per port are available.
With the 11.0 version of the software, you can also assign parameters to traffic ingressing the switch for
minimum and maximum bandwidth and priority queuing to the backplane.
NOTE
You cannot queue ingressing traffic to the backplane on the Aspen 8810 switch.
To configure QoS, you define how your switch responds to different categories of traffic by creating and
configuring QoS profiles. The service that a particular type of traffic receives is determined by assigning
a QoS profile to a traffic grouping or classification. The building blocks are defined as follows:
●
QoS profile—Defines bandwidth and prioritization parameters.
●
Traffic grouping—A method of classifying or grouping traffic that has one or more attributes in
common.
●
QoS policy—The combination that results from assigning a QoS profile to a traffic grouping.
QoS profiles are assigned to traffic groupings to modify switch-forwarding behavior. When assigned to
a traffic grouping, the combination of the traffic grouping and the QoS profile comprise an example of a
single policy that is part of Policy-Based QoS.
ExtremeWare XOS 11.1 Command Reference Guide
537
QoS Commands
Extreme switch products support explicit Class of Service traffic groupings. This category of traffic
groupings describes what is sometimes referred to as explicit packet marking, and includes:
●
IP DiffServ code points, formerly known as IP TOS bits
●
Prioritization bits used in IEEE 802.1p packets
All Extreme switches support the standard 802.1p priority bits that are part of a tagged Ethernet packet.
With the 11.0 version of the software on the BlackDiamond 10K switch, you can also assign parameters
to traffic ingressing the switch for minimum and maximum bandwidth and priority queuing to the
backplane.
ExtremeWare XOS 11.1 Command Reference Guide
538
configure diffserv examination code-point
configure diffserv examination code-point
configure diffserv examination code-point <code-point> {qosprofile}
<qosprofile>
Description
Configures the default ingress DiffServ code points (DSCP) to QoS profile mapping.
Syntax Description
code-point
Specifies a DiffServ code point (a 6-bit value in the IP-TOS byte in the IP
header).
qosprofile
Specifies the QoS profile to which the DiffServ code point is mapped.
Default
See Table 12.
Usage Guidelines
You can specify up to 64 different code points for each port. Code point values are grouped and
assigned to the default QoS profiles as shown in Table 12:
Table 12: Default DiffServ code point-to-QoS profile mapping
Code Point
BlackDiamond
10K Switch
QoS Profile
Aspen 8810
Switch QoS
Profile
0-7
QP1
QP1
8-15
QP2
QP1
16-23
QP3
QP1
24-31
QP4
QP1
32-39
QP5
QP1
40-47
QP6
QP1
48-55
QP7
QP1
56-63
QP8
QP8
Example
The following command specifies that code point 25 be assigned to QP2:
configure diffserv examination code-point 25 qosprofile qp2
History
This command was first available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
539
QoS Commands
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
540
configure diffserv replacement
configure diffserv replacement
configure diffserv replacement [{qosprofile} <qosprofile> | priority
<value>] code-point <code_point>
Description
Configures the default egress DiffServ replacement mapping.
Syntax Description
qosprofile
Specifies a QoS profile.
value
Specifies the 802.1p priority value.
code_point
Specifies a 6-bit value to be used as the replacement code point in the
DiffServ (IP-TOS byte) of the IP header.
Default
N/A.
Usage Guidelines
NOTE
Extreme Networks recommends that you use the qosprofile <qosprofile> value to configure this parameter.
The default QoS Profile to 802.1p priority value to code point mapping is shown in the following table:
802.1p Priority
value
BlackDiamond 10K Switch
QoS Profile
Aspen 8810 Switch QoS
Profile
Code Point
0
QP1
QP1
0
1
QP2
QP1
8
2
QP3
QP1
16
3
QP4
QP1
24
4
QP5
QP1
32
5
QP6
QP1
40
6
QP7
QP1
48
7
QP8
QP8
56
Example
The following command specifies that a code point value of 5 should be used to replace the DiffServ
(TOS) bits in packets in QP2:
configure diffserv replacement qosprofile qp2 code-point 5
ExtremeWare XOS 11.1 Command Reference Guide
541
QoS Commands
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
542
configure dot1p type
configure dot1p type
configure dot1p type <dot1p_priority> {qosprofile} <qosprofile>
Description
Configures the default QoS profile to 802.1p priority mapping.
Syntax Description
dot1p_priority
Specifies the 802.1p priority value. The value is an integer between 0 and 7.
qosprofile
Specifies a specific QoS profile.
Default
The default mapping of each 802.1p priority value to QoS profile is as follows:
Priority Value
BlackDiamond 10K Switch
Default QoS Profile
Aspen 8810 Switch
Default QoS Profile
0
QP1
QP1
1
QP2
QP1
2
QP3
QP1
3
QP4
QP1
4
QP5
QP1
5
QP6
QP1
6
QP7
QP1
7
QP8
QP8
Usage Guidelines
An 802.1p priority value seen on ingress can be mapped to a particular QoS profile and with specific
bandwidth management and priority behavior.
Example
The following commands reassign (from the default) the QoS profiles associated with 802.1p priority
values 1 and 2:
configure dot1p type 2 qosprofile qp2
configure dot1p type 1 qosprofile qp3
History
This command was first available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
543
QoS Commands
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
544
configure ports qosprofile
configure ports qosprofile
configure ports <port_list> {qosprofile} <qosprofile>
Description
Configures one or more ports to use a particular egress QoS profile.
Syntax Description
port_list
Specifies a list of slots and ports. May be in the form 3-5, 2:5, 2:6-2:8.
qosprofile
Specifies a QoS profile.
Default
All ports have the default qosprofile of QP1.
Usage Guidelines
Extreme switches support eight QoS profiles (QP1 to QP8) for each port.
NOTE
This command applies only to untagged packets.
Aspen 8810 switch only. You must use this command to assign a QoS profile to ports. This command
applies to egress QoS profiles only; the Aspen 8810 switch supports only egress QoS profiles.
BlackDiamond 10K switch. This command refers to egress QoS profiles; it assigns traffic ingressing this
port to a specified egress QoS profile. Use the configure qosprofile ingress ports command to
assign the ingress QoS profiles to ports; the ingress QoS profiles assign ingressing traffic to a specified
queue to the backplane.
Example
The following command configures port 5 on slot 5 to use QoS profile QP3:
configure ports 5:5 qosprofile QP3
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
545
QoS Commands
configure ports rate-limit egress
configure ports <port_list> rate-limit egress [no-limit | <cir-rate> [Kbps
| Mbps | Gbps] {max-burst-size <burst-size> [Kb | Mb]}]
Description
Configures an egress traffic rate limit for a port or groups of ports.
Syntax Description
port_list
Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots
and ports. May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
no-limit
Specifies traffic be transmitted without limit; use to reconfigure or unconfigure previous
rate-limiting parameters.
cir-rate
Specifies the desired rate limit in Kbps, Mbps, or Gbps.
max-burst-size
Specifies amount of traffic above the cir-rate that is allowed to burst (for a short duration)
from the port in K bits (Kb) or M bits (Mb).
Default
No-limit.
Usage Guidelines
On a modular switch, <portlist> can be a list of slots and ports. For a detailed explanation of port
specification, see “Modular Switch Numerical Ranges” or “Line-Editing Keys” in Chapter 1.
Port speed limits the egress traffic, as follows:
●
1 Gbps port—64 Kbps increments
●
10 Gbps port—1 Mbps increments
If the specified egress limit (cir-rate) is not a multiple of 64 Kbps for a 1 Gbps port or 1 Mbps for a
10 Gbps port, the specified value is rounded down to the nearest appropriate multiple based on the port
type.
Use the no-limit parameter to:
●
Unconfigure egress rate limiting on the port(s)
●
Reconfigure existing egress rate limiting on the port(s)
The max-burst-size parameter is the amount of traffic above the value in the cir-rate parameter that is
allowed to burst from the port(s) for a short duration.
ExtremeWare XOS 11.1 Command Reference Guide
546
configure ports rate-limit egress
Example
The following command configures egress rate-limiting on slot 3, port 1, for 3 Mbps and a maximum
burst size or 5 M bits:
configure port 3:1 rate-limit egress 3 Mbps max-burst-size 5 Mb
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
547
QoS Commands
configure qosprofile ingress ports
configure qosprofile ingress <iqp> [{committed_rate <committed_bps>
[k | m]} {maxbw <maxbw_number>} {minbw <minbw_number>} {peak_rate
<peak_bps> [k | m} {priority [<priority> | <priority_number]}] ports
[<port_list> | all]
Description
Sets the ingress rate shaping parameters, which is an ingress QoS profile.
Syntax Description
iqp
Specifies an ingress QoS profile:
• for 1G I/O modules—iqp1 and iqp2
• for 10G I/O modules—iqp1 to iqp8
committed_rate
Specifies an absolute number in K bits or M bits for a guaranteed committed rate and for a
minimum rate for this ingress queue to the backplane.
maxbw
Specifies maximum allowed input bandwidth as a percentage of port speed. The range is 0
to 100%, and the default value is 100. Percentages are based on actual or configured port
speed.
minbw
Specifies a guaranteed minimum bandwidth for this ingress QoS queue as a percentage of
port speed. The range is 0 to 100%, and the default value is 0. Cumulative percentages of
the queue on a given port should not exceed 100%. Percentages are based on actual or
configured port speed.
peak_rate
Specifies an absolute number in K bits or M bits for a maximum rate for this ingress queue
to the backplane.
priority
Specifies a service priority setting for the specified ingress queue to the backplane; this
priority sets the priorities among the available ingress queues for the specified port.
priority_number
This priority sets the priorities among the available ingress queues for the specified port.
The available queues vary according to the I/O module, as follows:
• 1G I/O module—2 queues and 2 priorities available; values are 1 (takes 1-4) or 2 (takes
5-8); or Low and LowHi.
• 10G module—8 queues and 8 priorities available; values are 1 to 8, with 8 being the
highest priority, or Low, LowHi, Normal, NormalHi, Medium, MediumHi, High, and
HighHi.
port_list
Specifies a list of slots and ports to which the parameters apply. May specify in the form 35, 2:5, 2:6-2:8.
all
Specifies this applies to all ports on the device.
Default
Disabled by default.
●
Minimum bandwidth—0%
●
Maximum bandwidth—100%
ExtremeWare XOS 11.1 Command Reference Guide
548
configure qosprofile ingress ports
●
Priority—By default, each qosprofile is assigned a different priority level, which varies by I/O
module:
■
■
1G I/O module:
■
IQP1 - 1, Low
■
IQP2 - 2, LowHi
10G I/O module:
■
IQP1 - 1, Low
■
IQP2 - 2, LowHi
■
IQP3 - 3, Normal
■
IQP4 - 4, NormalHi
■
IQP5 - 5, Medium
■
IQP6 - 6, MediumHi
■
IQP7 - 7, High
■
IQP8 - 8, HighHi (highest priority)
Usage Guidelines
The number of ingress queues per port varies between the 1G I/O module and the 10G module.
On the 1G module, you have two ingress queues per port. The priority values of 1 to 4 map to the first
queue, and the priority values of 5 to 8 map to the second queue.
On the 10G module, you have eight ingress queues per port. The priority values of 1 to 8 map one to
each of the eight queues.
Example
The following command configures the ingress rate shaping parameters of QoS profile IQP3 for
specified ports, using bandwidth percentages:
configure qosprofile ingress iqp3 minbw 27 maxbw 57 priority 4 ports 3:2
The following command configures the ingress rate shaping parameters for QoS profile IQP3 for all
ports, using absolute values for committed rate and peak rate:
configure qosprofile ingress iqp3 committed-rate 64 k peak-rate 1000 k priority 4
ports all
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
The basic command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
549
QoS Commands
configure qosprofile ports
configure qosprofile {egress} <qosprofile> [{committed_rate <committed_bps>
[k | m]} {maxbw <maxbw_number>} {minbw <minbw_number>} {peak_rate
<peak_bps> [k | m} {priority [<priority> | <priority_number]}]
ports [<port_list> | all]
Description
Modifies the default egress QoS profile parameters.
Syntax Description
qosprofile
Specifies a QoS profile name. Range is QP1 to QP8.
committed_rate
Specifies an absolute number in K bits or M bits for a guaranteed committed
rate and for a minimum rate for this egress queue.
maxbw
Specifies maximum allowed input bandwidth as a percentage of port speed.
The range is 0 to 100%, and the default value is 100. Percentages are based
on actual or configured port speed.
minbw
Specifies a guaranteed minimum bandwidth for this egress QoS queue as a
percentage of port speed. The range is 0 to 100%, and the default value is 0.
Cumulative percentages of the queue on a given port should not exceed 100%.
Percentages are based on actual or configured port speed.
peak_rate
Specifies an absolute number in K bits or M bits for a maximum rate for this
egress queue.
priority
Specifies a service priority setting for the specified egress queue; this priority
sets the priorities among the available egress queues for the specified port.
priority_number
Specifies a service priority setting among the available egress ports for the
specified port. Settings are:
• 1, or Low
• 2, or LowHi
• 3, or Normal
• 4 or NormalHi
• 5, or Medium
• 6, or MediumHi
• 8, or HighHi
This is the setting for the egress mode.
port_list
Specifies a list of slots and ports to which the parameters apply. May be in the
form 3-5, 2:5, 2:6-2:8.
all
Specifies this applies to all ports on the device.
Default
●
Minimum bandwidth—0%
●
Maximum bandwidth—100%
●
Priority—By default, each qosprofile is assigned a different priority level:
■
QP1 - 1, Low (the lowest priority)
ExtremeWare XOS 11.1 Command Reference Guide
550
configure qosprofile ports
■
QP2 - 2, LowHi
■
QP3 - 3, Normal
■
QP4 - 4, NormalHi
■
QP5 - 5, Medium
■
QP6 - 6, MediumHi
■
QP7 - 7, High
■
QP8 - 8, HighHi (highest priority)
Usage Guidelines
None.
Example
The following command configures the egress QoS profile parameters of QoS profile Qp5 for specific
ports:
configure qosprofile qp5 minbw 10 maxbw 80 priority HighHi ports 5:5-5:7
History
This command was first available in ExtremeWare XOS 10.1.
Committed and peak rates were added in ExtremeWare XOS 11.0. Also in ExtremeWare XOS 11.0, ports
were made mandatory.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
551
QoS Commands
configure qosprofile weight
configure qosprofile <qosprofile> {maxbuffer <percent>} {weight <value>}
Description
Modifies the parameters for the default QoS profiles (QP1 and QP8) and defines the parameters for any
user-created QoS profiles (QP2, QP3, QP4, QP5, QP6, and/or QP7).
Syntax Description
qosprofile
Specifies a QoS profile name. Range is QP1 to QP8; the defaults are QP1 and
QP8.
maxbuffer <percent>
Specifies the percentage of the total buffer you are reserving for this QoS
profile. The range is 1 to 100; the default setting is 100.
weight <value>
Specifies the weight value used for queue service weighting in the weightedround-robin scheduler for this QoS profile. The range is 1 to 16; the default is
1.
Default
●
QoS profiles—QP1 and QP8
●
Maximum buffer—100%
●
Weight—1
Usage Guidelines
You must create a QoS profile before you can configure the user-created QoS profiles. You can modify
the settings on the default QoS profiles (QP1 and QP8) because they are already created.
To assign a QoS profile to a port, use the configure ports <port_list> {qosprofile}
<qosprofile> command. If you attempt to configure a QoS profile that you have not created, the
system returns an error message. To configure the type of scheduling you want to use for the entire
switch, use the configure qosscheduler [strict-priority | weighted-round-robin] command.
The maxbuffer parameter configures the maximum amount of packet buffer, by percentage, that the
packets associated with the specified QoS profile can consume. Regardless of the setting for this
parameter, the system does not drop any packets as long as packet buffer memory remains available
and the current buffer use of the specified QoS profile is below the specified maxbuffer setting.
The weight parameter configures the relative weighting for each QoS profile. Because each QoS profile
has a default weight of 1, all QoS profiles have equal weighting. If you configure a QoS profile with a
weight of 4, that specified QoS profile is services 4 times as frequently as the remaining QoS profiles,
which still have a weight of 1. If you configure all QoS profiles with a weight of 16, each QoS profile is
serviced equally but for a longer period.
ExtremeWare XOS 11.1 Command Reference Guide
552
configure qosprofile weight
Example
The following command configures the QoS profile parameters of QoS profile QP1:
configure qosprofile qp1 maxbuffer 75 weight 4
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
553
QoS Commands
configure qosscheduler
configure qosscheduler [strict-priority | weighted-round-robin]
Description
Specifies the method the switch uses to service QoS profiles.
Syntax Description
strict-priority
Specifies the switch services the higher-priority QoS profiles first.
weighted-round-robin
Specifies the switch services all QoS profiles based on the configured
weighting for each QoS profile.
Default
Strict-priority.
Usage Guidelines
You configure the QoS scheduling algorithm for the entire switch; you cannot configure QoS scheduling
for each port separately.
NOTE
If you specify strict-priority, lower-priority queues are not serviced at all as long as higher-priority queues have any
remaining packets. If you specify weighted-round-robin, the switch services higher-weighted queues more frequently
but continues to service lower-weighted queues (even when packets remain in the higher-weighted queues).
Example
The following command configures the switch for weighted-round-robin servicing:
configure qosscheduler weighted-round-robin
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
554
configure vlan qosprofile
configure vlan qosprofile
configure vlan <vlan_name> {qosprofile} <qosprofile>
Description
Configures a VLAN to use a particular QoS profile.
Syntax Description
vlan_name
Specifies a VLAN name.
qosprofile
Specifies a QoS profile.
NOTE: None is available only on the Aspen 8810 switch.
Default
The default for the BlackDiamond 10K switch is QP1, and the default for the Aspen 8810 switch is none.
Usage Guidelines
Extreme switches support eight QoS profiles (QP1 to QP8) for each port.
NOTE
This command applies only to untagged packets.
Example
The following command configures VLAN accounting to use QoS profile QP3:
configure vlan accounting qosprofile qp3
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
555
QoS Commands
create qosprofile
create qosprofile [OP2| OP3 | QP4 | QP5 | QP6 | QP7]
Description
Creates a QoS profile.
Syntax Description
QP1....QP7
Specifies the QoS profile you want to create.
Default
N/A.
Usage Guidelines
The Aspen 8810 switch allows dynamic creation and deletion of QoS queues, with Q1 and Q8 always
available, rather than the 8 fixed queues on the BlackDiamond 10K switch.
You must create the QoS profile before you can configure it. or assign it to ports or VLANs. Use the
command configure qosprofile <qosprofile> {maxbuffer <percent>} {weight <value>} to
configure the QoS profile once you create it. Use the configure ports <port_list> {qosprofile}
<qosprofile> command to associate a QoS profile with ports and the configure vlan <vlan_name>
{qosprofile} <qosprofile> command to associate a QoS profile with VLANs.
QoS profiles QP1 and QP8 are defaults and cannot be deleted.
Example
The following command creates the user-created QoS profile QP3:
create qosprofile qp3
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
556
delete qosprofile
delete qosprofile
delete qosprofile [OP2| OP3 | QP4 | QP5 | QP6 | QP7]
Description
Deletes a user-created QoS profile.
Syntax Description
QP1....QP7
Specifies the user-created QoS profile you want to delete.
Default
N/A.
Usage Guidelines
You cannot delete the default QoS profiles of QP1 and QP8. If you attempt to delete these QoS profiles,
the system returns an error.
All configuration information associated with the specified QoS profile is removed.
Example
The following command deletes the user-created QoS profile QP3:
delete qosprofile qp3
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the Aspen 8810 switch.
ExtremeWare XOS 11.1 Command Reference Guide
557
QoS Commands
disable diffserv examination port
disable diffserv examination port [<port_list> | all]
Description
Disables the examination of the DiffServ field in an IP packet.
Syntax Description
port_list
Specifies a list of slots and ports to which the parameters apply. May be in the
form 3-5, 2:5, 2:6-2:8.
all
Specifies that DiffServ examination should be disabled for all ports.
Default
Disabled.
Usage Guidelines
The diffserv examination feature is disabled by default.
Example
The following command disables DiffServ examination on selected ports:
disable diffserv examination ports 5:3,5:5,6:6
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
558
disable diffserv replacement port
disable diffserv replacement port
disable diffserv replacement port [<port_list> | all]
Description
Disables the replacement of DiffServ code points in packets transmitted by the switch.
Syntax Description
port_list
Specifies a list of slots and ports to which the parameters apply. May be in the
form 3-5, 2:5, 2:6-2:8.
all
Specifies that DiffServ replacement should be disabled for all ports.
Default
N/A.
Usage Guidelines
The DiffServ replacement feature is disabled by default.
NOTE
The specified ports are the ingress ports.
Example
The following command disables DiffServ replacement on selected ports:
disable diffserv replacement ports 1:2,5:5,6:6
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
559
QoS Commands
disable dot1p replacement ports
disable dot1p replacement ports [<port_list> | all]
Description
Disables the ability to overwrite 802.1p priority values for a given set of ports.
Syntax Description
port_list
Specifies a list of slots and ports to which the parameters apply. May be in the
form 3-5, 2:5, 2:6-2:8.
all
Specifies that 802.1p replacement should be disabled for all ports.
Default
N/A.
Usage Guidelines
The dot1p replacement feature is disabled by default.
NOTE
The specified ports are ingress ports.
Example
The following command disables 802.1p value replacement on all ports:
disable dot1p replacement ports all
History
This command was available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
560
enable diffserv examination port
enable diffserv examination port
enable diffserv examination port [<port_list> | all]
Description
Enables the DiffServ field of an IP packet to be examined in order to select a QoS profile.
Syntax Description
port_list
Specifies a list of slots and ports to which the parameters apply. May be in the
form 3-5, 2:5, 2:6-2:8.
all
Specifies that DiffServ examination is enabled for all ports.
Default
Disabled.
Usage Guidelines
The diffserv examination feature is disabled by default.
If you are using DiffServ for QoS parameters, Extreme Networks recommends that you also configure
802.1p or port-based QoS parameters to ensure that high-priority traffic is not dropped prior to reaching
the MSM.
Example
The following command enables DiffServ examination on selected ports:
enable diffserv examination ports 1:1,5:5,6:2
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
561
QoS Commands
enable diffserv replacement ports
enable diffserv replacement ports [<port_list> | all]
Description
Enables the DiffServ code point to be overwritten in IP packets transmitted by the switch.
Syntax Description
port_list
Specifies a list of slots and ports to which the parameters apply. May be in the
form 3-5, 2:5, 2:6-2:8.
all
Specifies that DiffServ replacement should be enabled for all ports.
Default
N/A.
Usage Guidelines
The diffserv replacement feature is disabled by default.
NOTE
The port in this command is the ingress port.
Eight user-defined DiffServ code points can be configured on each port. The QoS profile is used to select
one of the eight code points.
If you are using DiffServ for QoS parameters, Extreme Networks recommends that you also configure
802.1p or port-based QoS parameters to ensure that high-priority traffic is not dropped prior to reaching
the MSM.
NOTE
This command affects only that traffic in traffic groupings based on explicit packet class of service information and
physical/logical configuration.
Example
The following command enables DiffServ replacement on selected ports:
enable diffserv replacement ports 5:3,5:5,6:2
History
This command was first available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
562
enable diffserv replacement ports
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
563
QoS Commands
enable dot1p replacement ports
enable dot1p replacement ports [<port_list> | all]
Description
Allows the 802.1p priority field to be overwritten on egress according to the QoS profile to 802.1p
priority mapping for a given set of ports.
Syntax Description
port_list
Specifies a list of slots and ports. May be in the form 3-5, 2:5, 2:6-2:8.
all
Specifies that dot1p replacement should be enabled for all ports.
Default
N/A.
Usage Guidelines
The dot1p replacement feature is disabled by default.
By default, 802.1p priority information is not replaced or manipulated, and the information observed on
ingress is preserved when transmitting the packet.
NOTE
The port in this command is the ingress port.
If 802.1p replacement is enabled, the 802.1p priority information that is transmitted is determined by the
hardware queue that is used when transmitting the packet.
NOTE
This command affects only that traffic in traffic groupings based on explicit packet class of service information and
physical/logical configuration.
Example
The following command enables dot1p replacement on all ports:
enable dot1p replacement ports all
History
This command was available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
564
enable dot1p replacement ports
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
565
QoS Commands
show diffserv
show diffserv [examination | replacement]
Description
Displays the DiffServ-to-QoS profile mapping.
Syntax Description
examination
Specifies to display currently configured mapping for each DiffServ code point
to QoS profile.
replacement
.Specifies to display currently configured code point replacement value.
Default
N/A.
Usage Guidelines
Once you alter the default mappings, the "->" in the display (shown below) becomes "* >".
Examples
The following command displays the current QoS-to-DiffServ mappings for each code point on the
switch:
show diffserv examination
The following command displays the current DiffServ-to-QoS mappings on the switch:
show diffserv replacement
Because the Aspen 8810 switch had 2 default QoS profiles and the BlackDiamond 10K switch has 8
default QoS profiles you see different displays depending on the platform.
