Page 1 ZEQUO 2200 Operating Model Number: PN26241 Instructions  Thank you for purchasing our product.  This manual provides important information about safe and proper operations of this Switching Hub.  Please read "Important Safety Instructions" on pages 6 to 8 before use.
Page 2 The target model for this Operating Instruction is as follows. Model name Model number Firmware version PN26241-ID PN26241-TH ZEQUO 2200 1.0.0.20 PN26241-MY PN26241-SG...
Page 4: Table Of Contents
Table of Contents 1. Product Outline ..................... 11 2. Installation ......................16 3. Connection ......................17 4. Using Command Line Interface ................19 5. Basic Management Commands ................26 6. Access Control List (ACL) Commands ..............50 7. ARP Commands ..................... 79 8.
Page 5 46. Packet Storm Commands ..................436 47. Port Security Commands ..................442 48. Power Saving Commands ................... 452 49. Protocol VLAN Commands ................. 454 50. QoS Commands ....................462 51. Ring Redundant Protocol (RRP) Commands ............484 52. RSPAN Commands ....................494 53.
Page 6 Important Safety Instructions This chapter contains important safety instructions for preventing bodily injury and/or property damage. You are required to follow them. ■Severity of bodily injury and/or property damage, which could result from incorrect use of the Switching Hub, are explained below. This symbol indicates a potential hazard that could result in serious injury or death.
Page 7 ●Do not connect equipments other than 10BASE-T/100BASE-TX/ 1000BASE-T to twisted pair port. Deviation could lead to fire, electric shock, and/or equipment failure. ●Do not place this Switching Hub in harsh environment such as near water, high humid, and/or high dust. Deviation could lead to fire, electric shock, and/or equipment failure.
Page 8 ●Use the bundled power cord (AC 100 - 240 V specifications). Deviation could lead to electric shock, malfunction, and/or equipment failure. ●Unplug the power cord in case of equipment failure. Deviation, such as keeping connected for a long time, could lead to fire.
Page 9: Basic Instructions For The Use Of This Product
●When stacking Switching Hubs, leave a minimum of 20 mm space between them. ●Please note that operation will not be guaranteed if any SD card other than the separately sold Panasonic SD card is installed into the SD card slot. Format the card with this Switching Hub.
Page 10 1. Panasonic will not be liable for any damage resulting from the operation not in accordance with this operation manual or loss of communications, which may or may not be caused by failure and/or malfunction of this product. 2. The contents described in this document may be changed without prior notice.
Page 11: Product Outline
1. Product Outline 1. Product Outline ZEQUO 2200 is a Layer-2 all Gigabit Ethernet Switching Hub with man- agement functions, equipped with 28 10/100/1000BASE-T ports and 4 1000BASE-X SFP extension slots. 1.1. Features  Ports 1 to 28 (copper ports) are 10BASE-T/100BASE-TX/1000BASE-T ports corre- sponding to auto negotiation.
Page 12: Optional Accessories
1.2. Accessories Please be sure to confirm the contents. Please contact your distributor if any of the con- tents are insufficient.  ZEQUO 2200 main unit..............1  Installation Guide................1  CD-ROM (including this Operating Instructions)......1 ...
Page 13: Part Names And Functions
1. Product Outline 1.4. Part Names and Functions Fig. 1-1 Back, Front, LEDs ● Power port Connect the supplied power cord into the port and connect the other end into an electric outlet. ● Power cord hook block Hooking the supplied power cord on the block makes the cord less likely to be unplugged from the power port.
Page 14: Led Behavior
1. Product Outline ● 10BASE-T/100BASE-TX/1000BASE-T port (Ports 25 to 28) Connect a 10BASE-T/100BASE-TX/1000BASE-T terminal hub repeater Switching Hub. The length of the copper cabling (CAT5e or higher) connecting this Switching Hub and a device must be 100 m or shorter. Ports 25 - 28 are not supported half-duplex mode.
Page 15: System Led
1. Product Outline ● System LED Behavior Description POWR LED Green Light Power is ON Power is OFF STATUS LED Green Light The system is operating nor- mally. Orange Light The system is staring up. Orange Blink Malfunction (Contact the shop) SD CARD LED Green Light SD card is inserted...
Page 16: Installation
2. Installation 2. Installation 2.1. Installing in a 19-inch Rack Take out two mount brackets and eight screws (for securing the mount brackets to the Switching Hub) from accessories, and secure a bracket to each of the right and left sides of the Switching Hub via four screw holes. Then, by using four supplied screws (for 19-inch rack mount) or screws included with the rack, firmly mount the Switching Hub in the rack.
Page 17: Connection
3. Connection 3. Connection 3.1. Connecting a Copper Cable Port ● Connection Cable Use a CAT5e or higher compliant straight cable (copper cabling) with 8P8C RJ45 mod- ular plugs. ● Network Configuration Fig. 3-1 Connection Configuration Example The length of the cable connecting this Switching Hub and a device must be 100 m or shorter.
Page 18: Connecting To Power
3. Connection 3.2. Connecting with an SFP Extension Slot Fig. 3-2 Optical Fiber Cable Connection Example Plugging an SFP module (optional) into an SFP extension slot enables an optical fiber connection. By factory default, the copper cable port is enabled, but the SFP exten- sion port is automatically enabled when a link is established.
Page 19: Using Command Line Interface
4. Using Command Line Interface 4. Using Command Line Interface The Command Line Interface (CLI) is an operation screen to configure and manage this Switching Hub. You can use the CLI by connecting a VT-100 compatible terminal to the serial port of this Switching Hub or through a remote connection such as telnet.
Page 20 4. Using Command Line Interface There is no initial username or password. Just press the Enter key twice to display the CLI input cursor - Zxxx0:admin#. This is the command line where all commands are input. 4.2. Setting the Switching Hub's IP Address Each Switching Hub must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP).
Page 21 4. Using Command Line Interface Zxxx0:admin# config ipif System ipaddress 10.24.22.100/255.0.0.0 Command: config ipif System ipaddress 10.24.22.100/8 Success. Zxxx0:admin# In the above example, the Switching Hub was assigned an IP address of 10.24.22.100 with a subnet mask of 255.0.0.0. The system message Success indicates that the command was executed successfully.
Page 22 4. Using Command Line Interface To re-enter the previous command at the command prompt, press the up arrow cursor key. The previous command will appear at the command prompt. Zxxx0:admin# config account Command: config account Next possible completions: <username> Zxxx0:admin# config account In the above example, the command config account was entered without the required parameter <username>, the CLI returned the Next possible completions: <username>...
Page 23 4. Using Command Line Interface Zxxx0:admin#show Command: show Next possible completions: 802.1p 802.1x access_profile account accounting acct_client arpentry asymmetric_vlan attack_log auth_client auth_diagnostics auth_session_statistics auth_statistics authen authen_enable authen_login authen_policy authentication authorization autoconfig bandwidth_control boot_file bpdu_protection broadcast_ping_reply command command_history community_encryption config current_config device_status dhcp_snoop dnsr...
Page 24: Command Syntax Symbols
4. Using Command Line Interface 4.3. Command Syntax Symbols The following symbols are used to describe how command entries are made and values and arguments are specified in this manual. The online help contained in the CLI and available through the console interface uses the same syntax. All commands are case-sensitive.
Page 25: Line Editing Keys
4. Using Command Line Interface 4.4. Line Editing Keys Keys Description Delete Delete character under cursor and shift remainder of line to left. Backspace Delete character to left of cursor and shift remainder of line to left. Ctrl+R Toggle on and off. When toggled on, inserts text and shifts previous text to right.
Page 26: Basic Management Commands
5. Basic Management Commands 5. Basic Management Commands This chapter describes the basic management commands for this Switching Hub.  Creating, editing, displaying, and deleting the accounts of users to manage this Switching Hub Up to eight user accounts can be created. ...
Page 27: Create Account
5. Basic Management Commands 5.1. create account  Description This command creates user accounts. The username is between 1 and 15 characters, the password is between 0 and 15 characters. The number of accounts (including admin, operator, and user) is up to eight. ...
Page 28 5. Basic Management Commands  Example To create the Administrator-level user "panasonic": Zxxx0:admin#create account admin manager Command: create account admin manager Enter a case-sensitive new password:**** Enter the new password again for confirmation:**** Success. Zxxx0:admin# To create the Operator-level user "Sales":...
Page 29: Enable Password Encryption
5. Basic Management Commands 5.2. enable password encryption  Description The user account configuration information will be stored in the configuration file, and can be applied to the system later. If the password encryption is enabled, the password will be in encrypted form when it is stored in the configuration file. When password encryption is disabled, the password will be in plain text form when it is stored in the configuration file.
Page 30 5. Basic Management Commands  Parameters None.  Restrictions Only Administrator-level users can issue this command.  Example To disable password encryption: Zxxx0:admin#disable password encryption Command: disable password encryption Success. Zxxx0:admin#...
Page 31: Config Account
<password> Specify the password.  Restrictions Only Administrator-level users can issue this command.  Example To configure the user password of the "panasonic" account: Zxxx0:admin#config account manager Command: config account manager Enter a old password:**** Enter a case-sensitive new password:**** Enter the new password again for confirmation:**** Success.
Page 32: Show Account
5. Basic Management Commands Zxxx0:admin#config account administrator encrypt sha_1 *@&NWoZK3kTsExUV00Ywo1G5jlUKKv+toYg Command: config account administrator encrypt sha_1 *@&NWoZK3kTsExUV00Ywo1G5jlUKKv+toYg Success. Zxxx0:admin# 5.5. show account  Description This command is used to display user accounts that have been created.  Format show account ...
Page 33: Delete Account
5. Basic Management Commands 5.6. delete account  Description This command is used to delete an existing account.  Format delete account <username>  Parameters <username> Specify the name of the user who will be deleted.  Restrictions Only Administrator-level users can issue this command. One active admin user must exist.
Page 34: Show Switch
5. Basic Management Commands  Restrictions Only Administrator and Operator-level users can issue this command.  Example To display accounts a list of currently logged-in users: Zxxx0:admin#show session Command: show session Live Time From Level User ------------ ------------ ----- -------------------- 23:37:42.270 Serial Port admin...
Page 35 5. Basic Management Commands Zxxx0:admin#show switch Command: show switch Product Name : ZEQUO xxxx Product Number : PNxxxxxx MAC Address : xx-xx-xx-xx-xx-xx IP Address : 0.0.0.0 (Manual) VLAN Name : default Subnet Mask : 0.0.0.0 Default Gateway : 0.0.0.0 Boot PROM Version : Build V1.0.0.xx Firmware Version : Build V1.0.0.xx...
Page 36: Show Environment
5. Basic Management Commands 5.9. show environment  Description This command is used to display the device's internal and external power and internal temperature status.  Format show environment  Parameters None.  Restrictions None.  Example To display the Switching Hub hardware status: Zxxx0:admin#show environment Command: show environment Internal Power...
Page 37: Config Temperature Threshold
5. Basic Management Commands state Enable or disable either the trap or log state for a warning temperature event. The default is enable. enable Enable either the trap or log state for a warning temperature event. disable Disable either the trap or log state for a warning temperature event. ...
Page 38 5. Basic Management Commands Specify the low threshold value. <temperature -500-500> Specify the low threshold value. This value must be between -500 and 500.  Restrictions Only Administrator and Operator-level users can issue this command.  Example To configure a warming temperature threshold high of 80: Zxxx0:admin#config temperature threshold high 80 Command: config temperature threshold high 80 Success.
Page 39 5. Basic Management Commands 5.13. config serial_port  Description This command is used to configure the serial bit rate that will be used to communicate with the management host and the auto logout time for idle connections.  Format config serial_port {baud_rate [9600 | 19200 | 38400 | 9600] | auto_logout [never | 2_minutes | 5_minutes | 10_minutes | 15_minutes]}(1) ...
Page 40: Enable Clipaging
5. Basic Management Commands 5.14. enable clipaging  Description This command is used to enable pausing of the screen display when show command output reaches the end of the page. The default setting is enabled.  Format enable clipaging  Parameters None.
Page 41: Enable Telnet
5. Basic Management Commands  Example To disable pausing of the screen display when show command output reaches the end of the page: Zxxx0:admin#disable clipaging Command: disable clipaging Success. Zxxx0:admin# 5.16. enable telnet  Description This command is used to enable Telnet and configure a port number. The default setting is enabled and the port number is 23.
Page 42: Disable Telnet
5. Basic Management Commands 5.17. disable telnet  Description This command is used to disable Telnet.  Format disable telnet  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command.  Example To disable Telnet: Zxxx0:admin#disable telnet Command: disable telnet Success.
Page 43 5. Basic Management Commands If no keyword is specified, all changes will be saved to bootup configuration file.  Restrictions Only Administrator and Operator-level users can issue this command.  Example To save the current configuration to the bootup configuration file: Zxxx0:admin#save Command: save Saving all configurations to NV-RAM..
Page 44 5. Basic Management Commands 5.19. reboot  Description This command is used to restart the Switching Hub.  Format reboot {force_agree}  Parameters force_agree (Optional) Specify to immediately execute the reboot command without further confirmation.  Restrictions Only Administrator-level users can issue this command. ...
Page 45 5. Basic Management Commands force_agree (Optional) Specify and the reset command will be executed immediately without further confirmation. If no keyword is specified, all parameters will be reset to default settings except IP address, user account, and history log, but the device will neither save nor reboot.
Page 46 5. Basic Management Commands 5.21. login  Description This command is used to log in to the Switching Hub.  Format login  Parameters None.  Restrictions None.  Example To login to the Switching Hub: Zxxx0:admin#login Command: login UserName: 5.22.
Page 47 5. Basic Management Commands Zxxx0:admin#logout Command: logout *********** * Logout * *********** Zxxx0 Gigabit Ethernet Switch Command Line Interface Firmware: Build 1.0.x.xx UserName: 5.23. clear  Description This command is used to clear the terminal screen.  Format clear  Parameters None.
Page 48: Config Terminal Width
5. Basic Management Commands 5.24. config terminal width  Description This command is used to configure the terminal width.  Format config terminal width [default | <value 80-200>]  Parameters default Specify the default terminal width value. <value 80-200> Specify a terminal width value between 80 and 200 characters. The default value is 80. ...
Page 49 5. Basic Management Commands  Example To display the configuration of the current terminal width: Zxxx0:admin#show terminal width Command: show terminal width Global terminal width : 80 Current terminal width : 80 Zxxx0:admin# 5.26. show device_status  Description This command displays current status of power(s) and fan(s) on the system. Within fan(s) status display, for example, there are three fans on the left of the Switching Hub, if three fans is working normally, there will display "OK"...
Page 50: Access Control List (Acl) Commands
6. Access Control List (ACL) Commands 6. Access Control List (ACL) Commands For network security protection, blocking unauthorized access from internal and external sources is important. Access Control is a function to filter packet transfer by setting rules after checking the header information of packets that reach the Switching Hub.
Page 51 6. Access Control List (ACL) Commands  Protocol type  TCP/UDP port number  IPv6 traffic class, flow label  Any packet contents (specified with the packet byte offset and mask, up to four contents) In addition, you can create rules that define packet detail information and filtering actions with IDs 1 to 256 for each profile.
Page 52 6. Access Control List (ACL) Commands create access_profile profile_id <value 1-6> profile_name <name 1-32> [ethernet {vlan {<hex 0x0- 0x0fff>} | source_mac <macmask 000000000000-ffffffffffff> | destination_mac <macmask 000000000000-ffffffffffff> | 802.1p | ethernet_type}(1) | ip {vlan {<hex 0x0-0x0fff>} | source_ip_mask <netmask> | destination_ip_mask <netmask> | dscp | [icmp {type | code} | igmp {type} | tcp {src_port_mask <hex 0x0-0xffff>...
Page 53 6. Access Control List (ACL) Commands show flow_meter {[profile_id <value 1-6> | profile_name <name 1-32>] {access_id <value 1- 256>}} 6.1. create access_profile profile_id  Description This command is used to create access list profiles.  Format create access_profile profile_id <value 1-6> profile_name <name 1-32> [ethernet {vlan {<hex 0x0-0x0fff>} | source_mac <macmask 000000000000-ffffffffffff>...
Page 54 6. Access Control List (ACL) Commands ethernet Specify an Ethernet access control list rule. vlan Specify a VLAN mask. Only the last 12 bits of the mask will be considered. <hex 0x0-0x0fff> (Optional) Specify a VLAN mask. source_mac Specify the source MAC mask. <macmask 000000000000-ffffffffffff>...
Page 55 6. Access Control List (ACL) Commands Specify an IP access control list rule. vlan Specify a VLAN mask. Only the last 12 bits of the mask will be considered. <hex 0x0-0x0fff> - (Optional) Specify a VLAN mask. source_ip_mask Specify an IP source submask. <netmask>...
Page 56 6. Access Control List (ACL) Commands packet_content_mask A maximum of four offsets can be specified. Each offset defines one byte of data which is identified as a single UDF field. The offset reference is also configurable. It can be defined to start at the end of the tag, the end of the Ethernet type, or the end of the IP header.
Page 57 6. Access Control List (ACL) Commands ipv6 Specify the IPv6 filtering mask. class Specify the IPv6 class mask. flowlabel Specify the IPv6 flow label mask. source_ipv6_mask Specify the IPv6 source IP mask. <ipv6mask> Specify the IPv6 source IP mask. destination_ipv6_mask Specify the IPv6 destination IP mask.
Page 58 6. Access Control List (ACL) Commands  Example To create access list profiles: Zxxx0:admin#create access_profile profile_id 1 profile_name 1 ethernet vlan source_mac FF-FF-FF-FF-FF-FF destination_mac 00-00-00-FF-FF-FF 802.1p ethernet_type Command: create access_profile profile_id 1 profile_name 1 ethernet vlan source_mac FF-FF-FF-FF-FF-FF destination_mac 00-00-00-FF-FF-FF 802.1p ethernet_type Success.
Page 59 6. Access Control List (ACL) Commands  Example To delete access list profiles: Zxxx0:admin#delete access_profile profile_id 1 Command: delete access_profile profile_id 1 Success. Zxxx0:admin# 6.3. config access_profile  Description This command is used to configure access list entries.  Format config access_profile [profile_id <value 1-6>...
Page 60 6. Access Control List (ACL) Commands  Parameters profile_id Specify the index of the access list profile. <value 1-6> Specify the value between 1 and 6. profile_name Specify the profile name. <name 1-32> Specify the profile name. The maximum length is 32 characters. add access_id Specify the index of the access list entry.
Page 61 6. Access Control List (ACL) Commands Specify an IP access control list rule. vlan Specify the VLAN name. <vlan_name 32> Specify the VLAN name. The maximum length is 32 characters. vlanid Specify the VLAN ID. <vlanid 1-4094> Specify the VLAN ID between 1 and 4094. mask (Optional) Specify the mask.
Page 62 6. Access Control List (ACL) Commands src_port (Optional) Specify that the rule will apply to a range of TCP source ports. <value 0-65535> Specify the value between 0 and 65535. mask (Optional) Specify the mask. <hex 0x0-0xffff> Specify the mask. dst_port (Optional) Specify that the rule will apply to a range of TCP destination ports.
Page 63 6. Access Control List (ACL) Commands packet_content Specify the packet content for the user defined mask. offset_chunk_1 Specifies the contents of the offset trunk 1 to be monitored. <hex 0x0-0xffffffff> Enter the contents of the offset trunk 1 to be monitored here. mask Specifies an additional mask for each field.
Page 64 6. Access Control List (ACL) Commands Specify TCP. src_port (Optional) Specify the TCP source port range. <value 0-65535> Specify the value between 0 and 65535. mask (Optional) Specify the mask. <hex 0x0-0xffff> Specify the mask. dst_port (Optional) Specify the TCP destination port range. <value 0-65535>...
Page 65 6. Access Control List (ACL) Commands vlan_based Specify the VLAN-based ACL rule. There are two conditions: this rule will apply to all ports and packets must belong to the configured VLAN. It can be specified by VLAN name or VLAN ID. vlan Specify the VLAN name.
Page 66 6. Access Control List (ACL) Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To configure an access list entry: Zxxx0:admin#config access_profile profile_id 1 add access_id 1 ip vlan default source_ip 20.2.2.3 destination_ip 10.1.1.252 dscp 3 icmp port 1 permit Command: config access_profile profile_id 1 add access_id 1 ip vlan default source_ip 20.2.2.3 destination_ip 10.1.1.252 dscp 3 icmp port 1 permit Success.
Page 67 6. Access Control List (ACL) Commands  Example To display the current access list table: Zxxx0:admin#show access_profile Command: show access_profile Access Profile Table Total User Set Rule Entries : 3 Total Used HW Entries : 19 Total Available HW Entries : 1005 ================================================================================ Profile ID: 1...
Page 68 6. Access Control List (ACL) Commands Profile ID: 2 Profile Name: IMPBv4 Mask Source MAC : FF-FF-FF-FF-FF-FF Source IP : 255.255.255.255 Consumed HW Entries: 2 ---------------------------------------------------------------------------------- Rule ID : 1 Ports: 1 Match on Source MAC : 00-05-04-03-02-01 Mask : FF-FF-FF-FF-FF-FF Source Ip : 10.10.10.1 Mask : 255.255.255.255 Action:...
Page 69 6. Access Control List (ACL) Commands To display an access profile that supports an entry mask for each rule: Zxxx0:admin#show access_profile profile_id 2 Command: show access_profile profile_id 2 Access Profile Table Profile ID: 2 Profile Name: 2 Type: Ethernet Mask on VLAN : 0xF Source MAC...
Page 70 6. Access Control List (ACL) Commands 6.5. config time_range  Description This command is used to define a specific range of time to activate a function on the Switch by specifying which time range in a day and which days in a week are covered in the time range.
Page 71 6. Access Control List (ACL) Commands  Example To configure the range of time to activate a function on the Switching Hub: Zxxx0:admin#config time_range testdaily hours start_time 12:0:0 end_time 13:0:0 weekdays mon,fri Command: config time_range testdaily hours start_time 12:0:0 end_time 13:0:0 weekdays mon,fri Success.
Page 72 6. Access Control List (ACL) Commands 6.7. show current_config access_profile  Description This command is used to display the ACL part of the current configuration, when logged in with user level privileges. The overall current configuration can be displayed by using the show config command, which is accessible with administrator level privileges.
Page 73 6. Access Control List (ACL) Commands 6.8. config flow_meter  Description This command is used to configure the flow-based metering function. The metering function supports three modes: single rate two color, single rate three color, and two rate three color. The access rule must be created before the parameters of this function can be applied.
Page 74 6. Access Control List (ACL) Commands  Parameters profile_id Specify the index of the access list profile. <value 1-6> Specify the value between 1 and 6. profile_name Specify the name of the profile. <name 1-32> Specify the name of the profile. The maximum length is 32 characters. access_id Specify the index of the access list entry.
Page 75 6. Access Control List (ACL) Commands conform (Optional) This field denotes the green packet flow. Green packet flows may have their DSCP field rewritten to a value stated in this field. Users may also choose to count green packets by using counter parameter. permit Enter this parameter to allow packet flows that are in the green flow.
Page 76 6. Access Control List (ACL) Commands sr_tcm Specify the "single-rate three-color mode". Specify the Committed Information Rate. The unit is in Kbps. <value 0-1048576> Specify the value between 0 and 1048576. Specify the Committed Burst Size. The unit is in Kbyte. <value 0-131072>...
Page 77 6. Access Control List (ACL) Commands violate This field denotes the red packet flow. Red packet flows may have excess packets permitted through or dropped. Users may replace the DSCP field of these packets by checking its radio button and entering a new DSCP value in the allotted field. permit Enter this parameter to allow packet flows that are in the red flow.
Page 78 6. Access Control List (ACL) Commands 6.9. show flow_meter  Description This command is used to display the flow meter table.  Format show flow_meter {[profile_id <value 1-6> | profile_name <name 1-32>] {access_id <value 1-256>}}  Parameters profile_id(Optional) Specify the profile ID. <value 1-6>...
Page 79: Arp Commands
7. ARP Commands 7. ARP Commands ARP (Address Resolution Protocol) is a protocol to calculate a MAC address from an IP address. The Switching Hub sends an ARP request to devices on the same network and manages a mapping between IP addresses and MAC addresses in table data called an ARP table based on responses from the devices.
Page 80: Delete Arpentry
7. ARP Commands <macaddr> The MAC address corresponding to the IP address above.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To create a static ARP entry for the IP address 10.48.74.121 and MAC address 00:50:BA:00:07:36: Zxxx0:admin#create arpentry 10.48.74.121 00-50-BA-00-07-36 Command: create arpentry 10.48.74.121 00-50-BA-00-07-36...
Page 81: Config Arpentry
7. ARP Commands 7.3. config arpentry  Description This command is used to configure a static entry in the ARP table. Specify the IP address and MAC address of the entry.  Format config arpentry <ipaddr> <macaddr>  Parameters <ipaddr>The IP address of the end node or station. <macaddr>...
Page 82 7. ARP Commands  Parameters <min 0-65535> The ARP age-out time, in minutes. The default is 20 minutes. The range is 0 to 65535 minutes.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.
Page 83: Show Arpentry
7. ARP Commands  Example To configure the ARP aging time: Zxxx0:admin#config arp_aging time 30 Command: config arp_aging time 30 Success. Zxxx0:admin# 7.5. show arpentry  Description This command is used to display the Address Resolution Protocol (ARP) table. Filter the display by IP address, interface name, or static entries.
Page 84: Clear Arptable
7. ARP Commands  Example To display the ARP table: Zxxx0:admin# show arpentry Command: show arpentry ARP Aging Time : 20 Interface IP Address MAC Address Type ------------- --------------- ----------------- --------------- System 10.0.0.0 FF-FF-FF-FF-FF-FF Local/Broadcast System 10.90.90.90 00-01-02-03-04-00 Local System 10.255.255.255 FF-FF-FF-FF-FF-FF Local/Broadcast...
Page 85: Show Ipfdb
7. ARP Commands 7.7. show ipfdb  Description This command is used to display the IP address forwarding table on the Switch.  Format show ipfdb {[ip_address <ipaddr> | interface <ipif_name 12> | port <port>]}  Parameters ip_address (Optional) Specifies the IP address of the forwarding table. <ipaddr>...
Page 86 7. ARP Commands...
Page 87: Asymmetric Vlan Commands
8. Asymmetric VLAN Commands 8. Asymmetric VLAN Commands Asymmetric VLAN is one of functions used to access shared resources, such as the Internet or corporate server, from multiple VLANs while blocking communications between VLANs. It assigns a specific port to multiple VLANs.
Page 88 8. Asymmetric VLAN Commands 8.1. enable asymmetric_vlan  Description This command is used to enable the asymmetric VLAN function..  Format enable asymmetric_vlan  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable asymmetric VLAN setting: Zxxx0:admin# enable asymmetric_vlan Command: enable asymmetric_vlan...
Page 89 8. Asymmetric VLAN Commands  Example To disable asymmetric VLAN setting: Zxxx0:admin# disable asymmetric_vlan Command: disable asymmetric_vlan Success. Zxxx0:admin# 8.3. show asymmetric_vlan  Description This command is used to display the asymmetric VLAN function.  Format show asymmetric_vlan  Parameters None.
Page 90: Auto Configuration Commands
9. Auto Configuration Commands 9. Auto Configuration Commands When the Auto Configuration function is enabled, the Switching Hub loads the configuration file from a previously installed TFTP server during a boot via BOOTP parameters. show autoconfig enable autoconfig disable autoconfig 9.1.
Page 91: Enable Autoconfig
9. Auto Configuration Commands 9.2. enable autoconfig  Description This command is used to enable automatically to get configuration from a TFTP server according to the options in the DHCP reply packet. To employ this method, the DHCP server must be set up to deliver the TFTP server IP address and configuration file name information first.
Page 92 9. Auto Configuration Commands  Restrictions Only Administrator and Operator-level users can issue this command.  Example To disable the DHCP auto configuration status: Zxxx0:admin#disable autoconfig Command: disable autoconfig Success. Zxxx0:admin#...
Page 93 9. Auto Configuration Commands...
Page 94: Basic Ip Commands
10. Basic IP Commands 10.Basic IP Commands In this chapter, you will configure the IP address settings.  IPv6 Link-Local address In general, if an IPv6 address is not configured, the link-local address is also not configured. When the automatic configuration of link-local address is enabled, the link-local address is automatically configured even though an IPv6 address is not configured, allowing for communications in the local network.
Page 95: Config Ipif
10. Basic IP Commands 10.1. config ipif  Description Configure the parameters for an L3 interface. For IPv4, only the system interface can be specified for the way to get the IP address. If the mode is set to BOOTP or DHCP, then the IPv4 address will be obtained through the operation of protocols.
Page 96: Delete Ipif
10. Basic IP Commands dhcpv6_client Specifies the DHCPv6 client state. enable Enable the DHCPv6 client. disable Disable the DHCPv6 client. ipv4 state The state of the IPv4 interface. enable Enable the IPv4 state of the IP interface. disable Disable the IPv4 state of the IP interface. ip_directed_broadcast Specifies the IP directed-broadcast state of the interface.
