Page 1 CLI Manual DES-3500 Series Product Model : Layer 2 Managed Stackable Fast Ethernet Switch Release 5.1...
Page 2: Table Of Contents
Table of Contents INTRODUCTION ......................... 1 USING THE CONSOLE CLI ......................3 COMMAND SYNTAX ........................7 BASIC SWITCH COMMANDS ....................9 MODIFY BANNER AND PROMPT COMMANDS ..............21 SWITCH PORT COMMANDS ....................25 PORT SECURITY COMMANDS ....................28 NETWORK MANAGEMENT (SNMP) COMMANDS ..............32 SWITCH UTILITY COMMANDS ....................
Page 3 MAC NOTIFICATION COMMANDS ..................227 ACCESS AUTHENTICATION CONTROL COMMANDS ............231 SSH COMMANDS ........................254 SSL COMMANDS ........................261 D-LINK SINGLE IP MANAGEMENT COMMANDS ..............268 COMMAND HISTORY LIST ....................278 LLDP COMMANDS ......................... 281 CPU FILTERING COMMANDS ....................303 CABLE DIAGNOSTICS COMMANDS ..................
Page 4 GRATUITOUS ARP COMMANDS ..................309 ARP SPOOFING PREVENTION COMMANDS ............... 313 TECHNICAL SUPPORT COMMANDS..................315 TECHNICAL SPECIFICATIONS ..................... 317...
Page 5: Introduction
This manual provides a reference for all of the commands contained in the CLI for members of the xStack DES-3500 series, including the DES-3526, DES-3526DC, and the DES-3550. Examples present in this manual may refer to any member of the xStack DES-3500 series and may show different port counts, but are universal to this series of switches, unless otherwise stated.
Page 6 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Setting the Switch’s IP Address Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s default IP address is 10.90.90.90. Users can change the default Switch IP address to meet the specification of your networking address scheme.
Page 7: Using The Console Cli
After the Switch reboots and users have logged in, the console looks like this: DES-3526 Fast Ethernet Switch Command Line Interface Firmware: Build 5.01-B47 Copyright(C) 2008 D-Link Corporation. All rights reserved. username: Figure 2-1. Initial Console Screen after logging in Commands are entered at the command prompt, DES-3526:admin#.
Page 8 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual cable_diag ports clear clear address_binding dhcp_snoop binding_entry ports clear arptable clear counters clear fdb clear log clear port_security_entry port config 802.1p default_priority config 802.1p user_priority config 802.1x auth_mode config 802.1x auth_parameter ports config 802.1x auth_protocol config 802.1x capability ports config 802.1x guest_vlan ports...
Page 9 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual <username> DES-3526:admin# Figure 2-4. Using the Up Arrow to Re-enter a Command In the above example, the command config account was entered without the required parameter <username>, the CLI returned the Next possible completions: <username> prompt. The up arrow cursor control key was pressed to re-enter the previous command (config account) at the command prompt.
Page 10 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show Command: show Next possible completions: 802.1p 802.1x access_profile account address_binding arp_spoofing_prevention arpentry asymmetric_vlan authen authen_enable authen_login authen_policy autoconfig bandwidth_control command_history config cpu_filter cpu_interface_filtering current_config dhcp_local_relay dhcp_relay error filter firmware flow_meter gratuitous_arp greeting_message gvrp...
Page 11: Command Syntax
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OMMAND YNTAX The following symbols are used to describe how command entries are made and values and arguments are specified in this manual. The online help contained in the CLI and available through the console interface uses the same syntax. Note: All commands are case-sensitive.
Page 12 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual {braces} however the effect of the system reset is dependent on which, if any, value is specified. Therefore, with this example there are three possible outcomes of performing a system reset. See the following chapter, Basic Commands for more details about the reset command.
Page 13: Basic Switch Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ASIC WITCH OMMANDS The basic switch commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters enable password encryption disable password encryption create account [admin | operator | user] <username 15>...
Page 14 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable/disable password encryption encryption is enabled, the password will be in an encrypted form. When password encryption is disabled, the user can specify the password in plain text form, which means the password will be in plain text form.
Page 15 Success. DES-3526:admin# NOTICE: In case of lost passwords or password corruption, please refer to the D-Link website and the White Paper entitled “Password Recovery Procedure”, which will guide you through the steps necessary to resolve this issue. config account Purpose...
Page 16 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To display the accounts that have been created: DES-3526:admin#show account Command: show account Current Accounts: Username Access Level --------------- ------------ dlink Admin Total Entries: 1 DES-3526:admin# delete account Purpose Used to delete user accounts. Syntax delete account [ <username>...
Page 17 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display the way that the users logged in: DES-3526:admin#show session Command: show session Login Time Live Time From Level Name ------------------ -------- --------- ------ ----- 00000 days 00:00:37 03:36:27 Serial Port Anonymous...
Page 18 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show serial_port Description This command displays the current serial port settings. Parameters None. Restrictions None Example usage: To display the serial port setting: DES-3526:admin#show serial_port Command: show serial_port Baud Rate : 9600 Data Bits Parity Bits : None...
Page 19 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable clipaging Purpose Used to pause the scrolling of the console screen when a command displays more than one page. Syntax enable clipaging Description This command is used when issuing a command which causes the console screen to rapidly scroll through several pages.
Page 20 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable telnet <tcp_port_number 1-65535> − The TCP port number. TCP ports Parameters are numbered between 1 and 65535. The “well-known” TCP port for the Telnet protocol is 23. Restrictions Only Administrator and Operator-level users can issue this command.
Page 21 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#telnet 10.53.13.99 tcp_port 23 Command: telnet 10.53.13.99 tcp_port 23 enable web Purpose Used to enable the HTTP-based management software on the Switch. Syntax enable web <tcp_port_number 1-65535> Description This command is used to enable the Web-based management software on the Switch.
Page 22 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual save Purpose Used to save changes in the Switch’s configuration to non-volatile RAM. Syntax save Description This command is used to enter the current switch configuration into non-volatile RAM. The saved switch configuration will be loaded into the Switch’s memory each time the Switch is restarted.
Page 23 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#reboot force_agree Command: reboot force_agree Are users sure want to proceed with the system reboot? (y|n) Please wait, the switch is rebooting... reset Purpose Used to reset the Switch to the factory default settings. reset {[config | system {exclude [vlan|system_ip]}] } Syntax { force_agree}...
Page 24 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#login Command: login UserName: logout Purpose Used to log out a user from the Switch’s console. Syntax logout Description This command terminates the current user’s session on the Switch’s console. Parameters None.
Page 25: Modify Banner And Prompt Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ODIFY ANNER AND ROMPT OMMANDS Administrator level users can modify the login banner (greeting message) and command prompt by using the commands described below. Command Parameters config command_ prompt [<string 16> | username | default] config greeting_message {default} show greeting_message...
Page 26 To modify the banner to read “Good evening Mr. Bond.”: DES-3526:admin# config greeting_message Command: config greeting_message Greeting Messages Editor ================================================================================ DES-3526 Fast Ethernet Switch Command Line Interface Firmware: Build 5.01-B47 Copyright(C) 2004-2007 D-Link Corporation. All rights reserved. ================================================================================ <Function Key> <Control Key> Ctrl+C Quit without save left/right/ Ctrl+W...
Page 27 DES-3526:admin#show greeting_message Command: show greeting_message ========================================================================= DES-3526 Gigabit Ethernet Switch Command Line Interface Firmware: Build 5.01.B41 Copyright(C) 2004-2005 D-Link Corporation. All rights reserved. ========================================================================= DES-3526:admin# enable greeting_message Purpose Used to enable viewing of the currently configured greeting message configured on the Switch.