Aspen 8810 switch only. Following is sample output from the show diffserv examination command
on the Aspen 8810 switch:
CodePoint->QOSProfile mapping:
00->QP1 01->QP1 02->QP1
08->QP1 09->QP1 10->QP1
16->QP1 17->QP1 18->QP1
24->QP1 25->QP1 26->QP1
32->QP1 33->QP1 34->QP1
40->QP1 41->QP1 42->QP1
48->QP1 49->QP1 50->QP1
56->QP8 57->QP8 58->QP8
03->QP1
11->QP1
19->QP1
27->QP1
35->QP1
43->QP1
51->QP1
59->QP8
ExtremeWare XOS 11.1 Command Reference Guide
04->QP1
12->QP1
20->QP1
28->QP1
36->QP1
44->QP1
52->QP1
60->QP8
05->QP1
13->QP1
21->QP1
29->QP1
37->QP1
45->QP1
53->QP1
61->QP8
06->QP1
14->QP1
22->QP1
30->QP1
38->QP1
46->QP1
54->QP1
62->QP8
07->QP1
15->QP1
23->QP1
31->QP1
39->QP1
47->QP1
55->QP1
63->QP8
566
show diffserv
Following is sample output from the show diffserv replacement command on the Aspen 8810
switch:
QOSProfile->CodePoint mapping:
QP1->00
QP8->56
BlackDiamond 10K switch only. Following is sample output from the show diffserv examination
command on the BlackDiamond 10K switch:
CodePoint->QOSProfile mapping:
00->QP1 01->QP1 02->QP1
08->QP2 09->QP2 10->QP2
16->QP3 17->QP3 18->QP3
24->QP4 25->QP4 26->QP4
32->QP5 33->QP5 34->QP5
40->QP6 41->QP6 42->QP6
48->QP7 49->QP7 50->QP7
56->QP8 57->QP8 58->QP8
03->QP1
11->QP2
19->QP3
27->QP4
35->QP5
43->QP6
51->QP7
59->QP8
04->QP1
12->QP2
20->QP3
28->QP4
36->QP5
44->QP6
52->QP7
60->QP8
05->QP1
13->QP2
21->QP3
29->QP4
37->QP5
45->QP6
53->QP7
61->QP8
06->QP1
14->QP2
22->QP3
30->QP4
38->QP5
46->QP6
54->QP7
62->QP8
07->QP1
15->QP2
23->QP3
31->QP4
39->QP5
47->QP6
55->QP7
63->QP8
Following is sample output from the show diffserv replacemement command on the BlackDiamond
10K switch:
QOSProfile->CodePoint mapping:
QP1->00
QP2->08
QP3->16
QP4->24
QP5->32
QP6->40
QP7->48
QP8->56
History
This command was first available in ExtremeWare XOS 10.1. The variables were added in ExtremeWare
XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
567
QoS Commands
show dot1p
show dot1p
Description
Displays the 802.1p-to-QoS profile mappings.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following command displays the current 802.1p-to-QoS mappings on the switch:
show dot1p
Because the Aspen 8810 switch had 2 default QoS profiles and the BlackDiamond 10K switch has 8
default QoS profiles you see different displays depending on the platform.
Aspen 8810 switch only. Following is sample output from the show dot1p command on the Aspen
8810 switch:
802.1p Priority Value
0
1
2
3
4
5
6
7
QOS Profile
QP1
QP1
QP1
QP1
QP1
QP1
QP1
QP8
BlackDiamond 10K switch only. Following is sample output from the show dot1p command on the
BlackDiamond 10K switch:
802.1p Priority Value
0
1
2
3
4
QOS Profile
QP1
QP2
QP3
QP4
QP5
ExtremeWare XOS 11.1 Command Reference Guide
568
show dot1p
5
6
7
QP6
QP7
QP8
History
This command was first available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
569
QoS Commands
show ports qosmonitor
show ports <port_list> qosmonitor {ingress | egress}
Description
Displays ingress rate shaping statistics in addition to real-time QoS statistics for egress packets on one
or more ports.
Syntax Description
port_list
Specifies one or more slots and ports. May be in the form 3-5, 2:5, 2:6-2:8.
egress
Specifies to display statistics in egress. Default.
ingress
Specifies to display statistics on ingress rate shaping.
Default
Shows QoS statistics for egress unless you specify ingress.
Usage Guidelines
The real-time snapshot scrolls through the given portlist to provide statistics.
Examples
The following command shows the real-time QoS egress statistics related to the specified ports:
# show port 1:1-1:2 qosmonitor
Following is sample output from this command:
Port Statistics
Port
QP1
QP2
QP3
QP4
QP5
QP6
QP7
QP8
Xmts
Xmts
Xmts
Xmts
Xmts
Xmts
Xmts
Xmts
===================================================================================
1:1
100
0
0
0
0
0
0
4
1:2
397
0
0
0
0
0
0
1432
====================================================================================
The following command shows the QoS ingress statistics related to the specified ports:
# show port 1:1-1:2 qosmonitor ingress
ExtremeWare XOS 11.1 Command Reference Guide
570
show ports qosmonitor
Following is sample output from this command:
Port Statistics
Port
IQP1
IQP2
IQP3
IQP4
IQP5
IQP6
IQP7
IQP8
Xmts
Xmts
Xmts
Xmts
Xmts
Xmts
Xmts
Xmts
================================================================================
1:1
0
0
0
0
0
0
0
0
1:2
0
0
0
0
0
0
0
0
================================================================================
History
This command was first available in ExtremeWare XOS 10.1.
The ingress information was added in ExtremeWare XOS 11.0
Also, you must specify the ports in ExtremeWare XOS 11.0.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
571
QoS Commands
show qosprofile
show qosprofile {ingress | egress} {ports [ all | <port_list>]}
Description
Displays QoS information on the switch.
Syntax Description
Ingress
Specifies ingress queues.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
egress
Specifies egress queues; this is the default value.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
ports
Specifies to display information for specified ports.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
port_list
Specifies a list of slots and ports.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
all
Specifies all ports.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
Default
Displays egress QoS information for all ports.
Usage Guidelines
The displayed QoS profile information differs depending on the platform you are running on.
Aspen 8810 switch only. The following information displays for the Aspen 8810 switch:
●
Available Qos profiles
●
Weight
●
Percentage of maximum buffer
BlackDiamond 10K switch only. If you do not specify the variable ingress, the system displays the
information for egress QoS values.
The following information displays for the BlackDiamond 10K switch for each QoS profile:
●
Qos profile
●
Minimum bandwidth
●
Maximum bandwidth
●
Priority
ExtremeWare XOS 11.1 Command Reference Guide
572
show qosprofile
Example
The display varies depending on your platform.
Aspen 8810 switch only. No arguments are available on the Aspen 8810 switch for this command.
Following is sample output from the show qosprofile command:
QP1
QP2
QP8
Weight =
Weight =
Weight =
1
4
1
Max Buffer Percent = 100
Max Buffer Percent = 90
Max Buffer Percent = 100
BlackDiamond 10K switch only. You can display either the ingress or the egress QoS profiles on the
BlackDiamond 10K switch. The number of available ingress QoS profiles differs depending on the
module you are displaying.
The following shows sample output for the show qosprofile ports 1:1 command, which displays
the egress QoS profiles:
Port: 1:1
QP1
QP2
QP3
QP4
QP5
QP6
QP7
QP8
MinBw=
MinBw=
MinBw=
MinBw=
MinBw=
MinBw=
MinBw=
MinBw=
0%
0%
0%
0%
0%
0%
0%
0%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
Pri=1
Pri=2
Pri=3
Pri=4
Pri=5
Pri=6
Pri=7
Pri=8
The following shows sample output for the show qosprofile ingress ports 8:1 command, which
displays the ingress QoS profiles on a 10 G port:
Port: 8:1
IQP1
IQP2
IQP3
IQP4
IQP5
IQP6
IQP7
IQP8
MinBw=
MinBw=
MinBw=
MinBw=
MinBw=
MinBw=
MinBw=
MinBw=
0%
0%
0%
0%
0%
0%
0%
0%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
MaxBw=100%
Pri=1
Pri=2
Pri=3
Pri=4
Pri=5
Pri=6
Pri=7
Pri=8
The following shows sample output for the show qosprofile ingress ports 2:1 command, which
displays the ingress QoS profiles on a 1 G port:
Port: 2:1
IQP1 MinBw=
IQP2 MinBw=
0% MaxBw=100% Pri=1
0% MaxBw=100% Pri=2
History
This command was first available in ExtremeWare XOS 10.1.
The ingress information was added in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
573
QoS Commands
Platform Availability
This command is available on all platforms.
The parameters ingress, egress, and ports are available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
574
unconfigure diffserv
unconfigure diffserv
unconfigure diffserv [examination | replacement]
Description
Uses the default DiffServ examination code point or uses the default DiffServ replacement mapping.
Syntax Description
examination
Specifies to unconfigure the DiffServ examination point.
replacement
Specifies to unconfigure the DiffServ replacement mapping.
Default
N/A.
Usage Guidelines
None.
Example
The following command removes DiffServ code point examination from ports 5:5-5:8:
unconfigure diffserv examination
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
575
QoS Commands
unconfigure qosprofile
unconfigure qosprofile {ingress | egress} {ports [<port_list>|all]}
Description
Returns the ingress rate shaping parameters, which is an ingress QoS profile, or the egressing QoS
values to default values.
Syntax Description
ingress
Specifies all ingress QoS profiles for specified ports. The default ingress values
are as follows:
• for 1G I/O modules—IQP1 and IQP2
• for 10G I/O modules—IQP1 to IQP8
If you do not specify ingress or egress, the command returns all egress QoS
values to default.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
egress
Specifies an egress QoS profile for specified ports. The default egress values
are as follows:
• QP1—1, Low (the lowest priority)
• QP2—2, LowHi
• QP3—3, Normal
• QP4—4, NormalHi
• QP5—5, Medium
• QP6—6, MediumHi
• QP7—7, High
• QP8—8, HighHi (highest priority)
If you do not specify ingress or egress, the command returns all egress QoS
values to default.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
ports
Specifies unconfiguring the QoS profiles on specified ports.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
port_list
Specifies a list of slots and ports to which the parameters apply. May specify
in the form 3-5, 2:5, 2:6-2:8.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
all
Specifies that this applies to all ports on the device.
NOTE: This parameter is available only on the BlackDiamond 10K switch.
Default
Default values differ by platform.
ExtremeWare XOS 11.1 Command Reference Guide
576
unconfigure qosprofile
Aspen 8810 switch only. The default values for the two default egressing QoS profiles (QP1 and QP8) on
the Aspen 8810 switch are shown in this section; the Aspen 8810 switch does not support ingressing
QoS profiles.
●
Weight—1
●
Maximum buffer—100%
BlackDiamond 10K switch only. the default values for egressing QoS profiles and ingressing QoS profiles
on the BlackDiamond 10K switch are shown in this section.
Ingress QoS is disabled by default.
●
Minimum bandwidth—0%
●
Maximum bandwidth—100%
●
Minimum committed and peak rates—1 Kbps
●
Maximum committed and peak rates—varies by I/O module:
●
■
1G I/O module—1,000 Mbps
■
10G I/O module—10,000 Mbps
Ingress priority—By default, each qosprofile is assigned a different priority level, which varies by I/
O module:
■
■
●
1G I/O module:
■
IQP1 - 1 Low
■
IQP2 - 1, LowHi
10G I/O module:
■
IQP1 - 1, Low
■
IQP2 - 2, LowHi
■
IQP3 - 3, Normal
■
IQP4 - 4, NormalHi
■
IQP5 - 5, Medium
■
IQP6 - 6, MediumHi
■
IQP7 - 7, High
■
IQP8 - 8, HighHi (highest priority)
Egress priority
■
QP1 - 1, Low
■
QP2 - 2, LowHi
■
QP3 - 3, Normal
■
QP4 - 4, NormalHi
■
QP5 - 5, Medium
■
QP6 - 6, MediumHi
■
QP7 - 7, High
■
QP8 - 8, HighHi (highest priority)
ExtremeWare XOS 11.1 Command Reference Guide
577
QoS Commands
Usage Guidelines
BlackDiamond 10K switch only. The number of ingress queues per port varies between the 1G I/O
module and the 10G module. On the 1G module, you have two ingress queues per port. The priority
values of 1 to 4 map to the first queue, and the priority values of 5 to 8 map to the second queue. On
the 10G module, you have eight ingress queues per port. The priority values of 1 to 8 map one to each
of the eight queues.
Example
The following command resets the QoS profiles for all ports to default settings:
unconfigure qosprofile
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
The parameters ingress, egress, and ports are available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
578
13 Security Commands
This chapter describes commands for:
●
Managing the switch using SSH2
●
Configuring switch user authentication through a RADIUS client
●
Configuring switch user authentication through TACACS+
●
Commands for protecting the switch from Denial of Service attacks
●
Commands for Network Login configuration
SSH
Secure Shell 2 (SSH2) is a feature of ExtremeWare that allows you to encrypt session data between a
network administrator using SSH2 client software and the switch. Configuration and policy files may
also be transferred to the switch using the Secure Copy Program 2 (SCP2)
User Authentication
Remote Authentication Dial In User Service (RADIUS, RFC 2138) is a mechanism for authenticating and
centrally administrating access to network nodes. The ExtremeWare XOS RADIUS client
implementation allows authentication for SSH2, Telnet or console access to the switch.
Extreme switches are also capable of sending RADIUS accounting information. You can configure
RADIUS accounting servers to be the same as the authentication servers, but this is not required.
Terminal Access Controller Access Control System Plus (TACACS+) is a mechanism for providing
authentication, authorization, and accounting on a centralized server, similar in function to the RADIUS
client. The ExtremeWare XOS version of TACACS+ is used to authenticate prospective users who are
attempting to administer the switch. TACACS+ is used to communicate between the switch and an
authentication database.
NOTE
You cannot use RADIUS and TACACS+ at the same time.
Network Login
Network Login is a feature designed to control the admission of user packets into a network by giving
network access only to users that have been properly authenticated. Network Login is controlled by an
administrator on a per port, per VLAN basis and uses an integration of DHCP, user authentication over
ExtremeWare XOS 11.1 Command Reference Guide
579
Security Commands
the web interface, user authentication by MAC address, or 802.1x client software, and, a RADIUS server
to provide a user database or specific configuration details.
Network Login has two modes of operation:
●
Campus mode, used when a port in a VLAN will move to another VLAN when authentication has
been completed successfully. This mode is for the roaming user who will not always be using the
same port for authentication. Campus mode requires a DHCP server and a RADIUS server
configured for Extreme Network Login.
●
ISP mode, used when the port and VLAN used will remain constant. All network settings are
configured for that VLAN.
A DHCP server is included to support Network Login functionality.
Denial of Service
You can configure ExtremeWare XOS to protect your Extreme switches in the event of a denial of service
attack. During a typical denial of service attack, the CPU on the switch gets flooded with packets from
multiple attackers, potentially causing the switch to fail. To protect against this type of attack, you can
configure the software so that when the number of packets received is more than the configured
threshold limit of packets per second, a hardware ACL is enabled.
ExtremeWare XOS 11.1 Command Reference Guide
580
clear vlan dhcp-address-allocation
clear vlan dhcp-address-allocation
clear vlan <vlan_name> dhcp-address-allocation [[all {offered | assigned |
declined | expired}] | <ipaddress>]
Description
Removes addresses from the DHCP allocation table.
Syntax Description
vlan_name
Specifies the VLAN of the DHCP server.
all
Specifies all IP addresses, or all IP addresses in a particular state.
offered
Specifies IP addresses offered to clients.
assigned
Specifies IP addresses offered to and accepted by clients.
declined
Specifies IP addresses declined by clients
expired
Specifies IP addresses whose lease has expired and not renewed by the DHCP
server.
ipaddress
Specifies a particular IP address.
Default
N/A.
Usage Guidelines
You can either delete a single entry, using the IP address, or all entries. If you use the all option, you
can additionally delete entries in a specific state.
Example
The following command removes all the declined IP addresses by hosts on the VLAN temporary:
clear vlan temporary dhcp-address-allocation all declined
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
581
Security Commands
clear netlogin state
clear netlogin state [{port <portlist>} {vlan <vlan name>}]
Description
Clears and initializes the Network Login sessions on a VLAN port.
Syntax Description
portlist
Specifies the ports to clear.
vlan name
Specifies a VLAN to clear.
Default
None.
Usage Guidelines
Clear the states of every MAC learned on this VLAN port and put the port back to unauthenticated
state. The port will be moved to its original VLAN if configured in Campus mode.
Example
The following example clears the Network Login state of port 2:9 in VLAN corp:
clear netlogin state port 2:9 vlan corp
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
582
clear netlogin state mac-address
clear netlogin state mac-address
clear netlogin state mac-address <mac>
Description
Initialize/Reset the Network Login sessions for a specified supplicant.
Syntax Description
mac
Specifies the MAC address of the supplicant.
Default
N/A.
Usage Guidelines
This command is essentially equivalent to a particular supplicant logging out. The MAC address will be
cleared from the FDB, the port is put back to its original VLAN (for Campus mode), and the port state
is set to unauthenticated, if this was the last authenticated MAC on this port.
Example
The following example resets the Network Login session for the supplicant with the MAC address of
00:e0:18:01:32:1f:
clear netlogin state mac-address 00:e0:18:01:32:1f
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
583
Security Commands
configure dos-protect acl-expire
configure dos-protect acl-expire <seconds>
Description
Configures the denial of service protection ACL expiration time.
Syntax Description
seconds
Specifies how long the ACL is in place.
Default
The default is 5 seconds.
Usage Guidelines
This command configures how long the DoS protection ACL remains in place.
Example
This example sets the ACL expiration time to 15 seconds:
configure dos-protect acl-expire 15
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
584
configure dos-protect interval
configure dos-protect interval
configure dos-protect interval <seconds>
Description
Configures the denial of service protection interval.
Syntax Description
seconds
Specifies how often the DoS protection counter is monitored.
Default
The default is one second.
Usage Guidelines
This command configures how often the DoS protection counter is monitored.
Example
This example sets the interval to 5 seconds:
configure dos-protect interval 5
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
585
Security Commands
configure dos-protect trusted ports
configure dos-protect trusted-ports
[ports [<ports> | all]
| add-ports [<ports-to-add> | all]
| delete-ports [<ports-to-delete> | all]
]
Description
Configures the list of trusted ports.
Syntax Description
ports
Specifies the trusted ports list.
ports-to-add
Specifies the ports to add to the trusted ports list.
all
Specifies all the ports.
ports-to-delete
Specifies the ports to delete from the trusted ports list.
Default
N/A.
Usage Guidelines
Traffic from trusted ports will be ignored when DoS protect counts the packets to the CPU. If machines
on a port could never cause an attack of the switch, but could generate heavy traffic to the switch CPU,
trusted ports is a way to ensure the ports are not counted when checking for attacks.
Example
This example sets the trusted port list to 3:1-3:7:
configure dos-protect trusted-ports ports 3:1-3:7
This example adds the trusted port 3:8 to the current list:
configure dos-protect trusted-ports add-ports 3:8
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
586
configure dos-protect type l3-protect alert-threshold
configure dos-protect type l3-protect alert-threshold
configure dos-protect type l3-protect alert-threshold <packets>
Description
Configures the denial of service protection alert threshold.
Syntax Description
packets
Specifies how many packets in an interval will cause an alert.
Default
The default is 4000 packets.
Usage Guidelines
This command configures how many packets received in an interval will cause a DoS protection alert.
When an alert occurs, the packets are analyzed, and a temporary ACL is applied to the switch.
Example
This example sets the alert threshold to 8000 packets:
configure dos-protect type l3-protect alert-threshold 8000
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
587
Security Commands
configure dos-protect type l3-protect notify-threshold
configure dos-protect type l3-protect notify-threshold <packets>
Description
Configures the denial of service protection notification threshold.
Syntax Description
packets
Specifies how many packets in an interval will cause a notification.
Default
The default is 3500 packets.
Usage Guidelines
This command configures how many packets received in an interval will cause a DoS protection
notification.
Example
This example sets the notification threshold to 7500 packets:
configure dos-protect type l3-protect notify-threshold 7500
History
This command was first available in ExtremeWare XOS 11.1
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
588
configure netlogin add mac-list
configure netlogin add mac-list
configure netlogin add mac-list [<mac> {<mask>} | default] {encrypted}
{<password>}
Description
Adds an entry to the MAC address list for MAC-based Network Login.
Syntax Description
mac
Specifies the MAC address to add.
mask
Specifies the number of bits to use for the mask.
default
Specifies the default entry.
encrypted
Used to display encrypted form of password in configuration files. Do not use.
password
Specifies the password to send for authentication.
Default
If no password is specified, the MAC address will be used.
Usage Guidelines
Use this command to add an entry to the MAC address list used for MAC-based Network Login.
If no match if found in the table of MAC entries, and a default entry exists, the default will be used to
authenticate the client. All entries in the list are automatically sorted in longest prefix order.
Example
The following example adds the MAC address 10:20:30:40:50:60 with the password foo to the list:
configure netlogin add mac-list 10:20:30:40:50:60 password foo
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
589
Security Commands
configure netlogin banner
configure netlogin banner <banner>
Description
Configures the Network Login page banner.
Syntax Description
banner
Specifies the HTML code for the banner.
Default
The default banner is the Extreme Networks logo.
Usage Guidelines
The banner is a quoted, HTML string, that will be displayed on the Network Login page. The string is
limited to 1024 characters.
This command applies only to the web-based authentication mode of Network Login.
Example
The following example configures the banner:
configure netlogin banner "<html><head>Please Login</head></html>"
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
590
configure netlogin base-url
configure netlogin base-url
configure netlogin base-url <url>
Description
Configures the base URL for Network Login.
Syntax Description
url
Specifies the base URL for Network Login.
Default
The base URL default value is “network-access.net”.
Usage Guidelines
When you login using a web browser, you are redirected to the specified base URL, which is the DNS
name for the switch.
You must configure a DNS name of the type “www.xx…xx.xxx” or “xx…xx.xxx”.
This command applies only to the web-based authentication mode of Network Login.
Example
The following example configures the base URL as access.net:
configure netlogin base-url access.net
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
591
Security Commands
configure netlogin delete mac-list
configure netlogin delete mac-list [<mac> {<mask>} | default]
Description
Deletes an entry from the MAC address list for MAC-based Network Login.
Syntax Description
mac
Specifies the MAC address to delete.
mask
Specifies the number of bits to use for the mask.
default
Specifies the default entry.
Default
N/A.
Usage Guidelines
Use this command to delete an entry from the MAC address list used for MAC-based Network Login.
Example
The following example deletes the MAC address 10:20:30:40:50:60 from the list:
configure netlogin delete mac-list 10:20:30:40:50:60
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
592
configure netlogin dot1x eapol-transmit-version
configure netlogin dot1x eapol-transmit-version
configure netlogin dot1x eapol-transmit-version <eapol-version>
Description
Configures the default EAPOL version sent in transmitted packets for Network Login.
Syntax Description
eapol-version
Specifies the EAPOL version. Choices are "v1" or "v2".
Default
The default is "v1".
Usage Guidelines
Although ExtremeWare XOS supports EAPOL version 2, some clients do not yet accept the version 2
EAPOL packets. The packet format for the two versions is the same.
Example
The following example changes the EAPOL version to 2:
configure netlogin dot1x eapol-transmit-version v2
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
593
Security Commands
configure netlogin dot1x timers
configure netlogin dot1x timers [{server-timeout <server_timeout>} {quietperiod <quiet_period>} {reauth-period <reauth_period>} {supp-resp-timeout
<supp_resp_timeout>}]
Description
Configures the 802.1x timers for Network Login.
Syntax Description
server-timeout
Specifies the timeout period for a response from the RADIUS server.
quiet-period
Specifies the time for which the switch will not attempt to communicate with
the supplicant after authentication has failed.
reauth-period
Specifies time after which the switch will attempt to re-authenticate an
authenticated supplicant.
supp-resp-timeout
Specifies the time for which the switch will wait for a response from the
supplicant.
Default
The defaults are as follows:
●
server-timeout—30 seconds.
●
quiet-period—60 seconds.
●
reauth-period—3600 seconds.
●
supp-resp-timeout—30 seconds.
Usage Guidelines
None.
Example
The following example changes the 802.1x server-timeout to 10 seconds:
configure netlogin dot1x timers server-timeout 10
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
594
configure netlogin redirect-page
configure netlogin redirect-page
configure netlogin redirect-page <url>
Description
Configures the redirect URL for Network Login.
Syntax Description
url
Specifies the redirect URL for Network Login.
Default
The redirect URL default value is “http://www.extremenetworks.com”.
Usage Guidelines
In ISP mode, you can configure netlogin to be redirected to a base page after successful login using this
command. If a RADIUS server is used for authentication, then base page redirection configured on the
RADIUS server takes priority over this configuration.
You must configure a complete URL starting with http://
This command applies only to the web-based authentication mode of Network Login.
Example
The following example configures the redirect URL as http://www.extremenetworks.com/support:
configure netlogin redirect-page http://www.extremenetworks.com/support
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
595
Security Commands
configure netlogin vlan
configure netlogin vlan <vlan_name>
Description
Configures the VLAN for Network Login.
Syntax Description
vlan
Specifies the VLAN for Network Login.
Default
N/A.
Usage Guidelines
This command will configure the VLAN used for unauthenticated clients. One VLAN needs to be
configured per virtual router. To change the VLAN, Network Login needs to be disabled. NetLogin can
only be enabled when a VLAN is assigned (and no ports are configured for it).
By default no VLAN is assigned.
Example
The following example configures the VLAN login as the Network Login VLAN:
configure netlogin vlan login
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
596
configure ports limit-learning lock-learning
configure ports limit-learning lock-learning
configure ports <portlist> vlan <vlan name> [limit-learning <number> |
lock-learning | unlimited-learning | unlock-learning]
Description
Configures virtual ports for limited or locked MAC address learning.
Syntax Description
portlist
Specifies one or more ports or slots and ports. On a modular switch, can be a
list of slots and ports. On a stand-alone switch, can be one or more port
numbers. May be in the form 1, 2, 3-5, 2:*, 2:5, 2:6-2:8.
vlan name
Specifies the name of the VLAN.
limit-learning <number>
Specifies a limit on the number of MAC addresses that can be dynamically
learned on the specified ports.
lock-learning
Specifies that the current FDB entries for the specified ports should be made
permanent static, and no additional learning should be allowed.
unlimited-learning
Specifies that there should not be a limit on MAC addresses that can be
learned.
unlock-learning
Specifies that the port should be unlocked (allow unlimited, dynamic learning).