Page 97: Enable Ipif
10. Basic IP Commands  Parameters <ipif_name 12> The name of the interface. ipv6address The IPv6 network address to be deleted. <ipv6networkaddr> The IPv6 network address to be deleted.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 98: Disable Ipif
10. Basic IP Commands  Example To enable the state for interface System: Zxxx0:admin#enable ipif System Command: enable ipif System Success. Zxxx0:admin# 10.4. disable ipif  Description This command is used to disable the state of an interface.  Format disable ipif <ipif_name 12>...
Page 99: Show Ipif
10. Basic IP Commands 10.5. show ipif  Description This command is used to display IP interface settings.  Format show ipif {<ipif_name 12>}  Parameters <ipif_name 12> (Optional) The name of the interface.  Restrictions None.  Example To display IP interface settings: Zxxx0:admin#show ipif Command: show ipif IP Interface...
Page 100 10. Basic IP Commands 10.6. enable ipif_ipv6_link_local_auto  Description This command is used to enable the auto configuration of link local address when there are no IPv6 addresses explicitly configured. When an IPv6 address is explicitly configured, the link local address will be automatically configured, and the IPv6 processing will be started. When there is no IPv6 address explicitly configured, by default, link local address is not configured and the IPv6 processing will be disabled.
Page 101 10. Basic IP Commands  Parameters <ipif_name 12> The name of the interface.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To disable the automatic configuration of link local address for an interface: Zxxx0:admin#disable ipif_ipv6_link_local_auto System Command: disable ipif_ipv6_link_local_auto System Success.
Page 102 10. Basic IP Commands 10.9. enable ip_setup_interface  Description This command is used to enable the IP setup interface function. The factory default status is enabled. This function provides easy-to-use IP address setting via our application “ZEQUO assist”. If this function is enabled, ZEQUO asssit can find this Switching Hubs in the same network segment and can configure each IP address.
Page 103 10. Basic IP Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable the IP setup interface function: Zxxx0:admin#disable ip_setup_interface Command: disable ip_setup_interface Success. Zxxx0:admin# 10.11. show ip_setup_interface  Description This command is used to display the IP setup interface status. ...
Page 104: Bootup Function Commands
11. Bootup Function Commands 11.Bootup Function Commands show boot_file config boot_up command 11.1. show boot_file  Description Use this command to show the boot file. 1. 1 Bootup Firmware/Configuration cannot be changed forever. 2. The 2 Bootup Firmware can be set by command "config firmware image <pathname>...
Page 105 11. Bootup Function Commands  Example To show boot_file Zxxx0:admin#show boot_file Command: show boot_file *1st Bootup Firmware : /d:/sd_runtime.rom *1st Bootup Configuration : /d:/sd_config.cfg *Can not change 1st Bootup File 2nd Bootup Firmware : /c:/runtime.rom 2nd Bootup Configuration : /c:/config.cfg Actual Bootup Firmware : /c:/runtime.rom Actual Bootup Configuration...
Page 106 11. Bootup Function Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example None.
Page 107: Bpdu Attack Protection Commands
12. BPDU Attack Protection Commands 12.BPDU Attack Protection Commands BPDU (Bridge Protocol Data Unit) is a spanning tree protocol and a packet to detect loops. In general, it is not received by any other than specific ports. If BPDU packets were received by an unexpected port, a loop failure may have occurred or an unauthorized Switching Hub may have been added, resulting in the path change.
Page 108 12. BPDU Attack Protection Commands 12.1. config bpdu_protection ports  Description This command is used to configure port state and mode for BPDU protection.  Format config bpdu_protection ports [<portlist> | all] {state [enable | disable] | mode [drop | block | shutdown]} (1) ...
Page 109 12. BPDU Attack Protection Commands 12.2. config bpdu_protection recovery_timer  Description When a port enters the under attack state, it can be disabled or blocked based on the configuration. The state can be recovered manually or by the auto recovery mechanism.
Page 110 12. BPDU Attack Protection Commands 12.3. config bpdu_protection  Description This command is used to configure the BPDU protection trap state or log state.  Format config bpdu_protection [trap | log] [none | attack_detected | attack_cleared | both]  Parameters trap Specify the trap state.
Page 111 12. BPDU Attack Protection Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable BPDU protection for the entire Switching Hub: Zxxx0:admin#enable bpdu_protection Command: enable bpdu_protection Success. Zxxx0:admin# 12.5. disable bpdu_protection  Description This command is used to disable BPDU protection globally for the entire Switching Hub.
Page 112 12. BPDU Attack Protection Commands 12.6. show bpdu_protection  Description This command is used to display BPDU protection global configuration or per port configuration and current status.  Format show bpdu_protection {ports {<portlist>}}  Parameters ports (Optional) Specify all ports to be displayed. <portlist>...
Page 113: Cable Diagnostics Commands
13. Cable Diagnostics Commands 13.Cable Diagnostics Commands The commands are used to diagnose the link status, failure status, and possible failure position of copper cabling connected to ports of this Switching Hub. After diagnosing open, short, and crosstalk of the cable, the cable length can be measured if there is no open or short.
Page 114 13. Cable Diagnostics Commands For Gigabit Ethernet ports: • Where the link partner is powered on with no errors and the link is up, this command cannot detect the cable length. • Where the link partner is powered on with errors, this command can detect whether the error is open, short, or crosstalk.
Page 115 13. Cable Diagnostics Commands Zxxx0:admin# cable_diag ports 1:1-1:10,1:21 Command: cable_diag ports 1:1-1:10,1:21 Perform Cable Diagnostics ... Port Type Link Status Test Result Cable Length (M) ------ ---------- ------------- ---------------------------- ------------ 1000BASE-T Link Up 1000BASE-T Link Up 1000BASE-T Link Down Shutdown 1000BASE-T Link Down Shutdown...
Page 116: Command List History Commands
14. Command List History Commands 14.Command List History Commands The "?" command is used to display available commands and options in this Switching Hub. Previously entered commands are stored in the command history and can be recalled with the up-arrow key for entry. The default number of commands stored in the history is 25.
Page 117 14. Command List History Commands Zxxx0:admin#? Command: ? cable_diag ports clear clear address_binding dhcp_snoop binding_entry ports clear arptable clear attack_log clear counters clear dhcp binding clear dhcp conflict_ip clear fdb clear historical_counters ports clear igmp_snooping data_driven_group clear igmp_snooping statistic counter clear log clear mac_based_access_control auth_state CTRL+C ESC q...
Page 118 14. Command List History Commands  Example To display the command history: Zxxx0:admin# show command_history Command: show command_history show traffic_segmentation 1-6 config traffic_segmentation 1-6 forward_list 7-8 config radius delete 1 config radius add 1 10.48.74.121 key manager default config 802.1x reauth port_based ports all config 802.1x init port_based ports all config 802.1x auth_mode port_based config 802.1x auth_parameter ports 1-50 direction both...
Page 119 14. Command List History Commands To configure the number of commands the Switching Hub can record to the last 20 commands: Zxxx0:admin#config command_history 20 Command: config command_history 20 Success. Zxxx0:admin#...
Page 120: Command Logging Command List
15. Command Logging Command List 15.Command Logging Command List The commands are used to log the execution history of commands that change this Switching Hub's settings. The history of commands that do not affect the setting changes (e.g. show) is not stored. enable command logging disable command logging show command logging...
Page 121: Disable Command Logging
15. Command Logging Command List Zxxx0:admin# enable command logging Command: enable command logging Success. Zxxx0:admin# 15.2. disable command logging  Description The disable command logging command is used to disable the command logging function.  Format disable command logging  Parameters None.
Page 122 15. Command Logging Command List  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command.  Example To show the command logging configuration status: Zxxx0:admin# show command logging Command: show command logging Command Logging State : Disabled Zxxx0:admin#...
Page 123: Network Access Authentication Command List
16. Network Access Authentication Command List 16.Network Access Authentication Command List The commands are used to configure the authentication server settings for network access authentication. config authentication ports [<portlist> | all] {auth_mode [port_based | host_based {vlanid <vidlist> state [enable | disable}(1) config authentication mac_format {case [lowercase | uppercase] | delimiter {[hyphen | colon | dot | none] | number [1 | 2 | 5]}(1)}(1) show authentication ports {<portlist>}...
Page 124 16. Network Access Authentication Command List  Parameters <portlist>Enter the list of ports to be configured here. Specify all ports on the Switch. auth_mode (Optional) Specify the authentication mode used. port_based If one of the attached hosts passes the authentication, all hosts on the same port will be granted to access network.
Page 125 16. Network Access Authentication Command List 16.2. config authentication mac_format  Description This command is used to configure the MAC address format of the RADIUS authentication user name for MAC-based Access Control.  Format config authentication mac_format {case [lowercase | uppercase] | delimiter {[hyphen | colon | dot | none] | number [1 | 2 | 5]}(1)}(1) ...
Page 126: Show Authentication Ports
16. Network Access Authentication Command List 16.3. show authentication ports  Description This command is used to display authentication setting on port(s).  Format show authentication ports {<portlist>}  Parameters <portlist>Enter a list of ports to be displayed.  Restrictions None.
Page 127: Enable Authorization Attributes
16. Network Access Authentication Command List  Example This example displays authentication setting for all ports: Zxxx0:admin# show authentication ports Command: show authentication ports Port Auth Mode Authentication VLAN(s) ---- ----------- ---------------------- Host-based Host-based Host-based Host-based Host-based Host-based Host-based Host-based Host-based Host-based Host-based...
Page 128: Disable Authorization Attributes
16. Network Access Authentication Command List  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example This example sets authorization global state enabled: Zxxx0:admin# enable authorization attributes Command: enable authorization attributes Success. Zxxx0:admin# 16.5. disable authorization attributes ...
Page 129: Show Authorization
16. Network Access Authentication Command List 16.6. show authorization  Description This command is used to display authorization status.  Format show authorization  Parameters None.  Restrictions None.  Example This example displays authorization status: Zxxx0:admin# show authorization Command: show authorization Authorization for Attributes: Disabled Zxxx0:admin# 16.7.
Page 130: Show Authentication
16. Network Access Authentication Command List  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example Set authentication server auth fail over state: Zxxx0:admin# config authentication server failover local Command: config authentication server failover local Success.
Page 131 16. Network Access Authentication Command List 16.9. show authentication mac_format  Description This command is used to display the authentication MAC format settings.  Format show authentication mac_format  Parameters None.  Restrictions None.  Example To display the authentication MAC format settings: Zxxx0:admin# show authentication mac_format Command: show authentication mac_format Case...
Page 132: Didital Diagnostic Monitoring (Ddm) Commands
17. Didital Diagnostic Monitoring (DDM) Commands 17.Didital Diagnostic Monitoring (DDM) Commands config ddm ports [ <portlist> | all ] [[temperature_threshold{ high_alarm <degrees> | low_alarm <degrees> | high_warning <degrees> | low_warning <degrees>}|voltage_threshold{ high_alarm <voltage> | low_alarm <voltage> | high_warning <voltage> | low_warning<voltage>} | bias_current_threshold { high_alarm <milliampere>...
Page 133 17. Didital Diagnostic Monitoring (DDM) Commands high_alarm <degrees> Specifies the high threshold value for the temperature alarm. When the operating parameter rises above this value, the action associated with the alarm is taken. The range of this parameter is from -128 to 127.996 degrees Celsius.
Page 134 17. Didital Diagnostic Monitoring (DDM) Commands 17.2. config ddm ports voltage_threshold  Description The command configures the voltage thresholds of the specified ports. The precision of the effective threshold is dependent on the hardware.  Format config ddm ports [<portlist> | all] voltage_threshold { high_alarm < voltage > | low_alarm <...
Page 135 17. Didital Diagnostic Monitoring (DDM) Commands The parameter type voltage allows the user to input the decimal in the CLI command. The CLI does not restrict the number of input digits, the only limitation of the inputted digits are the size of the command buffer and the float-point precision.
Page 136 17. Didital Diagnostic Monitoring (DDM) Commands 17.3. config ddm ports bias_current_threshold  Description This command is used to configure the thresholds of bias current of the specified ports. The command configures the bias current thresholds of the specified ports. The precision of the effective threshold is dependent on the hardware.
Page 137 17. Didital Diagnostic Monitoring (DDM) Commands The parameter type milliampere allows the user to input the decimal in the CLI command. The CLI does not restrict the number of input digits, the only limitation of the inputted digits are the size of the command buffer and the float-point precision.
Page 138 17. Didital Diagnostic Monitoring (DDM) Commands high_alarm <mw_or_dbm> Specifies the high threshold for the transmit power alarm. When the operating parameter rises above this value, the action associated with alarm is taken. If the unit is mW, the range of this parameter is from 0 to 6.5535mW. If the unit is dBm, the range of this parameter is form -40 to 8.1647dBm.
Page 139 17. Didital Diagnostic Monitoring (DDM) Commands Zxxx0:admin# config ddm ports 21 tx_power_threshold high_alarm 0.625 low_alarm 0.006 high_warning 0.55 low_warning 0.008 Command: config ddm ports 21 tx_power_threshold high_alarm 0.625 low_alarm 0.006 high_warning 0.55 low_warning 0.008 Success. Zxxx0:admin#...
Page 140 17. Didital Diagnostic Monitoring (DDM) Commands 17.5. config ddm ports rx_power_threshold  Description This command is used to configure the thresholds of the output power of the specified ports. The command configures the bias current thresholds of the specified ports. The precision of the effective threshold is dependent on the hardware.
Page 141 17. Didital Diagnostic Monitoring (DDM) Commands low_warning <mw_or_dbm> Specifies the low threshold for the transmit power warning. When the operating parameter falls below this value, the action associated with the warning is taken. If the unit is mW, the range of this parameter is from 0 to 6.5535mW. If the unit is dBm, the range of this parameter is form -40 to 8.1647dBm.
Page 142 17. Didital Diagnostic Monitoring (DDM) Commands 17.6. config ddm ports reload threshold  Description This command is used to reload the DDM threshold configuration. The command reloads default threshold configuration of special ports. If the ports are link up with optic modules, all thresholds of those ports will be set to hardware default.
Page 143 17. Didital Diagnostic Monitoring (DDM) Commands 17.7. config ddm ports state  Description This command is used to configure the DDM state and/or the DDM shutdown action when it encounters an exceeding alarm or warning threshold event. The command configures the DDM state and/or the DDM shutdown action when it encounters an exceeding alarm or warning threshold event.
Page 144 17. Didital Diagnostic Monitoring (DDM) Commands Zxxx0:admin# config ddm ports 11 state enable shutdown alarm Command: config ddm ports 11 state enable shutdown alarm Success. Zxxx0:admin# 17.8. config ddm log  Description Enable or disable the log when parameters of the optic module exceed its DDM threshold. The command configures the DDM log action when encountering an exceeding alarm or warning thresholds event.
Page 145 17. Didital Diagnostic Monitoring (DDM) Commands 17.9. config ddm trap  Description This command is used to enable or disable the trap when parameters of the optic module exceed its DDM threshold. The command configures the DDM trap action when encountering an exceeding alarm or warning thresholds event.
Page 146 17. Didital Diagnostic Monitoring (DDM) Commands 17.10. config ddm power_unit  Description This command is used to configure the unit of DDM TX/RX power. The command configures the global unit of DDM TX/RX power.  Format config ddm power_unit [mw | dbm] ...
Page 147 17. Didital Diagnostic Monitoring (DDM) Commands 17.11. show ddm ports status  Description This command is used to show the current operating DDM parameters values of the optic module of the specified ports. This command displays the current operating parameters of the optic modules.
Page 148 17. Didital Diagnostic Monitoring (DDM) Commands 17.12. show ddm ports configuration  Description This command is used to display the current configurations of the optic modules. There are two types of thresholds: the administrative configuration and the operation configuration threshold. For the optic port, when a particular threshold was configured by the user, it will be shown in this command with a tag indicating that it is a threshold that the user configured, else it would be the threshold read from the optic module that is being inserted.
Page 149: Show Ddm
17. Didital Diagnostic Monitoring (DDM) Commands 17.13. show ddm  Description This command is used to display the DDM global settings.  Format show ddm  Parameters None.  Restrictions None.  Example To display the DDM global settings: Zxxx0:admin# show ddm Command: show ddm DDM Log...
Page 150: Debug Software Command List
18. Debug Software Command List 18.Debug Software Command List The commands are used to configure the monitoring and logging of protocol communication status and how to handle when an error occurs. debug error_log [dump | clear | upload_toTFTP <ipaddr> <path_filename 64>] debug buffer [utilization | dump | clear | upload_toTFTP <ipaddr>...
Page 151 18. Debug Software Command List 18.1. debug error_log  Description Use this command to dump, clear or upload the software error log to a TFTP server.  Format debug error_log [dump | clear | upload_toTFTP <ipaddr> <path_filename 64>]  Parameters dump Display the debug message of the debug log.
Page 152 18. Debug Software Command List Zxxx0:admin# debug error_log dump Command: debug error_log dump ************************************************************************** # debug log: 1 # firmware version: 1.0.0.xx # level: CPU exception # clock: 437453880 ms # time : 2000-01-08 05:55:40 ======================== CPU EXCEPTION ======================== Current Task = IP-Tic Stack Pointer = 4CFEA7A0 ---------------------------CP0 Registers----------------------- Status : 1000FC01 Interrupt enable...
Page 153: Debug Buffer
18. Debug Software Command List 18.2. debug buffer  Description Use this command to show the debug buffer's state, or dump, clear, or upload the debug buffer to a TFTP server. When selecting to output to the debug buffer and there are debug messages being outputted, the system memory pool will be used as the debug buffer.
Page 154: Debug Output
18. Debug Software Command List Zxxx0:admin# debug buffer utilization Command: debug buffer utilization Allocate from System memory Total size 2 MB Utilization rate Zxxx0:admin# To clear the debug buffer: Zxxx0:admin# debug buffer clear Command: debug buffer clear Success. Zxxx0:admin# To upload the messages stored in debug buffer to TFTP server: Zxxx0:admin# debug buffer upload_toTFTP 10.0.0.90 debugcontent.txt Command: debug buffer upload_toTFTP 10.0.0.90 debugcontent.txt Connecting to server....
Page 155 18. Debug Software Command List  Parameters module Specifies the module list. <module_list> Enter the module list here. Control output method of all modules. buffer Direct the debug message of the module output to debug buffer(default). console Direct the debug message of the module output to local console. ...
Page 156: Debug Config State
18. Debug Software Command List  Example To set the Switching Hub to not need a reboot when a fatal error occurs: Zxxx0:admin# debug config error_reboot disable Command: debug config error_reboot disable Success. Zxxx0:admin# 18.5. debug config state  Description Use the command to set the state of the debug.
Page 157: Debug Stp Clear Counter
18. Debug Software Command List debug show error_reboot state  Parameters None.  Restrictions Only Administrator-level users can issue this command.  Example To show the error reboot status: Zxxx0:admin#debug show error_reboot state Command: debug show error_reboot state Error Reboot: Enabled Zxxx0:admin# 18.7.
Page 158: Debug Stp Config Ports
18. Debug Software Command List Zxxx0:admin# debug stp clear counter ports all Command : debug stp clear counter ports all Success. Zxxx0:admin# 18.8. debug stp config ports  Description This command used to configure per-port STP debug level on the specified ports. ...
Page 159: Debug Stp Show Counter
18. Debug Software Command List 18.9. debug stp show counter  Description This command used to display the STP counters.  Format debug stp show counter {ports [<portlist> | all]}  Parameters ports (Optional) Specifies the STP ports for display. <portlist>...
Page 160: Debug Stp Show Flag
18. Debug Software Command List 18.10. debug stp show flag  Description This command used to display the STP debug level on specified ports.  Format debug stp show flag {ports <portlist>}  Parameters ports (Optional) Specifies the STP ports to display. <portlist>...
Page 161: Debug Stp Show Information
18. Debug Software Command List 18.11. debug stp show information  Description This command used to display STP detailed information, such as the hardware tables, the STP state machine, etc.  Format debug stp show information  Parameters None.  Restrictions Only Administrator-level users can issue this command.
Page 162 18. Debug Software Command List Zxxx0:admin# debug stp show information Command: debug stp show information Spanning Tree Debug Information: ---------------------------------------- Port Status In Hardware Table: Instance 0: Port 1 :BLK Port 2 :BLK Port 3 :BLK Port 4 :BLK Port 5 :BLK Port 6 :BLK Port 7 :FOR Port 8 :BLK...
Page 163: Debug Stp State
18. Debug Software Command List 18.12. debug stp state  Description This command is used to enable or disable the STP debug state.  Format debug stp state [enable | disable]  Parameters state Specifies the STP debug state. enable Enable the STP debug state.
Page 164 18. Debug Software Command List  Parameters module (Optional) Specifies the module list. <module_list> Enter the module list here.  Restrictions Only Administrator-level users can issue this command.  Example To show the specified module's debug state: Prompt# debug show status module MSTP Command: debug show status module MSTP Debug Global State: Enable MSTP...
Page 165: Dhcp Snooping Commands
19. DHCP Snooping Commands 19.DHCP Snooping Commands The commands are used to allow only clients with a regular IP address assigned by the DHCP server to communicate. When this function is enabled, all ports are set to "untrusted." You need to change the DHCP server and DHCP relay ports to "trusted."...
Page 166 19. DHCP Snooping Commands 19.1. enable dhcp_snoop  Description This command is used to enable DHCP snooping operation on the Switching Hub. This is a global control for the DHCP snooping function. By default, the DHCP snooping function is disabled. ...
Page 167 19. DHCP Snooping Commands 19.2. disable dhcp_snoop  Description This command is used to disable DHCP snooping operation on the Switching Hub. This command disables the DHCP snooping function. By default, the DHCP snooping function is disabled.  Format disable dhcp_snoop ...
Page 168 19. DHCP Snooping Commands 19.3. show dhcp_snoop  Description This command is used to display the DHCP snooping configuration status.  Format show dhcp_snoop  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 169 19. DHCP Snooping Commands 19.4. show dhcp_snoop binding_entry  Description The show dhcp_snoop binding command displays the DHCP snooping binding table information.  Format show dhcp_snoop binding_entry { [ port <port> | vlan <vlan_name 32> | vlanid <vidlist> | ipaddress <ipaddr> | mac_address <macaddr> ] } ...
Page 170: Domain Name System (Dns) Relay Commands
20. Domain Name System (DNS) Relay Commands 20.Domain Name System (DNS) Relay Commands DNS (Domain Name System) is a function to manage server domain names. Domain names are named based on hierarchical structure rules. The DNS server, which corresponds to domain name hierarchies, manages a mapping between domain names and IP addresses.
Page 171 20. Domain Name System (DNS) Relay Commands config dnsr [[primary | secondary] nameserver <ipaddr> | [add | delete] static <domain_name 32> <ipaddr>] enable dnsr {[cache | static]} disable dnsr {[cache | static]} show dnsr {static} 20.1. config dnsr  Description This command is used to add or delete a static entry into the Switch's DNS resolution table, or set up the relay server.
Page 172 20. Domain Name System (DNS) Relay Commands To add the entry "dns1" with IP address 10.24.22.5 to the DNS static table: Zxxx0:admin#config dnsr add static dns1 10.24.22.5 Command: config dnsr add static dns1 10.24.22.5 Success. Zxxx0:admin# To delete the entry "dns1" with IP address 10.24.22.5 from the DNS static table: Zxxx0:admin#config dnsr delete static dns1 10.24.22.5 Command: config dnsr delete static dns1 10.24.22.5 Success.
Page 173 20. Domain Name System (DNS) Relay Commands To enable cache lookup for DNS relay: Zxxx0:admin#enable dnsr cache Command: enable dnsr cache Success. Zxxx0:admin# To enable static table lookup for DNS relay: Zxxx0:admin#enable dnsr static Command: enable dnsr static Success. Zxxx0:admin# 20.3.
Page 174 20. Domain Name System (DNS) Relay Commands To disable cache lookup for DNS relay: Zxxx0:admin#disable dnsr cache Command: disable dnsr cache Success. Zxxx0:admin# To disable static table lookup for DNS relay: Zxxx0:admin#disable dnsr static Command: disable dnsr static Success. Zxxx0:admin# 20.4.
Page 175 20. Domain Name System (DNS) Relay Commands Zxxx0:admin#show dnsr Command: show dnsr DNSR Status : Disabled Primary Name Server : 0.0.0.0 Secondary Name Server : 0.0.0.0 DNSR Cache Status : Disabled DNSR Static Table Status : Disabled DNS Relay Static Table Domain Name IP Address ----------------------------------------- ---------------...
Page 176: Dns Resolver Commands
21. DNS Resolver Commands 21.DNS Resolver Commands DNS (Domain Name System) is function to manage server domain names. Domain names are named based on hierarchical structure rules. The DNS server, which corresponds to domain name hierarchies, manages a mapping between domain names and IP addresses. Access to a web server becomes available after sending an inquiry to the DNS server and obtaining an IP address from the domain name (name resolution).
Page 177 21. DNS Resolver Commands 21.1. config name_server add  Description This command is used to add a DNS resolver name server to the Switch.  Format config name_server add <ipaddr> {primary}  Parameters <ipaddr> Enter the DNS Resolver name server IP address used here. primary (Optional) Specifies that the name server is a primary name server.
Page 178 21. DNS Resolver Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To delete DNS Resolver name server 10.10.10.1: Zxxx0:admin# config name_server delete 10.10.10.10 Command: config name_server delete 10.10.10.10 Success. Zxxx0:admin# 21.3. config name_server timeout ...
Page 179 21. DNS Resolver Commands 21.4. show name_server  Description This command is used to display the current DNS Resolver name servers and name server time out on the Switch.  Format show name_server  Parameters None.  Restrictions None.  Example To display the current DNS Resolver name servers and name server time out: Zxxx0:admin# show name_server Command: show name_server...
Page 180 21. DNS Resolver Commands 21.5. create host_name  Description This command is used to create the static host name entry of the Switch.  Format create host_name <name 255> <ipaddr>  Parameters <name 255> Enter the hostname used here. This name can be up to 255 characters long. <ipaddr>...
Page 181 21. DNS Resolver Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To delete the static host name entry "www.example.com": Zxxx0:admin# delete host_name www.example.com Command: delete host_name www.example.com Success. Zxxx0:admin# 21.7. show host_name ...
Page 182 21. DNS Resolver Commands Zxxx0:admin# show host_name Command: show host_name Static Host Name Table Host Name IP Address ------------------------------ --------------- www.example.com 10.10.10.10 www.exampla.com 20.20.20.20 Total Static Entries: 2 Dynamic Host Name Table Host Name IP Address ------------------------------ --------------- -------- www.examplc.com 30.30.30.30 60 minutes www.exampld.com...
Page 183 21. DNS Resolver Commands 21.9. disable dns_resolver  Description This command is used to disable the DNS Resolver state of the Switch.  Format disable dns_resolver  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 184: Energy Efficient Ethernet (Eee) Commands
22. Energy Efficient Ethernet (EEE) Commands 22.Energy Efficient Ethernet (EEE) Commands IEEE802.3az Energy Efficient Ethernet (EEE) realizes to reduce the power consumption at link-up ports. config eee ports [ <portlist> | all ] state [enable | disable] show eee ports {<portlist>} 22.1.
Page 185 22. Energy Efficient Ethernet (EEE) Commands  Example To disable the EEE status on port 1-3: Zxxx0:admin#config eee ports 1-3 state disable Command: config eee ports 1-3 state disable Success. Zxxx0:admin# 22.2. show eee ports  Description This command is used to display the EEE settings per ports. ...
Page 186: Fdb Commands
23. FDB Commands 23.FDB Commands Forwarding Database (FDB) is a mapping table between the MAC addresses of network devices and the destination VLANs or ports. A Switching Hub accesses FDB using the MAC address information of a receive packet and determines the destination VLAN or port. FDB is usually created automatically from receive packet information.
Page 187: Create Fdb
23. FDB Commands 23.1. create fdb  Description This command is used to make an entry into the Switching Hub's unicast MAC address forwarding database.  Format create fdb <vlan_name 32> <macaddr> [port <port> | drop]  Parameters <vlan_name 32> Specify a VLAN name associated with a MAC address.
Page 188 23. FDB Commands  Parameters <vidlist> Enter the VLAN ID used here. <macaddr> Specify the MAC address to be added to the static forwarding table. port The Switching Hub will always forward traffic to the specified device through this port. <port>Specify the port number corresponding to the MAC destination address.f drop Specify to have the Switching Hub drop traffic.
Page 189 23. FDB Commands  Example To create multicast MAC forwarding: Zxxx0:admin# create multicast_fdb default 01-00-00-00-01-01 Command: create multicast_fdb default 01-00-00-00-01-01 Success. Zxxx0:admin# 23.4. config multicast_fdb  Description This command is used to configure the multicast MAC address forwarding table.  Format config multicast_fdb <vlan_name 32>...
Page 190 23. FDB Commands 23.5. config fdb aging_time  Description This command is used to set the age-out timer for the Switching Hub's dynamic unicast MAC address forwarding tables.  Format config fdb aging_time <sec 10-1000000>  Parameters <sec 10-1000000> - Specify the time in seconds that a dynamically learned MAC address will remain in the Switching Hub's MAC address forwarding table without being accessed, before being dropped from the database.