Page 28 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable greeting_message Restrictions None. Example usage: To disable viewing of the currently configured greeting message: DES-3526:admin#disable greeting_message Command: disable greeting_message Success. DES-3526:admin#...
Page 29: Switch Port Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual WITCH OMMANDS The switch port commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config ports [<portlist | all>] { medium_type [copper|fiber ] | speed [auto | 10_half | 10_full |100_half | 100_full | 1000_full]} | flow_control [enable | disable] | learning [enable | disable] | state [enable | disable] | trap [enable | disable] | description <desc 32>...
Page 30 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command: config ports 1-3 speed 10_full learning enable state enable Success. DES-3526:admin# show ports Purpose Used to display the current configuration of a range of ports. Syntax show ports [<portlist>] {description | err_disabled} Description This command is used to display the current configuration of a range of ports.
Page 31 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display the configuration of all ports on a standalone switch, with description: DES-3526:admin#show ports description Command: show ports description Port State/ Settings Connection Address Trap MDIX Speed/Duplex/FlowCtrl Speed/Duplex/FlowCtrl Learning State ----- ---------- --------------------- --------------------- -------- --------...
Page 32: Port Security Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ECURITY OMMANDS The Switch’s port security commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config port_security ports [<portlist> | all] {admin_state [enable| disable] | max_learning_addr <max_lock_no 0-64>...
Page 33 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To configure the port security: DES-3526:admin#config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode DeleteOnReset Command: config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode DeleteOnReset Success. DES-3526:admin# delete port_security_entry Purpose Used to delete a port security entry by MAC address, port number and VLAN ID.
Page 34 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual clear port_security_entry Purpose Used to clear MAC address entries learned from a specified port for the port security function. Syntax clear port_security_entry ports <portlist> Description This command is used to clear MAC address entries which were learned by the Switch by a specified port.
Page 35 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable port_security trap_log Purpose Used to enable the trap log for port security. Syntax enable port_security trap_log Description This command, along with the disable port_security trap_log, will enable and disable the sending of log messages to the Switch’s log and SNMP agent when the port security of the Switch has been triggered.
Page 36: Network Management (Snmp) Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual (SNMP) C ETWORK ANAGEMENT OMMANDS The DES-3500 Switch series supports the Simple Network Management Protocol (SNMP) versions 1, 2c, and 3. Users can specify which version of the SNMP users want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.
Page 37 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command Parameters <auth_string 32> delete snmp host <ipaddr> show snmp host <ipaddr> create trusted_host <ipaddr>| network<network_address> {snmp | telnet | ssh | http | https} config trusted_host [<ipaddr> | network <network_address>] [add|delete] {snmp | telnet | ssh | http | https} delete trusted_host [all | ipaddr<ipaddr>| network<network_address>]...
Page 38 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create snmp user privacy. The key is defined by specifying the key in hex form below. This method is not recommended. auth - The user may also choose the type of authentication algorithms used to authenticate the snmp user.
Page 39 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete snmp user Restrictions Only Administrator and Operator-level users can issue this command. Example usage: `To delete a previously entered SNMP user on the Switch: DES-3526: DES-3526:admin#delete snmp user dlink Command: delete snmp user dlink Success.
Page 40 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create snmp view Purpose Used to assign views to community strings to limit which MIB objects and SNMP manager can access. Syntax create snmp view <view_name 32> <oid> view_type [included | excluded] Description The create snmp view command assigns views to community...
Page 41 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Success. DES-3526:admin# show snmp view Purpose Used to display an SNMP view previously created on the Switch. Syntax show snmp view {<view_name 32>} Description The show snmp view command displays an SNMP view previously created on the Switch.
Page 42 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show snmp view Command: show snmp view Vacm View Table Settings View Name : restricted Subtree : 1.3.6.1.2.1.1 View Type : Included View Mask : View Name : restricted Subtree : 1.3.6.1.2.1.11 View Type : Included View Mask : View Name : restricted...
Page 43 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create snmp community the Switch. read_write − Specifies that SNMP community members using the community string created with this command can read from and write to the contents of the MIBs on the Switch. Restrictions Only Administrator and Operator-level users can issue this command.
Page 44 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show snmp community Restrictions None. Example usage: To display the currently entered SNMP community strings: DES-3526:admin#show snmp community Command: show snmp community SNMP Community Table Community Name View Name Access Right --------------- ------------- -------------...
Page 45 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show snmp engineID Command: show snmp engineID SNMP Engine ID : 0035636666 DES-3526:admin# create snmp group Purpose Used to create a new SNMP group, or a table that maps SNMP users to SNMP views.
Page 46 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create snmp group SNMP manager is allowed to access on the Switch. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To create an SNMP group named “sg1:” DES-3526:admin#create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1 Command: create snmp group sg1 v3 noauth_nopriv read_view...
Page 47 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show snmp groups Command: show snmp groups Vacm Access Table Settings Group Name : Group3 ReadView Name : ReadView WriteView Name : WriteView Notify View Name : NotifyView Security Model : SNMPv3 Security Level : NoAuthNoPriv Group...
Page 48 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create snmp host v3 – Specifies that the SNMP version 3 will be used. SNMP v3 provides secure access to devices through a combination of authentication and encrypting packets over the network. SNMP v3 adds: •...
Page 49 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#delete snmp host 10.48.74.100 Command: delete snmp host 10.48.74.100 Success. DES-3526:admin# show snmp host Purpose Used to display the recipient of SNMP traps generated by the Switch’s SNMP agent. show snmp host {<ipaddr>} Syntax Description The show snmp host command is used to display the IP addresses...
Page 50 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create trusted_host https - Specifies trusted host for HTTPs. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To create the trusted host: DES-3526:admin# create trusted_host 10.48.74.121 Command: create trusted_host 10.48.74.121 Success.
Page 51 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create trusted_host network specified, then there is nothing to prevent any IP address from accessing the switch, provided the user knows the Username and Password. When the access interface is not specified, the trusted host will be created for all interfaces.
Page 52 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete trusted_host ipaddr Purpose Used to delete a trusted host entry made using the create trusted_host command above. Syntax delete trusted host ipaddr<ipaddr> Description This command is used to delete a trusted host entry made using the create trusted_host command above.
Page 53 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To delete all trusted host entries: DES-3526: admin#delete trusted_host all Command: delete trusted_host all Success. enable snmp traps Purpose Used to enable SNMP trap support. enable snmp traps Syntax Description The enable snmp traps command is used to enable SNMP trap support on the Switch.
Page 54 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show snmp traps Description This command is used to view the SNMP trap support status currently configured on the Switch. Parameters None. Restrictions None. Example usage: To view the current SNMP trap support: DES-3526:admin#show snmp traps Command: show snmp traps SNMP Traps...
Page 55 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#disable snmp authenticate traps Command: disable snmp authenticate traps Success. DES-3526:admin# config snmp system_contact Purpose Used to enter the name of a contact person who is responsible for the Switch. Syntax config snmp system_contact{<sw_contact>} The config snmp system_contact command is used to enter the Description...
Page 56 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#config snmp system_location HQ Command: config snmp system_location HQ 5F Success. DES-3526:admin# config snmp system_name Purpose Used to configure the name for the Switch. config snmp system_name {<sw_name>} Syntax Description The config snmp system_name command configures the name of the Switch.
Page 57 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable rmon Purpose Used to disable RMON on the Switch. Syntax disable rmon Description This command is used, in conjunction with the enable rmon command above, to enable and disable remote monitoring (RMON) on the Switch.