Default
Unlimited, unlocked learning.
Usage Guidelines
If you have enabled ESRP, see the ExtremeWare XOS Concepts Guide for information about using this
feature with ESRP.
Limited learning. The limited learning feature allows you to limit the number of dynamically-learned
MAC addresses per VLAN. When the learned limit is reached, all new source MAC addresses are
blackholed at both the ingress and egress points. This prevent these MAC addresses from learning and
responding to Internet control message protocol (ICMP) and address resolution protocol (ARP) packets.
If the limit you configure is greater than the current number of learned entries, all the current learned
entries are purged.
Dynamically learned entries still get aged, and can be cleared. If entries are cleared or aged out after the
learning limit has been reached, new entries will then be able to be learned until the limit is reached
again.
Permanent static and permanent dynamic entries can still be added and deleted using the create
fdbentry and delete fdbentry commands. These override any dynamically learned entries.
ExtremeWare XOS 11.1 Command Reference Guide
597
Security Commands
For ports that have a learning limit in place, the following traffic will still flow to the port:
●
Packets destined for permanent MACs and other non-blackholed MACs
●
Broadcast traffic
●
EDP traffic
Traffic from the permanent MAC and any other non-blackholed MACs will still flow from the virtual
port.
If you configure a MAC address limit on VLANS that have ESRP enabled, you should add an
additional back-to-back link (that has no MAC address limit on these ports) between the ESRP-enabled
switches. Doing so prevents ESRP PDU from being dropped due to MAC address limit settings.
Port lockdown. The port lockdown feature allows you to prevent any additional learning on the virtual
port, keeping existing learned entries intact. This is equivalent to making the dynamically-learned
entries permanent static, and setting the learning limit to zero. All new source MAC addresses are
blackholed.
Locked entries do not get aged, but can be deleted like any other permanent FDB entries. The maximum
number of permanent lockdown entries is 1024. Any FDB entries above will be flushed and blackholed
during lockdown.
For ports that have lockdown in effect, the following traffic will still flow to the port:
●
Packets destined for the permanent MAC and other non-blackholed MACs
●
Broadcast traffic
●
EDP traffic
Traffic from the permanent MAC will still flow from the virtual port.
Once the port is locked down, all the entries become permanent and will be saved across reboot.
When you remove the lockdown using the unlock-learning option, the learning-limit is reset to
unlimited, and all associated entries in the FDB are flushed.
To verify the MAC security configuration for the specified VLAN or ports, use the following
commands:
show vlan <vlan name> security
show ports <portlist> info detail
Example
The following command limits the number of MAC addresses that can be learned on ports 1, 2, 3, and 6
in a VLAN named accounting, to 128 addresses:
configure ports 1, 2, 3, 6 vlan accounting learning-limit 128
The following command locks ports 4 and 5 of VLAN accounting, converting any FDB entries to static
entries, and prevents any additional address learning on these ports:
configure ports 4,5 vlan accounting lock-learning
The following command removes the learning limit from the specified ports:
configure ports 1, 2, vlan accounting unlimited-learning
ExtremeWare XOS 11.1 Command Reference Guide
598
configure ports limit-learning lock-learning
The following command unlocks the FDB entries for the specified ports:
configure ports 4,5 vlan accounting unlock-learning
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
599
Security Commands
configure radius server
configure radius [primary | secondary] server [<ipaddress> | <hostname>]
{<udp_port>} client-ip [<ipaddress>] {vr <vr_name>}
Description
Configures the primary and secondary RADIUS authentication server.
Syntax Description
primary
Configures the primary RADIUS authentication server.
secondary
Configures the secondary RADIUS authentication server.
ipaddress
The IP address of the server being configured.
hostname
The host name of the server being configured.
udp_port
The UDP port to use to contact the RADIUS authentication server.
ipaddress
The IP address used by the switch to identify itself when communicating with
the RADIUS authentication server.
vr_name
Specifies the virtual router on which the client IP is located
Default
The default UDP port setting is 1812. The default virtual router is VR-0, the management virtual router.
Usage Guidelines
Use this command to specify RADIUS server information.
Use of the <hostname> parameter requires that DNS be enabled.
The RADIUS server defined by this command is used for user name authentication and CLI command
authentication.
Example
The following command configures the primary RADIUS server on host radius1 using the default UDP
port (1812) for use by the RADIUS client on switch 10.10.20.30 using a virtual router interface of VR-2:
configure radius primary server radius1 client-ip 10.10.20.30 vr vr-2
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
600
configure radius shared-secret
configure radius shared-secret
configure radius [primary | secondary] shared-secret {encrypted} <string>
Description
Configures the authentication string used to communicate with the RADIUS authentication server.
Syntax Description
primary
Configures the authentication string for the primary RADIUS server.
secondary
Configures the authentication string for the secondary RADIUS server.
encrypted
Indicates that the string is already encrypted.
string
The string to be used for authentication.
Default
Unconfigured.
Usage Guidelines
The secret must be the same between the client switch and the RADIUS server.
The RADIUS server must first be configured for use with the switch as a RADIUS client.
The encrypted keyword is primarily for the output of the show configuration command, so the
shared secret is not revealed in the command output. Do not use it to set the shared secret.
Example
The following command configures the shared secret as “purplegreen” on the primary RADIUS server:
configure radius primary shared-secret purplegreen
History
This command was available in ExtremeWare XOS 10.1.
The encrypted keyword was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
601
Security Commands
configure radius timeout
configure radius timeout <seconds>
Description
Configures the timeout interval for RADIUS authentication requests.
Syntax Description
seconds
Specifies the number of seconds for authentication requests. Range is 3 to
120 seconds
Default
The default is 3 seconds.
Usage Guidelines
This command configures the timeout interval for RADIUS authentication requests. When the timeout
has expired, another authentication attempt will be made. After three failed attempts to authenticate,
the alternate server will be used. After six failed attempts, local user authentication will be used.
Example
The following command configures the timeout interval for RADIUS authentication to 10 seconds. After
30 seconds (three attempts), the alternate RADIUS server will be used. After 60 seconds (six attempts)
local user authentication is used.
configure radius timeout 10
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
602
configure radius-accounting server
configure radius-accounting server
configure radius-accounting [primary | secondary] server [<ipaddress> |
<hostname>] {<tcp_port>} client-ip [<ipaddress>] {vr <vr_name>}
Description
Configures the RADIUS accounting server.
Syntax Description
primary
Configure the primary RADIUS accounting server.
secondary
Configure the secondary RADIUS accounting server.
ipaddress
The IP address of the accounting server being configured.
hostname
The host name of the accounting server being configured.
tcp_port
The UDP port to use to contact the RADIUS accounting server.
ipaddress
The IP address used by the switch to identify itself when communicating with
the RADIUS accounting server.
vr_name
Specifies the virtual router on which the client IP is located.
Default
The default UDP port setting is 1813. The default virtual router is VR-0, the management virtual router.
Usage Guidelines
Use this command to specify the radius accounting server.
The accounting server and the RADIUS authentication server can be the same.
Use of the <hostname> parameter requires that DNS be enabled.
Example
The following command configures RADIUS accounting on host radius1 using the default UDP port
(1813) for use by the RADIUS client on switch 10.10.20.30 using a virtual router interface of VR-2:
configure radius-accounting primary server radius1 client-ip 10.10.20.30 vr vr-2
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
603
Security Commands
configure radius-accounting shared-secret
configure radius-accounting [primary | secondary] shared-secret {encrypted}
<string>
Description
Configures the authentication string used to communicate with the RADIUS accounting server.
Syntax Description
primary
Configures the authentication string for the primary RADIUS accounting server.
secondary
Configures the authentication string for the secondary RADIUS accounting
server.
encrypted
Indicates that the string is already encrypted.
string
The string to be used for authentication.
Default
Unconfigured.
Usage Guidelines
The secret must be the same between the client switch and the RADIUS accounting server.
The encrypted keyword is primarily for the output of the show configuration command, so the
shared secret is not revealed in the command output. Do not use it to set the shared secret.
Example
The following command configures the shared secret as “purpleaccount” on the primary RADIUS
accounting server:
configure radius primary shared-secret purpleaccount
History
This command was available in ExtremeWare XOS 10.1.
The encrypted keyword was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
604
configure radius-accounting timeout
configure radius-accounting timeout
configure radius-accounting timeout <seconds>
Description
Configures the timeout interval for RADIUS-Accounting authentication requests.
Syntax Description
seconds
Specifies the number of seconds for accounting requests. Range is 3 to 120
seconds.
Default
The default is 3 seconds.
Usage Guidelines
This command configures the timeout interval for RADIUS-Accounting authentication requests. When
the timeout has expired, another authentication attempt will be made. After three failed attempts to
authenticate, the alternate server will be used.
Example
This example configures the timeout interval for RADIUS-Accounting authentication to 10 seconds.
After 30 seconds (three attempts), the alternate RADIUS server will be used:
configure radius-accounting timeout 10
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
605
Security Commands
configure ssh2 key
configure ssh2 key {pregenerated}
Description
Generates the Secure Shell 2 (SSH2) host key.
Syntax Description
pregenerated
Indicates that the SSH2 authentication key has already been generated. The
user will be prompted to enter the existing key.
Default
The switch generates a key for each SSH2 session.
Usage Guidelines
Secure Shell 2 (SSH2) is a feature of ExtremeWare that allows you to encrypt session data between a
network administrator using SSH2 client software and the switch.or to send encrypted data from the
switch to an SSH2 client on a remote system. Configuration and policy files may also be transferred to
the switch using the Secure Copy Program 2 (SCP2)
SSH2 functionality is not present in the base ExtremeWare XOS software image, but is in an additional,
installable module. Before you can access any SSH2 commands, you must install the module. Without
the module, the commands do not appear on the command line. To install the module, see the
instructions in Appendix A, “Software Upgrade and Boot Options”.
After you have installed the SSH2 module, you must generate a host key and enable SSH2. To generate
an SSH2 host key, use the configure ssh2 key command. To enable SSH2, use the enable ssh2
command.
An authentication key must be generated before the switch can accept incoming SSH2 sessions. This can
be done automatically by the switch, or you can enter a previously generated key.
If you elect to have the key generated, the key generation process takes approximately ten minutes, and
cannot be canceled after it has started. Once the key has been generated, you should save your
configuration to preserve the key.
To use a key that has been previously created, use the pregenerated keyword. You are prompted to
enter the pregenerated key. You can use the show configuration command to list the previously
generated key, and then copy and paste it after the prompt from the configure ssh2 key
{pregenerated} command.
NOTE
Keys generated by ExtremeWare XOS cannot be used on switches running ExtremeWare images, and keys generated
by ExtremeWare cannot be used on switches running ExtremeWare XOS images.
ExtremeWare XOS 11.1 Command Reference Guide
606
configure ssh2 key
The key generation process generates the SSH2 private host key. The SSH2 public host key is derived
from the private host key, and is automatically transmitted to the SSH2 client at the beginning of an
SSH2 session.
To view the status of SSH2 on the switch, use the show management command. The show management
command displays information about the switch including the enable/disable state for SSH2 sessions,
whether a valid key is present, and the TCP port and virtual router that is being used
Example
The following command generates an authentication key for the SSH2 session:
configure ssh2 key
The command responds with the following messages:
WARNING: Generating new server host key
This will take approximately 10 minutes and cannot be canceled.
Continue? (y/n)
If you respond yes, the command begins the process.
To configure an SSH2 session using a previously generated key, use the following command:
configure ssh2 key pregenerated
The command responds with the following message:
Please enter the server key
Enter the previously-generated key (you can copy and paste it from the saved configuration file).
History
This command was first available in the ExtremeWare XOS 11.0 SSH module.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
607
Security Commands
configure tacacs server
configure tacacs [primary | secondary] server [<ipaddress> | <hostname>]
{<tcp_port>} client-ip <ipaddress> {vr <vr_name>}
Description
Configures the server information for a TACACS+ authentication server.
Syntax Description
primary
Configures the primary TACACS+ server.
secondary
Configures the secondary TACACS+ server.
ipaddress
The IP address of the TACACS+ server being configured.
hostname
The host name of the TACACS+ server being configured.
tcp_port
The TCP port to use to contact the TACACS+ server.
ipaddress
The IP address used by the switch to identify itself when communicating with
the TACACS+ server.
vr_name
Specifies the virtual router on which the client IP is located.
Default
TACACS+ uses TCP port 49. The default virtual router is VR-0, the management virtual router
Usage Guidelines
Configure the server information for a TACACS+ server.
To remove a server, use the following command:
unconfigure tacacs server [primary | secondary]
Use of the <hostname> parameter requires that DNS be enabled.
Example
The following command configures server tacacs1 as the primary TACACS+ server for client switch
10.10.20.35 using a virtual router interface of VR-2:
configure tacacs primary server tacacs1 client-ip 10.10.20.35 vr vr-2
History
This command was available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
608
configure tacacs server
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
609
Security Commands
configure tacacs shared-secret
configure tacacs [primary | secondary] shared-secret {encrypted} <string>
Description
Configures the shared secret string used to communicate with the TACACS+ authentication server.
Syntax Description
primary
Configures the authentication string for the primary TACACS+ server.
secondary
Configures the authentication string for the secondary TACACS+ server.
encrypted
Indicates that the string is already encrypted.
string
The string to be used for authentication.
Default
N/A.
Usage Guidelines
The secret must be the same between the client switch and the TACACS+ server.
The encrypted keyword is primarily for the output of the show configuration command, so the
shared secret is not revealed in the command output. Do not use it to set the shared secret.
Example
The following command configures the shared secret as “purplegreen” on the primary TACACS+
server:
configure tacacs-accounting primary shared-secret purplegreen
History
This command was available in ExtremeWare XOS 10.1.
The encrypted keyword was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
610
configure tacacs timeout
configure tacacs timeout
configure tacacs timeout <seconds>
Description
Configures the timeout interval for TACAS+ authentication requests.
Syntax Description
seconds
Specifies the number of seconds for authentication requests. Range is 3 to
120 seconds.
Default
The default is 3 seconds.
Usage Guidelines
This command configures the timeout interval for TACACS+ authentication requests. When the timeout
has expired, another authentication attempt will be made to the next alternative authentication method.
Example
The following command configures the timeout interval for TACACS+ authentication to 10 seconds:
configure tacacs timeout 10
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
611
Security Commands
configure tacacs-accounting server
configure tacacs-accounting [primary | secondary] server [<ipaddress> |
<hostname>] {<udp_port>} client-ip <ipaddress> {vr <vr_name>}
Description
Configures the TACACS+ accounting server.
Syntax Description
primary
Configures the primary TACACS+ accounting server.
secondary
Configures the secondary TACACS+ accounting server.
ipaddress
The IP address of the TACACS+ accounting server being configured.
hostname
The host name of the TACACS+ accounting server being configured.
tcp_port
The TCP port to use to contact the TACACS+ server.
ipaddress
The IP address used by the switch to identify itself when communicating with
the TACACS+ accounting server.
vr_name
Specifies the virtual router on which the client IP is located.
Default
Unconfigured. The default virtual router is VR-0, the management virtual router.
Usage Guidelines
You can use the same TACACS+ server for accounting and authentication.
To remove a server, use the following command:
unconfigure tacacs server [primary | secondary]
Example
The following command configures server tacacs1 as the primary TACACS+ accounting server for client
switch 10.10.20.35 using a virtual router interface of VR-2:
configure tacacs-accounting primary server tacacs1 client-ip 10.10.20.35 vr vr-2
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
612
configure tacacs-accounting shared-secret
configure tacacs-accounting shared-secret
configure tacacs-accounting [primary | secondary] shared-secret {encrypted}
<string>
Description
Configures the shared secret string used to communicate with the TACACS+ accounting server.
Syntax Description
primary
Configures the authentication string for the primary TACACS+ accounting
server.
secondary
Configures the authentication string for the secondary TACACS+ accounting
server.
string
The string to be used for authentication.
Default
N/A.
Usage Guidelines
Secret needs to be the same as on the TACACS+ server.
The encrypted keyword is primarily for the output of the show configuration command, so the
shared secret is not revealed in the command output. Do not use it to set the shared secret.
Example
The following command configures the shared secret as “tacacsaccount” on the primary TACACS+
accounting server:
configure tacacs-accounting primary shared-secret tacacsaccount
History
This command was available in ExtremeWare XOS 10.1.
The encrypted keyword was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
613
Security Commands
configure tacacs-accounting timeout
configure tacacs-accounting timeout <seconds>
Description
Configures the timeout interval for TACACS+ accounting authentication requests.
Syntax Description
seconds
Specifies the number of seconds for accounting requests. Range is 3 to 120
seconds
Default
The default is 3 seconds.
Usage Guidelines
This command configures the timeout interval for TACACS+ accounting authentication requests. When
the timeout has expired, another authentication attempt will be made to the next alternative TACACS+
accounting server.
Example
The following command configures the timeout interval for TACACS+ accounting authentication to 10
seconds:
configure tacacs-accounting timeout 10
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
614
configure vlan dhcp-address-range
configure vlan dhcp-address-range
configure vlan <vlan_name> dhcp-address-range <ipaddress1> - <ipaddress2>
Description
Configures a set of DHCP addresses for a VLAN.
Syntax Description
vlan_name
Specifies the VLAN on whose ports DHCP will be enabled.
ipaddress1
Specifies the first IP address in the DHCP address range to be assigned to this
VLAN.
ipaddress2
Specifies the last IP address in the DHCP address range to be assigned to this
VLAN.
Default
N/A.
Usage Guidelines
The following error conditions are checked: ipaddress2 >= ipaddress1, the range must be in the VLAN's
network, the range does not contain the VLAN's IP address, and the VLAN has an IP address assigned.
Example
The following command allocates the IP addresses between 192.168.0.20 and 192.168.0.100 for use by the
VLAN temporary:
configure temporary dhcp-address-range 192.168.0.20 - 192.168.0.100
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
615
Security Commands
configure vlan dhcp-lease-timer
configure vlan <vlan_name> dhcp-lease-timer <lease-timer>
Description
Configures the timer value in seconds returned as part of the DHCP response.
Syntax Description
name
Specifies the VLAN on whose ports netlogin should be disabled.
lease-timer
Specifies the timer value, in seconds.
Default
N/A.
Usage Guidelines
The timer value is specified in seconds. The timer value range is 0 - 4294967295, where 0 indicates the
default (not configured) value of 7200 second.
Example
The following command configures the DHCP lease timer value for VLAN corp:
configure vlan corp dhcp-lease-timer <lease-timer>
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
616
configure vlan dhcp-options
configure vlan dhcp-options
configure vlan <vlan_name> dhcp-options [default-gateway | dns-server |
wins-server] <ipaddress>
Description
Configures the DHCP options returned as part of the DHCP response by a switch configured as a
DHCP server.
Syntax Description
name
Specifies a VLAN name.
default-gateway
Specifies the router option.
dns-server
Specifies the Domain Name Server (DNS) option.
wins-server
Specifies the NetBIOS name server (NBNS) option.
ipaddress
The IP address associated with the specified option.
Default
N/A.
Usage Guidelines
This command configures the DHCP options that can be returned to the DHCP client. For the defaultgateway option you are only allowed to configure an IP address that is in the VLAN's network range.
For the other options, any IP address is allowed.
The options below represent the following BOOTP options specified by RFC2132:
●
default-gateway—Router option, number 3
●
dns-server—Domain Name Server option, number 6
●
wins-server—NetBIOS over TCP/IP Name Server option, number 44
Example
The following command configures the DHCP server to return the IP address 10.10.20.8 as the router
option:
configure vlan <name> dhcp-options default-gateway 10.10.20.8
History
This command was first available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
617
Security Commands
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
618
configure vlan netlogin-lease-timer
configure vlan netlogin-lease-timer
configure vlan <vlan name> netlogin-lease-timer <seconds>
Description
Configures the timer value returned as part of the DHCP response for clients attached to
Network Login-enabled ports.
Syntax Description
vlan name
Specifies the VLAN to which this timer value applies.
seconds
Specifies the timer value, in seconds.
Default
10 seconds.
Usage Guidelines
The timer value is specified in seconds.
This command applies only to the web-based authentication mode of Network Login.
Example
The following command sets the timer value to 15 seconds for VLAN corp:
configure vlan corp netlogin-lease-timer 15
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
619
Security Commands
disable dos-protect
disable dos-protect
Description
Disables denial of service protection.
Syntax Description
There are no arguments or variables for this command.
Default
Default is disabled.
Usage Guidelines
None.
Example
The following command disables denial of service protection.
disable dos-protect
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
620
disable dhcp ports vlan
disable dhcp ports vlan
disable dhcp ports <portlist> vlan <vlan name>
Description
Disables DHCP on a specified port in a VLAN.
Syntax Description
portlist
Specifies the ports for which DHCP should be disabled.
vlan name
Specifies the VLAN on whose ports DHCP should be disabled.
Default
N/A.
Usage Guidelines
None.
Example
The following command disables DHCP for port 6:9 in VLAN corp:
disable dhcp ports 6:9 vlan corp
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
621
Security Commands
disable netlogin
disable netlogin [{dot1x} {mac} {web-based}]
Description
Disables Network Login modes.
Syntax Description
dot1x
Specifies 802.1x authentication.
mac
Specifies MAC-based authentication.
web-based
Specifies web-based authentication.
Default
All types of authentication are disabled.
Usage Guidelines
Any combination of authentication types can be disabled on the same switch. To enable an
authentication mode, use the following command:
enable netlogin [{dot1x} {mac} {web-based}]
Example
The following command disables Network Login:
disable netlogin
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
622
disable netlogin logout-privilege
disable netlogin logout-privilege
disable netlogin logout-privilege
Description
Disables Network Login logout window pop-up.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
This command controls the logout window pop-up on the web-based network client. This command
applies only to the web-based authentication mode of Network Login. When disabled, the logout
window pop-up will no longer appear. However, if session refresh is enabled, the login session will be
terminated after the session refresh timeout.
Example
The following command disables Network Login logout-privilege:
disable netlogin logout-privilege
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
623
Security Commands
disable netlogin ports
disable netlogin ports <portlist> [{dot1x} {mac} {web-based}]
Description
Disables Network Login on a specified port for a particular method.
Syntax Description
portlist
Specifies the ports for which netlogin should be disabled.
dot1x
Specifies 802.1x authentication.
mac
Specifies MAC-based authentication.
web-based
Specifies web-based authentication.
Default
Netlogin is disabled by default.
Usage Guidelines
Network Login must be disabled on a port before you can delete a VLAN that contains that port.
This command applies to the MAC-based, web-based, and 802.1x mode of Network Login. To control
which authentication mode is used by Network Login, use the following commands:
enable netlogin [{dot1x} {mac} {web-based}]
disable netlogin [{dot1x} {mac} {web-based}]
Example
The following command disables dot1x and web-based Network Login on port 2:9:
disable netlogin ports 2:9 dot1x web-based
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
624
disable netlogin session-refresh
disable netlogin session-refresh
disable netlogin session-refresh
Description
Disables Network Login session refresh.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
Network Login sessions can refresh themselves after a configured timeout. After the user has been
logged in successfully, a logout window opens which can be used to close the connection by clicking on
the LogOut link. Any abnormal closing of this window is detected on the switch and the user is logged
out after a time interval as configured for session refresh. The session refresh is enabled and set to five
minutes by default.
This command applies only to the web-based authentication mode of Network Login.
Example
The following command disables Network Login session refresh:
disable netlogin session-refresh
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
625
Security Commands
disable radius
disable radius
Description
Disables the RADIUS client.
Syntax Description
This command has no arguments or variables.
Default
RADIUS authentication is disabled by default.
Usage Guidelines
None.
Example
The following command disables RADIUS authentication for the switch:
disable radius
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
626
disable radius-accounting
disable radius-accounting
disable radius-accounting
Description
Disables RADIUS accounting.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following command disables RADIUS accounting for the switch:
disable radius-accounting
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
627
Security Commands
disable ssh2
disable ssh2
Description
Disables the SSH2 server for incoming SSH2 sessions to switch.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
SSH2 options (non-default port setting) are not saved when SSH2 is disabled.
To view the status of SSH2 on the switch, use the show management command. The show management
command displays information about the switch including the enable/disable state for SSH2.
Example
The following command disables the SSH2 server:
disable ssh2
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
628
disable tacacs
disable tacacs
disable tacacs
Description
Disables TACACS+ authentication.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following command disables TACACS+ authentication for the switch:
disable tacacs
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
629
Security Commands
disable tacacs-accounting
disable tacacs-accounting
Description
Disables TACACS+ accounting.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following command disables TACACS+ accounting:
disable tacacs-accounting
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
630
disable tacacs-authorization
disable tacacs-authorization
disable tacacs-authorization
Description
Disables TACACS+ authorization.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
This disables CLI command authorization but leaves user authentication enabled.
Example
The following command disables TACACS+ CLI command authorization:
disable tacacs-authorization
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
631
Security Commands
enable dos-protect
enable dos-protect
Description
Enables denial of service protection.
Syntax Description
This command has no arguments or variables.
Default
Default is disabled.
Usage Guidelines
None.
Example
The following command enables denial of service protection.
enable dos-protect
History
This command was first available in ExtremeWare XOS 11.1
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
632
enable dhcp ports vlan
enable dhcp ports vlan
enable dhcp ports <portlist> vlan <vlan_name>
Description
Enables DHCP on a specified port in a VLAN.