Page 191 23. FDB Commands 23.6. config multicast vlan_filtering_mode  Description This command is used to configure the multicast packet filtering mode for VLANs.  Format config multicast vlan_filtering_mode [vlanid <vidlist> | vlan <vlan_name 32> | all] [forward_all_groups | forward_unregistered_groups | filter_unregistered_groups] ...
Page 192: Delete Fdb
23. FDB Commands 23.7. delete fdb  Description This command is used to delete a permanent FDB entry.  Format delete fdb <vlan_name 32> <macaddr>  Parameters <vlan_name 32> Specify the name of the VLAN on which the MAC address resides. The maximum length is 32 characters.
Page 193: Clear Fdb
23. FDB Commands 23.8. clear fdb  Description This command is used to clear the Switching Hub's forwarding database of all dynamically learned MAC addresses.  Format clear fdb [vlan <vlan_name 32> | port <port> | all ]  Parameters vlan Specify the name of the VLAN on which the MAC address resides.
Page 194: Show Fdb
23. FDB Commands  Parameters vlan (Optional) Specify the name of the VLAN on which the MAC address resides. <vlan_name 32> The maximum length is 32 characters. vlanid (Optional) Specifies the VLAN ID on which the MAC address resides. <vidlist> Enter the VLAN ID used here.
Page 195 23. FDB Commands  Parameters port (Optional) Specify the entries for one port. <port>Specify the entries for one port. vlan (Optional) Specify to display the entries for a specific VLAN. <vlan_name 32> The maximum length is 32 characters. vlanid (Optional) Specify to display the entries by VLAN ID list. <vidlist>...
Page 196 23. FDB Commands 23.11. show multicast vlan_filtering_mode  Description This command is used to display the multicast packet filtering mode for VLANs.  Format show multicast vlan_filtering_mode {[vlanid <vidlist> | vlan <vlan_name 32>]}  Parameters vlanid (Optional) Specify to display the entries by VLAN ID list. <vidlist>...
Page 197: File System Management Commands
24. File System Management Commands 24.File System Management Commands The commands are used to manage storage media files on this Switching Hub and mounted SD card. You can check/format media information, change the drive, create/ change/delete a directory, and display/rename/delete/copy/move a file.
Page 198 24. File System Management Commands To display storage media information: Zxxx0:admin#show storage_media_info Command: show storage_media_info Unit Drive Media Type Size Label FS Type ---- ----- ---------- -------- ----------- ------- Flash 123 MB Zxxx0:admin# 24.2. md  Description This command is used to create a directory. ...
Page 199 24. File System Management Commands 24.3. rd  Description This command is used to remove a directory. If there are files and directories still existing in the directory, this command will fail and return an error message.  Format rd {{unit <unit_id>} <drive_id>} <pathname> ...
Page 200 24. File System Management Commands 24.4. cd  Description This command is used to change the current directory. The user can change the current directory to another drive using this command. The current drive and current directory will be displayed if the <pathname> is not specified. ...
Page 201 24. File System Management Commands  Parameters unit Specifies the unit ID in the stacking system. If not specified, it refers to the master unit. <unit_id> Enter the unit ID value here. <drive_id> Specifies the drive ID. If not specified, it refers to the current drive. <pathname>...
Page 202 24. File System Management Commands 24.6. rename  Description This command is used to rename a file in the file system. The pathname specifies the file (in path form) to be renamed and the file name specifies the new file name. If the path name is not a full path, then it refers to a path under the current directory for the drive.
Page 203 24. File System Management Commands 24.7. erase  Description This command is used to delete a file stored in the file system. The system will prompt if the target file is a bootup image/configuration or the last image.  Format erase {{unit <unit_id>} <drive_id>} <pathname>...
Page 204 24. File System Management Commands 24.8. format  Description This command is used to format a specific drive.  Format format {unit <unit_id>} <drive_id> {[fat16 | fat32]} {<label_name>}  Parameters unit Specifies the unit ID in the stacking system. If not specified, it refers to the master unit. <unit_id>...
Page 205 24. File System Management Commands 24.9. del  Description This command is used to delete a file. It is also used to delete a directory and its contents. The system will prompt if the target file is a bootup image/configuration or the last image.
Page 206 24. File System Management Commands 24.10. move  Description This command is used to move a file around the file system. Note that when a file is moved, it can be specified whether to be renamed at the same time. ...
Page 207 24. File System Management Commands 24.11. copy  Description This command is used to copy a file to another file in the file system.  Format copy {{unit <unit_id>} <drive_id>} <pathname> {{unit <unit_id>} <drive_id>} <pathname>  Parameters unit Specifies the unit ID in the stacking system. If not specified, it refers to the master unit. <unit_id>...
Page 208: Change Drive
24. File System Management Commands 24.12. change drive  Description This command is used to change the current drive.  Format change drive {unit <unit_id>} <drive_id>  Parameters unit (Optional) Specifies the unit ID in the stacking system. If not specified, it refers to the master unit.
Page 209: Filter Commands
25. Filter Commands 25.Filter Commands The commands are used to filter packets from the DHCP server and NetBIOS over TCP/IP and NetBIOS packets. The DHCP server packet filtering allows you to limit the number of DHCP servers to be used if there are multiple DHCP servers on the network.
Page 210 25. Filter Commands 25.1. config filter dhcp_server  Description This command has two purposes: to specify to filter all DHCP server packets on the specific port and to specify to allow some DHCP server packets with pre-defined server IP addresses and client MAC addresses. With this function, we can restrict the DHCP server to service specific DHCP clients.
Page 211 25. Filter Commands delete permit server_ip Specify the delete permit server IP address. <ipaddr> Specify the IP address. client_mac (Optional) Specify the MAC address of the DHCP client. <macaddr> Specify the MAC address. ports Specify the ports. <portlist> Specify a range of ports to be configured. Specify to configure all ports.
Page 212 25. Filter Commands To configure the filter DHCP server state: Zxxx0:admin#config filter dhcp_server ports 1-10 state enable Command: config filter dhcp_server ports 1-10 state enable Success. Zxxx0:admin# 25.2. show filter dhcp_server  Description This command is used to display the DHCP server/client filter list created on the Switching Hub.
Page 213 25. Filter Commands 25.3. config filter extensive_netbios  Description This command is used to configure the Switching Hub to deny NetBIOS packets over 802.3 frames on the network. Enabling the filterNetBIOS packets over 802.3 frames will create one access profile and one access rule per port automatically. Filter commands in this file will share the same access profile.
Page 214 25. Filter Commands  Parameters None.  Restrictions None.  Example To display the extensive NetBIOS filter state on the Switching Hub: Zxxx0:admin#show filter extensive_netbios Command: show filter extensive_netbios Enabled Ports: 1-3 Zxxx0:admin# 25.5. config filter netbios  Description This command is used to configure the Switch to deny NetBIOS packets on the network.
Page 215 25. Filter Commands  Example To configure the NetBIOS filter state: Zxxx0:admin#config filter netbios 1-10 state enable Command: config filter netbios 1-10 state enable Success. Zxxx0:admin# 25.6. show filter netbios  Description This command is used to display the NetBIOS filter state on the Switching Hub. ...
Page 216: Gratuitous Arp Commands
26. Gratuitous ARP Commands 26.Gratuitous ARP Commands ARP (Address Resolution Protocol) is used to calculate a MAC address from an IP address if the destination MAC address is unknown. Gratuitous ARP is a special ARP packet sent when an IP interface is booted, sending an inquiry by setting its own IP address instead of the destination IP address.
Page 217 26. Gratuitous ARP Commands 26.1. enable gratuitous_arp  Description This command is used to enable the gratuitous ARP trap and log state. The Switching Hub can trap and log the IP conflict event to inform the administrator.  Format enable gratuitous_arp {ipif <ipif_name 12>} {trap | log}(1) ...
Page 218 26. Gratuitous ARP Commands  Parameters ipif (Optional) The interface name of the L3 interface. <ipif_name 12> Specify the name of the interface. The maximum length is 12 characters. trap Specify trap. The trap is disabled by default. Specify log. The even log is enabled by default. ...
Page 219 26. Gratuitous ARP Commands Zxxx0:admin# config gratuitous_arp learning enable Command: config gratuitous_arp learning enable Success. Zxxx0:admin# 26.4. config gratuitous_arp send dup_ip_detected  Description This command is used to enable or disable the sending of gratuitous ARP requests when a duplicate IP address is detected. By default, the state is disabled. For this command, duplicate IP detected means that the system received an ARP request packet that is sent by an IP address that matches the system's own IP address.
Page 220 26. Gratuitous ARP Commands 26.5. config gratuitous_arp send ipif_status_up  Description This command is used to enable or disable the sending of gratuitous ARP requests when the IP interface status becomes up. This is used to automatically announce the interface's IP address to other nodes. By default, the state is disabled. When the state is enabled and IP interface is linked up, one gratuitous ARP packet will be broadcast.
Page 221 26. Gratuitous ARP Commands 26.6. config gratuitous_arp send periodically ipif  Description This command is used to configure the interval for the periodical sending of gratuitous ARP request packets.  Format config gratuitous_arp send periodically ipif <ipif_name 12> interval <value 0-65535> ...
Page 222 26. Gratuitous ARP Commands 26.7. show gratuitous_arp  Description This command is used to display gratuitous ARP configuration.  Format show gratuitous_arp {ipif <ipif_name 12>}  Parameters ipif (Optional) The interface name of the L3 interface. <ipif_name 12> Specify the name of the interface. The maximum length is 12 characters. ...
Page 223: Igmp Snooping Commands
27. IGMP Snooping Commands 27.IGMP Snooping Commands IGMP (Internet Group Management Protocol) is a protocol to manage multicast groups. IGMP snooping is a filtering function to monitor IGMP packets flowing on ports of the Switching Hub and prevent data from flowing to unnecessary ports.
Page 224 27. IGMP Snooping Commands config igmp_snooping static_group [vlan <vlan_name 32> | vlanid <vlanid_list>] <ipaddr> [add | delete] <portlist> delete igmp_snooping static_group [vlan <vlan_name 32> | vlanid <vlanid_list>] <ipaddr> show igmp_snooping static_group {[vlan <vlan_name 32> | vlanid <vlanid_list>] <ipaddr>} show igmp_snooping statistic counter [vlan <vlan_name 32> | vlanid <vlanid_list> | ports <portlist>] clear igmp_snooping statistics counter show igmp_snooping forwarding {[vlan <vlan_name 32>...
Page 225 27. IGMP Snooping Commands fast_leave Enable or disable the IGMP snooping fast leave function. If enabled, the membership is immediately removed when the system receive the IGMP leave message. enable Enable the IGMP snooping fast leave function. disable Disable the IGMP snooping fast leave function. proxy_reporting Specifies the proxy reporting option.
Page 226 27. IGMP Snooping Commands  Parameters vlan_name Specify the name of the VLAN for which IGMP snooping querier is to be configured. <vlan_name 32> Specify the VLAN name. The maximum length is 32 characters. vlanid Specify the VLAN ID list. <vlanid_list>...
Page 227 27. IGMP Snooping Commands state If the state is enable, it allows the Switching Hub to be selected as a IGMP Querier (sends IGMP query packets). If the state is disabled, then the Switching Hub can not play the role as a querier. Note that if the Layer 3 router connected to the Switching Hub provides only the IGMP proxy function but does not provide the multicast routing function, then this state must be configured as disabled.
Page 228 27. IGMP Snooping Commands vlanid Specify the VLAN ID list. <vlanid_list> Specify the VLAN ID list. Specify to add the router ports. delete Specify to delete the router ports. <portlist>Specify a range of ports to be configured.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 229 27. IGMP Snooping Commands  Example To set up port range 1 to 7 to be forbidden router ports of the default VLAN: Zxxx0:admin#config router_ports_forbidden default add 1-7 Command: config router_ports_forbidden default add 1-7 Success. Zxxx0:admin#...
Page 230 27. IGMP Snooping Commands 27.5. enable igmp_snooping  Description This command allows you to enable IGMP snooping on the Switching Hub.  Format enable igmp_snooping  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 231 27. IGMP Snooping Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To disable IGMP snooping: Zxxx0:admin#disable igmp_snooping Command: disable igmp_snooping Success. Zxxx0:admin# 27.7. show igmp_snooping  Description This command is used to display the current IGMP snooping configuration on the Switching Hub.
Page 232 27. IGMP Snooping Commands Zxxx0:admin#show igmp_snooping Command: show igmp_snooping IGMP Snooping Global State : Disabled VLAN Name : default Query Interval : 125 Max Response Time : 10 Robustness Value Last Member Query Interval Querier State : Disable Querier Role : Non-Querier Querier IP : 0.0.0.0...
Page 233 27. IGMP Snooping Commands <ipaddr>(Optional) Specify the group IP address for which to view IGMP snooping group information. If no parameter is specified, the system will display all of the current IGMP snooping group configuration of the Switching Hub.  Restrictions None.
Page 234 27. IGMP Snooping Commands 27.9. config igmp_snooping rate_limit  Description This command is used to configure the upper limit per second for ingress IGMP control packets.  Format config igmp_snooping rate_limit [ports <portlist> | vlanid <vlanid_list>] [<value 1-1000> | no_limit] ...
Page 235 27. IGMP Snooping Commands 27.10. show igmp_snooping rate_limit  Description This command is used to display the IGMP snooping rate limit setting.  Format show igmp_snooping rate_limit [ports <portlist> | vlanid <vlanid_list>]  Parameters ports Specify a range of ports to be displayed. <portlist>...
Page 236 27. IGMP Snooping Commands 27.11. create igmp_snooping static_group  Description This command allows users to create an IGMP snooping static group. Member ports can be added to the static group. The static member and the dynamic member port form the member ports of a group. The static group will only take effect when IGMP snooping is enabled on the VLAN.
Page 237 27. IGMP Snooping Commands 27.12. config igmp_snooping static_group  Description This command is used to configure an IGMP snooping static group on the Switching Hub. When a port is configured as a static member port, the IGMP protocol will not operate on this port.
Page 238 27. IGMP Snooping Commands 27.13. delete igmp_snooping static_group  Description This command is used to delete an IGMP snooping static group on the Switching Hub. The deletion of an IGMP snooping static group will not affect the IGMP snooping dynamic member ports for a group. ...
Page 239 27. IGMP Snooping Commands 27.14. show igmp_snooping static_group  Description This command is used to display the IGMP snooping static multicast group.  Format show igmp_snooping static_group {[vlan <vlan_name 32> | vlanid <vlanid_list>] <ipaddr>}  Parameters vlan Specify the name of the VLAN on which the router port resides. <vlan_name 32>...
Page 240 27. IGMP Snooping Commands 27.15. show igmp_snooping statistic counter  Description This command is used to display the IGMP snooping statistics counter for IGMP protocol packets that are transmitted or received by the Switching Hub since IGMP snooping was enabled. ...
Page 241 27. IGMP Snooping Commands Zxxx0:admin#show igmp_snooping statistic counter ports 1 Command: show igmp_snooping statistic counter ports 1 Port # -------------------------------------------------- Group Number Receive Statistics Query IGMP v1 Query IGMP v2 Query IGMP v3 Query Total Dropped By Rate Limitation Dropped By Multicast VLAN Report &...
Page 242 27. IGMP Snooping Commands 27.16. clear igmp_snooping statistics counter  Description This command is used to clear the IGMP snooping statistics counter on the Switching Hub.  Format clear igmp_snooping statistics counter  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 243 27. IGMP Snooping Commands vlanid (Optional) Specify a list of VLANs to be displayed. <vlanid_list> Specify the VLAN ID list. If no parameter is specified, the system will display all current IGMP snooping forwarding table entries of the Switching Hub. ...
Page 244 27. IGMP Snooping Commands vlanid Specify the ID of the VLAN on which the router port resides. <vlanid_list> Specify the VLAN ID list. Specifies that all the VLAN's will be displayed. static (Optional)Display router ports that have been statically configured. dynamic (Optional) Display router ports that have been dynamically registered.
Page 245: Ip Routing Commands
28. IP Routing Commands 28.IP Routing Commands In this chapter, you can configure the default gateway for IPv4 and IPv6. create iproute [default] <ipaddr> delete iproute [default] show iproute create ipv6route [default] [<ipif_name 12> <ipv6addr>] delete ipv6route [default] [<ipif_name 12> <ipv6addr>] show ipv6route 28.1.
Page 246: Delete Iproute
28. IP Routing Commands 28.2. delete iproute  Description This command is used to delete a default gateway.  Format delete iproute [default]  Parameters default Delete iproute entry  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 247: Create Ipv6Route
28. IP Routing Commands  Example To display a default gateway setting: Zxxx0:admin#show iproute Command: show iproute Routing Table IP Address/Netmask Gateway Interface Protocol ------------------ --------------- ------------ -------- 10.0.0.0/8 0.0.0.0 System Local Total Entries : 1 Zxxx0:admin# 28.4. create ipv6route ...
Page 248: Delete Ipv6Route
28. IP Routing Commands Zxxx0:admin#create ipv6route default System FEC0::5 Command: create ipv6route default System FEC0::5 Success. Zxxx0:admin# 28.5. delete ipv6route  Description This command is used to delete an IPv6 default gateway. If the next hop is a global address, it is not necessary to indicate the interface name. If the next hop is a link local address, then the interface name must be specified.
Page 249: Show Ipv6Route
28. IP Routing Commands 28.6. show ipv6route  Description This command is used to display the IPv6 default agateway setting.  Format show ipv6route  Parameters None.  Restrictions None.  Example To display an IPv6 default gateway setting: Zxxx0:admin#show ipv6route Command: show ipv6route IPv6 Prefix: ::/0 Protocol: Static...
Page 250: Ip Source Address Verify Commands
29. IP Source Address Verify Commands 29.IP Source Address Verify Commands config ip_verify_source ports [<portlist>| all] state [enable | disable] config arp_inspection ports [<portlist>| all] state [enable | disable] create ip_source_binding ipaddress [<ipaddr>mac_address<macaddr> port <port>] delete ip_source_binding [ipaddress<ipaddr>mac_address<macaddr>| all] config ip_source_binding ipaddress [<ipaddr>mac_address<macaddr> port <port>] show ip_source_binding [all | ipaddress<ipaddr>mac_address<macaddr>] show ip_verify_source { ports {<portlist>} } enable dhcp_snoop...
Page 251 29. IP Source Address Verify Commands  Example To enable IPSG on port1: Zxxx0:admin# config ip_verify_source ports 1 state enable Command: config ip_verify_source ports 1 state enable Success. Zxxx0:admin# 29.2. config arp_inspection ports  Description This command is used to configure the per port state of dynamic ARP inspection on the Switching Hub.
Page 252 29. IP Source Address Verify Commands 29.3. create ip_source_binding  Description This command is used to create an IPSG entry. One MAC address can be mapped to multiple IP addresses.  Format create ip_source_binding ipaddress <ipaddr> mac_address <macaddr> port <port> ...
Page 253 29. IP Source Address Verify Commands 29.4. delete ip_source_binding  Description This command is used to create an to delete an IPSG entry.  Format delete ip_source_binding [ipaddress <ipaddr> mac_address <macaddr>| all]  Parameters ipaddr Specify the IP address of the entry. macaddr Specify the MAC address of the entry.
Page 254 29. IP Source Address Verify Commands 29.5. config ip_source_binding  Description This command is used to update an IPSG entry.  Format config ip_source_binding ipaddress <ipaddr> mac_address <macaddr> port <port>]  Parameters ipaddr Specify the IP address of the entry being updated. macaddr Specify the MAC address of the entry being updated.
Page 255 29. IP Source Address Verify Commands 29.6. show ip_source_binding  Description This command is used to show the binding entries.  Format show ip_source_binding [all | ipaddress <ipaddr> mac_address <macaddr>]  Parameters ipaddr Specify the learned IP address of the entry in the database. macaddr Specify the MAC address of the entry or the blocked MAC address.
Page 256 29. IP Source Address Verify Commands To display the binding entry by IP address and MAC address: Zxxx0:admin# show ip_source_binding ipaddress10.1.1.1 mac_address 00-00-00-00-00- Command: show ip_source_binding ipaddress10.1.1.1 mac_address 00-00-00-00-00-11 M(Mode) - D:DHCP,S:Static ACL - A:Active I:Inactive IP Address MAC Address ACL Port --------------------------------------- ----------------- -- -- -----...
Page 257 29. IP Source Address Verify Commands To show the IP Source Address Verify ports: Zxxx0:admin# show ip_verify_source ports Command: show ip_verify_source ports Port ARP Inspection IP Verify Source ----- -------------- ---------------- Disabled Disabled Enabled Disabled Enabled Enabled Disabled Disabled Disabled Enabled Disabled Enabled...
Page 258 29. IP Source Address Verify Commands  Example To enable DHCP snooping mode: Zxxx0:admin# admin# enable dhcp_snoop Command: enable dhcp_snoop Success. Zxxx0:admin# 29.9. disable dhcp_snoop  Description This command is used to disable DHCP snooping. When the DHCP snooping function is disabled, all of the DHCP snooping binding entries will be removed.
Page 259 29. IP Source Address Verify Commands 29.10. clear dhcp_snoop binding_entry  Description This command is used to clear the DHCP Snooping entries learned for the specified ports.  Format clear dhcp_snoop binding_entry ports [<portlist>|all]  Parameters ports Specify the list of ports used to clear the DHCP snooping entries learned. ...
Page 260 29. IP Source Address Verify Commands If no parameters are specified, all the DHCP snooping configuration.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To show the DHCP snooping state: Zxxx0:admin# show dhcp_snoop Command: show dhcp_snoop DHCP_Snoop : Enabled Zxxx0:admin#...
Page 261 29. IP Source Address Verify Commands 29.12. config dhcp_snoop max_entry  Description This command is used to specify the maximum number of entries that can be learned by a specified port. By default, the maximum number of port entries is unlimited. This command specifies the maximum number of entries that can be learned by the specified ports.
Page 262 29. IP Source Address Verify Commands 29.13. enable ip_verify_source log  Description This command is used to enable IP Source Address Verify logs. This command is used to generate logs when the IP Source Address Verify modules detect an illegal IP and MAC address. ...
Page 263 29. IP Source Address Verify Commands 29.14. disable ip_verify_source log  Description This command is used to disable the IP Source Address Verify logs.  Format disable ip_verify_source log  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 264: Ipv6 Ndp Commands
30. IPv6 NDP Commands 30.IPv6 NDP Commands In IPv6, a protocol called NDP (Neighbor Discovery Protocol) is used to configure the global IP address of a device connected to the router. The router periodically sends packets called RA (Router Advertisement) to a specified interface.
Page 265 30. IPv6 NDP Commands <ipv6addr> Specify the IPv6 address of the neighbor. <macaddr> Specify the MAC address of the neighbor.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To add a static entry into the NDP table: Zxxx0:admin#create ipv6 neighbor_cache ipif System 3ffc::1 00:01:02:03:04:05 Command: create ipv6 neighbor_cache ipif System 3FFC::1 00-01-02-03-04-05 Success.
Page 266 30. IPv6 NDP Commands  Example To delete the neighbor cache.entry for IPv6 address 3ffc::1 on the IP interface "System": Zxxx0:admin#delete ipv6 neighbor_cache ipif System 3ffc::1 Command: delete ipv6 neighbor_cache ipif System 3FFC::1 Success. Zxxx0:admin# 30.3. show ipv6 neighbor_cache ipif ...
Page 267 30. IPv6 NDP Commands Zxxx0:admin#show ipv6 neighbor_cache ipif System all Command: show ipv6 neighbor_cache ipif System all FE80::215:72FF:FE36:104 State: Reachable MAC Address : 00-15-72-36-01-04 Port : 1:21 Interface : System Total Entries: 1 Zxxx0:admin# 30.4. config ipv6 nd ns ipif ...
Page 268 30. IPv6 NDP Commands 30.5. config ipv6 nd ra ipif  Description This command is used to configure the RA parameters of a specified interface.  Format config ipv6 nd ra ipif <ipif_name 12> {state [enable | disable] | life_time <sec 0-9000> | reachable_time <millisecond 0-3600000>...
Page 269 30. IPv6 NDP Commands other_config_flag Specify to enable or disable the function. enable When set to enable, it indicates that hosts receiving this RA must use a stateful address configuration protocol to obtain on-address configuration information. disable Set to disable to stop hosts receiving this RA from using a stateful address configuration protocol to obtain on-address configuration information.
Page 270 30. IPv6 NDP Commands  Parameters <ipif_name 12> Specify the interface's name. The maximum length is 12 characters. <ipv6networkaddr> Specify the IPv6 network address. preferred_life_time Specify the number in seconds that an address, based on the specified prefix using the stateless address configuration, remains in preferred state.
Page 271: Show Ipv6 Nd
30. IPv6 NDP Commands Zxxx0:admin#config ipv6 nd ra prefix_option ipif ip1 3ffe:501:ffff:100::/64 preferred_life_time 1000 Command: config ipv6 nd ra prefix_option ipif ip1 3ffe:501:ffff:100::/64 preferred_life_time 1000 Success. Zxxx0:admin# 30.7. show ipv6 nd  Description This command is used to display IPv6 Neighbor Discover related configuration. ...
Page 272 30. IPv6 NDP Commands Zxxx0:admin#show ipv6 nd ipif System Command: show ipv6 nd ipif System Interface Name : System Hop Limit : 64 NS Retransmit Time : 400 (ms) Router Advertisement : Disabled RA Max Router AdvInterval : 600 (sec) RA Min Router AdvInterval : 198 (sec) RA Router Life Time : 1800 (sec)
Page 273 30. IPv6 NDP Commands...
Page 274: Jumbo Frame Commands
31. Jumbo Frame Commands 31.Jumbo Frame Commands In Ethernet, communication data is divided into fixed-size units called "frames" and transmitted. The standard frame has a fixed-size of 1518 bytes. A frame called jumbo frame is larger than the standard frame for more efficient data transmission.
Page 275 31. Jumbo Frame Commands 31.1. enable jumbo_frame  Description This command is used to enable support of Jumbo Frames.  Format enable jumbo_frame  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable Jumbo Frames: Zxxx0:admin#enable jumbo_frame Command: enable jumbo_frame...
Page 276 31. Jumbo Frame Commands Zxxx0:admin#disable jumbo_frame Command: disable jumbo_frame Success. Zxxx0:admin# 31.3. config jumbo_frame ports  Description This command is used to configure the jumbo frame state on specified ports.  Format config jumbo_frame ports [<portlist> | all] state [enable | disable] ...
Page 277 31. Jumbo Frame Commands 31.4. show jumbo_frame  Description This command is used to display Jumbo Frames.  Format show jumbo_frame {<portlist>}  Parameters <portlist>(Optional) Enter the list of ports to be displayed here.  Restrictions None.  Example To display Jumbo Frames for port 1 to 5: Zxxx0:admin#show jumbo_frame 1-5 Command: show jumbo_frame 1-5 Jumbo Frame Global State : Disabled...
Page 278: Lacp Configuration Commands
32. LACP Configuration Commands 32.LACP Configuration Commands Link aggregation is a technology to connect two Switching Hubs with multiple ports and bundle them as one port. This provides path redundancy and enhanced bandwidth. Figure 32-1 LACP overview LACP (Link Aggregate Control Protocol) is a protocol to automatically decide, set, and monitor the port connection status in link aggregation.
Page 279 32. LACP Configuration Commands  Parameters <portlist>Specify a range of ports to be configured. mode Specify the port mode. active Specify the mode as active. passive Specify the mode as passive.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 280 32. LACP Configuration Commands Zxxx0:admin#show lacp_port 1-3 Command: show lacp_port 1-3 Port Activity ------ -------- Active Active Active Zxxx0:admin#...
Page 281: Layer 2 Protocol Tunneling (L2Pt) Command List
33. Layer 2 Protocol Tunneling (L2PT) Command List 33.Layer 2 Protocol Tunneling (L2PT) Command List L2PT is a function to enable transferring of L2 protocol frames, such as STP and GVRP, to different networks. In this chapter, you will configure L2PT. Figure 33-1 L2PT overview config l2protocol_tunnel ports [<portlist>...
Page 282 33. Layer 2 Protocol Tunneling (L2PT) Command List  Format config l2protocol_tunnel ports [<portlist> | all] type [uni tunneled_protocol [{stp | gvrp | protocol_mac [01-00-0C-CC-CC-CC | 01-00-0C-CC-CC-CD]}(1) | all] {threshold <value 0-65535>} | nni | none]  Parameters ports Specify the ports on which the Layer 2 protocol tunneling will be configured. <portlist>...
Page 283 33. Layer 2 Protocol Tunneling (L2PT) Command List 33.2. show l2protocol_tunnel  Description This command is used to show Layer 2 protocol tunneling information.  Format show l2protocol_tunnel {[uni | nni]}  Parameters (Optional) Specify show UNI detail information, include tunneled and dropped PDU statistic.
Page 284 33. Layer 2 Protocol Tunneling (L2PT) Command List To show Layer 2 protocol tunneling detail information on NNI ports: Zxxx0:admin# show l2protocol_tunnel nni Command: show l2protocol_tunnel nni Protocol Port ---- -------------------- GVRP 01-00-0C-CC-CC-CC 01-00-0C-CC-CC-CD GVRP 01-00-0C-CC-CC-CC 01-00-0C-CC-CC-CD Zxxx0:admin# 33.3. enable l2protocol_tunnel ...
