Introduction... 5 Additional references... 5 Typographical conventions... 5 Management Network ... 6 Connecting to the switch ... 6 Establishing a console connection ... 6 Setting an IP address... 7 Establishing a Telnet connection ... 7 Establishing an SSH connection ... 7 Establishing an HTTP connection ...
Page 4
Port configuration ... 78 Spare Ports Group configuration... 78 Group configuration... 79 Configuration Dump ... 80 Saving the active switch configuration ... 80 Restoring the active switch configuration... 80 Operations Menu ... 81 Introduction ... 81 Menu information ... 81 Boot Options Menu...
L2 switch software image is stored in image1, and the SmartPanel software is stored in image2. You can select which software image (image1 or image2) you want to run in switch memory. By default, the switch software is loaded from image1. To run the SmartPanel software, you need to change a software image to image2 and reboot the switch.
Press the Enter key a few times on the terminal to establish the connection. You will be required to enter a password for access to the switch. (For more information, see the “Accessing the switch” section later in this chapter.)
As a secure alternative to using Telnet to manage switch configuration, SSH ensures that all data sent over the network is encrypted and secure. In order to use SSH, you must first configure it on the switch. See the “Secure Shell Server configuration”...
Page 8
Description and tasks performed user The user has no direct responsibility for switch management. He or she can view all switch status information and statistics, but cannot make any configuration changes to the switch. The user account is enabled by default, and the default password is user.
Enter the switch IP interface address in the Web browser Uniform Resource Locator (URL) field. For example, if the switch IP interface has a network IP address of 192.168.3.70. Using Internet Explorer, you could enter the following (for secure BBI access, use https://).
Page 10
If the switch IP interface address has a name on your local domain name server, you can enter the name instead. Using Internet Explorer, you can enter the following: Log in to the switch. If your switch and browser are properly configured, you will be asked to enter a password.
Menu Area There are three main regions on the screen. • The Port Status Area is used to view port status. Click a port icon to view details. • The Menu Area is used to select particular items or features to act upon. •...
Pending configuration changes do not take effect until you select the Apply command. Once applied, all changes take effect on the switch immediately. If you do not save the changes, however, they will be lost the next time the switch is rebooted.
Port Group Mapping SmartPanel ports can be combined into Port Groups. Up to five Port Groups are available in the SmartPanel. A Spare Ports Group is available for unused ports. VLANs and Link Aggregation Groups (trunks) are configured automatically for each Port Group. No network loops are allowed in the configuration.
In this example, Port 1-4, 20-21 are assigned to Group1, and Port 5-8, 22-23 are assigned to Group2. The others are assigned to Spare Ports Group. Internal Port Settings On the BBI, choose Internal Port Settings to enable or disable the server blade port. Browser-based interface 14...
On the BBI, choose External Port Settings to configure the external port. The following table describes the external port configuration. Table 7 External Port Settings Command Port Name Switch Port State Link configuration Flow Control Description Sets a name for the port. The assigned port name appears next to the port number on some information and statistics screens.
This switch supports up to 1,000 VLANs per switch. Even though the maximum number of VLANs supported at any given time is 1,000, each can be identified with any number between 1 and 4095. VLAN 4095 is used by the management network, which includes the management port 19.
Non-Default Virtual LANs On the BBI, choose Non-Default Virtual LANs to create VLANs and assign them to Port Groups. The non-default VLAN ID is placed in the frame header of a packet in forwatding from the port. The following describes the steps to add VLAN ID. Click Add VLAN to configure a new VLAN.
Select the corresponding radio button to assign the VLAN to a Port Group. Click Apply to make the changes active. Management On the BBI, choose System Settings > Management to configure SNMP System Settings and System Log Server Settings. The following table describes the management configuration. Table 8 Management Command SNMP System Settings...
Defines the user name of maximum eight characters. Sets the user password of up to 128 characters maximum. Sets the Class-of-Service to define the user’s authority level. Enables or disables the user. Eject the specified user to access the switch. Browser-based interface 19...
Configures the number of the UDP port to be configured, between 1500 - 3000. The default is 1645. Configures the primary Radius server address. Defines the shared secret (up to 32 characters) between the switch and the RADIUS server(s). Configures the secondary Radius server address.
Daylight Savings Time, etc. Disables or enables daylight savings time in the system clock. When enabled, the switch will add an extra hour to the system clock so that it is consistent with the local clock. By default, this option is disabled.
When using port trunk groups between the SmartPanel and a switch, you can create a virtual link, operating at up to 5 Gigabits per second, depending on how many physical ports are combined.