Page 58: Switch Utility Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual WITCH TILITY OMMANDS The switch utility commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters download [firmware_fromTFTP <ipaddr> <path_filename 64> {image_id <int 1-2>} | cfg_fromTFTP <ipaddr>...
Page 59 DES-3526:admin## ------------------------------------------------------------------------------------ DES-3526:admin## DES-3526 Configuration DES-3526:admin## DES-3526:admin## Firmware: Build 5.01-B47 DES-3526:admin## Copyright(C) 2000-2004 D-Link Corporation. All rights reserved. DES-3526:admin##-------------------------------------------------------------------- DES-3526:admin# DES-3526:admin# DES-3526:admin## BASIC DES-3526:admin# DES-3526:admin#config serial_port baud_rate 9600 auto_logout 10_minutes Command: config serial_port baud_rate 9600 auto_logout 10_minutes The download configuration command will initiate the loading of the various settings in the order listed in the configuration file.
Page 60 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config firmware image_id Restrictions Only administrator-level users can issue this command. Example usage: To configure firmware section 1 as a boot up section: DES-3526:admin# config firmware section_id 1 boot_up Command: config firmware section_id 1 boot_up Success.
Page 61 To view the current configuration settings: DES-3526:admin#show config current_config Command: show config current_config #------------------------------------------------------------------------------------ DES-3526 Configuration Firmware: Build 5.01-B47 Copyright(C) 2000-2004 D-Link Corporation. All rights reserved. #------------------------------------------------------------------------------------ # BASIC config serial_port baud_rate 9600 auto_logout 10_minutes enable telnet 23 enable web 80...
Page 62 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual upload Purpose Used to upload the current switch settings or the switch history log to a TFTP. Syntax upload [cfg_toTFTP | log_toTFTP] <ipaddr> <path_filename 64> Description This command is used to upload either the Switch’s current settings or the Switch’s history log to a TFTP server.
Page 63 Upon booting up the autoconfig process is initiated, the console screen will appear similar to the example below. The configuration settings will be loaded in normal order. DES-3526 Fast Ethernet Switch Command Line Interface Firmware: Build 5.01-B47 Copyright(C) 2000-2004 D-Link Corporation. All rights reserved. DES-3526:admin# DES-3526:admin# DES-3526:admin#download configuration 10.41.44.44 c:\cfg\setting.txt...
Page 64 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual NOTE: With autoconfig enabled, the Switch ipif settings now define the Switch as a DHCP client. Use the show switch command to display the new IP settings status. disable autoconfig Purpose Use this to deactivate autoconfiguration from DHCP.
Page 65 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ping Purpose Used to test the connectivity between network devices. Syntax ping <ipaddr> {times <value 1-255>} {timeout <sec 1-99>} Description The ping command sends Internet Control Message Protocol (ICMP) echo messages to a remote IP address. The remote IP address will then “echo”...
Page 66: Network Monitoring Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ETWORK ONITORING OMMANDS The network monitoring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters show packet ports <portlist> show error ports <portlist>...
Page 67 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show packet port 2 Command: show packet port 2 Port number : 2 Frame Size Frame Counts Frame/sec Frame Type Total Total/sec ----------- ------------ ---------- ---------- ------ --------- 3275 RX Bytes 408973 1657 65-127...
Page 68 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show utilization Purpose Used to display real-time port and CPU utilization statistics. Syntax show utilization [cpu | ports {<portlist>}] Description This command will display the real-time port and CPU utilization statistics for the Switch. Parameters cpu –...
Page 69 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual clear counters Purpose Used to clear the Switch’s statistics counters. Syntax clear counters {ports <portlist>} Description This command will clear the counters used by the Switch to compile statistics. <portlist> − Specifies a port or range of ports to be displayed. Parameters Restrictions Only Administrator and Operator-level users can issue this...
Page 70 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To display the switch history log: DES-3526:admin#show log index 5 Command: show log index 5 DES-3526:admin#show log index 5 Command: show log index 5 Index Time Log Text ----- ------------------- ------------------------------------------- 00000 days 00:00:47 Firmware upgraded to SLAVE unsuccessfully! (Username: Anonymous, IP: 0.0.0.0, MAC: 00-00-00-00-00-00)
Page 71 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable syslog Purpose Used to enable the system log to be sent to a remote host. Syntax disable syslog Description The disable syslog command enables the system log to be sent to a remote host.
Page 72 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create syslog host Numerical Severity Code Emergency: system is unusable Alert: action must be taken immediately Critical: critical conditions Error: error conditions Warning: warning conditions Notice: normal but significant condition Informational: informational messages Debug: debug-level messages Numerical Facility...
Page 73 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create syslog host kernel messages user-level messages mail system system daemons security/authorization messages messages generated internally by syslog line printer subsystem network news subsystem UUCP subsystem clock daemon security/authorization messages FTP daemon NTP subsystem log audit log alert...
Page 74 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config syslog host Purpose Used to configure the syslog protocol to send system log data to a remote host. Syntax config syslog host [all | <index 1-4>] {severity [informational | warning | all] | facility [local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7] | udp_port <udp_port_number>...
Page 75 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Parameters Numerical Facility Code kernel messages user-level messages mail system system daemons security/authorization messages messages generated internally by syslog line printer subsystem network news subsystem UUCP subsystem clock daemon security/authorization messages FTP daemon NTP subsystem log audit...
Page 76 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#config syslog host 1 severity all facility local0 Command: config syslog host all severity all facility local0 Success. DES-3526:admin# Example usage: To configure a syslog host for all hosts: DES-3526:admin#config syslog host all severity all facility local0 Command: config syslog host all severity all facility local0...
Page 77 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show syslog host Purpose Used to display the syslog hosts currently configured on the Switch. Syntax show syslog host {<index 1-4>} Description The show syslog host command is used to display the syslog hosts that are currently configured on the Switch.
Page 78 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config system_severity Purpose To configure system_severity level of an alert required for log entry or trap message. Syntax config system_severity [trap | log | all] [critical | warning | information] Description This command is used to configure the system_severity levels on the Switch.
Page 79 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show system_severity Purpose To display system_severity level of an alert required for log entry or trap message. Syntax show system_severity Description This command is used to display system_severity level of an alert required for log entry or trap message.
Page 80: Multiple Spanning Tree Protocol (Mstp) Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual (MSTP) C ULTIPLE PANNING ROTOCOL OMMANDS This Switch supports three versions of the Spanning Tree Protocol; 802.1d STP, 802.1w Rapid STP and 802.1s MSTP. Multiple Spanning Tree Protocol, or MSTP, is a standard defined by the IEEE community that allows multiple VLANs to be mapped to a single spanning tree instance, which will provide multiple pathways across the network.
Page 81 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command Parameters show stp instance {<value 0-4>} show stp mst_config id Each command is listed, in detail, in the following sections. enable stp Purpose Used to globally enable STP on the Switch. Syntax enable stp Description...
Page 82 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp version Protocol (MSTP) globally on the Switch. rstp - Selecting this parameter will set the Rapid Spanning Tree Protocol (RSTP) globally on the Switch. stp - Selecting this parameter will set the Spanning Tree Protocol (STP) globally on the Switch.
Page 83 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp txholdcount <1-10> - The maximum number of BPDU Hello packets transmitted per interval. Default value = 6. fbpdu [enable | disable] − Allows the forwarding of STP BPDU packets from other network devices when STP is disabled on the Switch.
Page 84 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp ports Purpose Used to setup STP on the port level. Syntax config stp ports <portlist> {externalCost [auto | <value 1-200000000>] | hellotime <value 1-2> | migrate [yes | no] | edge [true | false | auto] | restricted_tcn [true | false] | restricted_role [true | false] | p2p [true | false | auto] | state [enable | disable] | fbpdu [enable |disable | hw_filter] | recover_hw_filter}}...