Page 285 33. Layer 2 Protocol Tunneling (L2PT) Command List 33.4. disable l2protocol_tunnel  Description Used to disable the Layer 2 protocol tunneling function.  Format disable l2protocol_tunnel  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 286: Limited Multicast Ip Address Commands
34. Limited Multicast IP Address Commands 34.Limited Multicast IP Address Commands The commands are used to configure multicast packet filtering out of the target of IGMP/MLD snooping or layer-3 function. create mcast_filter_profile {[ipv4 | ipv6]} profile_id <value 1-60> profile_name <name 32> config mcast_filter_profile [profile_id <value 1-60>...
Page 287 34. Limited Multicast IP Address Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To create a multicast address profile named MOD: Zxxx0:admin#create mcast_filter_profile profile_id 2 profile_name MOD Command: create mcast_filter_profile profile_id 2 profile_name MOD Success.
Page 288 34. Limited Multicast IP Address Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To add a range of multicast addresses to a profile: Zxxx0:admin#config mcast_filter_profile profile_id 2 add 225.1.1.1 - 225.1.1.100 Command: config mcast_filter_profile profile_id 2 add 225.1.1.1 - 225.1.1.100 Success.
Page 289 34. Limited Multicast IP Address Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To add the IPv6 multicast address range FF0E::100:0:0:20 - FF0E::100:0:0:22 to profile ID 3: Zxxx0:admin#config mcast_filter_profile ipv6 profile_id 3 add FF0E::100:0:0:20 - FF0E::100:0:0:22 Command: config mcast_filter_profile ipv6 profile_id 3 add FF0E::100:0:0:20 - FF0E::100:0:0:22...
Page 290 34. Limited Multicast IP Address Commands Zxxx0:admin#delete mcast_filter_profile profile_id 3 Command: delete mcast_filter_profile profile_id 3 Success. Zxxx0:admin# To delete a multicast profile with a profile named MOD: Zxxx0:admin#delete mcast_filter_profile profile_name MOD Command: delete mcast_filter_profile profile_name MOD Success. Zxxx0:admin# 34.5. show mcast_filter_profile ...
Page 291 34. Limited Multicast IP Address Commands Zxxx0:admin#show mcast_filter_profile Command: show mcast_filter_profile Profile ID Name Multicast Addresses ---------- --------------------------- ----------------------------- 234.1.1.1 - 238.244.244.244 234.1.1.1 - 238.244.244.244 customer 224.19.62.34 - 224.19.162.200 Total Entries: 2 Zxxx0:admin# 34.6. config limited_multicast_addr  Description This command is used to configure the multicast address filtering function on a port or VLAN.
Page 292 34. Limited Multicast IP Address Commands profile_name(Optional) Specify a profile name to be added to or deleted from the port or VLAN. <name 32> The profile name can be up to 32 characters long. access (Optional) Specify whether the access is permit or deny. permit Specify that the packets that match the addresses defined in the profiles will be permitted.
Page 293 34. Limited Multicast IP Address Commands  Restrictions None.  Example To display the limited multicast address range on VLAN 1: Zxxx0:admin#show limited_multicast_addr vlanid 1 Command: show limited_multicast_addr vlanid 1 VLAN Access : Deny Profile ID Name Multicast Addresses ----------- ----------- ----------------------------- customer...
Page 294 34. Limited Multicast IP Address Commands 34.8. config max_mcast_group  Description This command is used to configure the maximum number of multicast groups a port or VLAN can join. If the IPv4 or IPv6 option is not specified, IPv4 is implied. When the joined groups for a port or a VLAN have reached the maximum number, the newly learned group will be dropped if the action is specified as drop.
Page 295 34. Limited Multicast IP Address Commands Zxxx0:admin# config max_mcast_group ports 1, 3 max_group 100 Command: config max_mcast_group ports 1, 3 max_group 100 Success. Zxxx0:admin# 34.9. show max_mcast_group  Description This command is used to display the maximum number of multicast groups that a port or VLAN can join.
Page 296: Link Aggregation Commands
35. Link Aggregation Commands 35.Link Aggregation Commands Link aggregation is a technology to connect two Switching Hubs with multiple ports and bundle them as one port. This provides path redundancy and enhanced bandwidth. You can select how to distribute communications to bundled ports from several methods.
Page 297 35. Link Aggregation Commands  Parameters <value 1-32> Specify the group ID. The group number identifies each of the groups. The Switching Hub allows up to 32 link aggregation groups to be configured. type (Optional) Specify the group type belongs to static or LACP. If type is not specified, the default is the static type.
Page 298 35. Link Aggregation Commands Zxxx0:admin#delete link_aggregation group_id 3 Command: delete link_aggregation group_id 3 Success. Zxxx0:admin# 35.3. config link_aggregation group_id  Description This command allows you to configure a link aggregation group that was created with the create link_aggregation command above. ...
Page 299 35. Link Aggregation Commands Zxxx0:admin#config link_aggregation group_id 1 master_port 7 ports 5-7 Command: config link_aggregation group_id 1 master_port 7 ports 5-7 Success. Zxxx0:admin# 35.4. config link_aggregation algorithm  Description This command is used to configure the part of the packet examined by the Switching Hub when selecting the egress port for transmitting load-sharing data.
Page 300 35. Link Aggregation Commands  Example To configure the link aggregation algorithm to mac-source-dest: Zxxx0:admin#config link_aggregation algorithm mac_source_dest Command: config link_aggregation algorithm mac_source_dest Success. Zxxx0:admin# 35.5. show link_aggregation  Description This command is used to display the current link aggregation configuration of the Switching Hub.
Page 301 35. Link Aggregation Commands  Example To display the current link aggregation configuration when link aggregation is enabled: Zxxx0:admin#show link_aggregation Command: show link_aggregation Link Aggregation Algorithm = MAC_Source_Dest Group ID Type : LACP Master Port Member Port : 1-8 Active Port Status : Enabled Flooding Port : 7...
Page 302: Lldp Commands
36. LLDP Commands 36.LLDP Commands LLDP (Link Layer Discovery Protocol) is a function to periodically collect connected device information. If devices, such as an IP phone, printer, and network camera, support LLDP, you can learn what devices are connected where. This function also allows you to identify configuration errors based on collected information and change the protocol settings or Switching Hub operations according to the information.
Page 303: Enable Lldp
36. LLDP Commands config lldp_med ports [<portlist> | all] med_transmit_capabilities [all | {capabilities | network_policy | inventory}(1)] state [enable | disable] show lldp_med ports {<portlist>} show lldp_med show lldp_med local_ports {<portlist>} show lldp_med remote_ports {<portlist>} show lldp local_ports {<portlist>} {mode [brief | normal | detailed]} show lldp mgt_addr {[ipv4 <ipaddr>...
Page 304: Disable Lldp
36. LLDP Commands 36.2. disable lldp  Description This command is used to disable LLDP. The Switching Hub will stop the sending and receiving of LLDP advertisement packets.  Format disable lldp  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 305 36. LLDP Commands  Format config lldp [message_tx_interval <sec 5-32768> | message_tx_hold_multiplier <int 2- 10> | tx_delay <sec 1-8192> | reinit_delay <sec 1-10>]  Parameters message_tx_interval Specify the message TX interval between consecutive transmissions of LLDP advertisements on any given port. <sec 5-32768>...
Page 306: Show Lldp
36. LLDP Commands To configure the delay-interval interval: Zxxx0:admin#config lldp tx_delay 8 Command: config lldp tx_delay 8 Success. Zxxx0:admin# To change the re-initialization delay interval to five seconds: Zxxx0:admin#config lldp reinit_delay 5 Command: config lldp reinit_delay 5 Success. Zxxx0:admin# 36.4. show lldp ...
Page 307 36. LLDP Commands  Example To display LLDP: Zxxx0:admin#show lldp Command: show lldp LLDP System Information Chassis ID Subtype : MAC Address Chassis ID : 00-11-22-33-44-55 System Name System Description : Gigabit Ethernet Switch System Capabilities : Repeater, Bridge LLDP Configurations LLDP Status : Disabled LLDP Forward Status...
Page 308 36. LLDP Commands  Example To enable LLDP forwarding messages: Zxxx0:admin#config lldp forward_message enable Command: config lldp forward_message enable Success. Zxxx0:admin# 36.6. config lldp notification_interval  Description This command is used to configure LLDP timer values. This will globally change the interval between successive LLDP change notifications generated by the Switching Hub.
Page 309: Config Lldp Ports
36. LLDP Commands 36.7. config lldp ports  Description Use this command to configure LLDP options by port. Enable or disable each port for sending change notification to configured SNMP trap receiver(s) if an LLDP data change is detected in an advertisement received on the port from an LLDP neighbor. The definition of change includes new available information, information timeout, information update.
Page 310 36. LLDP Commands  Format config lldp ports [<portlist> | all] [notification [enable | disable] | admin_status [tx_only | rx_only | tx_and_rx | disable] | mgt_addr [ipv4 <ipaddr> | ipv6 <ipv6addr>] [enable | disable] | basic_tlvs [{all} | {port_description | system_name | system_description | system_capabilities}] [enable | disable] | dot1_tlv_pvid [enable | disable] | dot1_tlv_protocol_vid [vlan [all | <vlan_name 32>] | vlanid <vidlist>] [enable | disable] | dot1_tlv_vlan_name [vlan [all | <vlan_name 32>] | vlanid <vidlist>] [enable...
Page 311 36. LLDP Commands basic_tlvs Configure an individual port or group of ports to exclude one or more of optional TLV data types from outbound LLDP advertisements. (Optional) Configure all four TLV data types listed below. port_description (Optional) This TLV optional data type indicates that LLDP agent should transmit "Port Description TLV"...
Page 312 36. LLDP Commands dot1_tlv_vlan_name This TLV optional data type indicates whether the corresponding Local System's VLAN name instance will be transmitted on the port. If a port is associated with multiple VLANs, those enabled VLAN ID will be advertised. The default state is disabled. vlan (Optional) Specify a VLAN to be transmitted.
Page 313 36. LLDP Commands dot3_tlvsAn individual port or group of ports to exclude one or more of IEEE 802.3 Organizationally Specific TLV data types from outbound LLDP advertisements. (Optional) Configure all of the TLV optional data types below. mac_phy_configuration_status (Optional) This TLV optional data type indicates that LLDP agent should transmit "MAC/PHY configuration/status TLV."...
Page 314 36. LLDP Commands To enable ports 1 to 5 to manage address entries: Zxxx0:admin#config lldp ports 1-5 mgt_addr ipv4 192.168.254.10 enable Command: config lldp ports 1-5 mgt_addr ipv4 192.168.254.10 enable Success. Zxxx0:admin# To exclude the system name TLV from the outbound LLDP advertisements for all ports: Zxxx0:admin#config lldp ports all basic_tlvs system_name enable Command: config lldp ports all basic_tlvs system_name enable...
Page 315: Show Lldp Ports
36. LLDP Commands To exclude the protocol identity TLV from the outbound LLDP advertisements for all ports: Zxxx0:admin#config lldp ports all dot1_tlv_protocol_identity all enable Command: config lldp ports all dot1_tlv_protocol_identity all enable Success. Zxxx0:admin# To exclude the MAC/PHY configuration/status TLV from the outbound LLDP advertisements for all ports: Zxxx0:admin#config lldp ports all dot3_tlvs mac_phy_configuration_status enable Command: config lldp ports all dot3_tlvs mac_phy_configuration_status enable...
Page 316 36. LLDP Commands  Example To display LLDP TLV option port 1: Zxxx0:admin#show lldp ports 1 Command: show lldp ports 1 Port ID -------------------------------------------------------------- Admin Status : TX_and_RX Notification Status : Disabled Advertised TLVs Option Port Description Disabled System Name Disabled System Description Disabled...
Page 317 36. LLDP Commands Only Administrator and Operator-level users can issue this command.  Example To configure a LLDP-MED fast start repeat count of 5: Zxxx0:admin#config lldp_med fast_start repeat_count 5 Command: config lldp_med fast_start repeat_count 5 Success. Zxxx0:admin# 36.10. config lldp_med log state ...
Page 318 36. LLDP Commands 36.11. config lldp_med notification topo_change ports  Description This command is used to enable or disable each port for sending topology change notification to configured SNMP trap receiver(s) if an endpoint device is removed or moved to another port. The default state is disabled. ...
Page 319 36. LLDP Commands 36.12. config lldp_med ports  Description This command is used to enable or disable transmitting LLDP-MED TLVs. It effectively disables LLDP-MED on a per-port basis by disabling transmission of TLV capabilities. In this case, the remote table's objects in the LLDP-MED MIB corresponding to the respective port will not be populated.
Page 320 36. LLDP Commands 36.13. show lldp_med ports  Description This command is used to display LLDP-MED per port configuration for advertisement options.  Format show lldp_med ports {<portlist>}  Parameters <portlist>Specify a range of ports to be displayed. When a port list is not specified, information for all ports will be displayed. ...
Page 321 36. LLDP Commands  Parameters None.  Restrictions None.  Example To display the Switching Hub's general LLDP-MED configuration status: Zxxx0:admin#show lldp_med Command: show lldp_med LLDP-MED System Information: Device Class : Network Connectivity Device Hardware Revision : A1 Firmware Revision : 1.0.0.xx Software Revision : 1.0.0.xx...
Page 322 36. LLDP Commands When a port list is not specified, information for all ports will be displayed.  Restrictions None.  Example To display LLDP-MED information currently available for populating outbound LLDP- MED advertisements for port 1: Zxxx0:admin#show lldp_med local_ports Command: show lldp_med local_ports 1 Port ID -----------------------------------------------------------------...
Page 323 36. LLDP Commands When a port list is not specified, information for all ports will be displayed.  Restrictions None.  Example To display remote entry information:...
Page 324 36. LLDP Commands Zxxx0:admin#show lldp_med remote_ports 1 Command: show lldp_med remote_ports 1 Port ID : 1 ---------------------------------------------------------------------------- Remote Entities Count : 1 Entity 1 Chassis ID Subtype : MAC Address Chassis ID : 00-01-02-03-04-00 Port ID Subtype : Net Address Port ID : 172.18.10.11 LLDP-MED capabilities:...
Page 325 36. LLDP Commands Inventory Management: Hardware Revision Firmware Revision Software Revision Serial Number Manufacturer Name Model Name Asset ID Zxxx0:admin# 36.17. show lldp local_ports  Description This command is used to display the per-port information currently available for populating outbound LLDP advertisements. ...
Page 326 36. LLDP Commands  Example To display LLDP local port information for port 1: Zxxx0:admin#show lldp local_ports Command: show lldp local_ports 1 Port ID : 1 ----------------------------------------------------------------------------- Port ID Subtype : MAC Address Port ID : 00-01-02-03-05-00 Port Description : Zxxx0 R1.0.0.xx Port 1 on Unit 1 Port PVID Management Address Count...
Page 327 36. LLDP Commands  Example To display the LLDP management address: Zxxx0:admin#show lldp mgt_addr Command: show lldp mgt_addr Address 1 : ------------------------------------------------------ Subtype : IPv4 Address : 10.19.72.38 IF Type : Unknown : 1.3.6.1.4.1.396.5.4.1.xx Advertising Ports Total Entries : 1 Zxxx0:admin# 36.19.
Page 328: Show Lldp Statistics
36. LLDP Commands  Example To display LLDP information for remote ports 1 and 2: Zxxx0:admin#show lldp remote_ports 1-2 Command: show lldp remote_ports 1-2 Remote Entities Count : 0 Zxxx0:admin# 36.20. show lldp statistics  Description This command is used to display an overview of neighbor detection activity on the Switching Hub.
Page 329: Show Lldp Statistics Ports
36. LLDP Commands 36.21. show lldp statistics ports  Description This command is used to display LLDP statistic information for individual ports.  Format show lldp statistics ports {<portlist>}  Parameters <portlist>(Optional) Specify the ports to be displayed. When a port list is not specified, information for all ports will be displayed.
Page 330 36. LLDP Commands...
Page 331: Loopback Interface Commands
37. Loopback Interface Commands 37.Loopback Interface Commands A loopback interface is a virtual interface to set this Switching Hub as an output destination. Assigning a network address to a loopback interface allows you to configure a virtual network. It is also used in other protocols, such as OSPF and BGP.
Page 332 37. Loopback Interface Commands  Example To create one loopback interface named loopback1 with subnet address 20.1.1.1/8 and enable the admin state: Zxxx0:admin# create loopback ipif loopback1 20.1.1.1/8 state enable Command: create loopback ipif loopback1 20.1.1.1/8 state enable Success. Zxxx0:admin# 37.2.
Page 333 37. Loopback Interface Commands Zxxx0:admin# config loopback ipif loopback1 ipaddress 10.0.0.1/8 Command: config loopback ipif loopback1 ipaddress 10.0.0.1/8 Success. Zxxx0:admin# 37.3. show loopback ipif  Description This command is used to display the information of the loopback interface.  Format show loopback ipif {<ipif_name 12>} ...
Page 334 37. Loopback Interface Commands 37.4. delete loopback ipif  Description This command is used to delete a loopback interface.  Format delete loopback ipif [<ipif_name 12> | all]  Parameters <ipif_name 12> Enter the IP interface name used for this configuration here. This name can be up to 12 characters long.
Page 335: Mac Notification Commands
38. MAC Notification Commands 38.MAC Notification Commands These commands are used to send a notification to the management server using a SNMP trap when a new entry is registered in the MAC address table of this Switching Hub. It detects access to the network from unauthorized devices. Figure 38-1 MAC Notification overview enable mac_notification disable mac_notification...
Page 336 38. MAC Notification Commands  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command.  Example To enable the MAC notification function: Zxxx0:admin#enable mac_notification Command: enable mac_notification Success. Zxxx0:admin# 38.2. disable mac_notification  Description This command is used to disable the trap notification for new learned MAC addresses on the Switch.
Page 337 38. MAC Notification Commands 38.3. config mac_notification  Description This command is used to configure the Switching Hub's MAC address table notification global settings.  Format config mac_notification {interval <int 1-2147483647> | historysize <int 1-500>}(1)  Parameters interval Specify the time interval in seconds to trigger the notification. <int 1-2147483647>...
Page 338 38. MAC Notification Commands  Parameters <portlist>Specify a range of ports to be configured. Specify to set all ports in the system. enable Specify to enable the port's MAC address table notification. disable Specify to disable the port's MAC address table notification. ...
Page 339 38. MAC Notification Commands Zxxx0:admin#show mac_notification Command: show mac_notification Global MAC Notification Settings State : Enabled Interval History Size : 500 Zxxx0:admin# 38.6. show mac_notification ports  Description This command is used to display the port's MAC address table notification status settings.
Page 340: Mac-Based Access Control Commands
39. MAC-based Access Control Commands 39.MAC-based Access Control Commands MAC-based Access Control is a function to authorize a device connected to the Switching Hub based on its MAC address to control access to the network. A RADIUS server or local database in this Switching Hub can be selected for the authentication server.
Page 341 39. MAC-based Access Control Commands 39.1. enable mac_based_access_control  Description This command is used to enable the MAC-based access control function.  Format enable mac_based_access_control  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 342 39. MAC-based Access Control Commands  Example To disable MAC-based access control: Zxxx0:admin#disable mac_based_access_control Command: disable mac_based_access_control Success. Zxxx0:admin# 39.3. config mac_based_access_control password  Description This command is used to set the password that will be used for authentication via RADIUS server.
Page 343 39. MAC-based Access Control Commands 39.4. config mac_based_access_control method  Description This command is used to authenticate via a local database or a RADIUS server.  Format config mac_based_access_control method [local | radius]  Parameters local Specify to authenticate via local database. radius Specify to authenticate via RADIUS server.
Page 344 39. MAC-based Access Control Commands  Parameters <portlist>When a port is configured as gurest VLAN member port, this port will move to guest VLAN if it's MAC-based access control state is enable.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 345 39. MAC-based Access Control Commands  Parameters <portlist>Specify a range of ports to configure the MAC-based access control settings Specify to select all the ports. state Specify whether the MAC-based access control function is enabled or disabled. enable Specify to enable the MAC-based access control function. disable Specify to disable the MAC-based access control function.
Page 346 39. MAC-based Access Control Commands 39.7. create mac_based_access_control  Description This command is used to create a MAC-based access control guest VLAN.  Format create mac_based_access_control [guest_vlan <vlan_name 32> | guest_vlanid <vlanid 1-4094>]  Parameters guest_vlan Specify the name of the guest VLAN. <vlan_name 32>...
Page 347 39. MAC-based Access Control Commands 39.8. delete mac_based_access_control  Description This command is used to delete MAC-based access control guest VLANs.  Format delete mac_based_access_control [guest_vlan <vlan_name 32> | guest_vlanid < vlanid 1-4094>]  Parameters guest_vlan Specify the name of the guest VLAN. <vlan_name 32>...
Page 348 39. MAC-based Access Control Commands 39.9. clear mac_based_access_control auth_state  Description This command is used to clear the authentication state of a user (or port). The port (or the user) will return to un-authenticated state. All the timers associated with the port (or the user) will be reset.
Page 349 39. MAC-based Access Control Commands 39.10. create mac_based_access_control_local  Description This command is used to create a database entry.  Format create mac_based_access_control_local mac <macaddr> {[vlan <vlan_name 32> | vlanid <vlanid 1-4094>]}  Parameters <macaddr> Specify the MAC address that access accepts by local mode. vlan (Optional) If the MAC address is authorized, the port will be assigned to this VLAN.
Page 350 39. MAC-based Access Control Commands 39.11. config mac_based_access_control_local  Description This command is used to modify a database entry.  Format config mac_based_access_control_local mac <macaddr> [vlan <vlan_name 32> | vlanid <vlanid 1-4094> | clear_vlan]  Parameters <macaddr> Specify the MAC address that access is accepted by local mode. vlan If the MAC address is authorized, the port will be assigned to this VLAN.
Page 351: Authorization Attributes
39. MAC-based Access Control Commands 39.12. config mac_based_access_control max_users  Description This command is used to configure the MAC-based access control maximum number of authorized users.  Format config mac_based_access_control max_users [<value 1-4000> | no_limit]  Parameters <value 1-4000> Specify the maximum number of authorized users. no_limit Specify an unlimited number(4000) of users.
Page 352 39. MAC-based Access Control Commands  Format config mac_based_access_control authorization attributes {radius [enable | disable] | local [enable | disable]}(1)  Parameters radius Specify to enable or disable the authorized attributes assigned by the RADIUS server that will be accepted. enable If specified to enable, the authorized attributes (for example VLAN, 802.1p default priority, and ACL) assigned by the RADIUS server will be accepted if the global...
Page 353 39. MAC-based Access Control Commands 39.14. delete mac_based_access_control_local  Description This command is used to delete a database entry  Format delete mac_based_access_control_local [mac <macaddr> | vlan <vlan_name 32> | vlanid <vlanid 1-4094>]  Parameters Delete database by this MAC address. <macaddr>...
Page 354 39. MAC-based Access Control Commands 39.15. show mac_based_access_control auth_state ports  Description This command is used to display MAC-based access control authentication MAC information.  Format show mac_based_access_control auth_state ports {<portlist>}  Parameters <portlist>(Optional) Specify the ports to display.  Restrictions None.
Page 355 39. MAC-based Access Control Commands 39.16. show mac_based_access_control  Description This command is used to display MAC-based access control information.  Format show mac_based_access_control {ports {<portlist>}}  Parameters ports (Optional) Specify to display the MAC-based access control port state. <portlist> Specify a range of ports to be displayed.
Page 356 39. MAC-based Access Control Commands Zxxx0:admin#show mac_based_access_control ports 1-4 Command: show mac_based_access_control ports 1-4 Port State Aging Time Block Time Max User (min) (sec) ----- -------- ---------- --------- -------- Disabled 1440 1024 Disabled 1440 1024 Disabled 1440 1024 Disabled 1440 1024 Zxxx0:admin# 39.17.
Page 357 39. MAC-based Access Control Commands Zxxx0:admin#show mac_based_access_control_local Command: show mac_based_access_control_local MAC Address ----------------- ------ 00-00-00-00-00-01 Total Entries:1 Zxxx0:admin# To display MAC-based access control local data by MAC address: Zxxx0:admin#show mac_based_access_control_local mac 00-00-00-00-00-01 Command: show mac_based_access_control_local mac 00-00-00-00-00-01 MAC Address ----------------- ------ 00-00-00-00-00-01 Total Entries:1...
Page 358 39. MAC-based Access Control Commands  Parameters state Specifies the log state for MAC-based Access Control. enable Specifies that the log for MAC-based Access Control will be enabled. disable Specifies that the log for MAC-based Access Control will be disabled. ...
Page 359 39. MAC-based Access Control Commands  Example To enable the trap state for MAC-based Access Control: Zxxx0:admin# config mac_based_access_control trap state enable Command: config mac_based_access_control trap state enable Success. Zxxx0:admin# 39.20. config mac_based_access_control password_type  Description This command is used to configure the type of RADIUS authentication password for MAC-based Access Control.
Page 360 39. MAC-based Access Control Commands Zxxx0:admin# config mac_based_access_control password_type client_mac_address Command: config mac_based_access_control password_type client_mac_address Success. Zxxx0:admin# To configure the MAC-based Access Control using "manual_string" as authentication password: Zxxx0:admin# config mac_based_access_control password_type manual_string Command: config mac_based_access_control password_type manual_string Success. Zxxx0:admin#...
Page 361 39. MAC-based Access Control Commands...
Page 362: Mirror Commands
40. Mirror Commands 40.Mirror Commands The commands are used to mirror (copy) transmit and receive packets on a specified port to other port and monitor packet contents. You can configure the settings, such as mirroring of all transmit and receive packets by setting multiple ports to a mirror group or mirroring of only transmit or receive packets.
Page 363 40. Mirror Commands  Parameters <value 1-4> Enter the mirror group ID used here. This value must be between 1 and 4.  Restrictions Only Administrator and Operator-level users can issue this command.  Example Create mirror group 3: Zxxx0:admin# create mirror group_id 3 Command: create mirror group_id 3 Success.
Page 364 40. Mirror Commands  Restrictions Only Administrator and Operator-level users can issue this command.  Example To add mirroring target port 6 and the source ports 1 to 5 rx and tx packets: Zxxx0:admin#config mirror port 6 add source ports 1-5 both Command: config mirror port 6 add source ports 1-5 both Success.
Page 365 40. Mirror Commands state (Optional) Specifies the mirror group state to enable or disable the mirror group function. enable Specifies that the mirror group state will be enabled. disable Specifies that the mirror group state will be disabled.  Restrictions Only Administrator and Operator-level users can issue this command.
Page 366: Enable Mirror
40. Mirror Commands 40.5. enable mirror  Description This command, combined with the disable mirror command below, allows you to enable or disable mirror function without having to modify the mirror session configuration. If the target port hasn't been set, enable mirror will not take effect. ...
Page 367: Disable Mirror
40. Mirror Commands 40.6. disable mirror  Description This command, combined with the enable mirror command above, allows you to enable or disable mirror function without having to modify the mirror session configuration.  Format disable mirror  Parameters None. ...
Page 368 40. Mirror Commands  Restrictions None.  Example To display mirroring configuration: Zxxx0:admin#show mirror Command: show mirror Mirror Global State: Disabled Group State Target Port Source Ports ------- ---------- ------------- ---------------------------------------------- Enabled RX: 2-3 TX: 2-3 Zxxx0:admin#...
Page 369: Mld Snooping Commands
41. MLD Snooping Commands 41.MLD Snooping Commands MLD (Multicast Listener Discovery) is a protocol to manage multicast groups in an IPv6 environment. It is a protocol equivalent to IGMP in IPv4. MLD snooping is a filtering function to monitor MLD packets flowing on ports of the Switching Hub and prevent data from flowing to unnecessary ports.
Page 370 41. MLD Snooping Commands config mld_snooping mrouter_ports [vlan <vlan_name 32> | vlanid <vlanid_list>] [add | delete] <portlist> config mld_snooping mrouter_ports_forbidden [vlan <vlan_name 32> | vlanid <vlanid_list>] [add | delete] <portlist> enable mld_snooping disable mld_snooping show mld_snooping {[vlan <vlan_name 32> | vlanid <vlanid_list >]} show mld_snooping group {[vlan <vlan_name 32>...
Page 371 41. MLD Snooping Commands fast_done Enable or disable the MLD snooping fast leave function. If enabled, the membership is immediately removed when the system receive the MLD leave message. enable Enable the MLD snooping fast leave function. disable Disable the MLD snooping fast leave function. proxy_reporting Specifies that the proxy reporting function will be configured.
Page 372 41. MLD Snooping Commands vlanid Specify a range of VLANs to be configured. <vlanid_list> Specify the VLAN ID list. <value 1-1000> Specify the rate limit of MLD control packet that the Switching Hub can process on a specific port/VLAN. The rate is specified in packet per second. The packet that exceeds the limited rate will be dropped.
Page 373 41. MLD Snooping Commands To display the MLD snooping packet rate limit for ports 1 to 2: Zxxx0:admin#show mld_snooping rate_limit ports 1-2 Command: show mld_snooping rate_limit ports 1-2 Port Rate Limit -------- ------------ No Limit No Limit Total Entries: 2 Zxxx0:admin# 41.4.