Trunk Group configuration On the BBI, choose System Settings > Uplink/Group to enable or disable the Link Aggregation Control Protocol. When enabled, the external ports are configured as a LACP trunk group. When disabled, they are configured as a static trunk group. The default is disabled. Failover The primary application for Failover is to support Network Adapter Teaming.
Failover configuration On the BBI, choose System Settings > Uplink/Group to configure the Switch Failover and Number of Links to Trigger Failover. IGMP Snooping IGMP Snooping allows the SmartPanel to forward multicast traffic only to those ports that request it. IGMP Snooping prevents multicast traffic from being flooded to all ports.
Boot Management On the BBI, choose System Settings > Boot Management to backup or restore the switch configuration, update the switch software image, or get dump file. The following table describes the configuration. Table 12 Boot Management Command Reboot the Module button...
Page 26
Clear Crash Dump IMPORTANT: When the switch software is changed (NormalPanel or SmartPanel) and the switch is rebooted, the switch configuration is removed and the switch runs factory configuration block. Backup the switch configuration if needed. Description Uploads the TS (tech support) dump file to the TFTP or FTP server specified in Remote File Name.
Command Line Interface Introduction The CLI is used for viewing switch information and statistics. In addition, the administrator can use the CLI for performing all levels of switch configuration. To make the CLI easy to use, the various commands have been logically grouped into a series of menus and submenus.
2 = Verbose: Everything is shown. This is the default. • When used without a value, the current setting is displayed. This command is used to Telnet out of the switch. The format is: telnet <hostname> | <IP address> [port] Displays the history of the last ten commands.
Table 13 Global commands Command Command line history and editing Using the command line interface, you can retrieve and modify previously entered commands with just a few keystrokes. The following options are available globally at the command line: Table 14 Command line history and editing options Option history <Ctrl-p>...
Command line interface shortcuts The following shortcuts allow you to enter commands quickly and easily. Command stacking As a shortcut, you can type multiple commands on a single line, separated by forward slashes (/). You can connect as many commands as required to access the menu option that you want. For example, the keyboard shortcut to access the Simple Network Management Protocol (SNMP) Configuration Menu from the Main# prompt is: Main# cfg/sys/ssnmp/name...
Information Menu Introduction You can view configuration information for the switch in the user, operator, and administrator command modes. This chapter discusses how to use the CLI to display switch information. Menu overview Command: /info [Information Menu] link port group dump The following table describes the Information Menu options.
• Displays 100 most recent syslog messages. user Displays the User Access Information Menu. dump Dumps all switch information available from the Information Menu (10K or more, depending on your configuration). SNMPv3 Information Menu Command: /info/sys/snmpv3 [SNMPv3 Information Menu] view...
Field Description User Name This is a string that represents the name of the user that you can use to access the switch. Protocol This indicates whether messages sent on behalf of this user are protected from disclosure using a privacy protocol. switch software supports DES algorithm for privacy. The software also supports two authentication algorithms: MD5 and HMAC-SHA.
SNMPv3 Access Table information Command: /info/sys/snmpv3/access Group Name Model ---------- ------- ------------ --------- -------- ------- v1v2grp snmpv1 admingrp The access control sub system provides authorization services. The vacmAccessTable maps a group name, security information, a context, and a message type, which could be the read or write type of operation or notification into a MIB view.
Table 22 SNMPv3 Community Table parameters Field Description Name Displays the community string, which represents the configuration. User Name Displays the User Security Model (USM) user name. Displays the community tag. This tag specifies a set of transport endpoints from which a command responder application accepts management requests and to which a command responder application sends an SNMP trap.
SNMPv3 Notify Table information Command: /info/sys/snmpv3/notify Name -------------------- -------------------- v1v2trap The following table describes the SNMPv3 Notify Table information. Table 25 SNMPv3 Notify Table Field Description Name The locally arbitrary, but unique identifier associated with this snmpNotifyEntry. This represents a single tag value which is used to select entries in the snmpTargetAddrTable equal to the value of this entry is selected.
RackId: NEC01A 6X00125 RackName: Default_Rack_Name EnclosureSerialNumber: NEC01A 6X00125 EnclosureName: Default_Chassis_Name BayNumber: Switch is up 0 days, 14 hours, 56 minutes and 22 seconds. Last boot: power cycle MAC address: 00:17:ef:80:7a:00 Revision: Switch Serial No: MY3644052B Spare Part No: 856-126690-001-A Software Version 1.0.0 (FLASH image2), active configuration.