Syntax Description
portlist
Specifies the ports for which DHCP should be disabled.
vlan_name
Specifies the VLAN on whose ports DHCP should be disabled.
Default
N/A.
Usage Guidelines
None.
Example
The following command enables DHCP for port 5:9 in VLAN corp:
disable dhcp ports 5:9 vlan corp
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
633
Security Commands
enable netlogin
enable netlogin [{dot1x} {mac} {web-based}]
Description
Enables Network Login authentication modes.
Syntax Description
dot1x
Specifies 802.1x authentication.
mac
Specifies mac-based authentication.
web-based
Specifies web-based authentication.
Default
All types of authentication are disabled.
Usage Guidelines
Any combination of types of authentication can be enabled on the same switch. At least one of the
authentication types must be specified on the command line. To disable an authentication mode, use the
following command:
disable netlogin [{dot1x} {mac} {web-based}]
Example
The following command enables web-based Network Login:
enable netlogin web-based
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
634
enable netlogin logout-privilege
enable netlogin logout-privilege
enable netlogin logout-privilege
Description
Enables Network Login logout pop-up window.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
This command controls the logout window pop-up on the web-based network client. This command
applies only to the web-based authentication mode of Network Login.
Example
The following command enables Network Login logout-privilege:
enable netlogin logout-privilege
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
635
Security Commands
enable netlogin ports
enable netlogin ports <portlist> [{dot1x} {mac} {web-based}]
Description
Enables Network Login on a specified port for a particular method.
Syntax Description
portlist
Specifies the ports for which netlogin should be disabled.
dot1x
Specifies 802.1x authentication.
mac
Specifies MAC-based authentication.
web-based
Specifies web-based authentication.
Default
All methods are disabled on all ports.
Usage Guidelines
For campus mode login with web-based clients, the following conditions must be met:
●
A DHCP server must be available, and a DHCP range must be configured for the port or ports in the
VLAN on which you want to enable Network Login.
●
The switch must be configured as a RADIUS client, and the RADIUS server must be configured to
enable the Extreme Network Login capability.
For ISP mode login, no special conditions are required. A RADIUS server must be used for
authentication.
Network Login is used on a per port basis. A port that is tagged can belong to more than one VLAN. In
this case, Network Login can be enabled on one port for each VLAN.
Windows authentication is not supported via Network Login.
Example
The following command configures Network Login on port 2:9 using web-based authentication:
enable netlogin ports 2:9 web-based
History
This command was first available in ExtremeWare XOS 11.1.
ExtremeWare XOS 11.1 Command Reference Guide
636
enable netlogin ports
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
637
Security Commands
enable netlogin session-refresh
enable netlogin session-refresh {<minutes>}
Description
Disables Network Login session refresh.
Syntax Description
minutes
Specifies the session refresh time for Network Login in minutes.
Default
Disabled, with a value of three minutes for session refresh.
Usage Guidelines
Network Login sessions can refresh themselves after a configured timeout. After the user has been
logged in successfully, a logout window opens which can be used to close the connection by clicking on
the Logout link. Any abnormal closing of this window is detected on the switch and the user is logged
out after a time interval as configured for session refresh. The session refresh is enabled and set to three
minutes by default. The value can range from 1 to 255 minutes. When you configure the Network Login
session refresh for the logout window, ensure that the FDB aging timer is greater than the Network
Login session refresh timer.
This command applies only to the web-based authentication mode of Network Login.
Use this command without the minutes parameter to reset the session refresh value to the default.
Example
The following command enables Network Login session refresh and sets the refresh time to ten
minutes:
enable netlogin session-refresh 10
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
638
enable radius
enable radius
enable radius
Description
Enables the RADIUS client on the switch.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
When enabled, all web and Telnet logins are sent to the RADIUS servers for authentication. When used
with a RADIUS server that supports ExtremeWare XOS CLI authorization, each CLI command is sent to
the RADIUS server for authorization before it is executed.
Example
The following command enables RADIUS authentication for the switch:
enable radius
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
639
Security Commands
enable radius-accounting
enable radius-accounting
Description
Enables RADIUS accounting.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
The RADIUS client must also be enabled.
Example
The following command enables RADIUS accounting for the switch:
enable radius-accounting
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
640
enable ssh2
enable ssh2
enable ssh2 {port <tcp_port_number>} {vr [<vr_name> | all | default]}
Description
Enables SSH2 server to accept incoming sessions from SSH2 clients.
Syntax Description
port
Specifies a TCP port number. The default is port 22.
vr_name
Specifies a virtual router name.
all
Specifies that SSH is enabled on all virtual routers.
default
Specifies that SSH is enabled on the default virtual router.
Default
The SSH2 feature is disabled by default.
Usage Guidelines
SSH2 enables the encryption of session data. You must be logged in as an administrator to enable SSH2.
SSH2 functionality is not present in the base ExtremeWare XOS software image, but is in an additional,
installable module. Before you can access any SSH2 commands, you must install the module. Without
the module, the commands do not appear on the command line. To install the module, see the
instructions in Appendix A, “Software Upgrade and Boot Options.”
After you have installed the SSH2 module, you must generate a host key and enable SSH2. To generate
an SSH2 host key, use the configure ssh2 key command. To enable SSH2, use the enable ssh2
command.
Use the port option to specify a TCP port number other than the default port of 22.
To view the status of SSH2 sessions on the switch, use the show management command. The show
management command displays information about the switch including the enable/disable state for
SSH2 sessions and whether a valid key is present.
Example
The following command enables the SSH2 feature:
enable ssh2
History
This command was first available in the ExtremeWare XOS 11.0 SSH module.
ExtremeWare XOS 11.1 Command Reference Guide
641
Security Commands
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
642
enable tacacs
enable tacacs
enable tacacs
Description
Enables TACACS+ authentication.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
After they have been enabled, all web and Telnet logins are sent to one of the two TACACS+ servers for
login name authentication.
Example
The following command enables TACACS+ user authentication:
enable tacacs
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
643
Security Commands
enable tacacs-accounting
enable tacacs-accounting
Description
Enables TACACS+ accounting.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
If accounting is used, the TACACS+ client must also be enabled.
Example
The following command enables TACACS+ accounting for the switch:
enable tacacs-accounting
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
644
enable tacacs-authorization
enable tacacs-authorization
enable tacacs-authorization
Description
Enables CLI command authorization.
Syntax Description
This command has no arguments or variables.
Default
Disabled.
Usage Guidelines
When enabled, each command is transmitted to the remote TACACS+ server for authorization before
the command is executed. TACACS+ authentication must also be enabled to use TACACS+
authorization. Use the following command to enable authentication:
enable tacacs
Example
The following command enables TACACS+ command authorization for the switch:
enable tacacs-authorization
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
645
Security Commands
show banner netlogin
show banner netlogin
Description
Displays the user-configured banner string for Network Login.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
Use this command to view the banner that is displayed on the Network Login page.
Example
The following command displays the Network Login banner:
show banner netlogin
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
646
show dhcp-server
show dhcp-server
show dhcp-server {vlan <vlan_name>}
Description
Displays the DHCP server’s configuration and address allocation on a specified VLAN.
Syntax Description
vlan_name
Specifies the VLAN of the DHCP server of interest.
Default
N/A.
Usage Guidelines
If no VLAN is specified, the configuration and address allocation for the servers on all the VLANs is
displayed.
Example
The following command displays the configuration and address allocation for the DHCP server for the
VLAN corp:
show dhcp-server vlan corp
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
647
Security Commands
show dos-protect
show dos-protect {detail}
Description
Displays DoS protection configuration and state.
Syntax Description
detail
Specifies to display statistics in addition to configuration and state.
Default
N/A.
Usage Guidelines
Use this command to display the DoS protection settings. Using the detail option will also display the
following cumulative statistics:
●
trusted
●
notify
●
alerts
Example
The following command displays the DoS protection settings for the switch:
show dos-protect
The following is sample output from this command:
dos-protect is disabled
dos-protect settings:
interval:
1 (measurement interval secs)
acl expire time: 5 (secs)
trusted ports:
no trusted ports configured
type L3-Protect:
notify threshold:
alert threshold:
3500
4000
(level to log a message)
(level to generate an ACL)
The following command displays detailed DoS protection settings for the switch:
show dos-protect detail
ExtremeWare XOS 11.1 Command Reference Guide
648
show dos-protect
The following is sample output from this command:
dos-protect is enabled
dos-protect settings:
interval:
1 (measurement interval secs)
acl expire time: 5 (secs)
trusted ports:
1:2
type L3-Protect:
notify threshold:
alert threshold:
3500
4000
(level to log a message)
(level to generate an ACL)
dos-protect statistics:
trusted:
1301
notify:
0
alerts:
0
History
This command was available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
649
Security Commands
show netlogin
show netlogin {port <portlist> vlan <vlan name>} {dot1x {detail}} {mac}
{web-based}
Description
Shows status information for Network Login.
Syntax Description
portlist
Specifies one or more ports or slots and ports. On a modular switch, can be a
list of slots and ports. On a stand-alone switch, can be one or more port
numbers. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.
vlan name
Specifies the name of a VLAN.
dot1x
Specifies 802.1x information.
mac
Specifies MAC-based information.
web-based
Specifies web-based information.
detail
Shows detailed information.
Default
N/A.
Usage Guidelines
The information reported by this command is the following:
●
Whether Network Login is enabled or disabled.
●
The base-URL.
●
The default redirect page.
●
The logout privileges setting.
●
The netlogin session-refresh setting and time.
●
The MAC and IP address of supplicants
●
The type of authentication, 802.1x, MAC-based, or HTTP (web-based).
If you do not specify the authentication type, all will be displayed.
Example
The following command shows the summary Network Login information:
show netlogin
ExtremeWare XOS 11.1 Command Reference Guide
650
show netlogin
The following is sample output from this command:
Netlogin Authentication Modes Enabled: Web-based, dot1x, mac-based
-----------------------------------------------Web-based Mode Global Configuration
-----------------------------------------------Base-URL
: "network-access.net"
Default-Redirect-Page
: "http://www.extremenetworks.com"
Logout-privilege
:
YES
Netlogin Session-Refresh
:
DISABLED ; 3 minutes
----------------------------------------------------------------------------------------------802.1x Mode Global Configuration
-----------------------------------------------Quiet Period
:
60
secs
Client Response Timeout
:
30
secs
Default Reauthentication Timeout
:
3600
secs
RADIUS server timeout
:
30
EAPOL MPDU version to transmit
:
v2
-----------------------------------------------Port: 3:2,
Vlan:
MAC
00:0C:F1:E8:4E:13
00:01:30:F3:EA:A0
Default, State: Authenticated
IP address
Auth
Type
0.0.0.0
No
802.1x
10.0.0.1
Yes
802.1x
Port: 3:2,
Vlan: Corp, State: Unauthenticated
MAC
IP address
Auth
Type
00:E0:2B:D9:E2:00 0.0.0.0
No
802.1x
ReAuth-Timer User
0
Unknown
0
testUser
ReAuth-Timer User
0
Unknown
Total Number of Authenticated Clients : 1
The following command shows more detailed information, including the configured authentication
methods:
show netlogin port 3:2 vlan "Default"
The following is sample output from this command:
Port: 2:1
Authentication:
Port State:
Guest VLAN:
DHCP:
Vlan: Default
Web-Based, 802.1x
Unauthenticated
Not Enabled
Not Enabled
MAC
00:0C:F1:E8:4E:13
00:01:30:F3:EA:A0
IP address
0.0.0.0
10.0.0.1
ExtremeWare XOS 11.1 Command Reference Guide
Auth
No
Yes
Type
802.1x
802.1x
ReAuth-Timer User
0
Unknown
0
testUser
651
Security Commands
The following command shows the details of the 802.1x mode:
show netlogin dot1x detail
The following is sample output from this command:
NetLogin Authentication Mode : web-based DISABLED;
DISABLED
NetLogin VLAN
: "nl"
NetLogin move-fail-action
: Deny
802.1x ENABLED;
mac-based
-----------------------------------------------802.1x Mode Global Configuration
-----------------------------------------------Quiet Period
: 30
Supplicant Response Timeout
: 30
Re-authentication period
: 3600
RADIUS server timeout
: 30
-----------------------------------------------Port: 1:1,
Vlan: Default,
State: Enabled,
MAC
00:00:86:53:c3:14
Authentication: 802.1x
: IP=0.0.0.0
Auth=Yes
: AuthPAE state=AUTHENTICATED
: ReAuth time left=3595
00:02:03:04:04:05
: IP=0.0.0.0
Auth=No
: AuthPAE state=CONNECTING
: ReAuth time left=0
-----------------------------------------------
User= testUser
BackAuth state=IDLE
ReAuth count=1
User=
BackAuth state=IDLE
ReAuth count=2
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
652
show netlogin mac-list
show netlogin mac-list
show netlogin mac-list
Description
Displays the MAC address list for MAC-based Network Login.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
Use this command to display the MAC address list used for MAC-based Network Login.
Example
The following example displays the MAC address list:
show netlogin mac-list
The following is sample output from this command:
MAC Address/Mask
-------------------00:01:30:70:0C:00/48
00:01:30:32:7D:00/48
00:04:96:00:00:00/24
00:06:00:00:00:00/32
default
Password (encrypted)
---------------------------------------yaqu
#ravdqsr
<not configured>
<not configured>
<not configured>
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
653
Security Commands
show radius
show radius
Description
Displays the current RADIUS client configuration and statistics.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
The output from this command displays the status of the RADIUS and RADIUS accounting (enabled or
disabled) and the primary and secondary servers for RADIUS and RADIUS accounting:
Example
The following command displays the current RADIUS client configuration and statistics:
show radius
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
654
show radius-accounting
show radius-accounting
show radius-accounting
Description
Displays the current RADIUS accounting client configuration and statistics.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
The output from this command displays information about the status and configuration of RADIUS
accounting
Example
The following command displays RADIUS accounting client configuration and statistics:
show radius-accounting
The following is sample output from this command:
Radius Accounting: enabled
Radius Acct Server Connect Timeout sec: 3
Primary radius accounting server:
Server name: 172.17.1.104
IP address: 172.17.1.104
Server IP Port: 1646
Client address: 172.17.1.221
Shared secret: lf|nki
Acct Requests:0 Acct Responses:0
Secondary radius accounting server:
Server name: 172.17.1.123
IP address: 172.17.1.123
Server IP Port: 1646
Client address: 172.17.1.221
Shared secret: lf|nki
Acct Requests:0 Acct Responses:0
Acct Retransmits:0
Timeouts:0
Acct Retransmits:0
Timeouts:0
History
This command was available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
655
Security Commands
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
656
show tacacs
show tacacs
show tacacs
Description
Displays the current TACACS+ configuration and statistics.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following command displays TACACS+ client configuration and statistics:
show tacacs
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
657
Security Commands
show tacacs-accounting
show tacacs-accounting
Description
Displays the current TACACS+ accounting client configuration and statistics.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following command displays TACACS+ accounting client configuration and statistics:
show tacacs-accounting
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
658
show vlan dhcp-address-allocation
show vlan dhcp-address-allocation
show vlan <vlan_name> dhcp-address-allocation
Description
Displays the DHCP server’s address allocation on a specified VLAN.
Syntax Description
vlan_name
Specifies the VLAN of the DHCP server of interest.
Default
N/A.
Usage Guidelines
None.
Example
The following command displays the configuration of the DHCP for the VLAN corp:
show vlan corp dhcp-address-allocation
The following is sample output from this command:
============================================================================
IP
MAC
State
Lease Renewal Time
============================================================================
10.0.0.2
00:02:03:04:05:00
Offered
0000:00:10
10.0.0.3
00:08:03:04:05:00
Assigned
0000:59:09
10.0.0.4
ee:1c:00:04:05:00
Assigned
0000:59:09
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
659
Security Commands
show vlan dhcp-config
show vlan <vlan_name> dhcp-config
Description
Displays the DHCP server's configuration for the specified VLAN.
Syntax Description
vlan_name
Specifies the VLAN of the DHCP server of interest.
Default
N/A.
Usage Guidelines
None.
Example
The following command displays the configuration of the DHCP server for the VLAN corp:
show vlan corp dhcp-config
The following is sample output from this command:
DHCP Address Range
DHCP Lease Timer
Default Gateway
DNS Server
WINS Server
Ports DHCP Enabled
:
:
:
:
:
:
10.0.0.2->10.0.0.20
Not configured (Default = 7200 seconds)
10.0.0.1
10.0.0.80
10.0.0.80
1:1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
660
unconfigure netlogin vlan
unconfigure netlogin vlan
unconfigure netlogin vlan
Description
Unconfigures the VLAN for Network Login.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
This command will unconfigure the VLAN used for unauthenticated clients. One VLAN needs to be
configured per virtual router. To change the VLAN, Network Login needs to be disabled.
Example
The following example unconfigures the Network Login VLAN:
unconfigure netlogin vlan
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
661
Security Commands
unconfigure radius
unconfigure radius {server [primary | secondary]}
Description
Unconfigures the RADIUS client configuration.
Syntax Description
primary
Unconfigures the primary RADIUS server.
secondary
Unconfigures the secondary RADIUS server.
Default
Unconfigures both primary and secondary servers.
Usage Guidelines
None.
Example
The following command unconfigures the secondary RADIUS server settings:
unconfigure radius server secondary
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
662
unconfigure radius-accounting
unconfigure radius-accounting
unconfigure radius-accounting {server [primary | secondary]}
Description
Unconfigures the RADIUS accounting server configuration.
Syntax Description
primary
Unconfigures the primary RADIUS accounting server.
secondary
Unconfigures the secondary RADIUS accounting server.
Default
Unconfigures both the primary and secondary accounting servers.
Usage Guidelines
None.
Example
The following command unconfigures the secondary RADIUS accounting server settings:
unconfigure radius-accounting server secondary
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
663
Security Commands
unconfigure tacacs
unconfigure tacacs {server [primary | secondary]}
Description
Unconfigures the TACACS+ server configuration.
Syntax Description
primary
Unconfigures the primary TACACS+ server.
secondary
Unconfigures the secondary TACACS+ server.
Default
Unconfigures both the primary and secondary TACACS+ servers.
Usage Guidelines
None.
Example
The following command unconfigures all TACACS+ servers settings:
unconfigure tacacs
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
664
unconfigure tacacs-accounting
unconfigure tacacs-accounting
unconfigure tacacs-accounting {server [primary | secondary]}
Description
Unconfigures the TACACS+ accounting server configuration.
Syntax Description
primary
Unconfigures the primary TACACS+ accounting server.
secondary
Unconfigures the secondary TACACS+ accounting server.
Default
Unconfigures both the primary and secondary TACACS+ accounting servers.
Usage Guidelines
None.
Example
The following command unconfigures all TACACS+ accounting servers settings:
unconfigure tacacs-accounting
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
665
Security Commands
unconfigure vlan dhcp
unconfigure vlan <vlan_name> dhcp
Description
Unconfigure all the DHCP configuration information for the specified VLAN.
Syntax Description
vlan_name
Specifies the VLAN on which to unconfigure DHCP.
Default
N/A.
Usage Guidelines
None.
Example
The following command unconfigures the DHCP server for the VLAN temporary:
unconfigure temporary dhcp
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
666
unconfigure vlan dhcp-address-range
unconfigure vlan dhcp-address-range
unconfigure vlan <vlan_name> dhcp-address-range
Description
Unconfigure the DHCP address range information for the specified VLAN.
Syntax Description
vlan_name
Specifies the VLAN on which to unconfigure DHCP.
Default
N/A.
Usage Guidelines
None.
Example
The following command unconfigures the DHCP address range for the VLAN temporary:
unconfigure temporary dhcp-address-range
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
667
Security Commands
unconfigure vlan dhcp-options
unconfigure vlan <vlan_name> dhcp-options
Description
Unconfigure the DHCP option information for the specified VLAN.
Syntax Description
vlan_name
Specifies the VLAN on which to unconfigure DHCP.
Default
N/A.
Usage Guidelines
None.
Example
The following command unconfigures the DHCP options for the VLAN temporary:
unconfigure temporary dhcp-options
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
668
14 CLEARFlow Commands
This chapter describes commands for:
●
Enabling and disabling CLEARFlow
●
Displaying CLEARFlow rules
●
Displaying triggered CLEARFlow rules
CLEARFlow is a broad framework for implementing security, monitoring, and anomaly detection in
ExtremeWare XOS software. Instead of simply looking at the source and destination of traffic,
CLEARFlow allows you to specify certain types of traffic that require more attention. Once certain
criteria for this traffic are met, the switch can either take an immediate, pre-determined action, or send a
copy of the traffic off-switch for analysis.
CLEARFlow is an extension to Access Control Lists (ACLs). You create ACL policy rules to count
packets of interest. CLEARFlow rules are added to the policy to monitor these ACL counter statistics.
The CLEARFlow agent monitors the counters for the situations of interest to you and your network.
You can monitor the cumulative value of a counter, the change to a counter over a sampling interval,
the ratio of two counters, or even the ratio of the changes of two counters over an interval. For example,
you can monitor the ratio between TCP SYN and TCP packets. An abnormally large ratio may indicate
a SYN attack.
If the rule conditions are met, the CLEARFlow actions configured in the rule are executed. The switch
can respond by installing an ACL that will block or rate limit the traffic, executing a set of CLI
commands, or sending a report using a SNMP trap or EMS log message.
ExtremeWare XOS 11.1 Command Reference Guide
669
CLEARFlow Commands
disable clear-flow
disable clear-flow
Description
Disable the CLEARFlow agent.
Syntax Description
This command has no arguments or variables.
Default
CLEARFlow is disabled by default.
Usage Guidelines
When the CLEARFlow agent is disabled, sampling stops and the and all rules are left in the current
state. It will not reset actions that were taken while CLEARFlow was enabled.
Example
The following example disables CLEARFlow on the switch:
disable clear-flow
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
670
enable clear-flow
enable clear-flow
enable clear-flow
Description
Enable the CLEARFlow agent.
Syntax Description
This command has no arguments or variables.
Default
CLEARFlow is disabled by default.
Usage Guidelines
When the CLEARFlow agent is enabled, sampling begins and actions are taken based on the
CLEARFlow rules that are configured on the switch.
Example
The following example enables CLEARFlow on the switch:
enable clear-flow
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
671
CLEARFlow Commands
show clear-flow
show clear-flow
Description
Displays the status of the CLEARFlow agent, any CLEARFlow policies on each interface, and the
number of CLEARFlow rules.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following display shows output for the command show clear-flow:
clear-flow: Enabled
VLAN
Port
Policy Name
No. of CF Rules
==============================================================
*
2:1
CFexample
6
*
2:26
CFexample
6
*
2:40
CFexample
6
Default
*
CFexample
6
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
672
show clear-flow acl-modified
show clear-flow acl-modified
show clear-flow acl-modified
Description
Displays the ACLs modified by CLEARFlow actions.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
This command displays the ACLs that have been modified by CLEARFlow rules that have been
triggered.
Example
The following display shows output for the command show clear-flow acl-modified:
Policy Name
Vlan Name
Port Rule Name
Default ACL
CF Added
Actions
Actions
================================================================================
clearFlow
*
2:26 acl-rule-4
D
QP1
clearFlow
*
2:26 acl-rule-3
D
D
clearFlow
*
2:26 acl-rule-2
D
M
clearFlow
*
2:26 acl-rule-1
P
clearFlow
Default
*
acl-rule-4
D
QP1
clearFlow
Default
*
acl-rule-3
D
D
clearFlow
Default
*
acl-rule-2
D
M
clearFlow
Default
*
acl-rule-1
P
================================================================================
Total Entries: 8
Notation:
P - Permit, D- Deny, M - mirror enabled, m - mirror disabled
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
673
CLEARFlow Commands
show clear-flow rule
show clear-flow [port <port> | vlan <vlanname> | any] {rule <rulename>}
{detail}
Description
Displays the CLEARFlow rules, values, and configuration.
Syntax Description
port
Specifies the port.
vlanname
Specifies the VLAN.
any
Specifies the wildcard interface.
rulename
Specifies the entry name of a CLEARFlow rule.
detail
Display detailed information.
Default
N/A.
Usage Guidelines
If you issue the command without the rule keyword, all of the CLEARFlow rules for the policy on the
port, VLAN, and the wildcard are displayed. If you specify a rule name, only that rule will be
displayed. The detail keyword displays detailed information about the rule.
Example
The following display shows output for the command show clear-flow port 2:6:
Rule Name
Type Period
Last
Rel Threshold
TCNT NumAction
Value
Oper
If
Else
===============================================================================
rule-count
CN 30
16892762
>
100
7
3
3
rule-delta
DT 30
7762385
>
1000
1
4
3
rule-delta-2
DT 5
0
>
1000
0
4
3
rule-delta-ratio DR 30
0
>
20
0
2
0
rule-ratio
RT 30
0
>
10
0
3
3
rule-ratio-2
RT 5
0
>
10
0
3
3
===============================================================================
Total Entries: 6
Notation:
Threshold Type: CN - Count, DT - Delta, RT - Ratio, DR - DeltaRatio
TCNT - Number of times expression is continously evaluated to be true
ExtremeWare XOS 11.1 Command Reference Guide
674
show clear-flow rule
The following display shows output for the command show clear-flow port 2:6 rule rule-delta
detail:
Rule Name: rule-delta
Sample Period: 30
Hysteresis: 20
================================================================================
DELTA(counter1) = 0 sampled at 24 seconds ago
Expression evaluation is currently FALSE
if (DELTA(counter1) > 1000) then {
PERMIT:
Allow ACL rule acl-rule-3
SYSLOG:
[INFO] [Delta $ruleValue counter $counter1 offset $counterOffset1
delTime $deltaTime delay $delayTime]
CLI:
[disable port $port]
QOS:
Set rule acl-rule-4 qos value to QP6
} else {
DENY:
QOS:
CLI:
}
Block ACL rule acl-rule-3
Set rule acl-rule-4 qos value to QP1
[enable port $port]
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
675
CLEARFlow Commands
show clear-flow rule-all
show clear-flow rule-all
Description
Displays all the CLEARFlow rules on the switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
None.