Page 85 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual (for example if the port is forced to half-duplex operation) the p2p status changes to operate as if the p2p value were false. The default setting for this parameter is auto. state [enable | disable] −...
Page 86 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config stp instance_id Purpose Used to add or delete an STP instance ID. Syntax config stp instance_id <value 1-4> [add_vlan | remove_vlan] <vidlist> Description This command is used to map VIDs (VLAN IDs) to previously configured STP instances on the Switch by creating an instance_id.
Page 87 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete stp instance_id Description This command allows the user to delete a previously configured STP instance ID from the Switch. Parameters <value 1-4> Enter a value between 1 and 4 to identify the Spanning Tree instance on the Switch.
Page 88 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp mst_config_id Description This command will uniquely identify the MSTP configuration currently configured on the Switch. Information entered here will be attached to BPDU packets as an identifier for the MSTP region to which it belongs.
Page 89 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp mst_ports priority <value 0-240> - Enter a value between 0 and 240 to set the priority for the port interface. A higher priority will designate the interface to forward packets first. A lower number denotes a higher priority.
Page 90 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Status 3 : STP enabled for MSTP DES-3526:admin#show stp Command: show stp STP Status : Enabled STP Version : MSTP Max Age : 20 Forward Delay : 15 Max Age : 20 TX Hold Count Forwarding BPDU : Enabled...
Page 91 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show stp instance_id configuration for the CIST internally set on the Switch. Restrictions None Example usage: To display the STP instance configuration for instance 0 (the internal CIST) on the Switch: DES-3526:admin#show stp instance 0 Command: show stp instance 0 STP Instance Settings...
Page 92 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual...
Page 93: Forwarding Database Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ORWARDING ATABASE OMMANDS The layer 2 forwarding database commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create fdb <vlan_name 32> <macaddr> port <port> create multicast_fdb <vlan_name 32>...
Page 94 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#create fdb default 00-00-00-00-01-02 port 5 Command: create fdb default 00-00-00-00-01-02 port Success. DES-3526:admin# create multicast_fdb Purpose Used to create a static entry to the multicast MAC address forwarding table (database) Syntax create multicast_fdb <vlan_name 32>...
Page 95 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config multicast_fdb Purpose Used to configure the Switch’s multicast MAC address forwarding database. Syntax config multicast_fdb <vlan_name 32> <macaddr> [add | delete] <portlist> Description This command configures the multicast MAC address forwarding table.
Page 96 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config fdb aging_time Purpose Used to set the aging time of the forwarding database. Syntax config fdb aging_time <sec 10-1000000> Description The aging time affects the learning process of the Switch. Dynamic forwarding table entries, which are made up of the source MAC addresses and their associated port numbers, are deleted from the table if they are not accessed within the aging time.
Page 97 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To delete a multicast FDB entry: DES-3526:admin#delete fdb default 01-00-00-00-01-02 Command: delete fdb default 01-00-00-00-01-02 Success. DES-3526:admin# clear fdb Purpose Used to clear the Switch’s forwarding database of all dynamically learned MAC addresses. Syntax clear fdb [vlan <vlan_name 32>...
Page 98 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show multicast_fdb vlan default Command: show multicast_fdb vlan default VLAN Name : default MAC Address : 01-00-5E-00-00-00 Egress Ports : 1-5 Mode : Static Total Entries DES-3526:admin# show fdb Purpose Used to display the current unicast MAC address forwarding database. Syntax show fdb { port <port>...
Page 99 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual default 00-02-3F-63-DD-68 Dynamic CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry config multicast port_filtering_mode Purpose Used to configure the multicast packet filtering mode on a port per port basis. Syntax config multicast port_filtering_mode [<portlist>...
Page 100 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show multicast port_filtering_mode Command: show multicast port_filtering_mode Port Multicast Filter Mode ------ --------------------------- forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups CTRL+C ESC q...
Page 101: Traffic Control Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual RAFFIC ONTROL OMMANDS On a computer network, packets such as Multicast packets and Broadcast packets continually flood the network as normal procedure. At times, this traffic may increase do to a malicious endstation on the network or a malfunctioning device, such as a faulty network card.
Page 102 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config traffic control Group 6 - Inclusive for ports 41-48 (DES-3550 only). Group 7 - Inclusive for Gigabit port 49 (DES-3550 only). Group 8 - Inclusive for Gigabit port 50 (DES-3550 only). all −...
Page 103 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config traffic control 1,3,5 broadcast enable threshold 25000 Command: config traffic control 1,3,5 broadcast enable threshold 25000 Traffic control port_list(drop mode) : 1-8,17-24,26 Warning! Drop mode is incompatible with shutdown mode in the same block(ex:port 1-8) Success.
Page 104 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show traffic control Purpose Used to display current traffic control settings. Syntax show traffic control {[group_list <storm_grouplist> | port <portlist>]} Description This command displays the current storm traffic control configuration on the Switch.
Page 105 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config traffic control_trap Purpose Used to configure the trap settings for the packet storm control mechanism. Syntax config traffic control_trap [none | storm_occurred | storm_cleared | both] Description This command will configure how packet storm control trap messages will be used when a packet storm is detected by the Switch.
Page 106: Qos Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OMMANDS The DES-3500 switch supports 802.1p priority queuing. The Switch has 4 priority queues. These priority queues are numbered from 3 (Class 3) — the highest priority queue — to 0 (Class 0) — the lowest priority queue. The eight priority tags specified in IEEE 802.1p (p0 to p7) are mapped to the Switch’s priority queues as follows: •...
Page 107 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config bandwidth_control above ports will be allowed to receive. tx_rate − Specifies that one of the parameters below (no_limit or <value 1-1000>) will be applied to the rate at which the above specified ports will be allowed to transmit packets.
Page 108 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual no_limit no_limit no_limit no_limit no_limit no_limit no_limit no_limit DES-3526:admin# config scheduling Purpose Used to configure the traffic scheduling mechanism for each COS queue. Syntax config scheduling <class_id 0-3> [max_packet <value 0-255> | max_latency <value 0-255>] Description The Switch contains 4 hardware priority queues.
Page 109 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config scheduling 3 specifies 3 X 16 = 48 ms. The queue will continue transmitting the last packet until it is finished when the max_latency timer expires. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure the traffic scheduling mechanism for each queue: DES-3526:admin# config scheduling 0 max_packet 100...
Page 110 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1p user_priority Mid-low Lowest Lowest Mid-low Mid-high Mid-high Highest Highest. This mapping scheme is based upon recommendations contained in IEEE 802.1D. Change this mapping by specifying the 802.1p user priority users want to map to the <class_id 0-3>...
Page 111 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Priority-2 -> <Class-0> Priority-3 -> <Class-1> Priority-4 -> <Class-2> Priority-5 -> <Class-2> Priority-6 -> <Class-3> Priority-7 -> <Class-3> DES-3526:admin# config 802.1p default_priority Purpose Used to configure the 802.1p default priority settings on the Switch. If an untagged packet is received by the Switch, the priority configured with this command will be written to the packet’s priority field.
Page 112 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show 802.1p default_priority the highest switch number, and the highest port number of the range (also separated by a colon) are specified. The beginning and end of the port list range are separated by a dash. For example, 1:3 specifies switch number 1, port 3.
Page 113: Port Mirroring Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IRRORING OMMANDS The port mirroring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config mirror port <port> [add | delete] source ports <portlist> [rx | tx | both] enable mirror disable mirror show mirror...