Page 374 41. MLD Snooping Commands Zxxx0:admin#create mld_snooping static_group vlan vlan1 FF1E::1 Command: create mld_snooping static_group vlan vlan1 FF1E::1 Success. Zxxx0:admin# 41.5. config mld_snooping static_group  Description This command is used to configure an MLD snooping static group on the Switching Hub. When a port is configured as a static member port, the MLD protocol will not operate on this port.
Page 375 41. MLD Snooping Commands Zxxx0:admin#config mld_snooping static_group vlan default FF1E::1 delete 9-10 Command: config mld_snooping static_group vlan default FF1E::1 delete 9-10 Success. Zxxx0:admin# 41.6. delete mld_snooping static_group  Description This command is used to delete an MLD snooping static group on the Switching Hub. The deletion of an MLD snooping static group will not affect the MLD snooping dynamic member ports for a group.
Page 376 41. MLD Snooping Commands 41.7. show mld_snooping static_group  Description This command is used to display the MLD snooping static groups.  Format show mld_snooping static_group {[vlan <vlan_name 32> | vlanid <vlanid_list>] <ipv6addr>}  Parameters vlan (Optional) Specify the name of the VLAN on which the static group resides. <vlan_name 32>...
Page 377 41. MLD Snooping Commands 41.8. show mld_snooping statistic counter  Description This command is used to display the MLD snooping statistics counters for MLD protocol packets that are transmitted or received by the Switching Hub since MLD snooping was enabled. ...
Page 378 41. MLD Snooping Commands Zxxx0:admin#show mld_snooping statistic counter ports 1 Command: show mld_snooping statistic counter ports 1 Port # -------------------------------------------------- Group Number Receive Statistics Query MLD v1 Query MLD v2 Query Total Dropped By Rate Limitation Dropped By Multicast VLAN Report &...
Page 379 41. MLD Snooping Commands 41.9. clear mld_snooping statistics counter  Description This command is used to clear the MLD snooping statistics counters.  Format clear mld_snooping statistics counter  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 380 41. MLD Snooping Commands  Parameters vlan_name Specify the name of the VLAN for which MLD snooping querier is to be configured. <vlan_name 32> Specify the VLAN name. The maximum length is 32 characters. vlanid Specify the ID of the VLAN for which MLD snooping querier is to be configured. <vlanid_list>...
Page 381 41. MLD Snooping Commands version Specify the version of MLD packet that will be sent by this port. If a MLD packet received by the interface has a version higher than the specified version, this packet will be forward from router ports or VLAN flooding. <value 1-2>...
Page 382 41. MLD Snooping Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To set up static router ports: Zxxx0:admin#config mld_snooping mrouter_ports vlan default add 1-10 Command: config mld_snooping mrouter_ports vlan default add 1-10 Success.
Page 383 41. MLD Snooping Commands  Example To set up ports as forbidden router port: Zxxx0:admin#config mld_snooping mrouter_ports_forbidden vlan default add 1-10 Command: config mld_snooping mrouter_ports_forbidden vlan default add 1-10 Success. Zxxx0:admin# 41.13. enable mld_snooping  Description This command is used to enable MLD snooping on the Switching Hub. ...
Page 384 41. MLD Snooping Commands 41.14. disable mld_snooping  Description This command is used to disable MLD snooping on the Switching Hub. MLD snooping can be disabled only if IPv6 multicast routing is not being used. Disabling MLD snooping allows all MLD and IPv6 multicast traffic to flood within a given IPv6 interface. ...
Page 385 41. MLD Snooping Commands vlanid (Optional) Specify the ID of the VLAN for which to view the MLD snooping configuration. <vlanid_list> Specify the VLAN ID list. If no parameter is specified, the system will display all current MLD snooping configurations. ...
Page 386 41. MLD Snooping Commands 41.16. show mld_snooping group  Description This command is used to display the current MLD snooping group information on the Switching Hub.  Format show mld_snooping group {[vlan <vlan_name 32> | vlanid <vlanid_list> | ports <portlist>] {<ipv6addr>}} ...
Page 387 41. MLD Snooping Commands Zxxx0:admin#show mld_snooping group Command: show mld_snooping group Source/Group : 2001::1/FE1E::1 VLAN Name/VID :default/1 Member Ports : 1-2 UP Time : 26 Expiry Time : 258 Filter Mode : INCLUDE Source/Group : 2002::2/FE1E::1 VLAN Name/VID: : default/1 Member Ports UP Time : 29...
Page 388 41. MLD Snooping Commands forbidden (Optional) Display forbidden router ports that have been statically configured. If no parameter is specified, the system will display all router ports on the Switch.  Restrictions None.  Example To display router ports: Zxxx0:admin#show mld_snooping mrouter_ports all Command: show mld_snooping mrouter_ports all VLAN Name : default...
Page 389 41. MLD Snooping Commands vlanid (Optional) Specify the ID of the VLAN for which to view MLD snooping forwarding table information. <vlanid_list> Specify the VLAN ID list. If no parameter is specified, the system will display all currently configured MLD snooping forwarding entries. ...
Page 390: Login Banner And Prompt Commands
42. Login Banner and Prompt Commands 42.Login Banner and Prompt Commands These commands are used to change the command line interface (CLI) command prompt. config command_prompt [<string 16> | username | default] 42.1. config command_prompt  Description This command is used to modify the command prompt. The current command prompt consists of four parts: "product name"...
Page 391: Network Load Balancing (Nlb) Commands
43. Network Load Balancing (NLB) Commands 43.Network Load Balancing (NLB) Commands NLB is a load balancing function in Windows Server. It assigns the same virtual IP address to multiple servers providing the same services and uniformly distributes accesses from the clients. NLB has the unicast mode and multicast mode.
Page 392 43. Network Load Balancing (NLB) Commands <macaddr> Specifies the MAC address of the NLB multicast FDB entry to be created.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To create a NLB multicast FDB entry: Zxxx0:admin# create nlb multicast_fdb default 03-bf-01-01-01-01 Command: create nlb multicast_fdb default 03-bf-01-01-01-01 Success.
Page 393 43. Network Load Balancing (NLB) Commands Zxxx0:admin# delete nlb multicast_fdb default 03-bf-01-01-01-01 Command: delete nlb multicast_fdb default 03-bf-01-01-01-01 Success. Zxxx0:admin# 43.3. config nlb multicast_fdb  Description This command is used to configure the Switch's NLB multicast FDB entry.  Format config nlb multicast_fdb [<vlan_name 32>...
Page 394: Show Nlb Fdb
43. Network Load Balancing (NLB) Commands 43.4. show nlb fdb  Description This command is used to show the NLB configured entry.  Format show nlb fdb  Parameters None.  Restrictions None.  Example To display the NLB forwarding table: Zxxx0:admin# show nlb fdb Command: show nlb fdb MAC Address...
Page 395: Network Management Commands
44. Network Management Commands 44.Network Management Commands SNMP (Simple Network Management Protocol) is a protocol to monitor and manage network-connected devices via network. Target devices have a management information database called MIB (Management Information Base). SNMP monitors and controls them through access to their MIBs using an external management manager.
Page 396: Disable Snmp
44. Network Management Commands  Format enable snmp  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command.  Example To enable SNMP: Zxxx0:admin#enable snmp Command: enable snmp Success. Zxxx0:admin# 44.2. disable snmp  Description This command is used to disable the SNMP function. When SNMP function is disabled, the network manager will not be able to access SNMP MIB objects.
Page 397 44. Network Management Commands Zxxx0:admin#disable snmp Command: disable snmp Success. Zxxx0:admin# 44.3. create trusted_host  Description This command is used to create the trusted host. The Switching Hub allows you to specify up to twenty IP addresses (or IP ranges) that are allowed to manage the Switching Hub via in-band SNMP or Telnet based management software.
Page 398 44. Network Management Commands  Restrictions Only Administrator and Operator-level users can issue this command.  Example To create a trusted host: Zxxx0:admin#create trusted_host 10.48.74.121 Command: create trusted_host 10.48.74.121 Success. Zxxx0:admin# 44.4. config trusted_host  Description This command is used to configure the access interfaces for the trusted host. ...
Page 399 44. Network Management Commands  Restrictions Only Administrator and Operator-level users can issue this command.  Example To configure the trusted host: Zxxx0:admin#config trusted_host 10.48.74.121 add ssh telnet Command: config trusted_host 10.48.74.121 add ssh telnet Success. Zxxx0:admin# 44.5. delete trusted_host ...
Page 400 44. Network Management Commands  Example To delete a trusted host: Zxxx0:admin#delete trusted_host ipaddr 10.48.74.121 Command: delete trusted_host ipaddr 10.48.74.121 Success. Zxxx0:admin# 44.6. show trusted_host  Description This command is used to display the trusted hosts.  Format show trusted_host ...
Page 401 44. Network Management Commands 44.7. config snmp system_name  Description This command is used to configure the SNMP system name of the Switching Hub.  Format config snmp system_name <sw_name>  Parameters <sw_name> Specify an SNMP system name for the Switching Hub. A maximum of 255 characters is allowed.
Page 402 44. Network Management Commands  Restrictions Only Administrator and Operator-level users can issue this command.  Example To configure the Switching Hub location for "7F Server Room": Zxxx0:admin#config snmp system_location 7F Server Room Command: config snmp system_location 7F Server Room Success.
Page 403: Enable Snmp Traps
44. Network Management Commands 44.10. enable snmp traps  Description This command is used to enable SNMP trap support on the Switching Hub.  Format enable snmp traps  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command. ...
Page 404 44. Network Management Commands  Example To prevent SNMP traps from being sent from the Switching Hub: Zxxx0:admin#disable snmp traps Command: disable snmp traps Success. Zxxx0:admin# 44.12. enable snmp authenticate_traps  Description This command is used to enable SNMP authentication failure trap support. ...
Page 405 44. Network Management Commands 44.13. disable snmp authenticate_traps  Description This command is used to disable SNMP authentication failure trap support.  Format disable snmp authenticate_traps  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command. ...
Page 406 44. Network Management Commands  Example To enable SNMP linkchange trap support: Zxxx0:admin#enable snmp linkchange_traps Command: enable snmp linkchange_traps Success. Zxxx0:admin# 44.15. disable snmp linkchange_traps  Description This command is used to disable SNMP linkchange trap support.  Format disable snmp linkchange_traps ...
Page 407: Show Snmp Traps
44. Network Management Commands 44.16. config snmp linkchange_traps ports  Description This command is used to configure the sending of linkchange traps and per port control for sending of change traps.  Format config snmp linkchange_traps ports [all | <portlist>] [enable | disable] ...
Page 408 44. Network Management Commands ports (Optional) Specify a port or port range. <portlist> Specify a port or port range.  Restrictions None.  Example To display SNMP traps: Zxxx0:admin#show snmp traps Command: show snmp traps SNMP Traps : Enabled Authenticate Trap : Enabled Linkchange Traps : Enabled...
Page 409 44. Network Management Commands 44.18. config snmp coldstart_traps  Description This command is used to configure the trap state for coldstart events.  Format config snmp coldstart_traps [enable | disable]  Parameters enable Enable traps for coldstart events. The default state is enabled. disable Disable traps for coldstart events.
Page 410 44. Network Management Commands  Restrictions Only Administrator and Operator-level users can issue this command.  Example To enable traps for warmstart events: Zxxx0:admin#config snmp warmstart_traps enable Command: config snmp warmstart_traps enable Success. Zxxx0:admin# 44.20. config trap source_ipif  Description This command is used to force change the ipif information in trap messages.
Page 411 44. Network Management Commands To clear the configured trap source IP interface: Zxxx0:admin#config trap source_ipif none Command: config trap source_ipif none Success. Zxxx0:admin# 44.21. show trap source_ipif  Description This command is used to display the trap source IP interface. ...
Page 412: Config Rmon Trap
44. Network Management Commands 44.22. config rmon trap  Description This command is used to configure the trap state for RMON events.  Format config rmon trap {rising_alarm [enable | disable] | falling_alarm [enable | disable]}  Parameters rising_alarm (Optional) Specify the trap state for rising alarm. The default state is enabled. enable Enable the trap state for rising alarm.
Page 413: Show Rmon
44. Network Management Commands 44.23. show rmon  Description This command is used to display RMON related settings.  Format show rmon  Parameters None.  Restrictions None.  Example To display current RMON settings: Zxxx0:admin#show rmon Command: show rmon RMON Rising Alarm Trap : Enabled RMON Falling Alarm Trap...
Page 414: Network Monitoring Commands
45. Network Monitoring Commands 45.Network Monitoring Commands The commands are used to display the following data for this Switching Hub's operation status.  Counting the amount of transmission packets and error information for each port  Displaying the current port usage, CPU usage, DRAM usage, and flash usage In addition, the following functions can be executed.
Page 415: Show Packet Ports
45. Network Monitoring Commands 45.1. show packet ports  Description This command is used to display statistics about the packets sent and received by the Switching Hub.  Format show packet ports <portlist>  Parameters <portlist>Specify a port or range of ports to be displayed. ...
Page 416: Show Error Ports
45. Network Monitoring Commands Zxxx0:admin#show packet ports 7 Command: show packet ports 7 Port number : 7 Frame Size/Type Frame Counts Frames/sec --------------- ---------------------- ----------- 65-127 128-255 256-511 512-1023 1024-1518 1519-1522 1519-2047 2048-4095 4096-9216 Unicast RX Multicast RX Broadcast RX CTRL+C ESC q Quit SPACE n...
Page 417: Show Utilization
45. Network Monitoring Commands  Example To display the errors of port 3: Zxxx0:admin#show error ports 3 Command: show error ports 3 Port Number : 3 RX Frames TX Frames --------- --------- CRC Error Excessive Deferral Undersize CRC Error Oversize Late Collision Fragment Excessive Collision...
Page 418: Show Utilization Dram
45. Network Monitoring Commands Zxxx0:admin#show utilization ports Command: show utilization ports Port TX/sec RX/sec Util Port TX/sec RX/sec Util ------ ---------- ---------- ---- ------ ---------- ---------- ---- CTRL+C ESC q Quit SPACE n Next Page Previous Page Refresh To display CPU utilization: Zxxx0:admin# show utilization cpu Command: show utilization cpu CPU utilization :...
Page 419: Show Utilization Flash
45. Network Monitoring Commands  Parameters unit Specifies which unit on the stacking system. If it is not specified, it refers to the master unit. <unit_id> Enter the unit ID used here.  Restrictions None.  Example To display DRAM utilization: Zxxx0:admin# show utilization dram Command: show utilization dram DRAM utilization :...
Page 420: Clear Counters
45. Network Monitoring Commands Zxxx0:admin# show utilization flash Command: show utilization flash FLASH Memory Utilization : Total FLASH : 30608 Used FLASH 4786 Utilization CTRL+C ESC q Quit SPACE n Next Page Previous Page Refresh 45.6. clear counters  Description This command is used to clear the Switching Hub's statistics counters.
Page 421: Clear Log
45. Network Monitoring Commands 45.7. clear log  Description This command is used to clear the Switching Hub's history log.  Format clear log  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command.  Example To clear the Switching Hub's history log: Zxxx0:admin#clear log Command: clear log...
Page 422 45. Network Monitoring Commands severity (Optional) Specify the severity level: emergency, alert, critical, error, warning, notice, informational, or debug. module (Optional) Specify the modules to be displayed. The module can be obtained by the show log_software_module command. Use commas to separate multiple modules. <module_list>...
Page 423 45. Network Monitoring Commands 45.9. show log_save_timing  Description This command is used to display the method to save log.  Format show log_save_log_timing  Parameters None.  Restrictions None.  Example To display the method to save log: Zxxx0:admin#show log_save_timing Command: show log_save_timing Saving Log Method: On_demand...
Page 424 45. Network Monitoring Commands  Example To display the the protocols or applications that support the enhanced log: Zxxx0:admin#show log_software_module Command: show log_software_module DHCPv6_CLIENT ERROR_LOG MSTP Zxxx0:admin# 45.11. config log_save_timing  Description This command is used to set the method to save log. ...
Page 425: Enable Syslog
45. Network Monitoring Commands 45.12. enable syslog  Description This command is used to globally enable syslog to send log messages to a remote server.  Format enable syslog  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command. ...
Page 426: Show Syslog
45. Network Monitoring Commands  Example To disable syslog sending a message: Zxxx0:admin#disable syslog Command: disable syslog Success Zxxx0:admin# 45.14. show syslog  Description This command is used to display the syslog protocol global state.  Format show syslog  Parameters None.
Page 427: Config Syslog Host
45. Network Monitoring Commands 45.15. config syslog host  Description This command is used to configure the syslog host configuration.  Format config syslog host [<index> | all] {severity [emergency | alert | critical | error | warning | notice | informational | debug | <level 0-7>] | facility [local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7] | udp_port <udp_port_number>...
Page 428: Create Syslog Host
45. Network Monitoring Commands ipaddress Specify the IPv4 address or IPv6 address of the host. <ipaddr> Specify the IPv4 address of the host. <ipv6addr> Specify the IPv6 address of the host. state The syslog protocol has been used for the transmission of event notification messages across networks to host.
Page 429 45. Network Monitoring Commands ipaddress Specify the IPv4 address or IPv6 address of the host. <ipaddr> Specify the IPv4 address of the host. <ipv6addr> Specify the IPv6 address of the host. severity (Optional) Specify the severity level supported: emergency, alert, critical, error, warning, notice, informational, or debug.
Page 430: Delete Syslog Host
45. Network Monitoring Commands Zxxx0:admin# create syslog host 1 ipaddress 10.1.1.1 Command: create syslog host 1 ipaddress 10.1.1.1 Success. Zxxx0:admin# 45.17. delete syslog host  Description This command is used to delete syslog host(s).  Format delete syslog host [<index 1-4> | all] ...
Page 431: Show Syslog Host
45. Network Monitoring Commands 45.18. show syslog host  Description This command is used to display syslog host configurations.  Format show syslog host {<index 1-4>}  Parameters <index 1-4> (Optional) Specify the host index. If no parameter is specified, all hosts will be displayed. ...
Page 432 45. Network Monitoring Commands 45.19. config syslog source_ipif  Description This command is used to force change the ipif information in syslogs. By default, syslogs will carry the information of the ipif they belong to.  Format config syslog source_ipif [<ipif_name 12> {<ipaddr> | <ipv6addr>} | none] ...
Page 433 45. Network Monitoring Commands 45.20. show syslog source_ipif  Description This command is used to display the syslog source IP interface.  Format show syslog source_ipif  Parameters None.  Restrictions None.  Example To display the syslog source interface: Zxxx0:admin#show syslog source_ipif Command: show syslog source_ipif Syslog Source IP Interface Configuration:...
Page 434 45. Network Monitoring Commands If no parameter is specified, all entries in the attack log will be displayed.  Restrictions None.  Example To display the Switching Hub's attack log: Zxxx0:admin#show attack_log index 1-3 Command: show attack_log index 1-3 Index Date Time Level Log Text...
Page 435 45. Network Monitoring Commands Zxxx0:admin#clear attack_log Command: clear attack_log Success. Zxxx0:admin#...
Page 436: Packet Storm Commands
46. Packet Storm Commands 46.Packet Storm Commands A packet storm is a phenomenon where packets overflow on the network. It occurs when a large amount of broadcast or multicast data is sent simultaneously or a network device fails. A packet storm decreases network efficiency, interfering with normal communications.
Page 437: Config Traffic Control
46. Packet Storm Commands 46.1. config traffic control  Description This command is used to configure broadcast/multicast/unicast storm control. The broadcast storm control commands provide a hardware storm control mechanism only. These packet storm control commands include hardware and software mechanisms to provide shutdown, recovery, and trap notification functions.
Page 438 46. Packet Storm Commands countdown The timer for shutdown mode. When a port enters a shutdown RX state, and if this times out, the port will shut down the port forever. The default is 0 minutes. <min 0> Zero is the disable forever state. <min 3-30>...
Page 439 46. Packet Storm Commands  Parameters <min 0> Enter the automatic recovery time used here. This value will specifies the time to be 0 otherwise known as 'no recovery mode'. <min 1-65535> Enter the automatic recovery time used here. This value must be between 1 and 65535 minutes.
Page 440 46. Packet Storm Commands  Example To configure the traffic log state on the Switch: Zxxx0:admin# config traffic control log state enable Command: config traffic control log state enable Success. Zxxx0:admin# 46.4. config traffic trap  Description This command is used to configure whether storm control notification will be generated or not while traffic storm events are detected by a SW traffic storm control mechanism.
Page 441: Show Traffic Control
46. Packet Storm Commands Zxxx0:admin#config traffic trap both Command: config traffic trap both Success. Zxxx0:admin# 46.5. show traffic control  Description This command is used to display current traffic control settings.  Format show traffic control {<portlist>}  Parameters <portlist>(Optional) Specify a range of ports to be shown. If no parameter is specified, the system will display all port packet storm control configurations.
Page 442: Port Security Commands
47. Port Security Commands 47.Port Security Commands Port security is used to limit the number of MAC addresses learned in this Switching Hub to limit the number of terminals to be accessed. If the specified number of terminals to be accessed is exceeded, exceeded accesses are discarded.
Page 443 47. Port Security Commands  Format config port_security ports [<portlist> | all] [{admin_state [enable | disable] | max_learning_addr <max_lock_no 0-3328> | lock_address_mode [permanent | deleteontimeout | deleteonreset]}(1) | {vlan [<vlan_name 32> | vlanid <vidlist>] max_learning_addr [<max_lock_no 0-3328> | no_limit]}]  Parameters <portlist>Specify a range of ports to be configured.
Page 444 47. Port Security Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To configure port security: Zxxx0:admin#config port_security ports 6 admin_state enable max_learning_addr 10 lock_address_mode permanent Command: config port_security ports 6 admin_state enable max_learning_addr 10 lock_address_mode permanent Success.
Page 445 47. Port Security Commands  Parameters <max_lock_no 1-3328> Specify the maximum number of MAC address entries that can be learned by the system. If the setting is smaller than the number of current learned entries on all enabled ports, the command will be rejected. no_limit By default, the number above is set to no limit.
Page 446 47. Port Security Commands max_learning_addr Specify the maximum number of MAC address entries that can be learned with this VLAN. If this parameter is set to 0, it means that no user can get authorization on this VLAN. If the setting is smaller than the number of current learned entries on the VLAN, the command will be rejected.
Page 447 47. Port Security Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To delete the port security entry with a MAC address of 00-01-30-10-2c-c7 on the default VLAN: Zxxx0:admin#delete port_security_entry vlan default mac_address 00-01-30-10-2C-C7 Command: delete port_security_entry vlan default mac_address 00-01-30-10-2C-C7 Success.
Page 448 47. Port Security Commands  Example To clear port security entry for port 6: Zxxx0:admin#clear port_security_entry port 6 Command: clear port_security_entry port 6 Success. Zxxx0:admin# 47.6. show port_security_entry  Description This command is used to display a port security entry. ...
Page 449 47. Port Security Commands  Example To display a port security entry: Zxxx0:admin#show port_security_entry Command: show port_security_entry MAC Address Port Lock Mode ----------------- ---- ---------- 00-00-00-00-00-01 DeleteOnTimeout Total Entry Number: 1 Zxxx0:admin# 47.7. show port_security  Description This command is used to display the port security related information of the Switching Hub ports including the port security admin state, the maximum number of learning addresses, and the lock mode.
Page 450 47. Port Security Commands  Example To display the global configuration of port security: Zxxx0:admin# show port_security Command: show port_security Port Security Trap/Log : Disabled System Maximum Address : 512 VLAN Configuration (Only VLANs with limitation are displayed) VLAN Name Max.
Page 451 47. Port Security Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable a port security trap: Zxxx0:admin#enable port_security trap_log Command: enable port_security trap_log Success. Zxxx0:admin# 47.9. disable port_security trap_log  Description This command is used to disable a port security trap/log.
Page 452: Power Saving Commands
48. Power Saving Commands 48.Power Saving Commands The commands are used to configure the power saving mode. If a port is not link up, the mode periodically repeats turning ON/OFF the power feed to the port to save more power consumption than when the power feed is always ON.
Page 453 48. Power Saving Commands Zxxx0:admin# config power_saving state enable Command: config power_saving state enable Success Zxxx0:admin# 48.2. show power_saving  Description This command is used to display power saving information.  Format show power_saving  Parameters None.  Restrictions None. ...
Page 454: Protocol Vlan Commands
49. Protocol VLAN Commands 49.Protocol VLAN Commands Protocol VLAN is a function to determine a VLAN to which a port belongs based on protocol information written in the header of a receive packet. You can specify the frame type of Ethernet ver2, Sub Network Access Protocol (SNAP), or Link Logical Control (LLC) and map it to a VLAN.
Page 455 49. Protocol VLAN Commands Zxxx0:admin#create dot1v_protocol_group group_id 4 group_name General_Group Command: create dot1v_protocol_group group_id 4 group_name General_Group Success. Zxxx0:admin# 49.2. config dot1v_protocol_group  Description This command is used to add a protocol to a protocol group. The selection of a protocol can be a pre-defined protocol type or a user defined protocol.
Page 456 49. Protocol VLAN Commands delete protocol Specify the protocol to be deleted. Depending on the frame type, the octet string will have one of the following values below. The form of the input is 0x0 to 0xffff. ethernet_2 This is a 16-bit (2-octet) hex value. Example: IPv4 is 800, IPv6 is 86dd, ARP is 806, etc.
Page 457 49. Protocol VLAN Commands 49.3. delete dot1v_protocol_group  Description This command is used to delete a protocol group.  Format delete dot1v_protocol_group [group_id <id> | group_name <name 32> | all]  Parameters group_idSpecify the group ID to be deleted. <id> Specify the group ID to be deleted. group_name Specify the name of the protocol group to be deleted.
Page 458 49. Protocol VLAN Commands  Parameters group_id(Optional) Specify the group ID to be displayed. <id> Specify the group ID to be displayed. group_name (Optional) Specify the name of the protocol group. <name 32> Specify the name of the protocol group. The maximum length is 32 characters. If no parameter is specified, all configured protocol groups will be displayed.
Page 459 49. Protocol VLAN Commands  Parameters <portlist>Specify a range of ports to apply this command. Specify all ports. add protocol_group Specify to add a protocol group. group_id Specify the group ID of the protocol group. <id> Specify the group ID of the protocol group. group_name Specify the name of the protocol group.
Page 460: Show Port Dot1V
49. Protocol VLAN Commands 49.6. show port dot1v  Description This command is used to display the VLAN to be associated with untagged packets ingressed from a port based on the protocol group.  Format show port dot1v {ports <portlist>} ...
Page 461 49. Protocol VLAN Commands...
Page 462: Qos Commands
50. QoS Commands 50.QoS Commands QoS (Quality of Service) is a function to allocate the optimum bandwidth according to the communication purpose to secure response time and throughput required for each communication. It performs communication priority control based on the priority tag (priority information) added to the header of a receive packet.
Page 463 50. QoS Commands config bandwidth_control [<portlist> | all] {rx_rate [no_limit | <value 64-10240000>] | tx_rate [no_limit | <value 64-10240000>]}(1) show bandwidth_control {<portlist>} config per_queue bandwidth_control {ports [<portlist> | all]} <cos_id_list 0-7> {{min_rate [no_limit | <value 64-10240000>]} max_rate [no_limit | <value 64-10240000>]}(1) show per_queue bandwidth_control {<portlist>} config scheduling {ports [<portlist>...
Page 464 50. QoS Commands tx_rate (Optional) Specify the limitation of transmit data rate. no_limit Specify to indicate there is no limit on port tx bandwidth. <value 64-10240000> Specify an integer value from 64 to 10240000 to set a maximum limit in Kbits/sec. The specified bandwidth limit may be equaled but not exceeded.
Page 465 50. QoS Commands  Restrictions None.  Example To display the port bandwidth control table for ports 1 to 2: Zxxx0:admin#show bandwidth_control 1-2 Command: show bandwidth_control 1-2 Bandwidth Control Table Port RX Rate TX Rate Effective RX Effective TX (Kbit/sec) (Kbit/sec) (Kbit/sec) (Kbit/sec)
Page 466 50. QoS Commands min_rateSpecify that one of the parameters below will be applied to the minimum rate that the class specified above will be allowed to transmit packets at. no_limit Indicates there is no limit on egress queue of specified port bandwidth. <value 64-10240000>...
Page 467: Config Scheduling
50. QoS Commands  Restrictions None.  Example To display the port bandwidth control table for port 1: Zxxx0:admin#show per_queue bandwidth_control 1 Command: show per_queue bandwidth_control 1 Queue Bandwidth Control Table On Port: 1 Queue Min Rate(Kbit/sec) Max Rate(Kbit/sec) No Limit No Limit No Limit No Limit...
Page 468 50. QoS Commands weight Specifies the weight value for weighted round robin. The queue will operate in WRR mode if the port mode is WRR. It will operate in strict mode if the port mode is strict. <value 1-127> Enter the weight value here. This value must be between 1 and 127. ...
Page 469: Show Scheduling
50. QoS Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To configure the traffic scheduling mechanism for each CoS queue: Zxxx0:admin# config scheduling_mechanism strict Command: config scheduling_mechanism strict Success. Zxxx0:admin# To configure the traffic scheduling mechanism for the CoS queue on port 1:1: Zxxx0:admin# config scheduling_mechanism ports 1:1 strict Command: config scheduling_mechanism ports 1:1 strict Success.