Example
The following display shows output for the command show clear-flow rule-all:
Policy Name
Vlan Name
Port Rule Name Last Value OP Threshold TCNT Sec
================================================================================
clearFlow
*
2:1 rule-count 1
> 100
0
11
clearFlow
*
2:1 rule-delta 1
> 1000
0
11
clearFlow
*
2:1 rule-delta 0
> 1000
0
4
clearFlow
*
2:1 rule-delta 0
> 20
0
11
clearFlow
*
2:1 rule-ratio 0
> 10
0
11
clearFlow
*
2:1 rule-ratio 0
> 10
0
4
clearFlow
*
2:26 rule-count 9030635
> 100
1
10
clearFlow
*
2:26 rule-delta 9030635
> 1000
1
10
clearFlow
*
2:26 rule-delta 0
> 1000
0
4
clearFlow
*
2:26 rule-delta 0
> 20
0
10
clearFlow
*
2:26 rule-ratio 0
> 10
0
10
clearFlow
*
2:26 rule-ratio 0
> 10
0
4
clearFlow
Default
*
rule-count 36666439
> 100
1
10
clearFlow
Default
*
rule-delta 36666439
> 1000
1
10
clearFlow
Default
*
rule-delta 0
> 1000
0
4
clearFlow
Default
*
rule-delta 0
> 20
0
10
clearFlow
Default
*
rule-ratio 0
> 10
0
10
clearFlow
Default
*
rule-ratio 0
> 10
0
4
================================================================================
Total Entries: 18
Notation:
TCNT - Number of times expression is continously evaluated to be true
Sec - Number of seconds elapsed from last sampled data
ExtremeWare XOS 11.1 Command Reference Guide
676
show clear-flow rule-all
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
677
CLEARFlow Commands
show clear-flow rule-triggered
show clear-flow rule-triggered
Description
Displays the triggered CLEARFlow rules.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
This command displays the rules that have been triggered; in other words, the rule threshold has been
reached.
Example
The following display shows output for the command show clear-flow rule-triggered:
Policy Name
Vlan Name
Port Rule Name Last Value OP Threshold TCNT Sec
================================================================================
clearFlow
*
2:26 rule-count 9130377
> 100
2
25
clearFlow
*
2:26 rule-delta 99742
> 1000
2
25
clearFlow
Default
*
rule-count 37069465
> 100
2
25
clearFlow
Default
*
rule-delta 403026
> 1000
2
25
================================================================================
Total Entries: 4
Notation:
TCNT - Number of times expression is continously evaluated to be true
Sec - Number of seconds elapsed from last sampled data
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available only on the BlackDiamond 10K switch.
ExtremeWare XOS 11.1 Command Reference Guide
678
15 EAPS Commands
This chapter describes commands for configuring and monitoring Ethernet Automatic Protection
Switching (EAPS).
The EAPS protocol provides fast protection switching to layer 2 switches interconnected in an Ethernet
ring topology, such as a metropolitan area network (MAN) or large campuses. EAPS protection
switching is similar to what can be achieved with the Spanning Tree Protocol (STP), but offers the
advantage of converging in less than a second when a link in the ring breaks.
EAPS operates by declaring an EAPS domain on a single ring. Any VLAN that warrants fault protection
is configured on all ring ports in the ring, and is then assigned to an EAPS domain. On that ring
domain, one switch, or node, is designated the master node, while all other nodes are designated as
transit nodes.
One port of the master node is designated the master node’s primary port (P) to the ring; another port is
designated as the master node’s secondary port (S) to the ring. In normal operation, the master node
blocks the secondary port for all non-control traffic belonging to this EAPS domain. If the master node
detects a break in the ring, it unblocks its secondary port and allows data traffic to be transmitted and
received through it.
EAPS fault detection on a ring is based on a single control VLAN per EAPS domain. This EAPS domain
provides protection to one or more data-carrying VLANs called protected VLANs. The control VLAN is
used only to send and receive EAPS messages; the protected VLANs carry the actual data traffic. As
long as the ring is complete, the EAPS master node blocks the protected VLANs from accessing its
secondary port.
A master node detects a ring fault in any of three ways:
●
“Link down” message sent by a transit node on the control VLAN
●
Ring port down event from lower hardware layers
●
Failed response to a periodic health-check packet on the control VLAN
When the master node detects a failure, it declares a “failed” state and opens its logically blocked
secondary port on all the protected VLANs. The master node also flushes its forwarding database (FDB)
and sends a message on the control VLAN to all of its associated transit nodes to flush their forwarding
databases.
To take advantage of the Spatial Reuse technology and broaden the use of the ring’s bandwidth, EAPS
supports multiple EAPS domains running on the ring at the same time.
Licensing
You must have a Core or Advanced Core license to configure and use all of the Ethernet Automatic
Protection Switching (EAPS) features described in this chapter.
The BlackDiamond 10K switch with an MSM-1 module or an MSM1-XL module, ships with a Core or
Advance Core license, respectively.
ExtremeWare XOS 11.1 Command Reference Guide
679
EAPS Commands
The Aspen 8810 switch ships with an Advanced Edge license. To use the complete EAPS functionality,
including running two or more EAPS rings, having a switch belonging to multiple EAPS rings, or
configuring shared-ports that allow multiple EAPS domains to share a common link, you must have a
Core software license.
For more information about software licensing, including how to obtain and upgrade your license, see
Chapter 1, “ExtremeWare XOS Overview” in the ExtremeWare XOS Concepts Guide.
ExtremeWare XOS 11.1 Command Reference Guide
680
configure eaps add control vlan
configure eaps add control vlan
configure eaps <name> add control vlan <vlan_name>
Description
Adds the specified control VLAN to the specified EAPS domain.
Syntax Description
name
Specifies the name of an EAPS domain.
vlan_name
Specifies the name of the control VLAN.
Default
N/A.
Usage Guidelines
You must configure one control VLAN for each EAPS domain. The control VLAN is used only to send
and receive EAPS messages.
The VLAN that will act as the control VLAN must be configured as follows:
●
The VLAN must NOT be assigned an IP address, to avoid loops in the network.
●
Only ring ports may be added as members of the control VLAN.
●
The ring ports of the control VLAN must be tagged.
NOTE
Extreme Networks recommends assigning the control VLAN a QoS profile of Qp8 with the QoS profile priority setting
of HighHi to ensure that EAPS control VLAN traffic is serviced prior to other traffic and reaches its intended
destination.
A control VLAN cannot belong to more than one EAPS domain. When the EAPS domain is active, you
cannot delete or modify the configuration of the control VLAN.
Example
The following command adds the control VLAN “keys” to the EAPS domain “eaps_1.”
configure eaps eaps_1 add control vlan keys
History
This command was first available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
681
EAPS Commands
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
682
configure eaps add protect vlan
configure eaps add protect vlan
configure eaps <name> add protect vlan <vlan_name>
Description
Adds the specified protected VLAN to the specified EAPS domain.
Syntax Description
name
Specifies the name of an EAPS domain.
vlan_name
Specifies the name of the protected VLAN.
Default
N/A.
Usage Guidelines
You must configure one or more protected VLANs for each EAPS domain. The protected VLANs are the
data-carrying VLANs.
A protected VLAN can be added to one or more EAPS domains.
When you configure the VLAN that will act as a protected VLAN, the ring ports of the protected VLAN
must be tagged (except in the case of the default VLAN). As long as the ring is complete, the master
node blocks the protected VLANs on its secondary port.
Example
The following command adds the protected VLAN “orchid” to the EAPS domain “eaps_1”:
configure eaps eaps_1 add protect vlan orchid
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
683
EAPS Commands
configure eaps delete control vlan
configure eaps <name> delete control vlan <vlan_name>
Description
Deletes the specified control VLAN from the specified EAPS domain.
Syntax Description
name
Specifies the name of an EAPS domain.
vlan_name
Specifies the name of the control VLAN.
Default
N/A.
Usage Guidelines
None.
Example
The following command deletes the control VLAN “keys” from the EAPS domain “eaps_1”:
configure eaps eaps_1 delete control vlan keys
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
684
configure eaps delete protect vlan
configure eaps delete protect vlan
configure eaps <name> delete protect vlan <vlan_name>
Description
Deletes the specified protected VLAN from the specified EAPS domain.
Syntax Description
name
Specifies the name of an EAPS domain.
vlan_name
Specifies the name of the protected VLAN.
Default
N/A.
Usage Guidelines
None.
Example
The following command deletes the protected VLAN “orchid” from the EAPS domain “eaps_1”:
configure eaps eaps_1 delete protect vlan orchid
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
685
EAPS Commands
configure eaps failtime
configure eaps <name> failtime <seconds>
Description
Configures the value of the failtimer the master node uses for EAPS health-check packets.
Syntax Description
name
Specifies the name of an EAPS domain.
seconds
Specifies the number of seconds the master node waits to receive a healthcheck packet before the failtimer expires. Default is 3 seconds, and the range
is 2 to 300 seconds.
Default
The default is 3 seconds.
Usage Guidelines
Use the failtime keyword and its associated seconds parameter to specify the amount of time the
master node waits before the failtimer expires. The seconds parameter must be set greater than the
configured value for hellotime. The default value is three seconds.
Increasing the failtime value provides more protection by waiting longer to receive a health-check
packet when the network is congested.
NOTE
You configure the action taken when the failtimer expires by using the configure eaps failtime expiryaction command.
In ExtremeWare XOS 11.0, the failtimer range was 2 to 60 seconds.
Example
The following command configures the failtimer value for the EAPS domain “eaps_1” to 15 seconds:
configure eaps eaps_1 failtime 15
History
This command was first available in ExtremeWare XOS 11.0.
The range for the failtimer was changed to 2 to 300 seconds in ExtremeWare XOS 11.1. The default value
for the failtimer remains unchanged.
ExtremeWare XOS 11.1 Command Reference Guide
686
configure eaps failtime
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
687
EAPS Commands
configure eaps failtime expiry-action
configure eaps <name> failtime expiry-action [open-secondary-port | sendalert]
Description
Configures the action taken when the failtimer expires.
Syntax Description
name
Specifies the name of an EAPS domain.
open-secondary-port
Specifies to open the secondary port when the failtimer expires.
send-alert
Specifies that a critical message is sent to the syslog when the failtimer
expires.
Default
Default is send-alert.
Usage Guidelines
By default the action is to send an alert if the failtimer expires. Instead of going into a “Failed” state, the
master node remains in a “Complete” or “Init” state, maintains the secondary port blocking, and writes
a critical error message to syslog warning the user that there is a fault in the ring. An SNMP trap is also
sent.
If the EAPS ring contains non-EAPS devices, you must use the open-secondary-port parameter.
NOTE
Use caution when setting the failtimer expiry action to open-secondary port. Using this configuration, if the
master node loses three consecutive hello protocol data units (PDUs), the failtimer will expire—but there may not be
a break in the ring. Opening the secondary port in this situation would create a loop.
Example
The following command configures the failtimer expiry action for EAPS domain “eaps_1”:
configure eaps eaps_1 failtime expiry-action open-secondary-port
History
This command was first available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
688
configure eaps failtime expiry-action
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
689
EAPS Commands
configure eaps fast-convergence
configure eaps fast-convergence [off | on]
Description
Enables EAPS to converge more quickly.
Syntax Description
off
Turns fast-convergence off. Default is off.
on
Turns fast-convergence on.
Default
Default is off.
Usage Guidelines
This command acts on the switch, not per domain.
In certain environments to keep packet loss to a minimum when the ring is broken, configure EAPS
with fast-convergence turned on. If fast convergence is turned on, it will be displayed under the show
eaps command. For example:
show eaps
EAPS Enabled: No
EAPS Fast-Convergence: Off
Number of EAPS instances: 0
# EAPS domain configuration :
-------------------------------------------------------------------------------Domain
State
Mo En Pri
Sec
Control-Vlan VID
Count
--------------------------------------------------------------------------------
NOTE
If fast-convergence is turned on, the link filters on all EAPS ring ports are turned off. This can result problems if the
port’s hardware encountered a problem and started “flapping” between link-up/link-down states.
Example
The following command configures fast convergence for EAPS domain “eaps_1”:
configure eaps fast-convergence on
ExtremeWare XOS 11.1 Command Reference Guide
690
configure eaps fast-convergence
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
691
EAPS Commands
configure eaps hellotime
configure eaps <name> hellotime <seconds>
Description
Configures the value of the hello timer the master node uses for the EAPS health-check packet.
Syntax Description
name
Specifies the name of an EAPS domain.
seconds
Specifies the number of seconds to wait between transmission of the healthcheck packets on the control VLAN. Must be greater than 0; default is 1
second, and the range is 1 to 59 seconds.
Default
Default is 1 second.
Usage Guidelines
Use the hellotime keyword and its associated seconds parameter to specify the amount of time the
master node waits between transmissions of health-check packets on the control VLAN. Increasing the
hellotime value keeps the processor from sending and processing too many health-check packets.
This command applies only to the master node. If you configure the polling timers for a transit node,
those values are ignored. If you later reconfigure that transit node as the master node, the polling timer
values is used as the current values.
If you are running ExtremeWare XOS 11.0 with the hello timer value greater than 15 seconds and you
upgrade to ExtremeWare XOS 11.1 or later, you must modify the hello timer to be within the 1 to 15
seconds range.
Example
The following command configures the hellotime value for the EAPS domain “eaps_1” to 2 seconds:
configure eaps eaps_1 hellotime 2
History
This command was first available in ExtremeWare XOS 11.0.
The range for the hello timer was changed to 1 to 15 seconds in ExtremeWare XOS 11.1. The default
value for the hello timer remains unchanged.
ExtremeWare XOS 11.1 Command Reference Guide
692
configure eaps hellotime
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
693
EAPS Commands
configure eaps mode
configure eaps <name> mode [master | transit]
Description
Configures the switch as either the EAPS master node or as an EAPS transit node for the specified
domain.
Syntax Description
name
Specifies the name of an EAPS domain.
master
Specifies that this switch should be the master node for the named EAPS
domain.
transit
Specifies that this switch should be the transit node for the named EAPS
domain.
Default
N/A.
Usage Guidelines
None.
Example
The following command identifies this switch as the master node for the domain named eaps_1:
configure eaps eaps_1 mode master
The following command identifies this switch as a transit node for the domain named eaps_1:
configure eaps eaps_1 mode transit
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
694
configure eaps name
configure eaps name
configure eaps <old_name> name <new_name>
Description
Renames an existing EAPS domain.
Syntax Description
old_name
Specifies the current name of an EAPS domain.
new_name
Specifies a new name for the EAPS domain.
Default
N/A.
Usage Guidelines
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks
recommends that you specify the identifying keyword as well as the actual name. If you do not use the
keyword, the system may return an error message.
Example
The following command renames EAPS domain “eaps-1” to “eaps-5”:
configure eaps eaps-1 name eaps-5
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
695
EAPS Commands
configure eaps port
configure eaps <name> [primary | secondary] port <ports>
Description
Configures a node port as the primary or secondary port for the specified EAPS domain.
Syntax Description
name
Specifies the name of an EAPS domain.
primary
Specifies that the port is to be configured as the primary port.
secondary
Specifies that the port is to be configured as the secondary port.
ports
Specifies the slot and port number or list of slot and port numbers.
Default
N/A.
Usage Guidelines
Each node on the ring connects through two ring ports. One port must be configured as the primary
port; the other must be configured as the secondary port.
The primary and secondary ports have significance only on a master node. The health-check messages
are sent out the primary port of the master node, and the master node blocks the protected VLANs on
the secondary port.
You cannot use the same port for the master node’s secondary port and the shared-port. The master
node’s secondary port must be different from the shared-port.
There is no distinction between the primary and secondary ports on a transit node.
Beginning with ExtremeWare XOS 11.1, if you have a primary or secondary port that is a member of a
load-shared group, you do not need to disable your EAPS domain and remove that ring port when
modifying the load-shared group. For more information about configuring load sharing on your switch,
see Chapter 5, “Configuring Slots and Ports on a Switch,” in the ExtremeWare XOS Concepts Guide.
You must have a Core or Advanced Core license to configure multiple EAPS domains with different
ring ports.
Example
The following command adds port 1 of the module installed in slot 8 to the EAPS domain “eaps_1” as
the primary port:
configure eaps eaps_1 primary port 8:1
ExtremeWare XOS 11.1 Command Reference Guide
696
configure eaps port
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
697
EAPS Commands
configure eaps shared-port link-id
configure eaps shared-port <ports> link-id <id>
Description
Configures the link ID of the shared port.
Syntax Description
ports
Specifies the port number of the common link port.
id
Specifies the link ID of the port.
Default
N/A.
Usage Guidelines
Each common link in the EAPS network must have a unique link ID. The controller and partner shared
ports belonging to the same common link must have matching link IDs. No other instance in the
network should have that link ID.
Example
The following command configures the EAPS shared port 1:1 to have a link ID of 1.
configure eaps shared-port 1:1 link-id 1
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms with a Core or Advanced Core license.
ExtremeWare XOS 11.1 Command Reference Guide
698
configure eaps shared-port mode
configure eaps shared-port mode
configure eaps shared-port <ports> mode <controller | partner>
Description
Configures the mode of the shared port.
Syntax Description
ports
Specifies the port number of the shared port.
controller
Specifies the controller mode. The controller is the end of the common link
responsible for blocking ports when the common link fails thereby preventing
the superloop.
partner
Specifies partner mode. The partner is responsible only for sending and
receiving health-check messages.
Default
N/A.
Usage Guidelines
The shared port on one end of the common link must be configured to be the controller. This is the end
responsible for blocking ports when the common link fails thereby preventing the superloop.
The shared port on the other end of the common link must be configured to be the partner. This end
does not participate in any form of blocking. It is responsible only for sending and receiving healthcheck messages.
Example
The following command configures the shared port 1:1 to be the controller.
configure eaps shared-port 1:1 mode controller
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms with a Core or Advanced Core license.
ExtremeWare XOS 11.1 Command Reference Guide
699
EAPS Commands
configure eaps shared-port segment-timeout expiryaction
configure eaps shared-port <ports> segment-timeout expiry-action [segmentdown | send-alert]
Description
Configures the action taken when a segment is down.
Syntax Description
ports
Specifies a partner or controller shared port.
segment-down
Specifies the behavior of the partner or controller switch. If either switch does
not receive health check messages during the defined segment timeout, the
switch marks the segment as down.
send-alert
Specifies the behavior of the partner or controller switch. If either switch does
not receive health check messages during the defined segment timeout, the
switch keeps the segment in the up state, with its failed flag set, and sends a
warning message to the log.
Default
Default is send-alert.
Usage Guidelines
By default, the action is to send an alert if the failtimer expires. Instead of the segment going into a
failed state and being marked as segment down, the segment remains in a segment up state with the
failed flag set. The switch writes a critical error message to the syslog warning the user that there is a
fault in the segment. An SNMP trap is also sent.
If the EAPS segment contains non-EAPS devices, you must use the segment-down parameter.
NOTE
Use caution when setting the segment-timeout expiry action to segment-down. Using this configuration, if the
controller or partner node loses three consecutive hello PDUs, the failtimer will expire—but there may not be a break
in the segment. Opening a blocked port in this situation would create a loop.
The following describes some general recommendations for using this command:
●
When you configure your Extreme Networks switches as the partner and controller, respectively,
make sure that their segment timer configurations are identical.
For example, if you have a partner switch with the segment-timeout expiry action set to send-alert,
make sure the controller switch has its segment-timeout expiry action set to send-alert.
ExtremeWare XOS 11.1 Command Reference Guide
700
configure eaps shared-port segment-timeout expiry-action
However, if you have a partner switch with the segment-timeout expiry action set to send-alert,
and the controller switch does not have a segment timer configuration, you must configure the
partner switch’s segment-timeout expiry action to segment-down.
●
If you have a network containing non-Extreme Networks switches, set the segment-timeout expiry
action to segment-down.
The following events may cause a ring segment failure:
●
There is a hardware failure.
●
The controller or partner received a Link Down message from the partner or controller, respectively.
●
The segment timer expires and the expiry action was set to segment down. This means that either
the controller or partner did not receive health check messages during the defined segment timeout.
To view shared-port information, including shared-port segment status, use the show eaps sharedport {<port>} {detail} command.
Example
The following example makes the following assumptions:
●
The controller switch is an Extreme Networks switch running ExtremeWare XOS 11.1
●
The partner switch is an Extreme Networks switch running ExtremeWare 7.3
The following command configures the controller to keep the segment down if the segment-timeout
expires:
configure eaps shared-port 3:3 segment-timeout expiry-action segment-down
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms with a Core or Advanced Core license.
ExtremeWare XOS 11.1 Command Reference Guide
701
EAPS Commands
create eaps
create eaps <name>
Description
Creates an EAPS domain with the specified name.
Syntax Description
name
Specifies the name of an EAPS domain to be created. May be up to 32
characters in length.
Default
N/A.
Usage Guidelines
The name parameter is a character string of up to 32 characters that identifies the EAPS domain to be
created.
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks
recommends that you specify the identifying keyword as well as the actual name. If you do not use the
keyword, the system may return an error message.
Example
The following command creates EAPS domain eaps_1:
create eaps eaps_1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
702
create eaps shared-port
create eaps shared-port
create eaps shared-port <ports>
Description
Creates an EAPS shared port on the switch.
Syntax Description
ports
Specifies the port number of the common link port.
Default
N/A.
Usage Guidelines
To configure a common link, you must create a shared port on each switch on either end of the common
link.
Example
The following command creates a shared port on the EAPS domain.
create eaps shared-port 1:2
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms with a Core or Advanced Core license.
ExtremeWare XOS 11.1 Command Reference Guide
703
EAPS Commands
delete eaps
delete eaps <name>
Description
Deletes the EAPS domain with the specified name.
Syntax Description
name
Specifies the name of an EAPS domain to be deleted.
Default
N/A.
Usage Guidelines
None.
Example
The following command deletes EAPS domain eaps_1:
delete eaps eaps_1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
704
delete eaps shared-port
delete eaps shared-port
delete eaps shared-port <ports>
Description
Deletes an EAPS shared port on a switch.
Syntax Description
ports
Specifies the port number of the Common Link port.
Default
N/A.
Usage Guidelines
None.
Example
The following command deletes shared port 1:1.
delete eaps shared-port 1:1
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms with a Core or Advanced Core license.
ExtremeWare XOS 11.1 Command Reference Guide
705
EAPS Commands
disable eaps
disable eaps {<name>}
Description
Disables the EAPS function for a named domain or for an entire switch.
Syntax Description
name
Specifies the name of an EAPS domain.
Default
Disabled for the entire switch.
Usage Guidelines
None.
Example
The following command disables the EAPS function for entire switch:
disable eaps
The following command disables the EAPS function for the domain “eaps-1”:
disable eaps eaps-1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
706
enable eaps
enable eaps
enable eaps {<name>}
Description
Enables the EAPS function for a named domain or for an entire switch.
Syntax Description
name
Specifies the name of an EAPS domain.
Default
Disabled.
Default command enables EAPS for the entire switch.
Usage Guidelines
NOTE
If you use the same name across categories (for example, STPD and EAPS names), you must specify the identifying
keyword as well as the actual name.
To configure and enable an EAPS, complete the following steps:
1 Create EAPS domain and assign the name.
2 Configure the control VLAN.
3 Configure the protected VLAN(s).
4 Add the control VLAN to EAPS domain.
5 Add the protected VLAN(s) to EAPS domain.
6 Configure EAPS mode, master or transit.
7 Configure EAPS port, secondary and primary.
8 If desired, configure timeout and action for failtimer expiration*.
9 If desired, configure the hello time for the health-check packets*.
10 Enable EAPS for the entire switch.
11 If desired, enable Fast Convergence*.
12 Enable EAPS for the specified domain.
Although you can enable EAPS prior to configuring these steps, the EAPS domain(s) will not run until
you configure these parameters. (The steps with * can be configured at any time, even after the EAPS
domains are running.)
You must enable EAPS globally and specifically for each named EAPS domain.
ExtremeWare XOS 11.1 Command Reference Guide
707
EAPS Commands
Example
The following command enables the EAPS function for entire switch:
enable eaps
The following command enables the EAPS function for the domain “eaps-1”:
enable eaps eaps-1
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
708
show eaps
show eaps
show eaps {<eapsDomain>} {detail}
Description
Displays EAPS status information.
Syntax Description
eapsDomain
Specifies the name of an EAPS domain.
detail
Specifies all available detail for each domain.
Default
N/A.
Usage Guidelines
If you enter the show eaps command without a keyword, the command displays less than with the
detail keyword.
Use the optional domain eapsDomain parameter to display status information for a specific EAPS
domain.
Some state values are different on a transit node than on a master node.
The fields displayed are as follows:
EAPS Enabled:
Current state of EAPS on this switch:
• Yes—EAPS is enabled on the switch.
• No—EAPS is not enabled.
EAPS Fast Convergence:
Displays only when Fast Convergence is on.
Number of EAPS instances:
Number of EAPS domains created. The maximum number of EAPS domains
per switch is 128.
Name:
The configured name for this EAPS domain.
ExtremeWare XOS 11.1 Command Reference Guide
709
EAPS Commands
State:
On a transit node, the command displays one of the following states:
• Idle—The EAPS domain has been enabled, but the configuration is not
complete.
• Links-Up—This EAPS domain is running, and both its ports are up and in
the FORWARDING state.