Page 114 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config mirror port 1 add source ports 2-7 both Command: config mirror port 1 add source ports 2-7 both Success. DES-3526:admin# Example usage: To delete the mirroring ports: DES-3526:admin#config mirror port 1 delete source port Command: config mirror 1 delete source 2-4 Success.
Page 115 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To disable mirroring configurations: DES-3526:admin#disable mirror Command: disable mirror Success. DES-3526:admin# show mirror Purpose Used to show the current port mirroring configuration on the Switch. Syntax show mirror Description This command displays the current port mirroring configuration on the Switch.
Page 116: Vlan Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual VLAN C OMMANDS The VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create vlan <vlan_name 32> {tag <vlanid 1-4094> | advertisement} delete vlan <vlan_name 32>...
Page 117 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# delete vlan Purpose Used to delete a previously configured VLAN on the Switch. Syntax delete vlan <vlan_name 32> Description This command will delete a previously configured VLAN on the Switch. <vlan_name 32>...
Page 118 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# To delete ports from a VLAN: DES-3526:admin#config vlan v1 delete 6-8 Command: config vlan v1 delete 6-8 Success. DES-3526:admin# create vlan vlanid Purpose Used to create a VLAN by VLAN ID list on the switch. Syntax create vlan vlanid <vlanid_list>...
Page 119 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config vlan vlanid Purpose Used to add additional ports to a previously configured VLAN. Syntax config vlan vlanid <vidlist> {add [ tagged | untagged | forbidden ] | delete <portlist> | advertisement [enable | disable] | name <name>} Description The config vlan vlanid command allows you to add or delete ports of...
Page 120 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config gvrp checking for the specified port list. acceptable_frame [tagged_only | admit_all] – This parameter states the frame type that will be accepted by the Switch for this function. tagged_only implies that only VLAN tagged frames will be accepted, while admit_all implies tagged and untagged frames will be accepted by the Switch.
Page 121 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To disable the Generic VLAN Registration Protocol (GVRP): DES-3526:admin#disable gvrp Command: disable gvrp Success. DES-3526:admin# show vlan Purpose Used to display the current VLAN configuration on the Switch Syntax show vlan {<vlan_name 32>} Description This command displays summary information about each VLAN...
Page 122 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command: show gvrp 1-10 Global GVRP : Disabled Port PVID GVRP Ingress Checking Acceptable Frame Type ------ ---- -------- ---------------- ----------------------- Disabled Enabled All Frames Disabled Enabled All Frames Disabled Enabled All Frames Disabled Enabled...
Page 123: Asymmetric Vlan Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual VLAN C SYMMETRIC OMMANDS The asymmetric VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters enable asymmetric_vlan disable asymmetric_vlan show asymmetric_vlan Each command is listed, in detail, in the following sections.
Page 124 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show asymmetric_vlan Purpose Used to view the asymmetric VLAN state on the Switch. Syntax show asymmetric_vlan Description This command displays the asymmetric VLAN state on the Switch. Parameters None. Restrictions None. Example usage: To display the asymmetric VLAN state currently set on the Switch: DES-3526:admin#show asymmetric_vlan...
Page 125: Link Aggregation Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual GGREGATION OMMANDS The link aggregation commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create link_aggregation group_id <value 1-6> {type [lacp | static]} delete link_aggregation group_id <value 1-6>...
Page 126 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete link_aggregation group_id Purpose Used to delete a previously configured link aggregation group. Syntax delete link_aggregation group_id <value 1-6> Description This command is used to delete a previously configured link aggregation group. <value 1-6>...
Page 127 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config link_aggregation algorithm Purpose Used to configure the link aggregation algorithm. Syntax config link_aggregation algorithm [mac_source | mac_destination | mac_source_dest | ip_source | ip_destination | ip_source_dest] Description This command configures the part of the packet examined by the Switch when selecting the egress port for transmitting load-sharing data.
Page 128 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show link_aggregation Command: show link_aggregation Link Aggregation Algorithm = MAC-source-dest Group ID Type : TRUNK Master Port Member Port : 5-7,9 Active Port Status : Disabled Flooding Port DES-3526:admin# config lacp_ports Purpose Used to configure settings for LACP compliant ports.
Page 129 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show lacp_ports Purpose Used to display current LACP port mode settings. Syntax show lacp_ports {<portlist>} Description This command will display the LACP mode settings as they are currently configured. Parameters <portlist> - Specifies a port or range of ports to be configured. If no parameter is specified, the system will display the current LACP status for all ports.
Page 130: Ip-Mac Binding
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IP-MAC B INDING The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC binding is to restrict the access to a switch to a number of authorized users.
Page 131 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command Parameters create address_binding <ipaddr> mac_address <macaddr> {ports [<portlist> | all] | mode {arp | acl]} ip_mac ipaddress config address_binding <ipaddr> mac_address <macaddr> {ports [<portlist> | all] | mode {arp | acl]} ip_mac ipaddress config address_binding [<portlist>...
Page 132 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create address_binding ip_mac ipaddress Purpose Used to create an IP-MAC Binding entry. Syntax create address_binding ip_mac ipaddress <ipaddr> mac_address <macaddr> {ports [<portlist> | all] | mode {arp | acl]} Description This command will create an IP-MAC Binding entry. Parameters <ipaddr>...
Page 133 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show access_profile Command: show access_profile Access Profile Table Access Profile ID : 1 Type : Packet Content Filter Owner : Address_binding Masks Offset 0-15 : 0x00000000 0000ffff ffffffff 00000000 Offset 16-31 : 0x00000000 00000000 00000000 0000ffff...
Page 134 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#config address_binding ip_mac ipaddress 10.1.1.3 mac_address 00-00-00-00-00- Command: config address_binding ip_mac ipaddress 10.1.1.3 mac_address 00-00-00-00-00- Success. DES-3526:admin# To configure address binding on the Switch for ACL mode: DES-3526:admin#config address_binding ip_mac ipaddress 10.1.1.3 mac_address 00-00-00-00- 00-05 mode acl Command: config address_binding ip_mac ipaddress 10.1.1.3 mac_address 00-00-00-00-...
Page 135 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#config address_binding ip_mac ports 2 state enable Command: config address_binding ip_mac ports 2 state enable Success. DES-3526:admin# config address_binding ip_mac ports Purpose Used to configure an IP-MAC state to enable or disable for specified ports. Syntax config address_binding ip_mac ports [<portlist>...
Page 136 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#config address_binding ip_mac ports 2 forward_dhcppkt enable Command: config address_binding ip_mac ports 2 forward_dhcppkt enable Success. DES-3526:admin# show address_binding Purpose Used to display IP-MAC Binding entries. Syntax [ip_mac {[all | ipaddress <ipaddr> mac_address <macaddr>]} | blocked {[all | vlan_name <vlan_name>...
Page 137 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete address_binding Purpose Used to delete IP-MAC Binding entries. Syntax delete address_binding ip-mac [ipaddress <ipaddr> mac_address <macaddr> | all] | blocked [all | vlan_name <vlan_name> mac_address <macaddr>]] Description This command will delete IP-MAC Binding entries. Two different kinds of information can be deleted.
Page 138 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable address_binding acl_mode Purpose Used to enable the ACL mode for an IP-MAC binding entry. Syntax enable address_binding acl_mode Description This command, along with the disable address_binding acl_mode will enable and disable the ACL mode for IP-MAC binding on the Switch, without altering previously set configurations.
Page 139 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To disable IP-MAC Binding ACL mode on the Switch: DES-3526:admin#disable address_binding acl_mode Command: disable address_binding acl_mode Success. DES-3526:admin# enable address_binding trap_log Purpose Used to enable the trap log for the IP-MAC binding function. Syntax enable address_binding trap_log Description...