Page 470 50. QoS Commands Zxxx0:admin#show scheduling Command: show scheduling QOS Output Scheduling On Port: 1 Class ID Weight -------- ------ Class-0 Class-1 Class-2 Class-3 Class-4 Class-5 Class-6 Class-7 QOS Output Scheduling On Port: 2 Class ID Weight -------- ------ Class-0 Class-1 Class-2 Class-3 Class-4...
Page 471 50. QoS Commands 50.8. show scheduling_mechanism  Description This command is used to display the traffic scheduling mechanism.  Format show scheduling_mechanism {<portlist>}  Parameters <portlist>(Optional) Specifies a range of ports to be displayed.  Restrictions None.  Example To display the scheduling mechanism for all ports: Zxxx0:admin#show scheduling_mechanism Command: show scheduling_mechanism Port...
Page 472 50. QoS Commands Zxxx0:admin#show scheduling_mechanism 1-10 Command: show scheduling_mechanism 1-10 Port Mode ----- ------ Strict Strict Strict Strict Strict Strict Strict Strict Strict Strict Zxxx0:admin# 50.9. config 802.1p user_priority  Description This command is used to configure the way by which the Switching Hub will map an incoming packet, based on its 802.1p user priority, to one of the eight available hardware priority queues on the Switching Hub.
Page 473 50. QoS Commands <class_id 0-7> Specify the number of the Switching Hub's hardware priority queue. The Switching Hub has eight hardware priority queues available. They are numbered between 0 (the lowest priority) and 7 (the highest priority).  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 474 50. QoS Commands  Example To display the 802.1p user priority: Zxxx0:admin#show 802.1p user_priority Command: show 802.1p user_priority QoS Class of Traffic Port 1 Priority-0 -> <Class-2> Priority-1 -> <Class-0> Priority-2 -> <Class-1> Priority-3 -> <Class-3> Priority-4 -> <Class-4> Priority-5 ->...
Page 475 50. QoS Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To configure an 802.1p default priority settings of 5 on all Switch ports: Zxxx0:admin#config 802.1p default_priority all 5 Command: config 802.1p default_priority all 5 Success.
Page 476 50. QoS Commands Zxxx0:admin#show 802.1p default_priority 1-4 Command: show 802.1p default_priority 1-4 Port Priority Effective Priority ---- ----------- ------------------ Zxxx0:admin# 50.13. enable hol_prevention  Description This command is used to enable head of line prevention on the Switching Hub.  Format enable hol_prevention ...
Page 477 50. QoS Commands 50.14. disable hol_prevention  Description This command is used to disable head of line prevention on the Switching Hub.  Format disable hol_prevention  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 478: Config Dscp Map
50. QoS Commands  Example To display HOL prevention state on the Switching Hub: Zxxx0:admin#show hol_prevention Command: show hol_prevention Device HOL Prevention State: Enabled Zxxx0:admin# 50.16. config dscp map  Description This command is used to configure DSCP mapping. The mapping of DSCP to priority will be used to determine the priority of the packet (which will be then used to determine the scheduling queue) when the port is in DSCP trust state.
Page 479: Config Dscp Trust
50. QoS Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To configure the mapping of the DSCP priority to priority 1 on port 1:1 -1:8 : Zxxx0:admin#config dscp map 1-8 dscp_priority 1 to 1 Command: config dscp map 1-8 dscp_priority 1 to 1 Success.
Page 480: Show Dscp Map
50. QoS Commands Zxxx0:admin#config dscp trust 1-8 state enable Command: config dscp trust 1-8 state enable Success. Zxxx0:admin# 50.18. show dscp map  Description This command is used to show DSCP trusted port list and mapped color, priority and DSCP. ...
Page 481: Show Dscp Trust
50. QoS Commands Zxxx0:admin# show dscp map 1 dscp_priority Command: show dscp map 1 dscp_priority DSCP to 802.1p Priority Mapping: Port 1 DSCP 0,2-7 is mapped to 0 DSCP 1,8-15 is mapped to 1 DSCP 16-23 is mapped to 2 DSCP 24-31 is mapped to 3 DSCP 32-39 is mapped to 4 DSCP 40-47 is mapped to 5...
Page 482 50. QoS Commands  Restrictions None.  Example Display DSCP trust status on ports 1:1-1:8. Zxxx0:admin# show dscp trust 1-8 Command: show dscp trust 1-8 Port DSCP-Trust ---- ---------- Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Zxxx0:admin#...
Page 483 50. QoS Commands...
Page 484: Ring Redundant Protocol (Rrp) Commands
51. Ring Redundant Protocol (RRP) Commands 51.Ring Redundant Protocol (RRP) Commands Ring Redundant Protocol (RRP) realizes to make a redundant network via ring topology to recover the communication failure quickly, when the device or link failure is happened. One ring topology unit is called “domain”, RRP controller is called “Master node”, and the other RRP members are called “Transit node”.
Page 485 51. Ring Redundant Protocol (RRP) Commands 51.1. config rrp domain  Description This command is used to configure the RRP domain.  Format config rrp domain <domain name> [type {master|transit}] [control_vlan_id <vid>] [data_vlan_id <vid list>] [primary_port <port num>] [secondary_port <port num>] [polling_interval <1-2sec>] [fail_period <2-5sec>] [ring_guard_port {primary|secondary|both|disable}] ...
Page 486 51. Ring Redundant Protocol (RRP) Commands fail_period Specify the fail period time to detect communication failure. The factory default is 2 sec. <2-5 sec> Specify the time between 2 and 5 seconds. polling_interval and fail_period are not allowed to set the same value. ring_guard_port （Option）Specify the ring guard function state.
Page 487 51. Ring Redundant Protocol (RRP) Commands  Parameters <domain name> Specify the domain name of the RRP domain with 1-25 characters. type Specify the RRP node type. master Specify the RRP node as Master. The Master node must be existed only one in domain.
Page 488 51. Ring Redundant Protocol (RRP) Commands  Restrictions Only Administrator and Operator-level users can issue this command.  Example To crete the “pc-ring” domain settings to node type=Transit, control VLAN=30, primary port=9, secondary port=10, data VLAN=1, polling interval=1, and fail period=2: Zxxx0:admin# create rrp domain pc-ring type transit control_vlan_id 30 primary_port 9 secondary_port 10 data_vlan_id 1 polling_interval 1 fail_period 2 Command: create rrp domain pc-ring type transit control_vlan_id 30 primary_port 9...
Page 489 51. Ring Redundant Protocol (RRP) Commands 51.4. disable rrp  Description This command used to disable the global RRP function state. The factory default is disable.  Format disable rrp  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command. ...
Page 490 51. Ring Redundant Protocol (RRP) Commands  Example To disable “pc-ring” domain state: Zxxx0:admin# disable rrp domain pc-ring Command: disable rrp domain pc-ring Success. Zxxx0:admin# 51.6. enable rrp  Description This command used to enable the global RRP function state. The factory default is disable. ...
Page 491 51. Ring Redundant Protocol (RRP) Commands  Parameters <domain name> Specify the RRP domain name to enable.  Restrictions Only Administrator and Operator-level users can issue this command.  Example To enable the “pc-ring” domain state: Zxxx0:admin# enable rrp domain pc-ring Command: enable rrp domain pc-ring Success.
Page 492 51. Ring Redundant Protocol (RRP) Commands  Example To display the RRP settings: Zxxx0:admin# show rrp Command: show rrp RRP Status : Enabled Total Domain Number(s) : 1 Domain Name Ctrl VLAN Data VLAN(s) Ring Status ------------ ---------- --------------------------------------- ----------- pc-ring Link-Up Zxxx0:admin#...
Page 493 51. Ring Redundant Protocol (RRP) Commands  Example To display“pc-ring” domain settings: Zxxx0:admin# show rrp status pc-ring Command: show rrp status pc-ring RRP Domain Name : pc-ring RRP Domain Status : Enabled RRP Node Type : Transit RRP Ring Status : Link-Up Primary Port : 10...
Page 494: Rspan Commands
52. RSPAN Commands 52.RSPAN Commands RSPAN (Remote Switched Port Analyzer) is a function to mirror receive packets to other Switching Hubs. You need to configure the RSPAN VLAN source setting on the packet source (source Switching Hub) and the RSPAN VLAN redirect setting on a Switching Hub which relays mirror packets.
Page 495: Enable Rspan
52. RSPAN Commands 52.1. enable rspan  Description This command is used to enable RSPAN globally.  Format enable rspan  Parameters None.  Restrictions Only Administrator and Operator-level users can issue this command.  Example To enable RSPAN globally: Zxxx0:admin#enable rspan Command: enable rspan Success.
Page 496: Create Rspan Vlan
52. RSPAN Commands  Example To disable the RSPAN globally: Zxxx0:admin#disable rspan Command: disable rspan Success. Zxxx0:admin# 52.3. create rspan vlan  Description This command is used to create an RSPAN VLAN. Up to 16 RSPAN VLANs can be created. ...
Page 497: Delete Rspan Vlan
52. RSPAN Commands Zxxx0:admin#create rspan vlan vlan_id 3 Command: create rspan vlan vlan_id 3 Success. Zxxx0:admin# 52.4. delete rspan vlan  Description This command is used to delete an RSPAN VLAN.  Format delete rspan vlan [vlan_name <vlan_name> | vlan_id <vlanid 1-4094>] ...
Page 498: Config Rspan Vlan
52. RSPAN Commands Zxxx0:admin#delete rspan vlan vlan_id 3 Command: delete rspan vlan vlan_id 3 Success. Zxxx0:admin# 52.5. config rspan vlan  Description This command is used by the source Switching Hub to configure the source setting for the RSPAN VLAN. The redirect command is used by the intermediate or last Switching Hub to configure the output port of the RSPAN VLAN packets, and makes sure that the RSPAN VLAN packets can egress to the redirect ports.
Page 499 52. RSPAN Commands source If the ports are not specified by this command, the source of RSPAN will come from the source specified by the mirror command or the flow-based source specified by an ACL. If no parameter is specified for source, it deletes the configured source parameters. mirror_group_id The mirror group identify that specify which mirror session used for RSPAN source function.
Page 500: Show Rspan
52. RSPAN Commands 52.6. show rspan  Description This command is used to display RSPAN configuration.  Format show rspan {[vlan_name <vlan_name> | vlan_id <vlanid 1-4094>]}  Parameters vlan_name Specify the RSPAN VLAN by VLAN name. <vlan_name> Specify the VLAN name. vlan_id Specify the RSPAN VLAN by VLAN ID.
Page 501 52. RSPAN Commands Zxxx0:admin# show rspan Command: show rspan RSPAN: Enabled RSPAN VLAN ID: 1 -------------------- Mirror Group ID Target Port : 1:1 Source Ports RSPAN VLAN ID: 2 -------------------- Redirect Ports : 1:6-1:10 RSPAN VLAN ID: 3 ---------------------- Redirect Ports : 1:6-1:10 Total RSPAN VLAN :3 Zxxx0:admin#...
Page 502: Snmpv1/V2/V3 Commands
53. SNMPv1/v2/v3 Commands 53.SNMPv1/v2/v3 Commands SNMP (Simple Network Management Protocol) is a protocol to monitor and manage network-connected devices via network. Target devices have a management information database called MIB (Management Information Base). SNMP monitors and controls them through access to their MIBs using an external management manager.
Page 503: Create Snmp User
53. SNMPv1/v2/v3 Commands 53.1. create snmp user  Description This command is used to create a new user to an SNMP group originated by this command. Users can choose input authentication and privacy by password or by key.  Format create snmp user <user_name 32>...
Page 504 53. SNMPv1/v2/v3 Commands Only Administrator-level users can issue this command.
Page 505: Delete Snmp User
53. SNMPv1/v2/v3 Commands  Example To create a new user to an SNMP group originated by this command: Zxxx0:admin#create snmp user manager MANAGER_group encrypted by_password auth sha 12345678 priv des 12345678 Command: create snmp user manager MANAGER_group encrypted by_password auth sha 12345678 priv des 12345678 Success.
Page 506: Show Snmp User
53. SNMPv1/v2/v3 Commands 53.3. show snmp user  Description This command is used to display information on each SNMP username in the group username table.  Format show snmp user  Parameters None.  Restrictions None.  Example To display SNMP user information: Zxxx0:admin#show snmp user Command: show snmp user Username...
Page 507: Create Snmp View
53. SNMPv1/v2/v3 Commands  Restrictions None.  Example To display the names of the SNMP groups on the Switching Hub: Zxxx0:admin#show snmp groups Command: show snmp groups Vacm Access Table Settings Group Name : public ReadView Name : CommunityView WriteView Name Notify View Name : CommunityView Security Model : SNMPv1...
Page 508: Delete Snmp View
53. SNMPv1/v2/v3 Commands  Parameters <view_name 32> Specify the view name to be created. <oid> Specify the object-identified tree (the MIB tree). view_type Specify the access type of of the MIB tree in this view. included Specify to include this view. excludedSpecify to exclude this view.
Page 509: Show Snmp View
53. SNMPv1/v2/v3 Commands  Example To remove a view record: Zxxx0:admin#delete snmp view managerview all Command: delete snmp view managerview all Success. Zxxx0:admin# 53.7. show snmp view  Description This command is used to display SNMP view records.  Format show snmp view {<view_name 32>} ...
Page 510: Create Snmp Community
53. SNMPv1/v2/v3 Commands 53.8. create snmp community  Description This command is used to create an SNMP community string. Use an SNMP community string to define the relationship between the SNMP manager and the agent. The community string acts like a password to permit access to the agent on the Switching Hub. You can specify one or more of the following characteristics associated with the string: A MIB view, which defines the subset of all MIB objects accessible to the given community;...
Page 511: Delete Snmp Community
53. SNMPv1/v2/v3 Commands 53.9. delete snmp community  Description This command is used to remove a specific community string.  Format delete snmp community <community_string 32>  Parameters <community_string 32> Specify the community string that will be deleted.  Restrictions Only Administrator-level users can issue this command.
Page 512 53. SNMPv1/v2/v3 Commands If a community string is not specified, all community string information will be displayed.  Restrictions None.  Example To display the current community string configurations: Zxxx0:admin#show snmp community Command: show snmp community SNMP Community Table Community Name View Name Access Right ----------------------------...
Page 513: Config Snmp Engineid
53. SNMPv1/v2/v3 Commands  Restrictions Only Administrator-level users can issue this command.  Example To create an SNMP community string called "community123" with the "read_only" security method: Zxxx0:admin# create snmp community_masking view CommunityView read_only Command: create snmp community_masking view CommunityView read_only Enter a case-sensitive community:************ Enter the community again for confirmation:************ Success.
Page 514: Show Snmp Engineid
53. SNMPv1/v2/v3 Commands 53.13. show snmp engineID  Description This command is used to display the identification of the SNMP engine on the Switching Hub.  Format show snmp engineID  Parameters None.  Restrictions None.  Example To display the identification of an SNMP engine: Zxxx0:admin#show snmp engineID Command: show snmp engineID SNMP Engine ID : 1023457890...
Page 515: Delete Snmp Group
53. SNMPv1/v2/v3 Commands Specify the most secure of the possible security models. Specifies authentication of a packet. noauth_nopriv Specify to neither support packet authentication nor encrypting. auth_nopriv Specify to support packet authentication. auth_priv Specify to support packet authentication and encrypting. read_view Specify the view name between 1 and 32 characters.
Page 516: Create Snmp
53. SNMPv1/v2/v3 Commands  Parameters <groupname 32> Specify the name of the group that will be deleted.  Restrictions Only Administrator-level users can issue this command.  Example To remove an SNMP group: Zxxx0:admin#delete snmp group MANAGER_group Command: delete snmp group MANAGER_group Success.
Page 517: Delete Snmp
53. SNMPv1/v2/v3 Commands <auth_string 32> Specify the authentication string. If v1 or v2 is specified, the auth_string presents the community string, and it must be one of the entries in the community table. If v3 is specified, the auth_string presents the user name, and it must be one of the entries in the user table.
Page 518: Show Snmp Host
53. SNMPv1/v2/v3 Commands Zxxx0:admin#delete snmp host 10.48.74.100 Command: delete snmp host 10.48.74.100 Success. Zxxx0:admin# 53.18. show snmp host  Description This command is used to display the recipient for which the traps are targeted.  Format show snmp host {<ipaddr>} ...
Page 519: Show Snmp V6Host
53. SNMPv1/v2/v3 Commands 53.19. show snmp v6host  Description This command is used to display the recipient for which the traps are targeted.  Format show snmp v6host {<ipv6addr>}  Parameters <ipv6addr> (Optional) Specify the v6host IP address. If no parameter is specified, all SNMP IPv6 hosts will be displayed. ...
Page 520 53. SNMPv1/v2/v3 Commands 53.20. enable community_encryption  Description This command is used to enable the encryption state on the SNMP community string.  Format enable community_encryption  Parameters None.  Restrictions Only Administrator-level users can issue this command.  Example To enable the encryption state on an SNMP community string: Zxxx0:admin# enable community_encryption Command: enable community_encryption...
Page 521 53. SNMPv1/v2/v3 Commands 53.21. disable community_encryption  Description This command is used to disable the encryption state on the SNMP community string.  Format disable community_encryption  Parameters None.  Restrictions Only Administrator-level users can issue this command.  Example To disable the encryption state on the SNMP community string: Zxxx0:admin# disable community_encryption Command: disable community_encryption...
Page 522 53. SNMPv1/v2/v3 Commands 53.22. show community_encryption  Description This command is used to display the encryption state on the SNMP community string.  Format show community_encryption  Parameters None.  Restrictions None.  Example To show the encryption state on the SNMP community string: Zxxx0:admin# show community_encryption Command: show community_encryption SNMP Community Encryption State : Enabled...
Page 523 53. SNMPv1/v2/v3 Commands...
Page 524: Spanning Tree Protocol (Stp) Commands
54. Spanning Tree Protocol (STP) commands 54.Spanning Tree Protocol (STP) commands  STP STP (Spanning Tree Protocol) is a function to provide path redundancy while preventing loops in a network established by connecting multiple bridges. Even if one end of a communication route is down, the function can continue communications by detouring the route.
Page 525 54. Spanning Tree Protocol (STP) commands  RSTP RSTP (Rapid Spanning Tree Protocol) is a modified STP protocol to reduce recovery time to several seconds during a route failure. When changing a route, the RSTP function determines port roles and changes the route immediately through information exchanges (proposal/agreement) between Switching Hubs instead of timers used in STP.
Page 526 54. Spanning Tree Protocol (STP) commands  MSTP MSTP (Multiple Spanning Tree Protocol) is also a modified STP protocol to communicate data for each VLAN using different routes. This allows for effective use of bandwidth. Consolidating multiple VLANS into a group called instance can reduce more CPU loads compared to when designing a spanning tree instance for each VLAN.
Page 527: Show Stp
54. Spanning Tree Protocol (STP) commands 54.1. show stp  Description This command is used to display the bridge parameters global settings.  Format show stp  Parameters None.  Restrictions None.  Example To display STP: Zxxx0:admin#show stp Command: show stp STP Bridge Global Settings ----------------------------- STP Status...
Page 528: Show Stp Ports
54. Spanning Tree Protocol (STP) commands  Parameters <value 0-64> (Optional) Specify the MSTP instance ID. Instance 0 represents the default instance: CIST. This value must be between 0 and 64.  Restrictions None.  Example To display STP instances: Zxxx0:admin#show stp instance Command: show stp instance STP Instance Settings...
Page 529 54. Spanning Tree Protocol (STP) commands  Parameters <portlist>(Optional) Specify a range of ports to be displayed.  Restrictions None.  Example To show STP ports: Zxxx0:admin#show stp ports Command: show stp ports MSTP Port Information Port Index Hello Time : 2 /2 , Port STP : enabled External PathCost : Auto/200000...
Page 530 54. Spanning Tree Protocol (STP) commands  Example Display the STP MST Config ID: Zxxx0:admin#show stp mst_config_id Command: show stp mst_config_id Current MST Configuration Identification ---------------------------------------- Configuration Name : 00-22-22-22-22-00 Revision Level :0 MSTI ID Vid list ------- ----------- CIST 1-4094 Zxxx0:admin# 54.5.
Page 531 54. Spanning Tree Protocol (STP) commands 54.6. delete stp instance_id  Description This command is used to delete the specified MST Instance. CIST (Instance 0) cannot be deleted and you can only delete one instance at a time.  Format delete stp instance_id <value 1-64>...
Page 532 54. Spanning Tree Protocol (STP) commands 54.7. config stp instance_id  Description There are two different action types to deal with an MST instance. They are listed as follows: 1）add_vlan: To map specified VLAN lists to an existing MST instance. 2）remove_vlan: To delete specified VLAN lists from an existing MST instance.
Page 533: Enable Stp
54. Spanning Tree Protocol (STP) commands 54.8. config stp mst_config_id  Description This command is used to configure a configuration name or revision level in the MST configuration identification. The default configuration name is the MAC address of the bridge. ...
Page 534: Disable Stp
54. Spanning Tree Protocol (STP) commands  Format enable stp  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable STP: Zxxx0:admin#enable stp Command: enable stp Success. Zxxx0:admin# 54.10. disable stp ...
Page 535: Config Stp Version
54. Spanning Tree Protocol (STP) commands  Example To disable STP: Zxxx0:admin#disable stp Command: disable stp Success. Zxxx0:admin# 54.11. config stp version  Description This command is used to enable STP globally. If the version is configured as STP or RSTP, all currently running MSTIs should be disabled.
Page 536: Config Stp Priority
54. Spanning Tree Protocol (STP) commands 54.12. config stp priority  Description One of the parameters used to select the Root Bridge.  Format config stp priority <value 0-61440> instance_id <value 0-64>  Parameters <value 0-61440> Specify the bridge priority value, which must be divisible by 4096. The default value is 32768.
Page 537: Config Stp Ports
54. Spanning Tree Protocol (STP) commands  Parameters maxage Specify to determine if a BPDU is valid. <value 6-40> Specify to determine if a BPDU is valid. The default value is 20. maxhopsSpecify to restrict the forwarded times of one BPDU. <value 6-40>...
Page 538 54. Spanning Tree Protocol (STP) commands This command is used to configure all the parameters of ports, except for Internal Path Cost and Port Priority.  Format config stp ports <portlist> {externalCost [auto | <value 1-200000000> ] | hellotime <value 1-2>...
Page 539 54. Spanning Tree Protocol (STP) commands fbpdu Decide if this port will flood STP BPDU when STP functionality is disabled. enable Enable port to flood STP BPDU when STP functionality is disabled. disable Disable port from flooding STP BPDU when STP functionality is disabled. ...
Page 540 54. Spanning Tree Protocol (STP) commands  Parameters <portlist>Specify a range of ports. instance_id Specify an instance ID. <value 0-64> Instance = 0 represents CIST, Instance from 1 to 64 represents MSTI 1 to MSTI 64. internalCost The Port Path Cost used in MSTP. auto Specify to automatically determine the internal cost.
Page 541: Ssh Commands
55. SSH Commands 55.SSH Commands SSH (Secure Shell) is a function to prevent spoofing and wiretapping by the authentication function and communication encryption. It allows you to remotely log in to this Switching Hub more safely than general Telnet access. The commands are used to function this Switching Hub as an SSH server to be connected from SSH clients.
Page 542: Config Ssh Algorithm
55. SSH Commands 55.1. config ssh algorithm  Description This command is used to configure the SSH service algorithm.  Format config ssh algorithm [3DES | AES128 | AES192 | AES256 | arcfour | blowfish | cast128 | twofish128 | twofish192 | twofish256 | SHA1 | RSA | DSA] [enable | disable] ...
Page 543: Show Ssh Algorithm
55. SSH Commands 55.2. show ssh algorithm  Description This command is used to display the SSH authentication algorithm.  Format show ssh algorithm  Parameters None.  Restrictions None.  Example To show the SSH server algorithms: Zxxx0:admin#show ssh algorithm Command: show ssh algorithm Encryption Algorithm --------------------------...
Page 544: Config Ssh Authmode
55. SSH Commands 55.3. config ssh authmode  Description This command is used to update the user authentication for SSH configuration.  Format config ssh authmode [password | publickey | hostbased] [enable | disable]  Parameters password Specify the user authentication method. publickey Specify the user authentication method.
Page 545: Config Ssh User
55. SSH Commands  Parameters None.  Restrictions None.  Example To display the SSH user authentication method: Zxxx0:admin#show ssh authmode Command: show ssh authmode The SSH Authentication Method: Password : Enabled Public Key : Enabled Host-based : Enabled Zxxx0:admin# 55.5.
Page 546 55. SSH Commands hostbased Specify the user authentication method. hostname Specify the host domain name. <domain_name 32> Specify the host domain name. The hostname value can be up to 32 characters long. hostname_IP Specify the host domain name and IP address. <domain_name 32>...
Page 547: Config Ssh Server
55. SSH Commands 55.6. show ssh user authmode  Description This command is used to display SSH user information.  Format show ssh user authmode  Parameters None.  Restrictions Only Administrator-level users can issue this command.  Example To show user information about SSH configuration: Zxxx0:admin# show ssh user authmode Command: show ssh user authmode Current Accounts...
Page 548 55. SSH Commands  Parameters maxsession Specify the SSH server maximum session at the same time. <int 1-8> Specify the SSH server maximum session at the same time. The maximum session value must be between 1 and 8. The default value is 8. contimeout Specify the SSH server connection timeout.
Page 549: Enable Ssh
55. SSH Commands 55.8. enable ssh  Description This command is used to enable SSH server services.  Format enable ssh  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable SSH: Zxxx0:admin#enable ssh Command: enable ssh Success.
Page 550: Show Ssh Server
55. SSH Commands  Example To disable SSH: Zxxx0:admin#disable ssh Command: disable ssh Success. Zxxx0:admin# 55.10. show ssh server  Description This command is used to display SSH server general information.  Format show ssh server  Parameters None.  Restrictions None.
Page 551: Static Mac-Based Vlan Commands
56. Static MAC-based VLAN Commands 56.Static MAC-based VLAN Commands MAC-based VLAN is used to determine a VLAN to which a port belongs based on the source MAC address. Figure 56-1 Static MAC-based Subnet VLAN overview MAC-based VLAN and subnet VLAN can be used simultaneously. When using them simultaneously, you can configure which MAC-based VLAN or subnet VLAN function is prioritized.
Page 552 56. Static MAC-based VLAN Commands vlan Specify the VLAN to be associated with the MAC address. The name must be an existing static VLAN name. <vlan_name 32> Specify the VLAN name. The maximum length is 32 characters. vlanid Specify the VLAN ID to be associated with the MAC address. The ID must be an existing static VLAN ID.
Page 553 56. Static MAC-based VLAN Commands If the MAC address and VLAN are not specified, all static entries associated with the port will be removed.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To delete a static MAC-based VLAN entry: Zxxx0:admin#delete mac_based_vlan mac_address 00-00-00-00-00-01 vlan default Command: delete mac_based_vlan mac mac_address 00-00-00-00-00-01 vlan default Success.
Page 554 56. Static MAC-based VLAN Commands  Example In the following example, MAC address "00-80-c2-33-c3-45" is assigned to VLAN 300 by manual configuration. It is assigned to VLAN 400 by MAC-AC. Since MAC AC has higher priority than manual configuration, the manually configured entry will become inactive.
Page 555: Subnet Vlan Commands
57. Subnet VLAN Commands 57.Subnet VLAN Commands Subnet VLAN is used to determine a VLAN to which a port belongs based on the source IP address. Specify the IP address range with the subnet and map it with a VLAN. This is available for both IPv4 and IPv6.
Page 556 57. Subnet VLAN Commands 57.1. create subnet_vlan  Description This command is used to create a subnet VLAN entry. A subnet VLAN entry is an IP subnet-based VLAN classification rule. If an untagged or priority-tagged IP packet is received on a port, its source IP address will be used to match the subnet VLAN entries.
Page 557 57. Subnet VLAN Commands  Example To create a subnet VLAN entry: Zxxx0:admin#create subnet_vlan network 172.168.1.1/24 vlan v2 priority 2 Command: create subnet_vlan network 172.168.1.1/24 vlan v2 priority 2 Success. Zxxx0:admin# To create an IPv6 subnet VLAN entry: Zxxx0:admin# create subnet_vlan ipv6network fe80:250:baff::0/64 vlan v2 priority 2 Command: create subnet_vlan ipv6network fe80:250:baff::0/64 vlan v2 priority 2 Success.
Page 558 57. Subnet VLAN Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To delete a subnet VLAN entry: Zxxx0:admin#delete subnet_vlan network 172.168.1.1/24 Command: delete subnet_vlan network 172.168.1.1/24 Success. Zxxx0:admin# To delete all subnet VLAN entries: Zxxx0:admin#delete subnet_vlan all Command: delete subnet_vlan all Success.
Page 559 57. Subnet VLAN Commands If no parameter is specified, all subnet VLAN information will be displayed.  Restrictions None.  Example To display a specified subnet VLAN entry: Zxxx0:admin#show subnet_vlan network 172.168.1.1/24 Command: show subnet_vlan network 172.168.1.1/24 IP Address/Subnet Mask VLAN Priority ------------------------...