• Links-Down—This EAPS domain is running, but one or both of its ports are
down.
• Preforwarding—This EAPS domain is running, and both of its ports are up,
but one of them is in a temporary BLOCKED state.
On a master node, the command displays one of the following states:
• Idle—The EAPS domain has been enabled, but the configuration is not
complete.
• Init—The EAPS domain has started but has not yet determined the status
of the ring. The secondary port is in a BLOCKED state.
• Complete—The ring is in the COMPLETE state for this EAPS domain.
• Failed—There is a break in the ring for this EAPS domain.
• Pre-Init—The EAPS domain has started operation for Init state and has sent
a request to lower hardware layers to block the secondary port. It is in
transient state waiting for acknowledgement from hardware layer indicating
the operation is completed.
• Pre-Complete—The EAPS domain has started operation for Complete state
and has sent a request to lower hardware layers to block the secondary port.
It is in transient state waiting for acknowledgement from the hardware layer
indicating the operation is completed.
• [Failtimer Expired]—When the failtimer expires and it’s action is set to
send-alert, this flag is set. This flag indicates there is a misconfiguration or
hardware problem in the EAPS ring. The EAPS master node will continue to
remain in COMPLETE or INIT state with it’s secondary port blocking.
[Running: …]
• Yes—This EAPS domain is running.
• No—This EAPS domain is not running.
Enabled:
Indicates whether EAPS is enabled on this domain.
• Y—EAPS is enabled on this domain.
• N—EAPS is not enabled.
Mode:
The configured EAPS mode for this switch: transit (T) or master (M).
Primary/Secondary port:
The port numbers assigned as the EAPS primary and secondary ports. On the
master node, the port distinction indicates which port is blocked to avoid a
loop.
Port status:
• Unknown—This EAPS domain is not running, so the port status has not yet
been determined.
• Up—The port is up and is forwarding data.
• Down—The port is down.
• Blocked—The port is up, but data is blocked from being forwarded.
Tag status:
Tagged status of the control VLAN:
• Tagged—The control VLAN has this port assigned to it, and the port is
tagged in the VLAN.
• Untagged—The control VLAN has this port assigned to it, but the port is
untagged in the control VLAN.
• Undetermined—Either a VLAN has not been added as the control VLAN to
this EAPS domain or this port has not been added to the control VLAN.
ExtremeWare XOS 11.1 Command Reference Guide
710
show eaps
Hello Timer interval:
The configured value of the timer in seconds, specifying the time that the
master node waits between transmissions of health check packets.
Fail Timer interval:
The configured value of the timer in seconds, specifying the time that the
master node waits before the failtimer expires.
Failtimer expiry action:
Displays the action taken when the failtimer expires:
• Send-alert—Sends a critical message to the syslog when the failtimer
expires.
• Open-secondary-port—Opens the secondary port when the failtimer expires.
Displays only for master nodes.
Preforwarding Timer interval:
1
The configured value of the timer. This value is set internally by the EAPS
software.
Last update:
Displayed only for transit nodes; indicates the last time the transit node
received a hello packet from the master node (identified by its MAC address).
EAPS Domain has … Controller
Vlans:
Lists the assigned name and ID of the control VLAN.
EAPS Domain has … Protected
Vlans:2
Lists the assigned names and VLAN IDs of all the protected VLANs configured
on this EAPS domain.
Number of Protected Vlans:
The count of protected VLANs configured on this EAPS domain.
1. These fields apply only to transit nodes; they are not displayed for a master node.
2. This list is displayed when you use the detail keyword in the show eaps command.
Example
The following display shows sample output for the command show eaps:
EAPS Enabled: Yes
EAPS Fast-Convergence: Off
Number of EAPS instances: 2
# EAPS domain configuration :
-------------------------------------------------------------------------------Domain
State
Mo En Pri
Sec
Control-Vlan VID
Count
-------------------------------------------------------------------------------d1
Complete
M
Y
3:8
3:16 c1
(1000) 100
d2
Links-Up
T
Y
3:8
3:16 c2
(1001) 100
--------------------------------------------------------------------------------
The following display shows sample output for the command show eaps <eapsDomain>:
Name: d1
State: Complete
Running: Yes
Enabled: Yes
Mode: Master
Primary port:
3:8
Port status: Up Tag status: Tagged
Secondary port: 3:16
Port status: Blocked
Tag status: Tagged
Hello timer interval: 1 sec
Fail timer interval: 3 sec
Fail Timer expiry action: Send alert
Last update: From Master Id 00:01:30:f9:9c:b0, at Wed Jun 9 09:09:35 2004
EAPS Domain has following Controller Vlan:
Vlan Name
VID
c1
1000
EAPS Domain has following Protected Vlan(s):
Vlan Name
VID
p_1
1
p_2
2
ExtremeWare XOS 11.1 Command Reference Guide
711
EAPS Commands
p_3
p_4
p_5
p_6
p_7
p_8
p_9
p_10
p_11
p_12
p_13
p_14
p_15
p_16
p_17
p_18
p_19
p_20
p_21
p_22
p_23
p_24
p_25
p_26
p_27
p_28
p_29
p_30
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
NOTE
You may see a slightly different display, depending on whether you display the master node or the transit node.
The display from the show eaps detail command shows all the information shown in the show eaps
<eapsDomain> command, but displays information for all configured EAPS domains.
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
712
show eaps shared-port
show eaps shared-port
show eaps shared-port {<port>} {detail}
Description
Displays shared-port information for one or more EAPS domains.
Syntax Description
port
Specifies a shared-port.
detail
Specifies to display the status of all segments and VLANs.
Default
N/A.
Usage Guidelines
If you enter the show eaps shared-port command without the detail keyword, the command
displays a summary of status information for all configured EAPS shared ports.
If you specify an EAPS shared-port, the command displays information about that specific port.
Otherwise, the command displays information about all of the shared-ports configured on the switch.
You can use the detail keyword to display more detailed status information about the segments and
VLANs associated with each shared port.
The following table describes the significant fields and values in the display output of the show eaps
shared-port {<port>} {detail} commands:
Field
Description
Shared Port
Displays the port number of the shared port.
Mode
Indicates whether the switch on either end of the common link is a
controller or partner. The mode is configured by the user.
Link ID
The link ID is the unique common link identifier configured by the
user.
Up
Displays one of the following:
• Yes—Indicates that the link ID and the mode are configured.
• No—Indicates that the link ID or the mode is not configured.
ExtremeWare XOS 11.1 Command Reference Guide
713
EAPS Commands
Field
Description
State
Displays one of the following states:
• Idle—Shared-port instance is not running.
• Ready—The EAPS shared-port instance is running, the neighbor
can be reached, and the common link is up.
• Blocking—The EAPS shared-port instance is running, the neighbor
cannot be reached, or the common link is down.
• Preforwarding—The EAPS shared-port instance is in a blocking
state, and the common link came up. To prevent a superloop, a
temporary blocking state is created before going into Ready state.
Domain Count
Indicates the number of EAPS domains sharing the common link.
VLAN Count
Indicates the total number of VLANs that are protected under the
EAPS domains sharing this common link.
Nbr
• Yes—Indicates that the EAPS instance on the other end of the
common link is configured with matching link ID and opposite
modes. For example, if one end of the common link is configured
as a controller, the other end must be configured as a partner.
• Err—Indicates that the EAPS instance on the other end of the
common link is configured with a matching link ID, but the modes
are configured the same. For example, both modes are configured
as controller, or both modes are configured as partner.
• No—The neighbor on the other end of the common link cannot be
reached. Indicates one or more of the following:
- The switch on the other end of the common link is not running.
- The shared port has not been created.
- The link IDs on each side of the common link do not match.
- The common link, and any other segment, between the controller
and partner are not fully connected.
RB State
• None—This EAPS shared-port is not the “root blocker.”
• Active—This EAPS shared-port is the “root blocker” and is
currently active.
• Inactive—This EAPS shared-port is the “root blocker” but is
currently inactive.
RB ID
The ID of the root blocker. If the value is none, there are not two or
more common-link failures.
Active Open (available with the
detail keyword)
• None—Indicates that there is no Active-Open port on the VLAN.
Segment Timer expiry action
• Segment down—Specifies that if the controller or partner switch
detect a down segment, that segment stays down and a query is
not sent through the ring. The switch marks the segment status as
"Down."
• Port #—Indicates the port that is Active-Open and is in a
forwarding state.
• Send alert—Specifies that if the controller or partner switch detect
a down segment, that switch keeps the segment up and sends a
warning message to the log (default). The switch sends a trap alert
and sets the failed flag [F].
Segment Port (available with the
detail keyword or by specifying a
shared port)
ExtremeWare XOS 11.1 Command Reference Guide
The segment port is the other ring port of an EAPS domain that is not
the shared-port.
714
show eaps shared-port
Field
Description
Status (available with the detail
keyword or by specifying a shared port)
• Up—There is connectivity to the neighboring EAPS shared-port via
this port.
• Down—There is a break in the path to the neighboring EAPS
shared-port via this port.
• Blocking-Up—The path is Up, but due to the "root blocker" being
in the Active state, this port is blocked to prevent a loop.
• Blocking-Down—The path is Down, but due to the "root blocker"
being in the Active state, this port is blocked to prevent a loop.
• [F]—The segment timer has expired but has not received an
explicit link-down notification. The port remains in the Up state,
with the timer expired flag set to True.
EAPS Domain (available with the
detail keyword or by specifying a
shared port)
The EAPS domain having the segment port as one of its ring ports.
Vlan-port count (available with the
detail keyword or by specifying a
shared port)
The total number of VLANs being protected under this segment port.
Adjacent Blocking Id (available with
the detail keyword or by specifying a
shared port)
• None—The neighbor on this port is not reporting a Controller in the
Blocking state.
Segment RB Id (available with the
detail keyword or by specifying a
shared port)
• None—The neighbor on this port is not aware of a "root blocker" in
the network.
Vlan (available with the detail
keyword or by specifying a shared port)
Displays a list of VLANs protected by the segment port.
Virtual-port Status (available with the
detail keyword or by specifying a
shared port)
This information appears for the Controller, when it is in either the
Blocking or Preforwarding state.
• <Link-Id>—The neighbor on this port is a controller in the Blocking
state with a link ID of <Link-Id>.
• <RB-Id>—The neighbor on this port has determined that there is a
"root blocker" in the network with a link ID of <RB-Id>.
• Active-Open—This VLAN or port is in the Forwarding state and has
connectivity to the neighboring EAPS shared port via this port.
• Open—This VLAN or port is in the Forwarding state but does not
have connectivity to the neighboring EAPS shared port via this port.
• Blocked—This VLAN or port is in the Blocking state to prevent a
loop in the network.
• Down—This port’s link is down.
• Active—At this moment, this VLAN or port is not being handled by
EAPS shared port. Rather, this VLAN or port is being handled by
the regular EAPS protocol.
Example
The following command displays shared-port information for an EAPS shared port instance configured
as a partner while it is in the ready state:
show eaps shared-port
EAPS shared-port count: 1
-------------------------------------------------------------------------------Link
Domain Vlan
RB
RB
Shared-port Mode
Id
Up State
count count Nbr State
Id
ExtremeWare XOS 11.1 Command Reference Guide
715
EAPS Commands
-------------------------------------------------------------------------------8:1
Partner
1
Y Ready
2
1
Yes None
None
Segment Timer expiry action: Send alert
--------------------------------------------------------------------------------
The following command displays shared-port information for an EAPS shared port instance configured
as a controller while it is in the ready state:
EAPS shared-port count: 1
-------------------------------------------------------------------------------Link
Domain Vlan
RB
RB
Shared-port Mode
Id
Up State
count count Nbr State
Id
-------------------------------------------------------------------------------10:1
Controller 1
Y Ready
2
1
Yes None
None
Segment Timer expiry action: Send alert
--------------------------------------------------------------------------------
The following command displays information for an EAPS shared port instance configured as a
controller while in the blocking state, with the detail option specified:
show eaps shared-port detail
EAPS shared-port count: 1
-------------------------------------------------------------------------------Link
Domain Vlan
RB
RB
Shared-port Mode
Id
Up State
count count Nbr State
Id
-------------------------------------------------------------------------------4:1
Controller 10
Y Blocking
2
1
Yes Active
10
Segment Timer expiry action: Send alert
Segment Port: 5:7, Status: Blocking-Up
EAPS Domain:
d1
Vlan-port count:
1
Adjacent Blocking Id:
None
Segment RB Id:
None
Vlan
Virtual-port Status
p_1
Blocked
Segment Port: 2:11,
EAPS Domain:
Vlan-port count:
Adjacent Blocking Id:
Segment RB Id:
Vlan
p_1
Status: Down
d2
1
20
None
Virtual-port Status
Open
Vlan: p_1,
Vlan-port count: 2,
Active Open: None
Segment Port
Virtual-port Status
5:7
Blocked
2:11
Open
History
This command was first available in ExtremeWare XOS 11.1.
ExtremeWare XOS 11.1 Command Reference Guide
716
show eaps shared-port
Platform Availability
This command is available on all platforms with a Core or Advanced Core license.
ExtremeWare XOS 11.1 Command Reference Guide
717
EAPS Commands
show vlan eaps
show vlan <vlan_name> eaps
Description
Displays the EAPS configuration (control, partner, or not added to an EAPS domain) of a specific
VLAN.
Syntax Description
vlan_name
Specifies a VLAN name.
Default
N/A.
Usage Guidelines
Use this command to see if the specified VLAN is associated with an EAPS domain.
The output of this command displays whether the VLAN is a control or partner VLAN for an EAPS
domain. This command also displays if the VLAN is not a member of any EAPS domain.
If a VLAN is a partner VLAN for more than one EAPS domain, all of the EAPS domains that the VLAN
is a partner of appears in the output.
Example
The following command displays the EAPS configuration for the control VLAN orange in EAPS domain
eaps1:
show vlan orange eaps
The following is sample output from this command:
Vlan is Control in following EAPS domain:
eaps1
The following command displays the EAPS configuration for the protected VLAN purple in EAPS
domain eaps1:
show vlan purple eaps
The following is sample output from this command:
Vlan is Protected in following EAPS domain(s):
eaps1
ExtremeWare XOS 11.1 Command Reference Guide
718
show vlan eaps
The following command displays information about the VLAN default not participating in EAPS:
show vlan default eaps
The following is sample output from this command:
Vlan has not been added to any EAPS domain
History
This command was first available in ExtremeWare XOS 11.0
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
719
EAPS Commands
unconfigure eaps shared-port link-id
unconfigure eaps shared-port <ports> link-id
Description
Unconfigures an EAPS link ID on a shared port on the switch.
Syntax Description
ports
Specifies the port number of the Common Link port.
Default
N/A.
Usage Guidelines
None.
Example
The following command unconfigures the link ID on shared port 1:1.
unconfigure eaps shared-port 1:1 link-id
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms with a Core or Advanced Core license.
ExtremeWare XOS 11.1 Command Reference Guide
720
unconfigure eaps shared-port mode
unconfigure eaps shared-port mode
unconfigure eaps shared-port <ports> mode
Description
Unconfigures the EAPS shared port mode.
Syntax Description
ports
Specifies the port number of the Common Link port.
Default
N/A.
Usage Guidelines
None.
Example
The following command unconfigures the shared port mode on port 1:1.
unconfigure eaps shared-port 1:1 mode
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms with a Core or Advanced Core license.
ExtremeWare XOS 11.1 Command Reference Guide
721
EAPS Commands
unconfigure eaps port
unconfigure eaps <name> [primary | secondary] port
Description
Sets the specified port’s internal configuration state to INVALID.
Syntax Description
name
Specifies the name of an EAPS domain.
primary
Specifies that the primary port should be unconfigured.
secondary
Specifies that the secondary port should be unconfigured.
Default
N/A.
Usage Guidelines
Unconfiguring an EAPS port sets its internal configuration state to INVALID, which causes the port to
appear in the Idle state with a port status of Unknown when you use the show eaps detail command
to display the status information about the port.
Example
The following command unconfigures this node’s EAPS primary ring port on the domain eaps_1:
unconfig eaps eaps_1 primary port
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
722
16 STP Commands
This chapter describes commands for:
●
Creating, configuring, enabling, and disabling Spanning Tree Protocol (STP) on the switch
●
Enabling and disabling Rapid Spanning Tree Protocol (RSTP) on the switch
●
Displaying and resetting STP settings on the switch
The Spanning Tree Protocol (STP) is a bridge-based mechanism for providing fault tolerance on
networks. STP is a part of the 802.1D bridge specification defined by the IEEE Computer Society. To
explain STP in terms used by the 802.1D specification, the switch will be referred to as a bridge.
STP allows you to implement parallel paths for network traffic and ensure that redundant paths are:
●
Disabled when the main paths are operational.
●
Enabled if the main path fails.
The Rapid Spanning Tree Protocol (RSTP) IEEE 802.1w provides an enhanced spanning tree algorithm
that improves the convergence speed of bridged networks. RSTP takes advantage of point-to-point links
in the network and actively confirms that a port can safely transition to the forwarding state without
relying on any timer configurations. If a network topology change or failure occurs, RSTP rapidly
recovers network connectivity by confirming the change locally before propagating that change to other
devices across the network. For broadcast links, there is no difference in convergence time between STP
and RSTP.
RSTP supersedes legacy STP protocols, supports the existing STP parameters and configurations, and
allows for seamless interoperability with legacy STP.
NOTE
STP and Extreme Standby Router Protocol (ESRP) cannot be configured on the same Virtual LAN (VLAN)
simultaneously.
Spanning Tree Domains
The switch can be partitioned into multiple virtual bridges. Each virtual bridge can run an independent
Spanning Tree instance. Each Spanning Tree instance is called a Spanning Tree Domain (STPD). Each
STPD has its own root bridge and active path. After an STPD is created, one or more VLANs can be
assigned to it.
A port can belong to multiple STPDs. In addition, a VLAN can span multiple STPDs.
The key points to remember when configuring VLANs and STP are:
●
Each VLAN forms an independent broadcast domain.
●
STP blocks paths to create a loop-free environment.
●
Within any given STPD, all VLANs belonging to it use the same spanning tree.
ExtremeWare XOS 11.1 Command Reference Guide
723
STP Commands
Member VLANs
When you add a VLAN to an STPD, that VLAN becomes a member of the STPD. The two types of
member VLANs in an STPD are:
●
Carrier
●
Protected
Carrier VLAN. A carrier VLAN defines the scope of the STPD, which includes the physical and logical
ports that belong to the STPD and the 802.1Q tag used to transport Extreme Multiple Instance Spanning
Tree Protocol (EMISTP) or Per VLAN Spanning Tree (PVST+) encapsulated Bridge Protocol Data Units
(BPDUs). Only one carrier VLAN can exist in a given STPD, although some of its ports can be outside
the control of any STPD at the same time.
NOTE
The StpdID must be identical to the VLANid of the carrier VLAN in that STPD.
Protected VLAN. Protected VLANs are all other VLANs that are members of the STPD. These VLANs
“piggyback” on the carrier VLAN. Protected VLANs do not transmit or receive STP BPDUs, but they
are affected by STP state changes and inherit the state of the carrier VLAN. Protected VLANs can
participate in multiple STPD, but any particular port in the VLAN can belong to only one STPD. Also
known as non-carrier VLANs.
STPD Modes
An STPD has two modes of operation:
●
802.1D mode
Use this mode for backward compatibility with previous STP versions and for compatibility with
third-party switches using IEEE standard 802.1D. When configured in this mode, all rapid
configuration mechanisms are disabled.
●
802.1w mode
Use this mode for compatibility with Rapid Spanning Tree (RSTP). When configured in this mode,
all rapid configuration mechanisms are enabled. The benefit of this mode is available on point-topoint and edge ports only.
You enable or disable RSTP on a per STPD basis only. You do not enable RSTP on a per port basis.
By default, the:
●
STPD operates in 802.1D mode.
●
Default device configuration contains a single STPD called s0.
●
Default VLAN is a member of STPD s0 with autobind enabled.
All STP parameters default to the IEEE 802.1D values, as appropriate.
Encapsulation Modes
You can configure ports within an STPD to accept and transmit specific BPDU encapsulations. This STP
port encapsulation is separate from the STP mode of operation. For example, you can configure a port
to accept the PVST+ BPDU encapsulation while running in 802.1D mode.
ExtremeWare XOS 11.1 Command Reference Guide
724
An STP port has three possible encapsulation modes:
●
802.1D mode
This mode is used for backward compatibility with previous STP versions and for compatibility with
third-party switches using IEEE standard 802.1D. BPDUs are sent untagged in 802.1D mode. Because
of this, any given physical interface can have only one STPD running in 802.1D mode.
●
Extreme Multiple Instance Spanning Tree Protocol (EMISTP) mode
EMISTP mode is proprietary to Extreme Networks and is an extension of STP that allows a physical
port to belong to multiple STPDs by assigning the port to multiple VLANs. EMISTP adds significant
flexibility to STP network design. BPDUs are sent with an 802.1Q tag having an STPD instance
Identifier (StpdID) in the VLANid field.
●
Per VLAN Spanning Tree (PVST+) mode
This mode implements PVST+ in compatibility with third-party switches running this version of STP.
The STPDs running in this mode have a one-to-one relationship with VLANs, and send and process
packets in PVST+ format.
These encapsulation modes are for STP ports, not for physical ports. When a physical port belongs to
multiple STPDs, it is associated with multiple STP ports. It is possible for the physical port to run in
different modes for different domains to which it belongs.
STP Rules and Restrictions
This section summarizes the rules and restrictions for configuring STP as follows:
●
The carrier VLAN must span all ports of the STPD.
●
The StpdID must be the VLANid of the carrier VLAN; the carrier VLAN cannot be partitioned.
●
A default VLAN cannot be partitioned. If a VLAN traverses multiple STPDs, the VLAN must be
tagged.
●
An STPD can carry, at most, one VLAN running in PVST+ mode, and its StpdID must be identical
with that VLANid. In addition, the PVST+ VLAN cannot be partitioned.
●
The default VLAN of a PVST+ port must be identical with the native VLAN on the PVST+ device
connected to that port.
●
If an STPD contains both PVST+ and non-PVST+ ports, that STPD must be enabled. If that STPD is
disabled, the BPDUs are flooded in the format of the incoming STP port, which may be incompatible
with those of the connected devices.
●
The 802.1D ports must be untagged; and the EMISTP/PVST+ ports must be tagged in the carrier
VLAN.
●
An STPD with multiple VLANs must contain only VLANs that belong to the same virtual router
instance.
●
Automatically adding ports to an STPD (known as STP autobind) cannot be configured on a
Netlogin VLAN.
●
STP cannot be configured on the following ports:
■
A mirroring target port.
■
A software-controlled redundant port.
■
A Netlogin port.
ExtremeWare XOS 11.1 Command Reference Guide
725
STP Commands
clear counters stp
clear counters stp {[all | diagnostics | domains | ports]}
Description
Clears, resets all STP statistics and counters.
Syntax Description
all
Specifies all STP domain, port, and diagnostics counters.
diagnostics
Specifies STP diagnostics counters.
domains
Specifies STP domain counters.
ports
Specifies STP port counters.
Default
N/A.
Usage Guidelines
If you do not enter a parameter, the result is the same as specifying the all parameter: the counters for
all domains, ports, and diagnostics are reset.
Enter one of the following parameters to reset the STP counters on the switch:
●
all—Specifies the counters for all STPDs and ports, and clears all STP counters
●
diagnostics—Clears the internal diagnostic counters
●
domains—Clears the domain level counters
●
ports—Clears the counters for all ports and leaves the domain level counters
Viewing and maintaining statistics on a regular basis allows you to see how well your network is
performing. If you keep simple daily records, you will see trends emerging and notice problems arising
before they cause major network faults. By clearing the counters, you can see fresh statistics for the time
period that you are monitoring.
Example
The following command clears all of the STP domain, port, and diagnostic counters:
clear counters stp
History
This command was available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
726
clear counters stp
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
727
STP Commands
configure stpd add vlan
configure stpd <stpd_name> add vlan <vlan_name> ports [all | <port_list>]
{[dot1d | emistp | pvst-plus]}
Description
Adds all ports or a list of ports within a VLAN to a specified STPD.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
vlan_name
Specifies a VLAN name.
all
Specifies all of the ports in the VLAN to be included in the STPD.
port_list
Specifies the port or ports to be included in the STPD.
dot1d
Specifies the STP encapsulation mode of operation to be 802.1D.
emistp
Specifies the STP encapsulation mode of operation to be EMISTP.
pvst-plus
Specifies the STP encapsulation mode of operation to be PVST+.
Default
All ports are in emistp mode, except those in STPD s0, whose default setting is 802.1d mode.
Usage Guidelines
To create an STP domain, use the create stpd command. To create a VLAN, use the create vlan
command.
This command adds a list of ports within a VLAN to a specified STPD provided the carrier VLAN
already exists on the same set of ports. You can also specify the encapsulation mode for those ports.
You are cannot configure STP on the following ports:
●
A mirroring target port.
●
A software-controlled redundant port.
●
A Netlogin port.
If you see an error similar to the following:
Error: Cannot add VLAN default port 3:5 to STP domain
You might be attempting to add:
●
Another 802.1D mode STP port to a physical port that already contains an 802.1D mode STP port
(only one 802.1D encapsulation STP port can be configured on a particular STP port)
●
A carrier VLAN port to a different STP domain than the carrier VLAN belongs
●
A VLAN/port for which the carrier VLAN does not yet belong
ExtremeWare XOS 11.1 Command Reference Guide
728
configure stpd add vlan
NOTE
This restriction is only enforced in an active STP domain and when you enable STP to make sure you have a
legal STP configuration.
Care must be taken to ensure that ports in overlapping domains do not interfere with the orderly
working of each domain’s protocol.