Page 140 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#disable address_binding trap_log Command: disable address_binding trap_log Success. DES-3526:admin# show address_binding dhcp_snoop Purpose To show address_binding entries created by DHCP packet. show address_binding dhcp_snoop {[max_entry {ports Syntax <portlist>} | binding_entry {port <port>}]} Description This command is used to show address_binding dhcp_snoop information.
Page 141 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# show address_binding dhcp_snoop max_entry Command: show address_binding dhcp_snoop max_entry Port Max entry ---- --------- DES-3526:admin# enable address_binding dhcp_snoop Purpose Used to enable address_binding dhcp_snoop. Syntax enable address_binding dhcp_snoop Description This command is used to enable the function to allow entries to be created by the DHCP packet.
Page 142 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#enable address_binding dhcp_snoop Command: enable address_binding dhcp_snoop Success. DES-3526:admin# disable address_binding dhcp_snoop Purpose Used to disable address_binding dhcp_snoop. disable address_binding dhcp_snoop. Syntax Description This command is used to disable the function which allows entries to be created by the DHCP packet.
Page 143 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config address_binding dhcp_snoop max_entry Purpose Specifies the max number of entries which can be learned by the specified ports. Syntax config address_binding dhcp_snoop max_entry ports [<portlist> | all] limit [<value 1-10> | no_limit] Description By default, the per port max entry is 5.
Page 144 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# create address_binding permit_ip_pool start_ip 10.10.10.10 end_ip 10.10.10.11 ports 1 Command: create address_binding permit_ip_pool start_ip 10.10.10.10 end_ip 10.10 .10.11 ports 1 Success. DES-3526:admin# config address_binding permit_ip_pool Purpose To update the entry of permit IP pool Syntax config address_binding permit_ip_pool start_ip <ipaddr>...
Page 145 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# delete address_binding permit_ip_pool start_ip 10.10.10.10 end_ip 10.10.10.11 Command: delete address_binding permit_ip_pool start_ip 10.10.10.10 end_ip 10.10.10.11 Success. DES-3526:admin# show address_binding permit_ip_pool Purpose To display the entry of permit IP pool. Syntax show address_binding permit_ip_pool Description User uses this command to update an entry of permit IP pool.
Page 146: Limited Ip Multicast Address
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IP M IMITED ULTICAST DDRESS The Limited IP Multicast command allows the administrator to permit or deny access to a port or range of ports by specifying a range of multicast addresses. The Limited IP Multicast Commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 147 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete multicast_range Purpose Used to create delete a multicast address profile. Syntax delete multicast_range<range_name> Description The delete multicast_range command allows the user to delete a multicast range profile, which has been created by using create multicast_range command above.
Page 148 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config limited_multicast_addr Purpose Used to configure limited IP multicast address range. Syntax config limited_multicast_addr ports <portlist> [add multicast_range <range_name> | delete multicast_range [<range_name>|all] | {access [permit | deny] | state [enable | disable]}(1) ] Description The config limited multicast address command allows the user to...
Page 149 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual 224.1.1.1 224.1.1.2 permit enable DES-3526:admin#...
Page 150: Basic Ip Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IP C ASIC OMMANDS The IP interface commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config ipif <ipif_name 12> [{ipaddress <network_address> | vlan <vlan_name 32>...
Page 151 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show ipif Purpose Used to display the configuration of an IP interface on the Switch. Syntax show ipif <ipif_name 12> Description This command will display the configuration of an IP interface on the Switch.
Page 152 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#enable autoconfig Command: enable autoconfig Success. DES-3526:admin# NOTE: More detailed information for this command and related commands can be found in the section titled Switch Utility Commands.
Page 153: Igmp Snooping Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IGMP S NOOPING OMMANDS The IGMP Snooping commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config igmp_snooping [<vlan_name 32> | all] {host_timeout <sec 1-16711450> | router_timeout <sec 1-16711450>...
Page 154 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config igmp_snooping Switch receiving a host membership report. The default is 260 seconds. leave_timer <sec 0-16711450> − Specifies the amount of time a Multicast address will stay in the database before it is deleted, after it has sent out a leave group message.
Page 155 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config router_ports_forbidden Description This command allows designation of a port or range of ports as being forbidden to multicast-enabled routers. This will ensure that multicast packets will not be forwarded to this port − regardless of protocol, etc. <vlan_name 32>...
Page 156 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable igmp_snooping traffic to flood within a given IP interface. Parameters forward_mcrouter_only – Adding this parameter to this command will disable forwarding all multicast traffic to a multicast-enabled routers. The Switch will then forward all multicast traffic to any IP router. Entering this command without the parameter will disable igmp snooping on the Switch.
Page 157 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Leave Timer Querier State : Disabled Querier Router Behavior : Non-Querier State : Disabled VLAN Name : vlan2 Query Interval : 125 Max Response Time : 10 Robustness Value Last Member Query Interval Host Timeout : 260 Route Timeout...
Page 158 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Port Member : 18,22 VLAN Name : default Multicast group : 239.255.255.250 MAC address : 01-00-5E-7F-FF-FA Reports Port Member : 9,19 VLAN Name : default Multicast group : 239.255.255.254 MAC address : 01-00-5E-7F-FF-FE Reports Port Member...
Page 159 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To view the IGMP snooping forwarding table for VLAN “Trinity”: DES-3526:admin#show igmp_snooping forwarding vlan Trinity Command: show igmp_snooping forwarding vlan Trinity VLAN Name : Trinity Multicast group : 224.0.0.2 MAC address : 01-00-5E-00-00-02 Port Member...
Page 160 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show igmp_snooping group Command: show igmp_snooping group VLAN Name : default Multicast group : 224.0.0.2 MAC address : 01-00-5E-00-00-02 Reports Port Member : 2,4 VLAN Name : default Multicast group : 224.0.0.9 MAC address : 01-00-5E-00-00-09 Reports...
Page 161 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#create igmp_snooping multicast_vlan trinity 2 Command: create igmp_snooping multicast_vlan trinity 2 Success. DES-3526:admin# config igmp_snooping multicast_vlan Purpose Used to configure a multicast VLAN previously created on the switch. Syntax config igmp_snooping multicast_vlan {<vlan_name 32>} {member_port <portlist>...
Page 162 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete igmp_snooping multicast_vlan Purpose Used to delete a multicast VLAN previously created on the switch. Syntax delete igmp_snooping multicast_vlan <vlan_name 32> Description This command will delete a multicast VLAN previously created on the switch.
Page 163: Dhcp Relay
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DHCP R ELAY The DHCP relay commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config dhcp_relay {hops <value 1-16> | time <sec 0-65535>} config dhcp_relay add ipif <ipif_name 12>...
Page 164 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Success. DES-3526:admin# config dhcp_relay add ipif Purpose Used to add an IP destination address to the switch's DHCP/BOOTP relay table. config dhcp_relay add ipif <ipif_name 12> <ipaddr> Syntax Description This command adds an IP address as a destination to forward (relay) DHCP/BOOTP relay packets to.
Page 165 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config dhcp_relay option_82 state Purpose Used to configure the state of DHCP relay agent information option 82 of the switch. Syntax config dhcp_relay option_82 state [enable | disable] Description This command is used to configure the state of DHCP relay agent information option 82 of the switch.
Page 166 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#config dhcp_relay option_82 check enable Command: config dhcp_relay option_82 check enable Success. DES-3526:admin# config dhcp_relay option_82 policy Purpose Used to configure the reforwarding policy of relay agent information option 82 of the switch. config dhcp_relay option_82 policy [replace | drop | keep] Syntax Description...