When trunk groups are configured, you can view the state of each port in the various trunk groups. dump Dumps all switch information available from the Layer 2 menu (10K or more, depending on your configuration). If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump commands.
(TRK) state, the Trnk field displays the trunk group number. If the state for the port is listed as unknown (UNK), the MAC address has not yet been learned by the switch, but has only been seen as a destination address. When an address is in the unknown state, no outbound port is indicated.
Displays IGMP Information Menu. dump Dumps all switch information available from the Layer 3 Menu (10K or more, depending on your configuration). If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump commands.
The Flag field provides additional information about an entry. If no flag displays, the entry is normal. Table 31 ARP dump flag parameters Flag Description Permanent entry created for switch IP interface. Indirect route entry. Unresolved ARP entry. The MAC address has not been learned. - Show a single ARP entry by IP address...
- Show IGMP Snooping Multicast Router Port information find vlan port trunk dump The following table describes the commands used to display information about IGMP groups learned by the switch. Table 32 IGMP Multicast Group menu options Command mrouter find <IP address> vlan <1-4094>...
1000 1000 1000 1000 1000 1000 Use this command to display link status information about each port on a switch, including: • Port number • Port speed (10 Mb/s, 100 Mb/s, 1000 Mb/s, or any) • Duplex mode (half, full, or any) •...
Information dump Command: /info/dump Use the dump command to dump all switch information available from the Information Menu (10K or more, depending on your configuration). This data is useful for tuning and debugging switch performance. If you want to capture dump data to a file, set the communication software on your workstation to capture session data prior to issuing the dump commands.
Statistics Menu Introduction You can view switch performance statistics in the user, operator, and administrator command modes. This chapter discusses how to use the CLI to display switch statistics. Menu information Command: /stats [Statistics Menu] port clrports – Clear stats for all ports dump The following table describes the Statistics Menu options.
Port Statistics Menu Command: /stats/port <port number> [Port Statistics Menu] ether link clear This menu displays traffic statistics on a port-by-port basis. The following table describes the Port Statistics Menu options: Table 35 Port Statistics Menu options Command ether link clear Bridging statistics Command: /stats/port <port number>/brg...
Ethernet statistics Command: /stats/port <port number>/ether Ethernet statistics for port 1: dot3StatsAlignmentErrors: dot3StatsFCSErrors: dot3StatsSingleCollisionFrames: dot3StatsMultipleCollisionFrames: dot3StatsLateCollisions: dot3StatsExcessiveCollisions: dot3StatsInternalMacTransmitErrors: dot3StatsFrameTooLongs: dot3StatsInternalMacReceiveErrors: The following table describes the Ethernet statistics for a selected port: Table 37 Ethernet statistics for port Statistics dot3StatsAlignmentErrors dot3StatsFCSErrors dot3StatsSingleCollisionFrames dot3StatsMultipleCollisionFrames dot3StatsLateCollisions...
Table 37 Ethernet statistics for port Statistics dot3StatsInternalMacTransmitErrors dot3StatsFrameTooLongs dot3StatsInternalMacReceiveErrors Interface statistics Command: /stats/port <port number>/if Interface statistics for port 1: Octets: UcastPkts: BroadcastPkts: MulticastPkts: Discards: Errors: The following table describes the interface (IF) statistics for a selected port: Table 38 Interface statistics for port Statistics Octets—IfHCIn UcastPkts—IfHCIn...
Page 50
The number of input datagrams discarded because the IP address in their IP header's destination field was not a valid address to be received at this entity (the switch). The number of input IP datagrams for which no problems were encountered to prevent their continued processing, but which were discarded (for example, for lack of buffer space).
Link statistics Command: /stats/port <port number>/link Link statistics for port 1: linkStateChange: The following table describes the link statistics for a selected port: Table 40 Link statistics for port Statistic linkStateChange Layer 2 statistics Menu Command: /stats/l2 [Layer 2 Statistics Menu] lacp The following table describes the Layer 2 statistics menu options.
IP options, and so on. The number of input datagrams discarded because the IP address in their IP header destination field was not a valid address to be received at this switch. This count includes invalid addresses (for example, 0.0.0.0) and addresses of unsupported classes (for example, Class E).
This counter would include datagrams counted in ipForwDatagrams if any such packets met this (discretionary) discard criterion. The default value inserted into the Time-To-Live (TTL) field of the IP header of datagrams originated at this switch, whenever a TTL value is not supplied by the transport layer protocol. ipRoutesHighWater: Description The total number of outstanding routes in the route table.