Page 560 57. Subnet VLAN Commands 57.4. config vlan_precedence ports  Description This command is used to configure vlan classification precedence on each port. You can specify the order of MAC-based VLAN classification and subnet VLAN classification. If a port's VLAN classification is MAC-based precedence, MAC-based VLAN classification will process at first.
Page 561 57. Subnet VLAN Commands 57.5. show vlan_precedence ports  Description This command is used to display the VLAN classification precedence.  Format show vlan_precedence ports {<portlist>}  Parameters <portlist>(Optional) Specifies the list of ports used for this display.  Restrictions None.
Page 562 57. Subnet VLAN Commands...
Page 563: Switch Port Commands
58. Switch Port Commands 58.Switch Port Commands Configure the following settings for each port of this Switching Hub.  Port speed, flow control  Auto-negotiation option  Whether the MAC address learning is enabled or disabled  MDI/MDI-X settings  Combo port media settings config ports [<portlist>...
Page 564 58. Switch Port Commands speed Set port speed for the specified ports. auto Set port speed to auto negotiation. capability_advertised Specifies that the capability will be advertised. 10_half Set port speed to 10_half. The combo ports cannot set this option. 10_full Set port speed to 10_full.
Page 565 58. Switch Port Commands state Enable or disable the state of the specified port. If the ports are in error-disabled status, configuring their state to enable will recover these ports from a disabled to an enabled state. The default value is enable. enable Enable the specified port(s).
Page 566: Show Ports
58. Switch Port Commands 58.2. show ports  Description This command is used to display the current configurations of a range of ports.  Format show ports {<portlist>} {[description | err_disabled | auto_negotiation | details | media_type]}  Parameters <portlist>(Optional) Specify a range of ports to be displayed. description (Optional) Specify to display the port description.
Page 567 58. Switch Port Commands Zxxx0:admin#show ports 1:1-1:4 Command: show ports 1:1-1:4 Port State/ Settings Connection Address MDIX Speed/Duplex/FlowCtrl Speed/Duplex/FlowCtrl Learning ------- -------- --------------------- ---------------------- --------- Enabled Auto/Disabled Link Down Enabled Auto Enabled Auto/Disabled Link Down Enabled Auto Enabled Auto/Disabled Link Down Enabled Auto Enabled...
Page 568 58. Switch Port Commands Zxxx0:admin# show ports err_disabled Command: show ports err_disabled Port Port Connection Status Reason State ------ -------- --------------------- ---------------- Enabled Err-Disabled Storm control Description: port1. Enabled Err-Disabled Storm control Description: port8. Zxxx0:admin#...
Page 569: System Severity Commands
59. System Severity Commands 59.System Severity Commands The commands are used to configure the significance level of events, such as trapping or logging, in trap and log management using SNMP (Simple Network Management Protocol). config system_severity [trap | log | all] [emergency | alert | critical | error | warning | notice | information | debug | <level 0-7>] show system_severity 59.1.
Page 570 59. System Severity Commands  Example To configure severity level control for information level for a trap: Zxxx0:admin#config system_severity trap information Command: config system_severity trap information Success. Zxxx0:admin# 59.2. show system_severity  Description This command is used to show the severity level control for a system. ...
Page 571: Tech Support Commands
60. Tech Support Commands 60.Tech Support Commands Information, such as this Switching Hub's operation status, is output. It is used as reference data for technical support. You can send an output result to a specified TFTP server. show tech_support upload tech_support_toTFTP <ipaddr> <path_filename 64> 60.1.
Page 572 60. Tech Support Commands Zxxx0:admin#show tech_support Command: show tech_support #----------------------------------------------------------------------------- Zxxx0 Gigabit Ethernet Switch Technical Support Information Firmware: Build 1.0.x.xx #----------------------------------------------------------------------------- ******************** Basic System Information ******************** [SYS 2000-2-29 22:41:48] Boot Time : 29 Feb 2000 17:54:29 RTC Time : 2000/02/29 22:41:48 Boot PROM Version : Build 1.0.x.xx Firmware Version...
Page 573 60. Tech Support Commands  Restrictions Only Administrator and Operator-level users can issue this command.  Example To upload technical support information: Zxxx0:admin#upload tech_support_toTFTP 10.0.0.66 tech_suppport.txt Command: upload tech_support_toTFTP 10.0.0.66 tech_suppport.txt Connecting to server....Done. Upload techsupport file....Done. Success. Zxxx0:admin#...
Page 574: Time And Sntp Commands
61. Time and SNTP Commands 61.Time and SNTP Commands The commands are used to set the time for the internal clock of this Switching Hub. The time can be set manually or automatically using SNTP (Simple Network Time Protocol). You can also configure the time zone and summer time settings. config sntp {primary <ipaddr>...
Page 575: Show Sntp
61. Time and SNTP Commands Only Administrator, Operator and Power-User level users can issue this command.  Example To configure SNTP: Zxxx0:admin#config sntp primary 10.1.1.1 secondary 10.1.1.2 poll-interval 30 Command: config sntp primary 10.1.1.1 secondary 10.1.1.2 poll-interval 30 Success. Zxxx0:admin# 61.2.
Page 576: Enable Sntp
61. Time and SNTP Commands 61.3. enable sntp  Description This command is used to turn on SNTP support.  Format enable sntp  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable SNTP: Zxxx0:admin#enable sntp Command: enable sntp...
Page 577: Config Time
61. Time and SNTP Commands  Example To disable SNTP: Zxxx0:admin#disable sntp Command: disable sntp Success. Zxxx0:admin# 61.5. config time  Description This command is used to change the time settings.  Format config time <date ddmthyyyy> <time hh:mm:ss>  Parameters <date ddmthyyyy>...
Page 578 61. Time and SNTP Commands 61.6. config time_zone  Description This command is used to change time zone settings.  Format config time_zone {operator [+ | -] | hour <gmt_hour 0-13> | min <minute 0-59>} (3)  Parameters operatorSpecify the operator of the time zone. Positive.
Page 579: Config Dst
61. Time and SNTP Commands 61.7. config dst  Description This command is used to change Daylight Saving Time settings.  Format config dst [disable | repeating {s_week <start_week 1-4,last> | s_day <start_day sun- sat> | s_mth <start_mth 1-12> | s_time <start_time hh:mm> | e_week <end_week 1-4, last>...
Page 580 61. Time and SNTP Commands offset Specify the number of minutes to add or to subtract during summertime. The range of offsets are 30, 60, 90, and 120. The default value is 60. Specify 30 minutes to add or to subtract during summertime. Specify 60 minutes to add or to subtract during summertime.
Page 581: Show Time
61. Time and SNTP Commands 61.8. show time  Description This command is used to display current time states.  Format show time  Parameters None.  Restrictions None.  Example To show time: Zxxx0:admin#show time Command: show time Current Time Source : System Clock Boot Time : 8 Jan 2000...
Page 582: Traffic Segmentation Commands
62. Traffic Segmentation Commands 62.Traffic Segmentation Commands Traffic segmentation is used to configure ports to which each port can forward receive data. It is used for more detailed traffic restrictions in a VLAN. config traffic_segmentation [<portlist> | all] forward_list [null | all | <portlist>] show traffic_segmentation {<portlist>} 62.1.
Page 583 62. Traffic Segmentation Commands 62.2. show traffic_segmentation  Description This command is used to display the traffic segmentation table.  Format show traffic_segmentation {<portlist>}  Parameters <portlist>(Optional) Specify a range of ports to be displayed. If no parameter is specified, the system will display all current traffic segmentation tables.
Page 584: Utility Commands
63. Utility Commands 63.Utility Commands This chapter describes the following utility commands.  Downloading and uploading firmware, configuration files, and log files using TFTP or RCP server  Selecting firmware and configuration files used during a boot  RCP server settings ...
Page 585 63. Utility Commands show rcp server ping [<ipaddr> | <domain_name 255>] {times <value 1-255> | timeout <sec 1-99> | source_ip <ipaddr>} ping6 <ipv6addr> {times <value 1-255> | size <value 1-6000> | timeout <sec 1-99> | source_ip <ipv6addr>} traceroute [<ipaddr> | <domain_name 255>] {ttl <value 1-60> | port <value 30000-64900> | timeout <sec 1-65535>...
Page 586 63. Utility Commands dest_file (Optional) Specify an absolute path name on the device file system. If path name is not specified, it overwrites the bootup image on the Switch. <pathname> Specify an absolute path name on the device file system. boot_up (Optional) Specify as boot up file.
Page 587 63. Utility Commands 63.2. download cfg_fromRCP  Description This command is used to download a configuration file from a Remote Copy Protocol (RCP) server.  Format download cfg_fromRCP [{username <username>} {<ipaddr>} src_file <path_filename 64> | rcp: <string 128>] {[unit <unit_id 1-4> | all]} {dest_file <pathname>} ...
Page 588 63. Utility Commands  Example To download a configuration file from an RCP server: Zxxx0:admin#download cfg_fromRCP username rcp_user 172.18.212.106 src_file /home/ runtime.cfg Command: download cfg_fromRCP username rcp_user 172.18.212.106 src_file /home/ runtime.cfg Connecting to server....Done. Download configuration....Done. Zxxx0:admin# 63.3. download firmware_fromRCP ...
Page 589 63. Utility Commands rcp: Syntax: rcp: username@ipaddr/directory/filename. Example for full path: user_name@10.1.1.1/home/user_name/desxxxx.rom; Example for relative path: user_name@10.1.1.1./desxxxx.rom; Example for omitted user name in RCP string: 10.1.1.1./desxxxx.rom. Note: No spaces are allowed in the <string>. <string 128> Syntax: rcp: username@ipaddr/directory/filename. 　 Example for full path: user_name@10.1.1.1/home/user_name/desxxxx.rom;...
Page 590 63. Utility Commands 63.4. upload  Description This command is used to upload a firmware or a configuration file from device to TFTP server.  Format upload [cfg_toTFTP [<ipaddr> | <ipv6addr> | <domain_name 255>] dest_file <path_filename 64> {unit <unit_id 1-4>} {src_file <pathname>} {[include | exclude | begin] <filter_string 80>...
Page 591 63. Utility Commands begin (Optional) The first line that contains the specified filter string will be the first line of the output. <filter_string 80> Specify a filter string enclosed by the quotation mark symbol. Thus, the filter string itself cannot contain the quotation mark character. The filter string is case sensitive. <filter_string 80>...
Page 592 63. Utility Commands unit (Optional) Specifies which unit on the stacking system. If it is not specified, it refers to the master unit. <unit_id 1-4> Enter the unit ID used here. src_file (Optional) Specify an absolute path name on the device file system. If the path name is not specified, it refers to the boot up image.
Page 593 63. Utility Commands Zxxx0:admin# upload attack_log_toTFTP 10.48.74.121 dest_file c:\alert.txt Command: upload attack_log_toTFTP 10.48.74.121 dest_file c:\alert.txt Connecting to server....Done. Upload attack log...... Done. Success. Zxxx0:admin# 63.5. upload attack_log_toRCP  Description This command is used to upload the attack log file from the device to an RCP server. If a user specifies the relative file path, the path search strategy will depend on the server system.
Page 594 63. Utility Commands  Example To upload the attack log from the device to an RCP server: Zxxx0:admin# upload attack_log_toRCP username rcp_user 172.18.212.104 dest_file / home/Zxxx0.log unit 2 Command: upload attack_log_toRCP username rcp_user 172.18.212.104 dest_file /home/ Zxxx0.log unit 2 Connecting to server..Done. Upload Attack log.....
Page 595 63. Utility Commands unit (Optional) Specifies which unit on the stacking system. If it is not specified, it refers to the master unit. <unit_id 1-4> Enter the unit ID used here. This value must be between 1 and 4. src_file (Optional) Specify the path name of the source file.
Page 596 63. Utility Commands  Parameters username(Optional) Specify the remote user name on the RCP server. <username> Specify the remote user name on the RCP server. <ipaddr>(Optional) Specify the IP address of the RCP server. dest_file Specify the path name on the RCP server. Note: If a user specifies the relative file path, the path search strategy will depend on the server system.
Page 597 63. Utility Commands 63.8. upload log_toRCP  Description This command is used to upload a log file from the device to a Remote Copy Protocol (RCP) server.  Format upload log_toRCP [{username <username>} {<ipaddr>} dest_file <path_filename 64> | rcp: <string 128>] ...
Page 598: Config Firmware Image
63. Utility Commands Zxxx0:admin#upload log_toRCP rcp: tld2@172.18.212.104/home/Zxxx0.log Command: upload log_toRCP rcp: tld2@172.18.212.104/home/Zxxx0.log Connecting to server....Done. Upload log......Done. Success. Zxxx0:admin# 63.9. config firmware image  Description This command is used to configure firmware as a boot-up image.  Format config firmware image {unit <unit_id 1-4>} <pathname>...
Page 599: Config Configuration
63. Utility Commands 63.10. config configuration  Description This command is used to select a configuration file as the next boot up configuration or to apply a specific configuration to the system.  Format config configuration {unit <unit_id 1-4>} <pathname> [boot_up | active] ...
Page 600: Show Config
63. Utility Commands 63.11. show config  Description This command is used to display configuration information. The output stream of the configuration data can be filtered by the expression specified at the end of the command. The expression can contain up to three multiple filter evaluations. A filter evaluation begins with a filter type (include, exclude, and begin), followed by up to three filter strings (ex: "stp").
Page 601 63. Utility Commands  Restrictions Only Administrator-level users can issue this command.  Example To display configuration information: Zxxx0:admin#show config current_config Command: show config current_config #----------------------------------------------------------------------------- Zxxx0 Gigabit Ethernet Switch Configuration Firmware: Build 1.0.x.xx #----------------------------------------------------------------------------- # STACK config stacking force_master_role state disable # DEVICE config temperature threshold high 79 config temperature threshold low 11...
Page 602 63. Utility Commands  Example To display the configuration file and firmware image assigned as a boot up file: Zxxx0:admin#show boot_file Command: show boot_file Bootup Firmware : c:/runtime.rom Bootup Configuration : c:/config.cfg Zxxx0:admin# 63.13. config rcp server  Description This command is used to configure Remote Copy Protocol (RCP) global server information.
Page 603 63. Utility Commands Zxxx0:admin#config rcp server username travel Command: config rcp server username travel Success. Zxxx0:admin# 63.14. config rcp server clear  Description This command is used to clear Remote Copy Protocol (RCP) global server information.  Format config rcp server clear [ipaddr | username | both] ...
Page 604 63. Utility Commands 63.15. show rcp server  Description This command is used to display Remote Copy Protocol (RCP) global server information.  Format show rcp server  Parameters None.  Restrictions Only Administrator-level users can issue this command.  Example To display RCP global server information: Zxxx0:admin#show rcp server Command: show rcp server...
Page 605 63. Utility Commands <domain_name 255> Specifies the domain name of the host. This name can be up to 255 characters long. times (Optional) Specify the number of individual ICMP echo messages to be sent. <value 1-255> Specify the number of individual ICMP echo messages to be sent. A value of 0 will send an infinite ICMP echo messages.
Page 606 63. Utility Commands  Parameters <ipv6addr> Specify the IPv6 address of the host. times (Optional) Specify the number of individual ICMP echo messages to be sent. <value 1-255> Specify the number of individual ICMP echo messages to be sent. A value of 0 will send an infinite ICMP echo messages.
Page 607 63. Utility Commands 63.18. traceroute  Description This command is used to trace a route between the Switching Hub and a given host on the network.  Format traceroute [<ipaddr> | <domain_name 255>] {ttl <value 1-60> | port <value 30000- 64900>...
Page 608 63. Utility Commands Zxxx0:admin#traceroute 10.48.74.121 probe 3 Command: traceroute 10.48.74.121 probe 3 <10 ms 10.12.73.254 <10 ms 10.12.73.254 <10 ms 10.12.73.254 <10 ms 10.19.68.1 <10 ms 10.19.68.1 <10 ms 10.19.68.1 <10 ms 10.48.74.121 Trace complete. Zxxx0:admin# 63.19. traceroute6  Description This command is used to trace the IPv6 routed path between the Switch and a destination end station.
Page 609 63. Utility Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example Trace the IPv6 routed path between the Switching Hub and 3000::1: Zxxx0:admin# traceroute6 3000::1 probe 3 Command: traceroute6 3000::1 probe 3 <10 ms. 1345:142::11 <10 ms.
Page 610 63. Utility Commands tcp_port (Optional) Specify the Telnet server port number to be connected to. If not specified, the default port is 23. <value 1-65535> Enter a value between 1 and 65535.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 611 63. Utility Commands Zxxx0:admin# enable broadcast_ping_reply Command: enable broadcast_ping_reply Success. Zxxx0:admin# 63.22. disable broadcast_ping_reply  Description The disable broadcast_ping_reply command used to disable broadcast ping reply state, device won't reply broadcast ping request.  Format disable broadcast_ping_reply  Parameters None. ...
Page 612 63. Utility Commands 63.23. show broadcast_ping_reply  Description The show broadcast_ping_reply command is used to show the broadcast ping reply state.  Format show broadcast_ping_reply  Parameters None.  Restrictions None.  Example To show broadcast ping reply state: Zxxx0:admin# show broadcast_ping_reply Command: show broadcast_ping_reply Broadcast Ping Reply State: Enabled...
Page 613: Voice Vlan Commands
64. Voice VLAN Commands 64.Voice VLAN Commands Voice VLAN is a function to configure a voice-specific VLAN to secure the bandwidth of voice data when normal communication data and voice data such as an IP phone coexist on the network. It prevents voice data delay and maintains the quality at the constant level regardless of the traffic status on the network.
Page 614 64. Voice VLAN Commands 64.1. enable voice_vlan  Description This command is used to enable the global voice VLAN function on a Switching Hub. To enable the voice VLAN, the voice VLAN must be also assigned. At the same time, the VLAN must be an existing static 802.1Q VLAN.
Page 615 64. Voice VLAN Commands 64.2. disable voice_vlan  Description This command is used to disable the voice VLAN function on a Switching Hub. When the voice VLAN function is disabled, the voice VLAN will become unassigned.  Format disable voice_vlan ...
Page 616 64. Voice VLAN Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To set the priority of the voice VLAN to be six: Zxxx0:admin#config voice_vlan priority 6 Command: config voice_vlan priority 6 Success. Zxxx0:admin# 64.4.
Page 617 64. Voice VLAN Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To add a user-defined OUI of a voice device: Zxxx0:admin#config voice_vlan oui add 00-C0-8F-00-00-00 FF-FF-FF-00-00-00 Command: config voice_vlan oui add 00-C0-8F-00-00-00 FF-FF-FF-00-00-00 Success.
Page 618 64. Voice VLAN Commands Zxxx0:admin#config voice_vlan ports 4-6 state enable Command: config voice_vlan ports 4-6 state enable Success. Zxxx0:admin# To set voice VLAN ports 4 to 6 to auto mode: Zxxx0:admin#config voice_vlan ports 4-6 mode auto Command: config voice_vlan ports 4-6 mode auto Success.
Page 619 64. Voice VLAN Commands 64.7. config voice_vlan aging_time  Description This command is used to set the aging time of the voice VLAN. The aging time is used to remove a port from voice VLAN if the port is an automatic VLAN member. When the last voice device stops sending traffic and the MAC address of this voice device is aged out, the voice VLAN aging timer will be started.
Page 620 64. Voice VLAN Commands  Parameters None.  Restrictions None.  Example To display voice VLAN information: Zxxx0:admin#show voice_vlan Command: show voice_vlan Voice VLAN State : Disabled Voice VLAN : Unassigned Priority Aging Time : 720 minutes Log State : Enabled Zxxx0:admin# 64.9.
Page 621 64. Voice VLAN Commands Zxxx0:admin# show voice_vlan lldp_med voice_device Command: show voice_vlan lldp_med voice_device Index Local Port : 1:1 Chassis ID Subtype : MAC Address Chassis ID : 00-C0-8F-00-00-11 Port ID Subtype : Network Address Port ID : 00-C0-8F-00-00-00 Create Time : 9/1/2013 08:30 Remain Time : 120 Seconds...
Page 622 64. Voice VLAN Commands Zxxx0:admin#show voice_vlan oui Command: show voice_vlan oui OUI Address Mask Description ------------------ ----------------- --------------- 00-01-E3-00-00-00 FF-FF-FF-00-00-00 Siemens 00-03-6B-00-00-00 FF-FF-FF-00-00-00 Cisco 00-09-6E-00-00-00 FF-FF-FF-00-00-00 Avaya 00-0F-E2-00-00-00 FF-FF-FF-00-00-00 Huawei&3COM 00-60-B9-00-00-00 FF-FF-FF-00-00-00 NEC&Phillips 00-D0-1E-00-00-00 FF-FF-FF-00-00-00 Pingtel 00-E0-75-00-00-00 FF-FF-FF-00-00-00 Veritel 00-E0-BB-00-00-00 FF-FF-FF-00-00-00 3COM Total Entries: 8...
Page 623 64. Voice VLAN Commands Zxxx0:admin#show voice_vlan ports 1-3 Command: show voice_vlan ports 1-3 Ports Status Mode ----- --------- -------- Disabled Auto Disabled Auto Disabled Auto Zxxx0:admin# 64.12. show voice_vlan voice_device  Description This command is used to show voice devices that are connected to the ports. The start time is the time when the device is detected on this port and the activate time is the latest time when the device sends the traffic.
Page 624: Vlan Commands
65. VLAN Commands 65.VLAN Commands VLAN (Virtual LAN) is a function to divide ports of this Switching Hub into groups and create multiple virtual LAN environments. As one VLAN corresponds to the broadcast domain, this function allows to improve security by restraining communications between VLANs, as well as reducing traffic on the network.
Page 625: Create Vlan
65. VLAN Commands show vlan vlanid <vidlist> show vlan ports {<portlist>} show gvrp config private_vlan [<vlan_name 32> | vid <vlanid 1-4094>] [add [isolated | community] | remove] [<vlan_name 32> | vlanid <vidlist>] show private_vlan {[<vlan_name 32> | vlanid <vidlist>]} 65.1. create vlan ...
Page 626: Create Vlan Vlanid
65. VLAN Commands To create a private VLAN with the name "v3" and VLAN ID 3: Zxxx0:admin#create vlan v3 tag 3 type private_vlan Command: create vlan v3 tag 3 type private_vlan Success. Zxxx0:admin# 65.2. create vlan vlanid  Description This command is used to create a VLAN on the Switching Hub. The VLAN ID must be always specified for creating a VLAN.
Page 627: Delete Vlan
65. VLAN Commands Zxxx0:admin#create vlan vlanid 3 type private_vlan Command: create vlan vlanid 3 type private_vlan Success. Zxxx0:admin# 65.3. delete vlan  Description This command is used to delete a previously configured VLAN on the Switching Hub.  Format delete vlan <vlan_name 32> ...
Page 628: Config Vlan
65. VLAN Commands  Parameters <vidlist> Specify a range of VLAN ID to be deleted.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To remove a VLAN ID 2: Zxxx0:admin#delete vlan vlanid 2 Command: delete vlan vlanid 2 Success.
Page 629 65. VLAN Commands advertisement Specify to send GVRP out for this VLAN or not. If not, the VLAN cannot be joint dynamically. enable Specify to enable GVRP. disable Specify to disable GVRP.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 630: Config Vlan Vlanid
65. VLAN Commands 65.6. config vlan vlanid  Description This command is used to add or delete ports to the port list of a previously configured VLAN. Users can specify the additional ports as tagged, untagged, or forbidden.  Format config vlan vlanid <vidlist>...
Page 631 65. VLAN Commands To delete ports 4 through 8 from VLAN 1: Zxxx0:admin#config vlan vlanid 1 delete 4-8 Command: config vlan vlanid 1 delete 4-8 Success. Zxxx0:admin# To enable the VLAN default advertisement: Zxxx0:admin#config vlan vlanid default advertisement enable Command: config vlan vlanid default advertisement enable Success.
Page 632 65. VLAN Commands acceptable_frame Specify the type of frame that will be accepted by the port. tagged_only Only tagged frame will be received. admit_all Both tagged and untagged frames will be accepted. pvid Specify the Port VID (PVID) that will be associated with the port. <vlanid 1- 4094>...
Page 633: Config Gvrp
65. VLAN Commands  Example To display 802.1q port settings for ports 1 to 3: Zxxx0:admin#show port_vlan 1-3 Command: show port_vlan 1-3 Port PVID GVRP Ingress Checking Acceptable Frame Type ------- ---- -------- ---------------- ---------------------------- Disabled Enabled All Frames Disabled Enabled All Frames Disabled...
Page 634: Enable Gvrp
65. VLAN Commands  Example To set the Join time to 200 milliseconds: Zxxx0:admin#config gvrp timer join 200 Command: config gvrp timer join 200 Success. Zxxx0:admin# 65.10. enable gvrp  Description This command is used to enable the Generic VLAN Registration Protocol (GVRP). The default is disabled.
Page 635: Disable Gvrp
65. VLAN Commands 65.11. disable gvrp  Description This command is used to disable Generic VLAN Registration Protocol (GVRP).  Format disable gvrp  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To disable Generic VLAN Registration Protocol (GVRP): Zxxx0:admin#disable gvrp Command: disable gvrp...
Page 636: Show Vlan Vlanid
65. VLAN Commands  Restrictions None.  Example To display VLAN settings: Zxxx0:admin#show vlan Command: show vlan VLAN Trunk State : Disabled VLAN Trunk Member Ports VLAN Name : default VLAN Type : Static Advertisement : Enabled Member Ports : 1-28 Static Ports : 1-28 Current Tagged Ports...
Page 637: Show Vlan Ports
65. VLAN Commands  Example To display VLAN settings for VLAN ID 1: Zxxx0:admin#show vlan vlanid 1 Command: show vlan vlanid 1 VLAN Name : default VLAN Type : Static Advertisement : Enabled Member Ports : 1-28 Static Ports : 1-28 Current Tagged Ports Current Untagged Ports: 1-28 Static Tagged Ports...
Page 638: Show Gvrp
65. VLAN Commands Zxxx0:admin#show vlan ports 1-2 Command: show vlan ports 1-2 Port Untagged Tagged Dynamic Forbidden ------ ----- -------- ------ ------- --------- Zxxx0:admin# 65.15. show gvrp  Description This command is used to display the GVRP status for the Switching Hub. ...
Page 639 65. VLAN Commands 65.16. config private_vlan  Description A private VLAN is comprised of a primary VLAN, up to one isolated VLAN, and a number of community VLANs. A private VLAN ID is presented by the VLAN ID of the primary VLAN. The command used to associate or de-associate a secondary VLAN with a primary VLAN.
Page 640 65. VLAN Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To associate secondary VLAN to private VLAN p1: Zxxx0:admin#config private_vlan p1 add community vlanid 2-5 Command: config private_vlan p1 add community vlanid 2-5 Success.
Page 641 65. VLAN Commands Zxxx0:admin#show private_vlan Command: show private_vlan Private VLAN 100 ------------------ Promiscuous Ports: 1 Trunk Ports Isolated Ports : 3-5 Isolated VLAN : 20 Community Ports : 6-8 Community VLAN: 30 Community Ports : 9-10 Community VLAN: 40 Private VLAN 200 ------------------ Promiscuous Ports: 11 Trunk Ports...
Page 642: Vlan Trunking Commands
66. VLAN Trunking Commands 66.VLAN Trunking Commands To establish a VLAN that spans multiple Switching Hubs, you need to enable VLAN Trunking on ports connecting the Switching Hubs. In a trunking port, packets with a VLAN tag added are transferred from Switching Hub to Switching Hub and sent to the VLAN specified by the tag information on the destination Switching Hub.
Page 643 66. VLAN Trunking Commands  Format enable vlan_trunk  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable VLAN trunking: Zxxx0:admin#enable vlan_trunk Command: enable vlan_trunk Success Zxxx0:admin# 66.2. disable vlan_trunk ...
Page 644 66. VLAN Trunking Commands Zxxx0:admin#disable vlan_trunk Command: disable vlan_trunk Success. Zxxx0:admin# 66.3. config vlan_trunk ports  Description This command is used to configure a port as a VLAN trunking port. By default, none of the ports is a VLAN trunking port. A VLAN trunking port and a non-VLAN trunking port cannot be grouped as an aggregated link.
Page 645 66. VLAN Trunking Commands Zxxx0:admin#config vlan_trunk ports 1-5 state enable Command: config vlan_trunk ports 1-5 state enable Success. Zxxx0:admin#...
Page 646 66. VLAN Trunking Commands 66.4. show vlan_trunk  Description This command is used to display VLAN trunking information.  Format show vlan_trunk  Parameters None.  Restrictions None.  Example To display the current VLAN trunking information: Zxxx0:admin#show vlan_trunk Command: show vlan_trunk VLAN Trunk Global Setting ---------------------------- VLAN Trunk Status...
Page 647: Commands
67. 802.1X Commands 67.802.1X Commands IEEE802.1X provides user authentication when clients access the network and blocks connections to the network from unregistered clients. It prevents the access by unauthorized users or devices to protect information assets security. Figure 67-1 IEEE 802.1X overview To use IEEE 802.1X authentication, there must be a client, authentication Switching Hub, and authentication server as shown above.