Page 167 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# DES-3526:admin#config dhcp_relay option_82 remote_id default Command: config dhcp_relay option_82 remote_id default Success. DES-3526:admin# show dhcp_relay Purpose Used to display the current DHCP/BOOTP relay configuration. Syntax show dhcp_relay {ipif <ipif_name 12>} Description This command will display the current DHCP relay configuration for the Switch, or if an IP interface name is specified, the DHCP relay configuration...
Page 168 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable dhcp_relay Parameters None. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To enable DHCP relay: DES-3526:admin#enable dhcp_relay Command: enable dhcp_relay Success. DES-3526:admin# disable dhcp_relay Purpose Used to disable the DHCP/BOOTP relay function on the Switch. Syntax disable dhcp_relay Description...
Page 169 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config dhcp_relay option_60 state enable Command: config dhcp_relay option_60 state enable Success DES-3526:admin# config dhcp_relay option_60 add Purpose Used to add an entry for dhcp_relay option_60. Syntax configure dhcp_relay option_60 add string <desc 64> relay <ipaddr> [exact_match|partial_match] Description This command configures the option 60 relay rules.
Page 170 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config dhcp_relay option_60 default Purpose Config dhcp_relay option_60 default relay servers. Syntax config dhcp_relay option_60 default [relay <ipaddr> | mode [drop|relay]] Description When there are no matching servers found for the packet based on option 60, the relay servers will be determined by the default relay server settings.
Page 171 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config dhcp_relay option_60 delete string “abc” relay 10.90.90.1 Command: config dhcp_relay option_60 delete string “abc” relay 10.90.90.1 Success DES-3526:admin# show dhcp_relay option_60 Purpose Used to show dhcp_relay option_60 entry. Syntax show dhcp_relay option_60 {[string <desc 64>| ipaddress <...
Page 172 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config dhcp_relay option_61 state Purpose Used to config dhcp_relay opton_61 state. Syntax config dhcp_relay option_61 state [enable|disable] Description This decides whether dhcp_relay will process the DHCP option 61 or not. When option_61 is enabled, if the packet does not have option 61, then the relay servers cannot be determined based on option 61.
Page 173 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config dhcp_relay option_61 add mac_address 00-11-22-33-44-55 drop Command: config dhcp_relay option_61 add mac_address 00-11-22-33-44-55 drop Success DES-3526:admin# config dhcp_relay option_61 default Purpose Used to configure the default ruler for option 61. Syntax config dhcp_relay option_61 default [relay <ipaddr>|drop] Description...
Page 174 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config dhcp_relay option_61 delete mac_address 00-11-22-33-44-55 Command: config dhcp_relay option_61 delete mac_address 00-11-22-33-44-55 Success DES-3526:admin# show dhcp_relay option_61 Purpose Used to show all ruler for option 61. Syntax show dhcp_relay option_61 Description Show all dhcp_relay option 61.
Page 175: Commands (Including Guest Vlans)
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual 802.1X C VLAN OMMANDS NCLUDING UEST The DES-3500 implements the server-side of the IEEE 802.1x Port-based and MAC-based Network Access Control. This mechanism is intended to allow only authorized users, or other network devices, access to network resources by establishing criteria for each port on the Switch that a user or network device must meet before allowing that port to forward or receive frames.
Page 176 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable 802.1x Parameters None. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To enable 802.1x switch wide: DES-3526:admin#enable 802.1x Command: enable 802.1x Success. DES-3526:admin# disable 802.1x Purpose Used to disable the 802.1x server on the Switch.
Page 177 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show 802.1x auth_configuration Capability: Authenticator/None − Shows the capability of 802.1x functions on the port number displayed above. There are two 802.1x capabilities that can be set on the Switch: Authenticator and None. AdminCtlDir: Both / In −...
Page 178 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show 802.1x auth_state Purpose Used to display the current authentication state of the 802.1x server on the Switch. Syntax show 802.1x auth_state {ports <portlist>} The show 802.1x auth_state command is used to display the Description current authentication state of the 802.1x Port-based or MAC-based Network Access Control server application on the Switch.
Page 179 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show 802.1x auth_state Command: show 802.1x auth_state Port number Index MAC Address Auth PAE State Backend State Port Status ------ --------------- ------------------ ---------------- ------------- 00-08-02-4E-DA-FA Authenticated Idle Authorized CTRL+C ESC q Quit SPACE n Next Page...
Page 180 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1x capability ports all − Specifies all of the ports on the Switch. authenticator − A user must pass the authentication process to gain access to the network. none − The port is not controlled by the 802.1x functions. Restrictions Only Administrator and Operator-level users can issue this command.
Page 181 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1x auth_parameter supp_timeout <sec 1-65535> - Configures the time to wait for a response from a supplicant (user) for all EAP packets, except for the Request/Identity packets. server_timeout <sec 1-65535> - Configure the length of time to wait for a response from a RADIUS server.
Page 182 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1x init Description The config 802.1x init command is used to immediately initialize the 802.1x functions on a specified range of ports or for specified MAC addresses operating from a specified range of ports. Parameters port_based –...
Page 183 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Success. DES-3526:admin# config radius add Purpose Used to configure the settings the Switch will use to communicate with a RADIUS server. config radius add <server_index 1-3> <server_ip> key <passwd 32> Syntax [default | {auth_port <udp_port_number 1-65535>...
Page 184 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To delete previously configured RADIUS server communication settings: DES-3526:admin#config radius delete 1 Command: config radius delete 1 Success. DES-3526:admin# config radius Purpose Used to configure the Switch’s RADIUS settings. Syntax config radius <server_index 1-3>...
Page 185 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show radius Restrictions None. Example usage: To display RADIUS settings on the Switch: DES-3526:admin#show radius Command: show radius Index IP Address Auth-Port Acct-Port Status Number Number ----- ------------- --------- --------- ----------- --------- 10.1.1.1 1812...
Page 186 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1x guest_vlan ports Guest VLAN. all – Specify this parameter to configure all ports for the 802.1x Guest VLAN. state [enable | disable] – Use these parameters to enable or disable port listed here as enabled or disabled for the 802.1x Guest VLAN.
Page 187 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete 802.1x guest_vlan Syntax delete 802.1x guest_vlan {<vlan_name 32>} Description The delete 802.1x guest_vlan command is used to delete an 802.1x Guest VLAN. Guest 802.1X VLAN clients are those who have not been authorized for 802.1x or they haven’t yet installed the necessary 802.1x software, yet would still like limited access rights on the Switch.
Page 188: Access Control List (Acl) Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual (ACL) C CCESS ONTROL OMMANDS The DES-3500 implements Access Control Lists that enable the Switch to deny network access to specific devices or device groups based on IP settings and MAC address. The access profile commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 189 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command Parameters <hex 0x0-0xffffffff>| offset 16-31 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | {offset 32-47 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | {offset 48-63 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>...
Page 190 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual further specify in the new rule to deny access to a range of IP addresses through an individual port: Here, we want to filter any packets that have an IP source address between 10.42.73.0 and 10.42.73.255, and specify the port that will not be allowed: config access_profile profile_id 1 add access_id 1 ip source_ip 10.42.73.1 port 7 deny We use the profile_id 1 which was specified when the access profile was created.
Page 191 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create access_profile <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>} | protocol_id_mask <hex 0x0- 0xFF> {user_define_mask <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>}]} | packet_content_mask {offset_0-15 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_16-31 <hex 0x0-0xffffffff>...
Page 192 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create access_profile src_port_mask <hex 0x0-0xffff> − Specifies a UDP port mask for the source port. dst_port_mask <hex 0x0-0xffff> − Specifies a UDP port mask for the destination port. protocol_id <value 0-255> − Specifies that the Switch will examine the protocol field in each packet and if this field contains the value entered here, apply the following rules user_define_mask <hex 0x0-0xffffffff>...