The total number of ICMP messages which this switch attempted to send. Note that this counter includes all those counted by icmpOutErrors. The number of ICMP messages that this switch did not send due to problems discovered within ICMP such as a lack of buffer. This value should not include errors discovered outside the ICMP layer such as the inability of IP to route the resultant datagram.
UBOUND quantity described in RFC 793. The limit on the total number of TCP connections the switch can support. In entities where the maximum number of connections is dynamic, this object should contain the value -1.
Description The total number of UDP datagrams delivered to the switch. The total number of UDP datagrams sent from this switch. The number of received UDP datagrams that could not be delivered for reasons other than the lack of an application at the destination port.
Management Processor statistics Command: /stats/mp [MP-specific Statistics Menu] The following table describes the MP-specific Statistics Menu options: Table 51 MP-specific Statistics Menu Command Usage Displays i2c statistics. Displays packet statistics, to check for leads and load. Displays all Transmission Control Protocol (TCP) control blocks (TCB) that are in use. Displays all User Datagram Protocol (UDP) control blocks (UCB) that are in use.
TCP statistics Command: /stats/mp/tcb All TCP allocated control blocks: 10ad41e8: 0.0.0.0 10ad5790: 47.81.27.5 The following table describes the Transmission Control Protocol (TCP) control block (TCB) statistics shown in this example: Table 53 MP specified TCP statistics Description Memory Destination IP address Destination port Source IP Source port...
Current system time: 18:55:49 Tue Mar 13, 2006 The switch uses NTP (Network Timing Protocol) version 3 to synchronize the switch’s internal clock with an atomic time-calibrated NTP server. With NTP enabled, the switch can accurately update its internal clock to be consistent with other devices on the network and generates accurate syslogs.
Introduction The Configuration Menu is only available from an administrator login. It includes submenus for configuring every aspect of the switch. Changes to configuration are not active until explicitly applied. Changes can be saved to non- volatile memory (NVRAM). Menu information...
If you do not want the previous configuration block copied to the backup configuration block, enter the following instead: # save n You can decide which configuration you want to run the next time you reset the switch. Your options include: • The active configuration block •...
This menu provides configuration of switch management parameters such as user and administrator privilege mode passwords, browser-based management settings, and management access list. The following table describes the System Configuration Menu options. Table 58 System Configuration Menu options...
The range is 0-7. The default is 0. Enables or disables delivering syslog messages to the console. When necessary, disabling console ensures the switch is not affected by syslog messages. It is enabled by default. Displays a list of features for which syslog messages can be generated.
SSH program securely logs into another computer over a network and executes commands in a secure environment. All data using SSH is encrypted. Secure Shell can be configured on the switch using the console port only. The menu options do not display if you access the switch using Telnet or the Browser-based Interface (BBI).
If secure backdoor is enabled (secbd ena), type in noradius as a backdoor to bypass RADIUS checking, and use the administrator password to log into the switch. The switch allows this only if RADIUS servers are not available. Description Sets the primary RADIUS server address.
Page 66
Description Defines the primary TACACS+ server address. Defines the secondary TACACS+ server address. This is the shared secret between the switch and the TACACS+ server(s). This is the secondary shared secret between the switch and the TACACS+ server(s). Enter the number of the TCP port to be configured, between 1 - 65000. The default is 49.
If secure backdoor is enabled (secbd ena), type in notacacs as a backdoor to bypass TACACS+ checking, and use the administrator password to log into the switch. The switch allows this only if TACACS+ servers are not available. NTP server configuration...
Configures the SNMP write community string. The write community string controls SNMP “set” and “get” access to the switch. It can have a maximum of 32 characters. The default write community string is private.
SNMPv3 configuration Command: /cfg/sys/ssnmp/snmpv3 [SNMPv3 Menu] view access group comm taddr tparam notify v1v2 SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by supporting the following: • a new SNMP message format • security for messages •...
Configures the type of privacy protocol on the switch. The privacy protocol protects messages from disclosure. The options are Protocol) or none .
Page 71
Table 67 SNMPv3 View Configuration Menu options Command SNMPv3 View-based Access Control Model configuration Command: /cfg/sys/ssnmp/snmpv3/access <access number> [SNMPv3 vacmAccess 1 name model level rview wview nview The view-based Access Control Model defines a set of services that an application can use for checking access rights of the user.