Page 648 67. 802.1X Commands You can register users in a local database in the authentication Switching Hub and use the database in place of a RADIUS server or as a RADIUS server failover.  Port-based authentication and MAC-based authentication You need to change the authentication method depending on how you connect the client to the port for the authentication Switching Hub.
Page 649: Guest Vlan
67. 802.1X Commands  Guest VLAN Combining the IEEE 802.1X and guest VLAN functions allows for restricted access, such as authorizing connection to the Internet only instead of completely blocking communications from unauthorized clients. Figure 67-3 Connection through guest VLAN Only one VLAN can be assigned to a guest VLAN.
Page 650 67. 802.1X Commands  Dynamic VLAN using IEEE 802.1X In a static VLAN, the destination VLAN is fixed for each port. Meanwhile, in a dynamic VLAN, the destination VLAN is determined based on the client MAC address information regardless of a port to be connected. There are several ways to configure dynamic VLAN.
Page 651 67. 802.1X Commands show 802.1x guest_vlan config radius add <server_index 1-3> [<server_ip> | <ipv6addr>] key <password 32> [default | {auth_port <udp_port_number 1-65535> | acct_port <udp_port_number 1-65535> | timeout <sec 1-255> | retransmit <int 1-20>}(1)] config radius delete <server_index 1-3> config radius <server_index 1-3> {ipaddress [<server_ip> | <ipv6addr>] | key <password 32> | auth_port [<udp_port_number 1-65535>...
Page 652 67. 802.1X Commands 67.2. disable 802.1x  Description This command is used to disable the 802.1X function.  Format disable 802.1x  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To disable the 802.1X function: Zxxx0:admin#disable 802.1x Command: disable 802.1x Success.
Page 653 67. 802.1X Commands  Example To create a user named "ctsnow": Zxxx0:admin#create 802.1x user ctsnow Command: create 802.1x user ctsnow Enter a case-sensitive new password: Enter the new password again for confirmation: Success. Zxxx0:admin# 67.4. delete 802.1x user  Description This command is used to delete a specified user.
Page 654 67. 802.1X Commands 67.5. show 802.1x user  Description This command is used to display 802.1X local user account information.  Format show 802.1x user  Parameters None.  Restrictions None.  Example To display 802.1X user information: Zxxx0:admin#show 802.1x user Command: show 802.1x user Current Accounts: Username...
Page 655 67. 802.1X Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To configure the 802.1X RADIUS EAP: Zxxx0:admin#config 802.1x auth_protocol radius_eap Command: config 802.1x auth_protocol radius_eap Success. Zxxx0:admin# 67.7. show 802.1x  Description This command is used to display the 802.1X state or configurations.
Page 656 67. 802.1X Commands Zxxx0:admin#show 802.1x Command: show 802.1x 802.1X : Disabled Authentication Protocol : RADIUS_EAP Forward EAPOL PDU : Disabled Max User : 448 RADIUS Authorization : Enabled Zxxx0:admin# To display the 802.1x state for ports 1 to 5: Zxxx0:admin# show 802.1x auth_state ports 1-4 Command: show 802.1x auth_state ports 1-4 Status: A - Authorized;...
Page 657 67. 802.1X Commands 67.8. config 802.1x capability ports  Description This command is used to configure port capability.  Format config 802.1x capability ports [<portlist> | all] [authenticator | none]  Parameters <portlist> Specify a range of ports to be configured. Specify to configure all ports.
Page 658 67. 802.1X Commands  Parameters <portlist> Specify a range of ports to be configured. Specify all ports. enable Enable the 802.1X PDU forwarding state. disable Disable the 802.1X PDU forwarding state.  Restrictions Only Administrator, Operator and Power-User level users can issue this command. ...
Page 659 67. 802.1X Commands Zxxx0:admin#config 802.1x fwd_pdu system enable Command: config 802.1x fwd_pdu system enable Success. Zxxx0:admin# 67.11. config 802.1x auth_parameter ports  Description This command is used to configure the parameters that control the operation of the authenticator associated with a port. ...
Page 660 67. 802.1X Commands quiet_period (Optional) The initialization value of the quietWhile timer. The default value is 60 s and can be any value from 0 to 65535. <sec 0-65535> The quiet period value must be between 0 an 65535 seconds. tx_period (Optional) The initialization value of the txWhen timer.
Page 661 67. 802.1X Commands Zxxx0:admin# config 802.1x auth_parameter ports 1-20 direction both Command: config 802.1x auth_parameter ports 1-20 direction both Success. Zxxx0:admin# 67.12. config 802.1x authorization attributes radius  Description This command is used to enable or disable the acceptation of an authorized configuration.
Page 662 67. 802.1X Commands 67.13. config 802.1x init  Description This command is used to initialize the authentication state machine of some or all.  Format config 802.1x init [port_based ports [<portlist> | all] | mac_based ports [<portlist> | all] {mac_address <macaddr>}] ...
Page 663 67. 802.1X Commands 67.14. config 802.1x max_users  Description This command is used to configure the 802.1X maximum number of users of the system.  Format config 802.1x max_users [<value 1-448> | no_limit]  Parameters <value 1-448> Specify the maximum number of users. no_limit Specify an unlimited number of users.
Page 664 67. 802.1X Commands  Parameters port_based ports The Switching Hub passes data based on its authenticated port. <portlist> Specify a range of ports to be configured. Specify to configure all ports. mac_based ports The Switching Hub passes data based on the MAC address of authenticated RADIUS client.
Page 665 67. 802.1X Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To assign a static VLAN to be a guest VLAN: Zxxx0:admin# create 802.1x guest_vlan guestVLAN Command: create 802.1x guest_vlan guestVLAN Success. Zxxx0:admin# 67.17.
Page 666 67. 802.1X Commands 67.18. config 802.1x guest_vlan ports  Description This command is used to configure a guest VLAN setting.  Format config 802.1x guest_vlan ports [<portlist> | all] state [enable | disable]  Parameters <portlist>Specify a range of ports to be configured. Specify to configure all ports.
Page 667: Config Radius Add
67. 802.1X Commands  Parameters None.  Restrictions None.  Example To display guest VLAN information: Zxxx0:admin#show 802.1x guest_vlan Command: show 802.1x guest_vlan Guest Vlan Setting ----------------------------------------------------------- Guest vlan : guest Enable guest vlan ports : 1-10 Zxxx0:admin# 67.20. config radius add ...
Page 668: Config Radius Delete
67. 802.1X Commands auth_port Specify the UDP port number which is used to transmit RADIUS authentication data between the Switching Hub and the RADIUS server.The range is 1 to 65535. <udp_port_number 1-65535> The authentication port value must be between 1 and 65535. acct_port Specify the UDP port number which is used to transmit RADIUS accounting statistics between the Switching Hub and the RADIUS server.
Page 669: Config Radius
67. 802.1X Commands  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To delete a RADIUS server: Zxxx0:admin#config radius delete 1 Command: config radius delete 1 Success. Zxxx0:admin# 67.22. config radius  Description This command is used to configure a RADIUS server. ...
Page 670 67. 802.1X Commands auth_port Specify the UDP port number which is used to transmit RADIUS authentication data between the Switching Hub and the RADIUS server. The default is 1812. <udp_port_number 1-65535> The authentication port value must be between 1 and 65535. default Specify to use the default value.
Page 671: Show Radius
67. 802.1X Commands 67.23. show radius  Description This command is used to display RADIUS server configurations.  Format show radius  Parameters None.  Restrictions None.  Example To display RADIUS server configurations: Zxxx0:admin#show radius Command: show radius Index 1 IP Address : 192.168.69.1 Auth-Port...
Page 672 67. 802.1X Commands 67.24. show auth_statistics  Description This command is used to display authenticator statistics information  Format show auth_statistics {ports <portlist>}  Parameters ports (Optional) Specify a range of ports to be displayed. <portlist> Specify a range of ports to be displayed. ...
Page 673 67. 802.1X Commands 67.25. show auth_diagnostics  Description This command is used to display authenticator diagnostics information.  Format show auth_diagnostics {ports <portlist>}  Parameters ports (Optional) Specify a range of ports to be displayed. <portlist> Specify a range of ports to be displayed. ...
Page 674 67. 802.1X Commands 67.26. show auth_session_statistics  Description This command is used to display authenticator session statistics information.  Format show auth_session_statistics {ports <portlist>}  Parameters ports (Optional) Specify a range of ports to be displayed. <portlist> Specify a range of ports to be displayed. ...
Page 675 67. 802.1X Commands 67.27. show auth_client  Description This command is used to display authentication client information.  Format show auth_client  Parameters None.  Restrictions None.  Example To display authentication client information:...
Page 676 67. 802.1X Commands Zxxx0:admin# show auth_client Command: show auth_client radiusAuthClient ==> radiusAuthClientInvalidServerAddresses radiusAuthClientIdentifier Manager radiusAuthServerEntry ==> radiusAuthServerIndex :1 radiusAuthServerAddress 0.0.0.0 radiusAuthClientServerPortNumber radiusAuthClientRoundTripTime radiusAuthClientAccessRequests radiusAuthClientAccessRetransmissions radiusAuthClientAccessAccepts radiusAuthClientAccessRejects radiusAuthClientAccessChallenges radiusAuthClientMalformedAccessResponses 0 radiusAuthClientBadAuthenticators radiusAuthClientPendingRequests radiusAuthClientTimeouts radiusAuthClientUnknownTypes radiusAuthClientPacketsDropped radiusAuthClient ==> radiusAuthClientInvalidServerAddresses radiusAuthClientIdentifier MANAGER radiusAuthServerEntry ==> radiusAuthServerIndex :2 radiusAuthServerAddress 0.0.0.0...
Page 677 67. 802.1X Commands radiusAuthClient ==> radiusAuthClientInvalidServerAddresses radiusAuthClientIdentifier MANAGER radiusAuthServerEntry ==> radiusAuthServerIndex :3 radiusAuthServerAddress 0.0.0.0 radiusAuthClientServerPortNumber radiusAuthClientRoundTripTime radiusAuthClientAccessRequests radiusAuthClientAccessRetransmissions radiusAuthClientAccessAccepts radiusAuthClientAccessRejects radiusAuthClientAccessChallenges radiusAuthClientMalformedAccessResponses 0 radiusAuthClientBadAuthenticators radiusAuthClientPendingRequests radiusAuthClientTimeouts radiusAuthClientUnknownTypes radiusAuthClientPacketsDropped Zxxx0:admin# 67.28. show acct_client  Description This command is used to display account client information ...
Page 678 67. 802.1X Commands Zxxx0:admin# show acct_client Command: show acct_client radiusAcctClient ==> radiusAcctClientInvalidServerAddresses radiusAcctClientIdentifier MANAGER radiusAuthServerEntry ==> radiusAccServerIndex : 1 radiusAccServerAddress 0.0.0.0 radiusAccClientServerPortNumber radiusAccClientRoundTripTime radiusAccClientRequests radiusAccClientRetransmissions radiusAccClientResponses radiusAccClientMalformedResponses radiusAccClientBadAuthenticators radiusAccClientPendingRequests radiusAccClientTimeouts radiusAccClientUnknownTypes radiusAccClientPacketsDropped radiusAcctClient ==> radiusAcctClientInvalidServerAddresses radiusAcctClientIdentifier MANAGER radiusAuthServerEntry ==> radiusAccServerIndex : 2 radiusAccServerAddress 0.0.0.0 radiusAccClientServerPortNumber...
Page 679: Config Accounting Service
67. 802.1X Commands radiusAuthServerEntry ==> radiusAccServerIndex : 3 radiusAccServerAddress 0.0.0.0 radiusAccClientServerPortNumber radiusAccClientRoundTripTime radiusAccClientRequests radiusAccClientRetransmissions radiusAccClientResponses radiusAccClientMalformedResponses radiusAccClientBadAuthenticators radiusAccClientPendingRequests radiusAccClientTimeouts radiusAccClientUnknownTypes radiusAccClientPacketsDropped Zxxx0:admin# 67.29. config accounting service  Description This command is used to configure the state of the specified RADIUS accounting service.
Page 680: Show Accounting Service
67. 802.1X Commands  Example To configure the state of the RADIUS accounting service shell to enable: Zxxx0:admin# config accounting service shell state enable Command: config accounting service shell state enable Success Zxxx0:admin# 67.30. show accounting service  Description This command is used to display RADIUS accounting service information. ...
Page 681: Web-Based Access Control (Wac) Commands
68. Web-based Access Control (WAC) Commands 68.Web-based Access Control (WAC) Commands WAC (Web-based Access Control, Web-based authentication) is a terminal authentication method using a PC web browser. It uses the HTTP or HTTPS protocol to perform an authentication process through a local database in this Switching Hub or an external RADIUS server as the authentication server.
Page 682: Disable Wac
68. Web-based Access Control (WAC) Commands  Parameters None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To enable the WAC function: Zxxx0:admin#enable wac Command: enable wac Success. Zxxx0:admin# 68.2. disable wac  Description This command is used to disable the WAC function.
Page 683: Config Wac Authorization Attributes
68. Web-based Access Control (WAC) Commands 68.3. config wac authorization attributes  Description This command is used to configure the acceptance of an authorized configuration. When the authorization is enabled for WAC's RADIUS, the authorized data assigned by the RADUIS server will be accepted if the global authorization network is enabled. When the authorization is enabled for WAC's local, the authorized data assigned by the local database will be accepted.
Page 684: Config Wac Ports
68. Web-based Access Control (WAC) Commands 68.4. config wac ports  Description This command is used to configure the WAC port parameters.  Format config wac ports [<portlist> | all] {state [enable | disable] | aging_time [infinite | <min 1-1440>] | idle_time [infinite | <min 1-1440>] | block_time [<sec 0-300>]}(1) ...
Page 685: Config Wac Method
68. Web-based Access Control (WAC) Commands Zxxx0:admin#config wac ports 1-5 aging_time 200 Command: config wac ports 1-5 aging_time 200 Success. Zxxx0:admin# 68.5. config wac method  Description This command is used to allow specification of the RADIUS protocol used by WAC to complete RADIUS authentication.
Page 686 68. Web-based Access Control (WAC) Commands 68.6. config wac default_redirpath  Description This command is used to configure the WAC default redirect path. If default redirect path is configured, the user will be redirected to the default redirect path after successful authentication.
Page 687 68. Web-based Access Control (WAC) Commands None.  Restrictions Only Administrator, Operator and Power-User level users can issue this command.  Example To clear the WAC default redirect path: Zxxx0:admin#config wac clear_default_redirpath Success. Zxxx0:admin# 68.8. config wac virtual_ip  Description This command is used to configure the WAC virtual IP address.
Page 688 68. Web-based Access Control (WAC) Commands 68.9. config wac switch_http_port  Description This command is used to configure the TCP port which the WAC Switching Hub listens to. The TCP port for HTTP or HTTPs is used to identify the HTTP or HTTPs packets that will be trapped to CPU for authentication processing, or to access the login page.
Page 689: Create Wac User
68. Web-based Access Control (WAC) Commands 68.10. create wac user  Description This command is used to create accounts for Web-based Access Control. This user account is independent of the login user account. If VLAN is not specified, the user will not get a VLAN assigned after the authentication.
Page 690 68. Web-based Access Control (WAC) Commands 68.11. delete wac  Description This command is used to delete an account.  Format delete wac [user <username 15> | all_users]  Parameters user Specify the user account for Web-based Access Control. <username 15> Specify the user account for Web-based Access Control.
Page 691: Config Wac User
68. Web-based Access Control (WAC) Commands 68.12. config wac user  Description This command is used to change the VLAN associated with a user.  Format config wac user <username 15> [vlan <vlan_name 32> | vlanid <vlanid 1-4094> | clear_vlan] ...
Page 692: Show Wac
68. Web-based Access Control (WAC) Commands 68.13. show wac  Description This command is used to display the WAC global setting.  Format show wac  Parameters None.  Restrictions None.  Example To show WAC: Zxxx0:admin# show wac Command: show wac Web-based Access Control ----------------------------- State...
Page 693: Show Wac User
68. Web-based Access Control (WAC) Commands  Restrictions None.  Example To display WAC ports 1 to 3: Zxxx0:admin# show wac ports 1-3 Command: show wac ports 1-3 Port State Aging Time Idle Time Block Time (min) (min) (sec) ------- -------- ------------ ----------...
Page 694 68. Web-based Access Control (WAC) Commands 68.16. show wac auth_state ports  Description This command is used to display the authentication state for ports.  Format show wac auth_state ports {<portlist>}  Parameters <portlist>(Optional) Specify the list of ports whose WAC authentication state will be displayed. ...
Page 695 68. Web-based Access Control (WAC) Commands  Parameters ports Specify the list of ports whose WAC state will be cleared. <portlist> Specify a range of ports. Specify to clear all ports. authenticated (Optional) Specify to clear all authenticated users for a port. authenticating (Optional) Specify to clear all authenticating users for a port.
Page 696 68. Web-based Access Control (WAC) Commands 68.18. config wac authentication_page element  Description This command is used to customize the authenticate page elements.  Format config wac authentication_page element [default | page_title <desc 128> | login_window_title <desc 64> | user_name_title <desc 32> | password_title <desc 32> | logout_window_title <desc 64>...
Page 697 68. Web-based Access Control (WAC) Commands  Example To customize the authenticate page elements: Zxxx0:admin# config wac authentication_page element notification_line 1 Copyright @ All Rights Reserved Command: config wac authentication_page element notification_line 1 Copyright @ All Rights Reserved Success. Zxxx0:admin# 68.19.
Page 698: System Log Lists
69. System Log Lists 69.System Log Lists 69.1. MAC-based Access Control Serverity Log message / Explanation MAC-based Access Control unauthenticated host (MAC: <macaddr>, Port <[unitID:]portNum>, VID: <vid>) Critical A host failed to pass the authentication Port < [unitID:]portNum> enters MAC-based Access Control stop learning state.
Page 699: Ip Directed Broadcast
69. System Log Lists 69.2. IP Directed Broadcast Serverity Log message / Explanation IP Directed Broadcast packet rate is high on subnet. [(IP: %s)] Informational IP Directed-broadcast rate exceed 50 packets per second on a certain subnet. IP Directed Broadcast rate is high. Informational IP Directed-broadcast rate exceed 100 packets per second/...
Page 700 69. System Log Lists 69.3. RCP Serverity Log message / Explanation [Unit <unitID>,] Firmware upgraded by <session> successfully. (Username: <username>, IP: <ipaddr>, MAC: <macaddr>) Informational Firmware upgraded successfully. [Unit <unitID>,] Firmware upgrade by <session> unsuccessfully. (Username: <username>, IP: <ipaddr>, MAC: <macaddr>) Warning Firmware upgrade was unsuccessful.
Page 701 69. System Log Lists Serverity Log message / Explanation The downloaded configurations executed by <session> unsuccessfully. (Username: <username>, IP: <ipaddr>, MAC: Warning <macaddr>) The downloaded configurations execute was unsuccessful. Attack log message uploaded by <session> successfully. (Username: <username>, IP: <ipaddr>, MAC: <macaddr>) Informational Attack log message uploaded successfully.
Page 702 69. System Log Lists 69.4. TFTP Client Serverity Log message / Explanation [Unit <unitID>,] Firmware upgraded by <session> successfully (Username: <username>, IP: <ipaddr>, MAC: <macaddr>) Informational Firmware upgraded successfully. [Unit <unitID>,] Firmware upgrade by <session> was unsuccessful! (Username: <username>, IP: <ipaddr>, MAC: Warning <macaddr>) Firmware upgrade was unsuccessful.
Page 703 69. System Log Lists Serverity Log message / Explanation Attack log message upload by <session> was unsuccessful! (Username: <username>, IP: <ipaddr>, MAC: <macaddr>) Warning Attack log message upload was unsuccessful. 69.5. DNS Resolver Serverity Log message / Explanation Duplicate Domain name case name: <domainname>, static IP: <ipaddr>, dynamic IP:<ipaddr>...
Page 704 69. System Log Lists 69.7. Telnet Serverity Log message / Explanation Successful login through Telnet (Username: <username>, IP: <ipaddr>) Informational Successful login through Telnet. Login failed through Telnet (Username: <username>, IP: <ipaddr>) Warning Login failed through Telnet. Logout through Telnet (Username: <username>, IP: <ipaddr>) Informational Logout through Telnet.
Page 705 69. System Log Lists 69.10. RADIUS Serverity Log message / Explanation RADIUS server <ipaddr> assigned VID :<vlanID> to port <[unitID:]portNum> (account :<username> ) VID assigned from RADIUS server after RADIUS client is Informational authenticated by RADIUS server successfully .This VID will be assigned to the port and this port will be the VLAN untagged port member.
Page 706 69. System Log Lists 69.11. LLDP-MED Serverity Log message / Explanation LLDP-MED topology change detected (on port <portNum>. chassis id: <chassisType>, <chassisID>, port id: <portType>, Notice <portID>, device class: <deviceClass>) LLDP-MED topology change detected. Conflict LLDP-MED device type detected ( on port < portNum >, chassis id: <...
Page 707: Port Security
69. System Log Lists 69.13. SNMP Serverity Log message / Explanation Unit: <unitID>, MAC: <macaddr> Hot insertion. Informational Hot insersion. Unit: <unitID>, MAC: <macaddr> Hot removal. Informational Hot removal. Stacking topology is <Stack_TP_TYPE>. Master(Unit <unitID>, MAC:<macaddr>). Informational Stacking topology change. Backup master changed to master.
Page 708 69. System Log Lists 69.15. AAA Serverity Log message / Explanation Successful login through <Console | Telnet | Web(SSL) | SSH>(Username: <username>, IP: <ipaddr | ipv6address>). Informational Successful login. Login failed through <Console | Telnet | Web(SSL)| SSH> (Username: <username>, IP: <ipaddr | ipv6address>). Warning Login failed.
Page 709 69. System Log Lists Serverity Log message / Explanation Enable Admin failed through <Console | Telnet | Web(SSL)| SSH> from <ipaddr | ipv6address> due to AAA server <ipaddr | ipv6address> timeout or improper configuration (Username: Warning <username>) Enable Admin failed due to AAA server timeout or improper configuration.
Page 710: Traffic Control
69. System Log Lists 69.16. Serverity Log message / Explanation WAC unauthenticated user (User Name: <string>, IP: <ipaddr >, MAC: <macaddr>, Port: <[unitID:]portNum>) Warning A client host fails to authenticate. WAC enters stop learning state. Warning The number of authorized users reaches the maximum user limit on the whole device.
Page 711: Dhcp Server Screening
69. System Log Lists 69.18. DHCP Server Screening Serverity Log message / Explanation Detected untrusted DHCP server(IP: <ipaddr>, Port <portNum> Informational Detected untrusted DHCP server IP address.
Page 712 69. System Log Lists 69.19. MSTP Debug Enhancement Serverity Log message / Explanation Topology changed [( [Instance:<InstanceID> ] ,port:<[unitID:] portNum> ,MAC: <macaddr>)] Notice Topology changed. [CIST | CIST Regional | MSTI Regional] New Root bridge selected( [Instance: <InstanceID> ]MAC: <macaddr> Priority Informational :<value>) A new Root Bridge is selected.
Page 713 69. System Log Lists Serverity Log message / Explanation Spanning Tree MST configuration ID VLAN mapping table changed (instance: <InstanceID> add vlan <startvlanid> [- Informational <endvlanid>]). MST configuration ID VLAN mapping is added. 69.20. IP and Password Changed Summary Serverity Log message / Explanation [Unit <unitID>,] Management IP address was changed by console(Username: <username>,IP:<ipaddr>)
Page 714 69. System Log Lists 69.22. BPDU Serverity Log message / Explanation Port<[unitID:]portNum> enter BPDU under attacking state (mode: drop / block / shutdown) Informational BPDU attack happend. Port <[unitID:]portNum> recover from BPDU under attacking state automatically Informational BPDU attack automatically recovered. Port<[unitID:]portNum>...
Page 715 69. System Log Lists 69.24. Temperature Serverity Log message / Explanation [Uint <unitID>] Temperature sensor: <sensorID> enter alarm state. (current Temperature: <temperature>) Warning Temperature sensor enters alarm state. [Uint <unitID>] Temperature sensor: <sensorID> recovers to normal state. (current Temperature: <temperature>) Informational Temperature recovers to normal.
Page 716 69. System Log Lists 69.26. Spoofing Attack Serverity Log message / Explanation Possible spoofing attack from IP: <ipaddr>, MAC:<macaddr>, port:<portNum> Critical Received the switch itself IP with source IP is the same as the ARP or IP packet. 69.27. Ring Redundant Protocol (RRP) Serverity Log message / Explanation Ring topology was recovered to complete.
Page 717 69. System Log Lists 69.28. Others Serverity Log message / Explanation [Uint <unitID>] System re-start reason: system fatal error Emergency CPU exception lead to reboot system.
Page 718: Appendix A. Specifications
Appendix A. Specifications Appendix A. Specifications ○ Interface - Copper ports: Ports 1 to 28 (RJ45 connector) Transmission system IEEE802.3 10BASE-T IEEE802.3u 100BASE-TX IEEE802.3ab 1000BASE-T - SFP extension ports: Ports 25 to 28 (Select either of copper port or SFP for use) Transmission system IEEE802.3z 1000BASE-SX/1000BASE-LX Diagnostic Monitoring Interface (DMI):...
Page 719: Management Methods
Appendix A. Specifications ○ Layer-2 Functions - MAC Address Table 16K entries/unit - IGMP Snooping v1/v2/v3, 512 groups, fixed 64 groups (IGMP Snooping v3 filter mode is not supported) - MLD Snooping v1/v2, 512 groups, fixed 64 groups (MLD Snooping v2 filter mode is not supported) - Spanning Tree IEEE802.1D - Rapid Spanning Tree...
Page 720 Appendix A. Specifications ○ Supported MIB - RFC1213-MIB(MIBII) (RFC1213) - BRIDGE-MIB (RFC4188) - SNMPv2-MIB (RFC1907) - RMON-MIB (RFC1757,2819) [Group 1, 2, 3, 9] - RMON2-MIB (RFC2021) - EtherLike-MIB (RFC1643,2358,2665) - MAU-MIB (RFC4836) - P-BRIDGE-MIB (RFC4363) - IF-MIB (RFC2233,2863) - RADIUS-AUTH-CLIENT-MIB (RFC2618) - RADIUS-ACC-CLIENT-MIB (RFC2620) - DISMAN-PING-MIB (RFC2925) - DISMAN-TRACEROUTE-MIB (RFC2925)
Page 721: Appendix B. Procedures For Configuration Using Zequo Assist Plus
Appendix B. Procedures for Configuration Using ZEQUO assist Plus Appendix B. Procedures for Configuration Using ZEQUO assist Plus You can configure the Switching Hub via Console, Telnet, or SSH using a terminal emulator software. Our free support application, called “ZEQUO assist Plus”, is also included it. (Please refer the operation manual included in ZEQUO asssit Plus archive file for more detail.) 1.
Page 722: Appendix C. Private Mib Trap List
Appendix C. Private MIB Trap List Appendix C. Private MIB Trap List Trap Name Object ID Description swL2macNotification 1.3.6.1.4.1.396.5.5.3.1.1 New MAC address learning notification by MAC Notification function. swMacBasedAccess- 1.3.6.1.4.1.396.5.5.3.2.1 Authentication is successful by MAC-based ControlLoggedSuc- Access Control function. cess swMacBasedAccess- 1.3.6.1.4.1.396.5.5.3.2.2 Authentication is failed by MAC-based...
Page 723: Troubleshooting
Troubleshooting Troubleshooting If you find any problem, please take the following steps to check. * The POWER LED is not lit. Check if the power cord is disconnected. Please confirm that the power cord is securely connected to the power port. Is this Switching Hub operated at temperature in the range from 0 to 50 degrees C.
Page 724 Troubleshooting * Check if equipment with a fixed port mode is connected to any ports from 25 to 28. Change the settings for ports 25 to 28 of the Switching Hub and the opposed ports to auto-negotiation or the same port speed in the full-duplex mode. * Check if equipment of which port mode is set to the half-duplex mode is con- nected to ports 25 to 28.
Page 725: Warranty And After-Sales Service
Warranty and After-sales Service Warranty and After-sales Service 1. Warranty card A warranty card is included in the Installation Guide provided with this Switching Hub. Be sure to confirm that the date of purchase, shop (company) name, etc., have been entered in the warranty card and then receive it from the shop. Read it carefully, and then keep it in a safe place.
Page 726 (11-alphanumeric characters labeled on the product) Shop/Sales company 　　　　　　　　Tel: Customer service contact 　　　　　　　　Tel: (* Check screen is described in Section 5.8 of the Operating Instructions.) © Panasonic Eco Solutions Networks Co., Ltd. 2015-2016 2-12-7, Higashi-Shimbashi, Minato-ku, Tokyo Japan, 105-0021 URL: http://panasonic.co.jp/es/pesnw/english/ P0315-2086...

This manual is also suitable for:

Pn26241 Zequo 2210 pn26161

Panasonic ZEQUO 2200 Operating Instructions Manual

Quick Links

Related Manuals for Panasonic ZEQUO 2200

Summary of Contents for Panasonic ZEQUO 2200