By default, when the switch boots for the first time, it automatically creates a VLAN named default with
a tag value of 1 and STPD s0. The switch associates VLAN default to STPD s0. All ports that belong to
this VLAN and STPD are in 802.1D encapsulation mode with autobind enabled. If you disable autobind
on the VLAN default, that configuration is saved across a reboot.
Naming Conventions. If your STPD has the same name as another component, for example a VLAN,
Extreme Networks recommends that you specify the identifying keyword as well as the name. If your
STPD has a name unique only to that STPD, the keywords stpd and vlan are optional.
STP Encapsulations Modes. You can specify the following STP encapsulation modes:
●
dot1d—This mode is reserved for backward compatibility with previous STP versions. BPDUs are
sent untagged in 802.1D mode. Because of this, any given physical interface can have only one STPD
running in 802.1D mode.
●
emistp—This mode sends BPDUs with an 802.1Q tag having an StpdID in the VLANid field.
●
pvst-plus—This mode implements PVST+ in compatibility with third-party switches running this
version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs, and
send and process packets in PVST+ format.
NOTE
These encapsulation modes are for STP ports, not for physical ports. When a physical port belongs to multiple
STPDs, it is associated with multiple STP ports. It is possible for the physical port to run in different modes for
different domains for which it belongs.
STPD Identifier. An StpdID is used to identify each STP domain. You assign the StpdID when
configuring the domain. An StpdID must be identical to the VLANid of the carrier VLAN in that STPD
and that VLAN cannot belong to another STPD.
Example
Create a VLAN named marketing and an STPD named STPD1 as follows:
create vlan marketing
create stpd stpd1
The following command adds the VLAN named marketing to the STPD STPD1, and includes all the
ports of the VLAN in STPD1:
configure stpd stpd1 add vlan marketing ports all
History
This command was available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
729
STP Commands
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
730
configure stpd default-encapsulation
configure stpd default-encapsulation
configure stpd <stpd_name> default-encapsulation [dot1d | emistp | pvstplus]
Description
Configures the default encapsulation mode for all ports added to the specified STPD.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
dot1d
Specifies the STP encapsulation mode of operation to be 802.1d.
emistp
Specifies the STP encapsulation mode of operation to be EMISTP.
pvst-plus
Specifies the STP encapsulation mode of operation to be PVST+.
Default
All ports are in emistp mode, except those in STPD s0, whose default setting is 802.1d mode.
Usage Guidelines
Care must be taken to ensure that ports in overlapping domains do not interfere with the orderly
working of each domain’s protocol.
You are cannot configure STP on the following ports:
●
A mirroring target port.
●
A software-controlled redundant port.
●
A Netlogin port.
By default, when the switch boots for the first time, it automatically creates a VLAN named default with
a tag value of 1 and STPD s0. The switch associates VLAN default to STPD s0. All ports that belong to
this VLAN and STPD are in 802.1d encapsulation mode with autobind enabled. If you disable autobind
on the VLAN default, that configuration is saved across a reboot.
Naming Conventions. If your STPD has the same name as another component, for example a VLAN,
Extreme Networks recommends that you specify the identifying keyword as well as the name. If your
STPD has a name unique only to that STPD, the keyword stpd is optional.
STP Encapsulation Modes . You can specify the following STP encapsulation modes:
●
dot1d—This mode is reserved for backward compatibility with previous STP versions. BPDUs are
sent untagged in 802.1D mode. Because of this, any given physical interface can have only one STPD
running in 802.1D mode.
●
emistp—This mode sends BPDUs with an 802.1Q tag having an StpdID in the VLANid field.
●
pvst-plus—This mode implements PVST+ in compatibility with third-party switches running this
version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs and
send and process packets in PVST+ format.
ExtremeWare XOS 11.1 Command Reference Guide
731
STP Commands
NOTE
These encapsulation modes are for STP ports, not for physical ports. When a physical port belongs to multiple
STPDs, it is associated with multiple STP ports. It is possible for the physical port to run in different modes for
different domains for which it belongs.
STPD Identifier. An StpdID is used to identify each STP domain. You assign the StpdID when
configuring the domain. An StpdID must be identical to the VLANid of the carrier VLAN in that STP
domain, and that VLAN cannot belong to another STPD.
Example
The following command specifies that all ports subsequently added to the STPD STPD1 be in PVST+
encapsulation mode unless otherwise specified or manually changed:
configure stpd stpd1 default-encapsulation pvst-plus
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
732
configure stpd delete vlan
configure stpd delete vlan
configure stpd <stpd_name> delete vlan <vlan_name> ports [all |
<port_list>]
Description
Deletes one or more ports in the specified VLAN from an STPD.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
vlan_name
Specifies a VLAN name.
all
Specifies all of the ports in the VLAN to be removed from the STPD.
port_list
Specifies the port or ports to be removed from the STPD.
Default
N/A.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keywords stpd and vlan are optional.
If the specified VLAN is the carrier VLAN, all protected VLANs on the same set of ports are also
removed from the STPD.
You also use this command to remove autobind ports from a VLAN. ExtremeWare XOS records the
deleted ports so that the ports are not automatically added to the STPD after a system restart.
Example
The following command removes all ports of a VLAN named Marketing from the STPD STPD1:
configure stpd stpd1 delete vlan marketing ports all
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
733
STP Commands
configure stpd forwarddelay
configure stpd <stpd_name> forwarddelay <seconds>
Description
Specifies the time (in seconds) that the ports in this STPD spend in the listening and learning states
when the switch is the Root Bridge.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
seconds
Specifies the forward delay time in seconds. The default is 15 seconds, and
the range is 4 to 30 seconds.
Default
The default forward delay time is 15 seconds.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
You should not configure any STP parameters unless you have considerable knowledge and experience
with STP. The default STP parameters are adequate for most networks.
The range for the <seconds> parameter is 4 through 30 seconds.
Example
The following command sets the forward delay from STPD1 to 20 seconds:
configure stpd stpd1 forwarddelay 20
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
734
configure stpd hellotime
configure stpd hellotime
configure stpd <stpd_name> hellotime <seconds>
Description
Specifies the time delay (in seconds) between the transmission of BPDUs from this STPD when it is the
Root Bridge.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
seconds
Specifies the hello time in seconds. The default is 2 seconds, and the range is
1 to 10 seconds.
Default
The default hello time is 2 seconds.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
You should not configure any STP parameters unless you have considerable knowledge and experience
with STP. The default STP parameters are adequate for most networks.
The range for the <seconds> parameter is 1 through 10 seconds.
Example
The following command sets the time delay from STPD1 to 10 seconds:
configure stpd stpd1 hellotime 10
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
735
STP Commands
configure stpd maxage
configure stpd <stpd_name> maxage <seconds>
Description
Specifies the maximum age of a BPDU in the specified STPD.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
seconds
Specifies the maxage time in seconds. The default is 20 seconds, and the
range is 6 to 40 seconds.
Default
The default maximum age of a BPDU is 20 seconds.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
You should not configure any STP parameters unless you have considerable knowledge and experience
with STP. The default STP parameters are adequate for most networks.
The range for the <seconds> parameter is 6 through 40 seconds.
Note that the time must be greater than, or equal to 2 * (Hello Time + 1) and less than, or equal to 2 *
(Forward Delay –1).
Example
The following command sets the maximum age of STPD1 to 30 seconds:
configure stpd stpd1 maxage 30
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
736
configure stpd mode
configure stpd mode
configure stpd <stpd_name> mode [dot1d | dot1w]
Description
Configures the operational mode for the specified STP domain.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
dot1d
Specifies the STPD mode of operation to be 802.1d.
dot1w
Specifies the STPD mode of operation to be 802.1w, and rapid configuration
is enabled.
Default
The STPD operates in 802.1d mode.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
If you configure the STP domain in 802.1D mode, the rapid reconfiguration mechanism is disabled.
If you configure the STP domain in 802.1w mode, the rapid reconfiguration mechanism is enabled.
Example
The following command configures STPD s1 to enable the rapid reconfiguration mechanism and operate
in 802.1w mode:
configure stpd s1 mode dot1w
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
737
STP Commands
configure stpd ports cost
configure stpd <stpd_name> ports cost [auto | <cost>] <port_list>
Description
Specifies the path cost of the port in the specified STPD.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
auto
Specifies the switch to remove any user-defined port cost value(s) and use the
appropriate default port cost value(s).
cost
Specifies a numerical port cost value. The range is 1 through 65,535.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
The switch automatically assigns a default path cost based on the speed of the port, as follows:
●
For a 10Mbps port, the default cost is 100.
●
For a 100Mbps port, the default cost is 19.
●
For a 1000Mbps port, the default cost is 4.
●
For a 10000Mbps ports, the default cost is 2.
The default port cost for trunked ports is dynamically calculated based on the available bandwidth.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
You should not configure any STP parameters unless you have considerable knowledge and experience
with STP. The default STP parameters are adequate for most networks.
The range for the cost parameter is 1 through 65,535. The switch automatically assigns a default path
cost based on the speed of the port. If you configure the port cost, a setting of 1 indicates the highest
priority.
If you configured a port cost value and specify the auto option, the switch removes the user-defined
port cost value and returns to the default, automatically assigned, port cost value.
If a trunk port is the root port for an STP topology, port costs can fluctuate up and down and trigger
topology changes. For example, if all links go down in the trunk (all ports go link-down), the available
bandwidth is zero. The system displays a port cost of unknown (Unkn) and enters the disabled state. To
prevent this dynamic behavior, configure the port cost of the trunk port with the configure stpd
<stpd_name> ports <cost> <port_list> command. After you configure a static cost, the value is
frozen until you specify the auto option.
ExtremeWare XOS 11.1 Command Reference Guide
738
configure stpd ports cost
Example
The following command configures a cost of 100 to slot 2, ports 1 through 5 in STPD s0:
configure stpd s0 ports cost 100 2:1-2:5
History
This command was available in ExtremeWare XOS 10.1.
The auto option was added in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
739
STP Commands
configure stpd ports link-type
configure stpd <stpd_name> ports link-type [auto | broadcast | edge |
point-to-point] <port_list>
Description
Configures the ports in the specified STPD as auto, broadcast, edge, or point-to-point link types.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
auto
Specifies the switch to automatically determine the port link type. An auto link
behaves like a point-to-point link if the link is in full-duplex mode or if link
aggregation is enabled on the port. Used for 802.1w configurations.
broadcast
Specifies a port attached to a LAN segment with more than two bridges. Used
for 802.1D configurations. A port with broadcast link type cannot participate in
rapid reconfiguration. By default, all ports are broadcast links.
edge
Specifies a port that does not have a bridge attached. An edge port is placed
and held in the STP forwarding state unless a BPDU is received by the port.
Used for 802.1w configurations.
point-to-point
Specifies a port attached to a LAN segment with only two bridges. A port with
point-to-point link type can participate in rapid reconfiguration. Used for
802.1w configurations.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
All ports are broadcast link types.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
The default, broadcast links, supports legacy STP (802.1D) configurations.
If you configure a port to be an edge port, the port immediately enters the forwarding state. Edge ports
remain in the forwarding state unless the port receives a BPDU. In that case, edge ports enter the
blocking state.
RSTP does not send any BPDUs from an edge port nor does it generate topology change events when
an edge port changes its state.
RSTP rapidly moves the designated ports of a point-to-point link type into the forwarding state. This
behavior is supported by RSTP only.
An auto link behaves like a point-to-point link if the link is in full duplex mode or if link aggregation is
enabled on the port; otherwise, an auto link behaves like a broadcast link. If a non-STP switch exists
ExtremeWare XOS 11.1 Command Reference Guide
740
configure stpd ports link-type
between several switches operating in 802.1w mode with auto links, the non-STP switch may negotiate
full-duplex even though the broadcast domain extends over several STP devices.
If the switch operates in 802.1D mode, any configured port link type will behave the same as the
broadcast link type.
Example
The following command configures slot 2, ports 1 through 4 to be point-to-point links in STPD s1:
configure stpd s1 ports link-type point-to-point 2:1-2:4
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
741
STP Commands
configure stpd ports mode
configure stpd <stpd_name> ports mode [dot1d | emistp | pvst-plus]
<port_list>
Description
Configures the encapsulation mode for the specified port list.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
dot1d
Specifies the STP encapsulation mode of operation to be 802.1d.
emistp
Specifies the STP encapsulation mode of operation to be EMISTP.
pvst-plus
Specifies the STP encapsulation mode of operation to be PVST+.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
Ports in the default STPD (s0) are dot1d mode. Ports in user-created STPDs are in emistp mode.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
You can specify the following STP encapsulation modes:
●
dot1d—This mode is reserved for backward compatibility with previous STP versions. BPDUs are
sent untagged in 802.1D mode. Because of this, any given physical interface can have only one STPD
running in 802.1D mode.
●
emistp—This mode sends BPDUs with an 802.1Q tag having an StpdID in the VLANid field.
●
pvst-plus—This mode implements PVST+ in compatibility with third-party switches running this
version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs, and
send and process packets in PVST+ format.
Example
The following command configures STPD s1 with PVST+ packet formatting for slot 2, port 1:
configure stpd s1 ports mode pvst-plus 2:1
History
This command was available in ExtremeWare XOS 10.1.
ExtremeWare XOS 11.1 Command Reference Guide
742
configure stpd ports mode
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
743
STP Commands
configure stpd ports priority
configure stpd <stpd_name> ports priority <priority> <port_list>
Description
Specifies the port priority of the port in the specified STPD.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
priority
Specifies a numerical port priority value. The range is 0 through 31.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
The default setting is 16.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
You should not configure any STP parameters unless you have considerable knowledge and experience
with STP. The default STP parameters are adequate for most networks.
By changing the priority of the port, you can make it more or less likely to become the root port or a
designated port.
A setting of 0 indicates the highest priority.
The range for the priority parameter is 0 through 31.
Example
The following command assigns a priority of 1 to slot 2, ports 1 through 5 in STPD s0:
configure stpd s0 ports priority 1 2:1-2:5
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
744
configure stpd priority
configure stpd priority
configure stpd <stpd_name> priority <priority>
Description
Specifies the bridge priority of the STPD.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
priority
Specifies the bridge priority of the STPD. The range is 0 through 65,535.
Default
The default priority is 32,768.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
You should not configure any STP parameters unless you have considerable knowledge and experience
with STP. The default STP parameters are adequate for most networks.
By changing the priority of the STPD, you can make it more or less likely to become the root bridge.
The range for the <priority> parameter is 0 through 65,535. A setting of 0 indicates the highest
priority.
Example
The following command sets the bridge priority of STPD1 to 16,384:
configure stpd stpd1 priority 16384
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
745
STP Commands
configure stpd tag
configure stpd <stpd_name> tag <stpd_tag>
Description
Assigns an StpdID to an STPD.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
stpd_tag
Specifies the VLANid of the carrier VLAN that is owned by the STPD.
Default
N/A.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If your STPD has a name
unique only to that STPD, the keyword stpd is optional.
You should not configure any STP parameters unless you have considerable knowledge and experience
with STP. The default STP parameters are adequate for most networks.
An StpdID is used to identify each STP domain. You assign the StpdID when configuring the domain.
An StpdID must be identical to the VLANid of the carrier VLAN in that STP domain, and that VLAN
cannot belong to another STPD. Unless all ports are running in 802.1D mode, an STPD must be
configured with an StpdID.
You must create and configure the VLAN, along with the tag, before you can configure the STPD tag. To
create a VLAN, use the create vlan command. To configure the VLAN, use the configure vlan
commands.
Example
The following command assigns an StpdID to the purple_st STPD:
configure stpd purple_st tag 200
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
746
configure vlan add ports stpd
configure vlan add ports stpd
configure vlan <vlan_name> add ports [all | <port_list>] {tagged |
untagged} {nobroadcast} stpd <stpd_name> {[dot1d | emistp | pvst-plus]}
Description
Adds one or more ports in a VLAN to a specified STPD.
Syntax Description
vlan_name
Specifies a VLAN name.
all
Specifies all of the ports to be included in the STPD.
port_list
Specifies the port or ports to be included in the STPD.
tagged
Specifies the ports should be configured as tagged.
untagged
Specifies the ports should be configured as untagged.
nobroadcast
Prevents broadcasts, multicasts, and unknowns from being transmitted on
these ports.
stpd_name
Specifies an STPD name on the switch.
dot1d
Specifies the STP encapsulation mode of operation to be 802.1d.
emistp
Specifies the STP encapsulation mode of operation to be EMISTP.
pvst-plus
Specifies the STP encapsulation mode of operation to be PVST+.
Default
All ports are in emistp mode, except those in STPD s0, whose default setting is dot1d mode.
Usage Guidelines
To create a VLAN, use the create vlan command. To create an STP domain, use the create stpd
command.
This command adds a list of ports to a VLAN and a specified STPD at the same time provided the
carrier VLAN already exists on the same set of ports. You can also specify the encapsulation mode for
those ports.
If you see an error similar to the following:
Error: Cannot add VLAN default port 3:5 to STP domain
You might be attempting to add:
●
Another 802.1D mode STP port to a physical port that already contains an 802.1D mode STP port
(only one 802.1D encapsulation STP port can be configured on a particular STP port)
●
A carrier VLAN port to a different STP domain than the carrier VLAN belongs
●
A VLAN/port for which the carrier VLAN does not yet belong
ExtremeWare XOS 11.1 Command Reference Guide
747
STP Commands
NOTE
This restriction is only enforced in an active STP domain and when you enable STP to ensure you have a legal
STP configuration.
Naming Conventions. If your VLAN has the same name as another component, for example an STPD,
Extreme Networks recommends that you specify the identifying keyword as well as the name. If your
VLAN has a name unique only to that VLAN, the keywords vlan and stpd are optional.
STP Encapsulation Modes. You can specify the following STP encapsulation modes:
●
dot1d—This mode is reserved for backward compatibility with previous STP versions. BPDUs are
sent untagged in 802.1D mode. Because of this, any given physical interface can have only one STPD
running in 802.1D mode.
●
emistp—This mode sends BPDUs with an 802.1Q tag having an StpdID in the VLANid field.
●
pvst-plus—This mode implements PVST+ in compatibility with third-party switches running this
version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs, and
send and process packets in PVST+ format.
These encapsulation modes are for STP ports, not for physical ports. When a physical ports belongs to
multiple STPDs, it is associated with multiple STP ports. It is possible for the physical port to run in
different modes for different domains for which it belongs.
Example
The following command adds slot 1, port 2 and slot 2, port 3, members of a VLAN named Marketing, to
the STPD named STPD1, and specifies that they be in EMISTP mode:
configure vlan marketing add ports 1:2, 2:3 tagged stpd stpd1 emistp
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
748
create stpd
create stpd
create stpd <stpd_name>
Description
Creates a user-defined STPD.
Syntax Description
stpd_name
Specifies a user-defined STPD name to be created. May be up to 32
characters in length.
Default
The default device configuration contains a single STPD called s0.
When an STPD is created, the STPD has the following default parameters:
●
State—disabled
●
StpdID—none
●
Assigned VLANs—none
●
Bridge priority—32,768
●
Maximum BPDU age—20 seconds
●
Hello time—2 seconds
●
Forward delay—15 seconds
●
Operational mode—802.1D
●
Rapid Root Failover—disabled
●
Default Binding Mode (encapsulation mode)—Ports in the default STPD (s0) are in 802.1d mode.
Ports in user-created STPDs are in emistp mode.
Usage Guidelines
The maximum length for a name is 32 characters. Names can contain alphanumeric characters and
underscores ( _ ) but cannot be any reserved keywords, for example, stp or stpd. Names must start with
an alphabetical character, for example, a, Z.
Each STPD name must be unique and cannot duplicate any other named STPDs on the switch. If you
are uncertain about the STPD names on the switch, use the show stpd command to view the STPD
names.
You can, however, re-use names across multiple categories of switch configuration. For example, you
can use the name Test for an STPD and a VLAN. If you use the same name, Extreme Networks
recommends that you specify the appropriate keyword when configuring the STPD. If you do not
specify the appropriate keyword, the switch displays a message similar to the following:
%% Ambiguous command:
"configure Test"
ExtremeWare XOS 11.1 Command Reference Guide
749
STP Commands
To view the names of the STPDs on the switch, enter configure and press [Tab]. Scroll to the end of the
output to view the names.
Each STPD has its own Root Bridge and active path. After the STPD is created, one or more VLANs can
be assigned to it.
Example
The following example creates an STPD named purple_st:
create stpd purple_st
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
750
delete stpd
delete stpd
delete stpd <stpd_name>
Description
Removes a user-defined STPD from the switch.
Syntax Description
stpd_name
Specifies a user-defined STPD name on the switch.
Default
N/A.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If you do not specify the
stpd keyword, an error message similar to the following is displayed:
%% Ambiguous command:
"delete Test"
In this example, to delete the STPD Test, enter delete stpd Test.
If you created an STPD with a name unique only to that STPD, the keyword stpd is optional.
The default STPD, s0, cannot be deleted.
Example
The following command deletes an STPD named purple_st:
delete stpd purple_st
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
751
STP Commands
disable stpd
disable stpd {<stpd_name>}
Description
Disables the STP protocol on a particular STPD or for all STPDs.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
Default
Disabled.
Usage Guidelines
After you have created the STPD with a unique name, the keyword stpd is optional.
If you want to disable the STP protocol for all STPDs, do not specify an STPD name.
Example
The following command disables an STPD named purple_st:
disable stpd purple_st
The following command disables the STP protocol for all STPDs on the switch:
disable stpd
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
752
disable stpd auto-bind
disable stpd auto-bind
disable stpd <stpd_name> auto-bind vlan <vlan_name>
Description
Disables the ability to automatically add ports to an STPD when they are added to a member VLAN.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
vlan_name
Specifies the name of a member VLAN with autobind enabled.
Default
The autobind feature is disabled.
Usage Guidelines
NOTE
Ports already in the STPD remain in that domain (as if they were added manually).
If you create an STPD and a VLAN with unique names, the keywords stpd and vlan are optional.
Ports added to the STPD automatically when autobind is enabled are not removed when autobind is
disabled. The ports are present after a switch reboot.
To view STP configuration status of the ports in a VLAN, use the following command:
show vlan <vlan_name> stpd
Example
The following example disables autobind on an STPD named s8:
disable stpd s8 auto-bind v5
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
753
STP Commands
disable stpd ports
disable stpd <stpd_name> ports [all | <port_list>]
Description
Disables STP on one or more ports for a given STPD.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
all
Specifies all ports for a given STPD.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
Enabled.
Usage Guidelines
If you create the STPD with a unique name, the keyword stpd is optional.
Disabling STP on one or more ports puts those ports in the forwarding state; all BPDUs received on those
ports are disregarded and dropped.
Use the all keyword to specify that all ports of a given STPD are disabled.
Use the port_list parameter to specify a list of ports of a given STPD are disabled.
If you do not use the default STPD, you must create one or more STPDs and configure and enable the
STPD before you can use the disable stpd ports command.
Example
The following command disables slot 2, port 4 on an STPD named Backbone_st:
disable stpd backbone_st ports 2:4
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
754
disable stpd rapid-root-failover
disable stpd rapid-root-failover
disable stpd <stpd_name> rapid-root-failover
Description
Disables rapid root failover for STP recovery times.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
Default
Disabled.
Usage Guidelines
After you have created the STPD with a unique name, the keyword stpd is optional.
To view the status of rapid root failover on the switch, use the show stpd command. The show stpd
command displays information about the STPD configuration on the switch including the enable/
disable state for rapid root failover.
Example
The following command disables rapid root fail over on STPD Backbone_st:
disable stpd backbone_st rapid-root-failover
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
755
STP Commands
enable stpd
enable stpd {<stpd_name>}
Description
Enables the STP protocol for one or all STPDs.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
Default
Disabled.
Usage Guidelines
If you want to enable the STP protocol for all STPDs, do not specify an STPD name.
Example
The following command enables an STPD named Backbone_st:
enable stpd backbone_st
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
756
enable stpd auto-bind
enable stpd auto-bind
enable stpd <stpd_name> auto-bind vlan <vlan_name>
Description
Automatically adds ports to an STPD when ports are added to a member VLAN.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
vlan_name
Specifies the name of the VLAN to have autobind enabled.
Default
The autobind feature is disabled.
If you enable autobind and add ports to a member VLAN, those ports are automatically added to the
STPD.
Usage Guidelines
If you create an STPD and a VLAN with unique names, the keywords stpd and vlan are optional.
When you issue this command, any port or list of ports that you add to the carrier VLAN are
automatically added to the STPD with autobind enabled. In addition, any port or list of ports that you
remove from a carrier VLAN are automatically removed from the STPD. This allows the STPD to
increase or decrease its span as you add ports to or remove ports from a carrier VLAN.
You cannot configure the autobind feature on a Netlogin VLAN.
Carrier VLAN. A carrier VLAN defines the scope of the STPD, which includes the physical and logical
ports that belong to the STPD and the 802.1Q tag used to transport STP BPDUs in the encapsulation
mode is EMISTP or PVST+. Only one carrier VLAN can exist in a given STPD, although some of its
ports can be outside the control of any STPD at the same time.
NOTE
The StpdID must be identical to the VLANid of the carrier VLAN in that STPD.
Protected VLAN. Protected VLANs are all other VLANs that are members of the STPD. These VLANs
“piggyback” on the carrier VLAN. Protected VLANs do not transmit or receive STP BPDUs, but they
are affected by STP state changes and inherit the state of the carrier VLAN. Protected VLANs can
participate in multiple STPDs, but any particular port in the VLAN can belong to only one STPD.
Enabling autobind on a protected VLAN does not expand the boundary of the STPD. However, the
VLAN and port combinations are added to or removed from the STPD subject to the boundaries of the
carrier VLAN.