SNMPv3 Group configuration Command: /cfg/sys/ssnmp/snmpv3/group <group number> [SNMPv3 vacmSecurityToGroup 1 Menu] model uname gname The following table describes the SNMPv3 Group Configuration Menu options. Table 69 SNMPv3 Group Configuration Menu options Command model usm|snmpv1|snmpv2 uname <1-32 characters> gname <1-32 characters> SNMPv3 Community Table configuration Command: /cfg/sys/ssnmp/snmpv3/comm <comm number>...
SNMPv3 Target Address Table configuration Command: /cfg/sys/ssnmp/snmpv3/taddr <taddr number> [SNMPv3 snmpTargetAddrTable 1 name addr port taglist pname This menu allows you to configure an entry of a transport address that transmits SNMP traps. The following table describes the SNMPv3 Target Address Table Configuration Menu options. Table 71 SNMPv3 Target Address Table Configuration Menu options Command name <1-32...
Displays the HTTPS Menu. Sets the switch port used for serving switch Web content. The default is HTTP port 80. Disables or provides read-only/write-read SNMP access. Enables or disables Telnet access to the switch. It is enabled by default.
Sets the operator ( oper ) password (maximum 128 characters). The operator manages all functions of the switch. He or she can view all switch information and statistics and can reset ports or the entire switch. Sets the administrator ( ) password (maximum 128 characters).
State or Province Name (full name) [ ]: Tokyo • Locality Name (for example, city) [ ]: Fuchu • Organization Name (for example, company) [ ]: NEC • Organizational Unit Name (for example, section) [ ]: SIGMABLADE • Common Name (for example, user’s name) [ ]: Taro •...
This menu enables you to configure settings for individual switch ports. This command is enabled by default. NOTE: Port 19 is a port for switch management interface (interface 256). Cross-link ports (17-18) are not available on the SmartPanel software.
Enables or disables Failover for the Port Group. The default is enabled. When it is enabled and the number of external links is the value of the limit or fewer, the switch disables the internal server blade port of the Port Group.
Configuration Dump Command: /cfg/dump The dump program writes the current switch configuration to the terminal screen. To start the dump program, at the Configuration# prompt, enter: Configuration# dump The configuration is displayed with parameters that have been changed from the default values. The screen display can be captured, edited, and placed in a script file, which can be used to configure other switches.
Operations Menu Introduction Operations-level commands are used for making immediate and temporary changes to switch configuration. The Operations Menu is used for bringing ports temporarily in and out of service. This menu is available only from an administrator and operator login.
Updating the switch software image The switch software image is the executable code running on the switch. A version of the image ships with the switch, and comes pre-installed on the device. As new versions of the image are released, you can upgrade the software running on the switch.
Boot Options# image Enter the name of the image you want the switch to use upon the next boot. The system informs you of which image is currently set to be loaded at the next reset, and prompts you to enter a new choice: Currently set to use switch software "image1"...
This can be useful when a custom-configured switch is moved to a network environment where it will be re- configured for a different purpose. Use the following procedure to set which configuration block you want the switch to load the next time it is reset: At the Boot Options# prompt, enter: Boot Options# conf Enter the name of the configuration block you want the switch to use.
SmartPanel boot kernel: version 1.2.0 Use this command to display the image running on the switch, the Configuration block which the switch runs after booted, and the switch software stored in image1 and image2. When NormalPanel is displayed in the software information, the software for conventional Layer2 switch mode is stored in the image.
Command: /maint/sys [System Maintenance Menu] flags The System Maintenance Menu is reserved for use by NEC technical support. The options are used to perform system debugging. The following table describes the System Maintenance Menu options. Table 86 System Maintenance Menu options Command flags <new NVRAM flags word as...
Events traced to a buffer area when a reset occurs If the switch resets for any reason, the management processor (MP) trace buffer is saved into the snap trace buffer area. The output from these commands can be interpreted by NEC technical support.
192.4.17.35 Shows ARP entries on a single port. Shows ARP entries on a single VLAN. Shows the list of IP addresses that the switch will respond to for ARP requests. Shows all ARP entries. Clears the entire ARP list from switch memory.
Technical support dump Command: /maint/tsdmp Use this command to dump all switch information, statistics, and configuration. If you want to capture dump information to a file, set your communication software on your workstation to capture session data prior to issuing the tsdmp command.
To clear dump information from flash memory, at the Maintenance# prompt, enter: Maintenance# cldmp The switch clears the dump region of flash memory and displays the following message: FLASH dump region cleared. If the flash dump region is already clear, the switch displays the following message: FLASH dump region is already clear.