ExtremeWare XOS 11.1 Command Reference Guide
757
STP Commands
To view STP configuration status of the ports on a VLAN, use the following command:
show vlan <vlan_name> stpd
Example
To automatically add ports to an STPD and expand the boundary of the STPD, you must complete the
following tasks:
●
Create the carrier VLAN.
●
Assign a VLANid to the carrier VLAN.
●
Add ports to the carrier VLAN.
●
Create an STPD (or use the default, S0).
●
Enable autobind on the STPDs carrier VLAN.
●
Configure the STPD tag (the StpdID must be identical to the VLANid of the carrier VLAN in the STP
domain).
●
Enable STP.
The following example enables autobind on an STPD named s8 after creating a carrier VLAN named v5:
create vlan v5
configure vlan
configure vlan
create stpd s8
enable stpd s8
configure stpd
enable stpd s8
v5 tag 100
v5 add ports 1:1-1:20 tagged
auto-bind v5
s8 tag 100
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
758
enable stpd ports
enable stpd ports
enable stpd <stpd_name> ports [all | <port_list>]
Description
Enables the STP protocol on one or more ports.
Syntax Description
stpd_name
Specifies an STPD on the switch.
all
Specifies all ports for a given STPD.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
Enabled.
Usage Guidelines
If you create an STPD with a unique name, the keyword stpd is optional.
If STP is enabled for a port, BPDUs are generated and processed on that port if STP is enabled for the
associated STPD.
You must configure one or more STPDs before you can use the enable stpd ports command. To
create an STPD, use the create stpd <stpd_name> command. If you have considerable knowledge
and experience with STP, you can configure the STPD using the configure stpd commands. However,
the default STP parameters are adequate for most networks.
Example
The following command enables slot 2, port 4 on an STPD named Backbone_st:
enable stpd backbone_st ports 2:4
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
759
STP Commands
enable stpd rapid-root-failover
enable stpd <stpd_name> rapid-root-failover
Description
Enables rapid root failover for faster STP recovery times.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
Default
Disabled.
Usage Guidelines
If you create an STPD with a unique name, the keyword stpd is optional.
To view the status of rapid root failover on the switch, use the show stpd command. The show stpd
command displays information about the STPD configuration on the switch including the enable/
disable state for rapid root failover.
Example
The following command enables rapid root fail over on STPD Backbone_st:
enable stpd backbone_st rapid-root-failover
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
760
show stpd
show stpd
show stpd {<stpd_name> | detail}
Description
Displays STPD settings on the switch.
Syntax Description
stpd_name
Specifies an STPD on the switch.
detail
Specifies that STPD settings should be shown for each STPD.
Default
N/A.
Usage Guidelines
The command displays the following STPD information:
●
STPD name
●
STPD state
●
STPD mode of operation
●
Autobind mode
●
Rapid Root Failover
●
Tag
●
Ports
●
Active VLANs
●
Bridge Priority
●
Bridge ID
●
Designated root
●
STPD configuration information
You can create, configure, and enable one or more STPDs and use the show stpd command to display
STP configurations. Use the create stpd <stpd_name> command to create an STPD. Use the enable
stpd {<stpd_name>} command to enable an STPD. If you have considerable knowledge and
experience with STP, you can configure the STPD using the configure stpd commands. However, the
default STP parameters are adequate for most networks.
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If you do not specify the
stpd keyword, an error message similar to the following is displayed:
%% Ambiguous command:
"show Test"
In this example, to view the settings of the STPD Test, enter show stpd Test.
ExtremeWare XOS 11.1 Command Reference Guide
761
STP Commands
If your STPD has a name unique only to that STPD, the keyword stpd is optional.
Example
The following command displays STPD settings on an STPD named Backbone_st:
show stpd backbone_st
The following is sample output from this command:
Stpd: backbone_st Stp: ENABLED
Number of Ports: 51
Rapid Root Failover: Disabled
Operational Mode: 802.1W
Default Binding Mode: 802.1D
802.1Q Tag: (none)
Ports: 1:1,1:2,2:1,2:2,3:1,3:2,4:1,4:2,5:1,5:2,
5:3,5:4,5:5,5:6,5:7,5:8,5:9,5:10,5:11,5:12,
5:13,5:14,5:15,5:16,5:17,5:18,5:19,5:20,5:21,5:22,
5:23,5:24,5:25,5:26,5:27,5:28,5:29,5:30,5:31,5:32,
5:33,5:34,5:35,5:36,5:37,5:38,5:39,5:40,5:41,5:42,
5:43
Participating Vlans: Default
Auto-bind Vlans: Default
Bridge Priority: 5000
BridgeID:
13:88:00:01:30:f4:06:80
Designated root:
0a:be:00:01:30:28:b7:00
RootPathCost: 19
Root Port: 28
MaxAge: 20s
HelloTime: 2s
ForwardDelay: 15s
CfgBrMaxAge: 20s
CfgBrHelloTime: 2s
CfgBrForwardDelay: 15s
Topology Change Time: 35s
Hold time: 1s
Topology Change Detected: FALSE
Topology Change: FALSE
Number of Topology Changes: 7
Time Since Last Topology Change: 4967s
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
762
show stpd ports
show stpd ports
show stpd <stpd_name> ports {[detail | <port_list> {detail}]}
Description
Displays the STP state of a port.
Syntax Description
stpd_name
Specifies an STPD name.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
detail
Specifies more detailed information about one or more ports of the STPD.
Default
N/A.
Usage Guidelines
This command displays the following:
●
STPD port configuration
●
STPD port encapsulation mode
●
STPD path cost
●
STPD priority
●
STPD state (root bridge, and so on)
●
Port role (root bridge, edge port, etc.)
●
STPD port state (forwarding, blocking, and so on)
●
Configured port link type
●
Operational port link type
Use the detail option to display detailed formats for all ports or for the specified ports.
If your STPD has the same name as another component, for example a VLAN, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If you do not specify the
stpd keyword, an error message similar to the following is displayed:
%% Ambiguous command:
"show Test ports"
In this example, to view all of the port settings of STPD Test, enter show stpd Test ports.
If your STPD has a name unique only to that STPD, the keyword stpd is optional.
ExtremeWare XOS 11.1 Command Reference Guide
763
STP Commands
Example
The following command displays the state of slot 3, ports 1 through 3 on an STPD named s0:
show stpd S0 ports 3:1-3:3
The following is sample output from this command:
Port
3:1
3:2
3:3
Mode
802.1D
802.1D
802.1D
State
FORWARDING
FORWARDING
FORWARDING
Cost
100
100
100
Flags
e------e------e-------
Priority
16
16
16
Port ID
16641
16642
16643
Designated Bridge
00:00:00:00:00:00:00:00
00:00:00:00:00:00:00:00
00:00:00:00:00:00:00:00
Total Ports: 3
------------------------- Flags: ---------------------------1:
e=Enable, d=Disable
2: (Port role)
R=Root, D=Designated, A=Alternate, B=Backup
3: (Config type) b=broadcast, p=point-to-point, e=edge, a=auto
4: (Oper. type)
b=broadcast, p=point-to-point, e=edge
5:
p=proposing, a=agree
6: (partner mode) d = 802.1d, w = 802.1w, s = 802.1s
7:
i = edgeport inconsistency
The following command displays the detailed information for the ports in STPD S0:
show stpd S0 ports detail
The following is sample output from this command:
Stpd: s0
Port: 1:1
PortId: 8002
Port Mode: 802.1D
Port State: FORWARDING
Topology Change
Port Priority: 16
Designated Root:
00:00:00:00:00:00:00:00
Designated Bridge: 00:00:00:00:00:00:00:00
Partner STP version: Dot1d
Participating Vlans: Default
Stpd: s0
Port: 1:2
PortId: 8002
Port Mode: 802.1D
Port State: FORWARDING
Topology Change
Port Priority: 16
Designated Root:
00:00:00:00:00:00:00:00
Designated Bridge: 00:00:00:00:00:00:00:00
Partner STP version: Dot1d
Participating Vlans: Default
Stp: ENABLED
Path Cost: 19
Ack: FALSE
Designated Cost: 0
Designated Port Id: 0
Stp: ENABLED
Path Cost: 19
Ack: FALSE
Designated Cost: 0
Designated Port Id: 0
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
764
show vlan stpd
show vlan stpd
show vlan <vlan_name> stpd
Description
Displays the STP configuration of the ports assigned to a specific VLAN.
Syntax Description
vlan_name
Specifies a VLAN name.
Default
N/A.
Usage Guidelines
If you have a VLAN that spans multiple STPDs, use this command to display the STP configuration of
the ports assigned to that specific VLAN.
This command displays the following:
●
STPD port configuration
●
STPD port mode of operation
●
STPD path cost
●
STPD priority
●
STPD state (root bridge, and so on)
●
Port role (root bridge, edge port, etc.)
●
STPD port state (forwarding, blocking, and so on)
●
Configured port link type
●
Operational port link type
If your VLAN has the same name as another component, for example an STPD, Extreme Networks
recommends that you specify the identifying keyword as well as the name. If you do not specify the
vlan keyword, the switch displays an error message similar to the following:
%% Ambiguous command:
"show Test stpd"
In this example, to view the STPD state of VLAN Test, enter show vlan Test stpd.
If you enter a VLAN name that is not associated with an STPD or does not exist, the switch displays an
error message similar to the following:
Failed to find vlan 'vlan1' or it has no STP domains configured on it
If this happens, check to make sure you typed the correct name of the VLAN and that the VLAN is
associated with an STPD.
ExtremeWare XOS 11.1 Command Reference Guide
765
STP Commands
If your VLAN has a name unique only to that VLAN, the keyword vlan is optional.
Example
The following command displays the spanning tree configurations for the vlan Default:
show vlan default stpd
The following is sample output from this command:
s0(enabled)
Port
1:1
1:2
1:3
1:4
1:5
1:6
1:7
1:8
Mode
802.1D
802.1D
802.1D
802.1D
802.1D
802.1D
802.1D
802.1D
Tag: (none)
State
LEARNING
DISABLED
DISABLED
LEARNING
LEARNING
DISABLED
DISABLED
DISABLED
Ports: 8 Root/P/C: 80:00:00:01:30:94:79:00/-----/0
Cost
19
4
4
4
4
4
4
4
Flags
eDbb-de-----e-----eDbb-deDbb-de-----e-----e------
Priority
16
16
16
16
16
16
16
16
Port ID Designated Bridge
8001
80:00:00:01:30:94:79:00
8002
00:00:00:00:00:00:00:00
8003
00:00:00:00:00:00:00:00
8004
80:00:00:01:30:94:79:00
8005
80:00:00:01:30:94:79:00
8006
00:00:00:00:00:00:00:00
8007
00:00:00:00:00:00:00:00
8008
00:00:00:00:00:00:00:00
------------------------- Flags: ---------------------------1:
e=Enable, d=Disable
2: (Port role)
R=Root, D=Designated, A=Alternate, B=Backup
3: (Config type) b=broadcast, p=point-to-point, e=edge, a=auto
4: (Oper. type)
b=broadcast, p=point-to-point, e=edge
5:
p=proposing, a=agree
6: (partner mode) d=802.1d, w=802.1w, s=802.1s
7:
i=edgeport inconsistency
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
766
unconfigure stpd
unconfigure stpd
unconfigure stpd {<stpd_name>}
Description
Restores default STP values to a particular STPD or all STPDs.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
Default
N/A.
Usage Guidelines
If you create an STPD with a unique name, the keyword stpd is optional.
Use this command to restore default STP values to a particular STPD. If you want to restore default STP
values on all STPDs, do not specify a spanning tree name.
Example
The following command restores default values to an STPD named Backbone_st:
unconfigure stpd backbone_st
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
767
STP Commands
unconfigure stpd ports link-type
unconfigure stpd <stpd_name> ports link-type <port_list>
Description
Returns the specified port to the factory default setting of broadcast link.
Syntax Description
stpd_name
Specifies an STPD name on the switch.
port_list
Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.
Default
All ports are broadcast link types.
Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, you must enter the stpd
keyword to specify the STPD. If your STPD has a name unique only to that STPD, the keyword stpd is
optional.
If the switch operates in 802.1D mode, any configured port link type will behave the same as the
broadcast link type.
Example
The following command configures slot 2, ports 1 through 4 to return to the factory default of broadcast
links in STPD s1:
unconfigure stpd s1 ports link-type 2:1-2:4
History
This command was available in ExtremeWare XOS 10.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
768
17 ESRP Commands
This chapter describes the commands for:
●
Enabling and disabling ESRP
●
Performing ESRP configuration
●
Enabling and disabling port restart and failure tracking for ESRP
●
Displaying ESRP configuration information
●
Enabling and disabling ELRP in an ESRP environment
Extreme Standby Router Protocol
The Extreme Standby Router Protocol (ESRP) is a feature of ExtremeWare XOS that allows multiple
switches to provide redundant Layer 3 routing services to users. In addition to providing Layer 3
routing redundancy, ESRP also provides for Layer 2 redundancy. You can use these “layered”
redundancy features in combination or independently. The Layer 2 redundancy features of ESRP offer
fast failure recovery and provide for dual-homed system design. In some instances, depending on
network system design, ESRP can provide better resiliency than using the Spanning Tree Protocol (STP)
or Virtual Router Redundancy Protocol (VRRP).
You configure ESRP on a per domain basis on each switch. A maximum of two switches can participate
in providing redundant Layer 3 or Layer 2 services to a single virtual LAN (VLAN). If you configure
and use ESRP groups, more than two switches can provide redundant Layer 2 or Layer 3 services to a
single vlan. The switches exchange keep-alive packets for each VLAN independently. Only one switch
(the master) can actively provide Layer 3 routing and/or Layer 2 switching for each VLAN. This switch
handles the forwarding, address resolution protocol (ARP) requests, and forwarding for this particular
VLAN. Other participating switches for the VLAN are in slave mode waiting for an ESRP state change.
To participate in ESRP, the following must be true:
●
A VLAN can belong to only one ESRP domain.
●
The IP address for the VLANs participating in an ESRP domain must be identical.
●
All switches in the ESRP network must use the same election algorithm, otherwise loss of
connectivity, broadcast storms, or other unpredictable behavior may occur.
●
If you have an untagged master VLAN, you must specify an ESRP domain ID. The domain ID must
be identical on all switches participating in ESRP for that particular domain.
●
If you have a tagged master VLAN, ESRP uses the 802.1Q tag (VLANid) of the master VLAN for the
ESRP domain ID. If you do not use the VLANid as the domain ID, you must specify a different
domain ID. As previously described, the domain ID must be identical on all switches participating in
ESRP for that particular domain.
Extreme Networks recommends that all switches participating in ESRP run the same version of
ExtremeWare XOS. Not all ESRP features are available in all ExtremeWare XOS software releases.
ExtremeWare XOS 11.1 Command Reference Guide
769
ESRP Commands
ESRP Modes of Operation
ExtremeWare XOS has two modes of ESRP operation: standard and extended. Select standard if your
network contains some switches running ExtremeWare, others running ExtremeWare XOS, and a
combination of those switches participating in ESRP. Standard ESRP is backward compatible with and
supports the ESRP functionality of ExtremeWare.
Select extended ESRP if your network contains switches running only ExtremeWare XOS. Extended
mode ESRP supports and is compatible with switches running ExtremeWare XOS. By default,
ExtremeWare XOS operates in extended mode.
ESRP-Aware Switches
Extreme Networks switches that are not actively participating in ESRP but are connected on a network
that has other Extreme Networks switches running ESRP are ESRP-aware. When ESRP-aware switches
are attached to ESRP-enabled switches, the ESRP-aware switches reliably perform failover and failback
scenarios in the prescribed recovery times. For an Extreme Networks switch to be ESRP-aware, you
must create an ESRP domain on the aware switch (however, you do not enable the ESRP domain), add
a master VLAN to that ESRP domain, and configure a domain ID, if necessary.
To participate as an ESRP-aware switch, the following must be true:
●
The ESRP domain name must identical on all switches (ESRP-enabled and ESRP-aware) participating
in ESRP for that particular domain.
●
The master VLAN name and IP address must be identical on all switches (ESRP-enabled and ESRPaware) participating in ESRP for that particular domain.
●
The domain ID must be identical on all switches (ESRP-enabled or ESRP-aware) participating in
ESRP for that particular domain.
■
If you have an untagged master VLAN, you must specify an ESRP domain ID.
■
If you have a tagged master VLAN, ESRP uses the 802.1Q tag (VLANid) of the master VLAN for
the ESRP domain ID. If you do not use the VLANid as the domain ID, you must specify a
different domain ID.
Extreme Loop Recovery Protocol
ExtremeWare XOS 11.1 introduces support for the Extreme Loop Recovery Protocol (ELRP). ELRP is a
feature of ExtremeWare XOS that allows you to prevent, detect, and recover from Layer 2 loops in the
network. You can use ELRP with other protocols such as ESRP.
With ELRP, each switch, except for the sender, treats the ELRP PDU as a Layer 2 multicast packet. The
sender uses the source and destination MAC addresses to identify the packet it sends and receives.
When the sender receives its original packet back, that triggers loop detection and prevention. Once a
loop is detected, the loop recovery agent is notified of the event and takes the necessary actions to
recover from the loop. ELRP operates only on the sending switch; therefore, ELRP operates
transparently across the network.
Details of using the standalone ELRP client are discussed in the ExtremeWare XOS User Guide chapter,
“Troubleshooting,” and the commands used to configure standalone ELRP are described in Appendix B,
“Troubleshooting Commands.”
ExtremeWare XOS 11.1 Command Reference Guide
770
clear esrp counters
clear esrp counters
clear esrp counters
Description
Clears the statistics gathered by ESRP for all ESRP domains on the switch.
Syntax Description
This command has no arguments or variables.
Default
None.
Usage Guidelines
Use this command to clear the state transition and the protocol packet counters gathered by ESRP.
The state transition count displays the number of times the ESRP domain entered the following states:
●
Aware—An Extreme switch that does not participate in ESRP elections but is capable of listening to
ESRP Bridge Protocol Data Units (BPDUs).
●
Master—The master switch is the device with the highest priority based on the election algorithm.
The master is responsible for responding to clients for Layer 3 routing and Layer 2 switching for the
ESRP domain.
●
Neutral—The neutral state is the initial state entered by the switch. In a neutral state, the switch
waits for ESRP to initialize and run. A neutral switch does not participate in ESRP elections.
●
PreMaster—The pre-master state is an ESRP switch that is ready to be master but is going through
possible loop detection prior to transitioning to master.
●
Slave—The slave switch participates in ESRP but is not elected or configured the master and does
not respond to ARP requests but does exchange ESRP packets with other switches on the same
VLAN. The slave switch is available to assume the responsibilities of the master switch if the master
becomes unavailable or criteria for ESRP changes.
If the slave is in extended mode, it does not send ESRP hello messages; however, it sends PDUs that
may trigger a change in the master switch.
For more information about configuring the ESRP mode of operation on the switch, see the
configure esrp mode [extended | standard] command. By default, ESRP operates in extended
mode.
To display information about the ESRP domain, including the previously described states, use the show
esrp {<name>} command.
The protocol packet count displays the number of times ESRP, ESRP-aware, and ESRP error packets
were transmitted and received.
To display information about the ESRP counters, use the show esrp {<name>} counters command.
ExtremeWare XOS 11.1 Command Reference Guide
771
ESRP Commands
Example
The following command clears the statistics gathered by ESRP:
clear esrp counters
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
772
clear esrp neighbor
clear esrp neighbor
clear esrp <esrpDomain> neighbor
Description
Clears the neighbor information for the specified ESRP domain.
Syntax Description
esrpDomain
Specifies the name of an ESRP domain.
Default
N/A.
Usage Guidelines
If you add a new switch to your ESRP domain, use this command to clear the existing neighbor
information for the ESRP domain. After the switch is up, running, and configured as an ESRP-aware or
ESRP-enabled device, new neighbor information is learned.
Before using this command, schedule a downtime for your network. Use this command for maintenance
purposes only.
Example
The following command clears the existing neighbor information on the ESRP domain esrp1 after
adding a new switch to the ESRP domain:
clear esrp esrp1 neighbor
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
773
ESRP Commands
clear esrp sticky
clear esrp <esrpDomain> sticky
Description
Clears the stickiness in the ESRP domain and forces the election of the ESRP master switch.
Syntax Description
esrpDomain
Specifies the name of an ESRP domain.
Default
N/A.
Usage Guidelines
Use the clear esrp sticky command to force the election of the ESRP master switch. Before using
this command, schedule a downtime for your network.
For example, without stickiness configured, if an event causes the ESRP master to failover to the
backup, the previous backup becomes the new master. If another event causes the new master to return
to backup, you have experienced two network interruptions. To prevent this, use the configure esrp
election-policy and select stickiness as an election algorithm.
If you use sticky as an election metric, and an event causes the ESRP master to failover, ESRP assigns
the new master with the highest sticky election metric of 1. Therefore, regardless of changes to the
neighbor’s election algorithm, the new master retains its position. Sticky is set on the master switch
only.
ESRP re-election can occur if sticky is set on the master and a local event occurs. During this time, if the
current master has lower election parameters, the backup can become the new master.
If you use clear esrp <esrpDomain> sticky command, it only affects the current master and can
trigger ESRP re-election.
Example
The following command clears the stickiness on the ESRP domain esrp1:
clear esrp esrp1 sticky
History
This command was first available in ExtremeWare XOS 11.0.
ExtremeWare XOS 11.1 Command Reference Guide
774
clear esrp sticky
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
775
ESRP Commands
configure esrp add elrp-poll ports
configure esrp <esrpDomain> add elrp-poll ports [<ports> | all]
Description
Configures the ports of an ESRP domain where ELRP packet transmission is requested by ESRP.
Syntax Description
esrpDomain
Specifies an ESRP domain name.
ports
Specifies list of slots and ports.
all
Specifies all ports in the ESRP domain.
Default
All ports of an ESRP domain have ELRP transmission enabled.
Usage Guidelines
This command allows you to configure the ports in your network that might experience loops, such as
ports that connect to master, slave, or ESRP-aware switches, to receive ELRP packets. You do not need
to send ELRP packets to host ports.
Example
The following command enables ELRP packet transmission for slot 2, ports 3-5 on ESRP domain esrp1:
configure esrp esrp1 add elrp-poll ports 2:3-2:5
History
This command was first available in ExtremeWare XOS 11.1.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
776
configure esrp add master
configure esrp add master
configure esrp <esrpDomain> add master <vlan_name>
Description
Adds a master VLAN to an ESRP domain.
Syntax Description
esrpDomain
Specifies the name of an ESRP domain.
vlan_name
Specifies the name of the master VLAN.
Default
N/A.
Usage Guidelines
You must configure one master VLAN for each ESRP domain. A master VLAN can belong to one ESRP
domain only. An ESRP domain contains one master and zero or more member VLANs.
The master VLAN:
●
Exchanges ESRP PDUs, hello messages, and data between a pair of ESRP-enabled switches.
●
Contains the total number of active physical ports that are counted when determining the master
ESRP domain. The switch with the highest number of active ports takes priority.
Master VLANs can have their own set of ports, and member VLANs can have a different set of ports.
The state of the ESRP device determines whether the ports in the master and member VLANs are in the
forwarding or blocking state.
Example
The following command adds the master VLAN purple to the ESRP domain esrp1:
configure esrp esrp1 add master purple
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
777
ESRP Commands
configure esrp add member
configure esrp <esrpDomain> add member <vlan_name>
Description
Adds a member VLAN to an ESRP domain.
Syntax Description
esrpDomain
Specifies the name of an ESRP domain.
vlan_name
Specifies the name of the member VLAN.
Default
N/A.
Usage Guidelines
You can configure zero or more member VLANs for each ESRP domain. An ESRP domain contains one
master and zero or more member VLANs.
Master VLANs can have their own set of ports, and member VLANs can have a different set of ports.
The state of the ESRP device determines whether the ports in the master and member VLANs are in the
forwarding or blocking state.
Example
The following command adds the member VLAN green to the ESRP domain esrp1:
configure esrp esrp1 add member vlan green
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
778
configure esrp add track-environment
configure esrp add track-environment
configure esrp <esrpDomain> add track-environment failover <priority>
Description
Configures an ESRP domain to track environmental failures.
Syntax Description
esrpDomain
Specifies an ESRP domain name.
priority
Specifies a number between 0 and 254. The default priority is 255. See the
following "Usage Guidelines" section for more information.
Default
No environmental tracking.
Usage Guidelines
Environmental tracking tracks power supply and chassis temperature status.
If a failure is detected, the ESRP domain priority steps to the failover-priority value specified. By setting
the failover priority to be lower than the normal priority of the domain, it will cause the affected
domain to go into slave mode.
The range of the priority value is 0 to 254. Setting the priority to 255 configures the switch to slave
mode, and to be ineligible to become the master. The switch will remain in slave mode even when the
VLAN fails over from the current master.
To make effective use of this feature, the normal priority of the ESRP domain must be higher than the
failover priority of this command.
Example
The following command enables environmental failure tracking, and specifies that the ESRP priority for
ESRP domain esrp1 be set to 10 upon an environmental failure.
configure esrp esrp1 add track-environment failover 10
History
This command was first available in ExtremeWare XOS 11.0.
Platform Availability
This command is available on all platforms.
ExtremeWare XOS 11.1 Command Reference Guide
779
ESRP Commands
configure esrp add track-iproute
configure esrp <esrpDomain> add track-iproute <ipaddress>/<masklength>
Description
Configures an ESRP domain to track a route entry in the system’s routing table.
Syntax Description
esrpDomain
Specifies an ESRP domain name.
ipaddress
Specifies the IP address of the route entry to be tracked.
masklength
Specifies the subnet of the route entry to be tr