Page 193 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete access_profile Purpose Used to delete a previously created access profile. Syntax delete access_profile [profile_id <value 1-255> | all] Description The delete access_profile command is used to delete a previously created access profile on the Switch. profile_id <value 1-255>...
Page 194 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config access_profile command. Priority is set relative to other profiles where the lowest profile ID has the highest priority. The user may enter a profile ID number between 1 – 255, yet, remember only 9 access profiles can be created on the Switch.
Page 195 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config access_profile ip − Specifies that the Switch will look into the IP fields in each packet. Parameters vlan <vlan_name 32> − Specifies that the access profile will apply to only this VLAN. source_ip <ipaddr>...
Page 196 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config access_profile port <portlist> - Specifies the port number on the Switch to permit or deny access for the rule. Parameters permit - Specifies the rule permit access for incoming packets on the previously specified port. priority <value 0-7>...
Page 197 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display all of the currently configured access profiles on the Switch: DES-3526:admin#show access_profile Command: show access_profile Access Profile Table Access Profile ID : 1 Type : Ethernet ========================================================================== Owner : ACL Masks...
Page 198 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create cpu access_profile address. dscp − Specifies that the Switch will examine the DiffServ Code Point (DSCP) field in each • frame’s header. icmp − Specifies that the Switch will examine the Internet Control Message Protocol (ICMP) •...
Page 199 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete cpu access_profile Purpose Used to delete a previously created CPU access profile. Syntax delete cpu access_profile profile_id <value 1-5> Description The delete cpu access_profile command is used to delete a previously created CPU access profile.
Page 200 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config cpu access_profile ethernet − Specifies that the Switch will look only into the layer 2 part of each packet. vlan <vlan_name 32> − Specifies that the access profile will apply to only to this VLAN. source_mac <macaddr>...
Page 201 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config cpu access_profile • offset_32-47 - Enter a value in hex form to mask the packet from byte 32 to byte 47. • offset_48-63 - Enter a value in hex form to mask the packet from byte 48 to byte 63.
Page 202 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show cpu_access_profile Purpose Used to view the CPU access profile entry currently set in the Switch. Syntax show cpu_access_profile {profile_id <value 1-5> {access_id <value 1-65535>}} Description The show cpu_access_profile command is used view the current CPU interface filtering entries set on the Switch.
Page 203 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable cpu_interface_filtering Purpose Used to disable CPU interface filtering on the Switch. Syntax disable cpu_interface_filtering Description This command is used, in conjunction with the enable cpu_interface_filtering command above, to enable and disable CPU interface filtering on the Switch.
Page 204 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config flow_meter profile that will be configured with this command. This value is assigned to the access profile when it is created with the create access_profile command. The profile ID sets the relative priority for the profile and specifies an index number that will identify the access profile being created with this command.
Page 205 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show flow_meter Command: show flow_meter Flow Metering Information Profile Id Access Id Metering Rate(Kbps) Rate Exceed Action ---------- --------- ------------------- ------------------- 1000 drop_packet Total Entries : 1 DES-3526:admin# show current_config access_profile Purpose Used to show the ACL CLI commands in current configuration.
Page 206 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config time_range start_time - Specifies the starting time in a day. (24-hr time) For example, 19:00 means 7PM. 19 is also acceptable. start_time must be smaller than end_time. Start time greater than end time is allowed, in this situation the time range will continue to the end time of next day.
Page 207: Safeguard Engine Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual AFEGUARD NGINE OMMANDS Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods. These attacks may increase the CPU utilization beyond its capability. To alleviate this problem, the Safeguard Engine function was added to the Switch’s software.
Page 208 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config safeguard_engine Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure the safeguard engine for the Switch: DES-3526:admin#config safeguard_engine state enable cpu_utilization rising_threshold 45 Command: config safeguard_engine state enable cpu_utilization rising_threshold 45 Success.
Page 209: Filter Commands (Dhcp/Netbios)
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual (DHCP/N BIOS) ILTER OMMANDS DHCP Server Screening Setting and DHCP Client Filtering Setting Due to this function allow you not only to restrict all DHCP Server packets but also to receive any specified DHCP server packet by any specified DHCP client, it is useful when one or more than one DHCP servers are present on the network and both provide DHCP services to different distinct groups of clients.
Page 210 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config filter dhcp_server Purpose DHCP server packets eccept those that have been IP/client MAC bound will be filtered. This command is used to configure the state of the function for filtering of DHCP server packet and to add/delete the DHCP server/client binding entry.
Page 211 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show filter dhcp_server Purpose Used to display current DHCP server/client filter list created on the switch. Syntax show dhcp_server Description This command is used to display DHCP server/client filter list created on the switch.
Page 212 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show filter netbios Description This command will display the switch settings to filter NetBIOS packets from the specified ports. Parameters None. Restrictions None. Example usage: To display the extensive NetBIOS filter status: DES-3526:admin#show filter netbios Command: show filter netbios Enabled ports 1-3...
Page 213 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display the extensive NetBIOS filter status: DES-3526:admin#show filter extensive_netbios Command: show filter extensive_netbios Enabled ports 1-3 DES-3526admin#...
Page 214: Loopback Detection Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OOPBACK ETECTION OMMANDS These commands are used to configure, conduct and display the results of loopback detection by the switch. The Loopback Detection commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 215 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config loopdetect ports Purpose Used to configure loop-back detection on the switch. Syntax config loopdetect ports [<portlist> | all] | state [enable | disable] Description Used to configure loop-back detection on the switch. Parameters <portlist>...
Page 216 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#disable loopdetect Command: disable loopdetect Success DES-3526:admin# show loopdetect Purpose Used to display the current loop-back detection settings on the switch. Syntax show loopdetect Description Used to display the current loop-back detection settings on the switch Parameters none Restrictions...
Page 217: Traffic Segmentation Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual RAFFIC EGMENTATION OMMANDS Traffic segmentation allows users to further sub-divide VLANs into smaller groups of ports that will help to reduce traffic on the VLAN. The VLAN rules take precedence, and then the traffic segmentation rules are applied. Command Parameters config traffic_segmentation...
Page 218 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show traffic_segmentation traffic segmentation configuration on the Switch will be displayed. Restrictions The port lists for segmentation and the forward list must be on the same Switch. Example usage: To display the current traffic segmentation configuration on the Switch. DES-3526:admin#show traffic_segmentation Command: show traffic_segmentation Traffic Segmentation Table...
Page 219: Time And Sntp Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual SNTP C IME AND OMMANDS The Simple Network Time Protocol (SNTP) (an adaptation of the Network Time Protocol (NTP)) commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters {primary <ipaddr>...
Page 220 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#config sntp primary 10.1.1.1 secondary 10.1.1.2 poll-interval 30 Command: config sntp primary 10.1.1.1 secondary 10.1.1.2 poll-interval 30 Success. DES-3526:admin# show sntp Purpose Used to display the SNTP information. Syntax show sntp Description This command will display SNTP settings information including the source IP address, time and poll interval.
Page 221 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable sntp Purpose To disable SNTP server support. Syntax disable sntp Description This will disable SNTP support. SNTP service must be separately configured (see config sntp). Parameters None. Restrictions Only Administrator and Operator-level users can issue this command.
Page 222 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config time_zone Purpose Used to determine the time zone used in order to adjust the system clock. Syntax config time_zone {operator [+ | -] | hour <gmt_hour 0-13> | min <minute 0-59>} Description This will adjust system clock settings according to the time zone.
Page 223 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config dst disable - Disable the DST seasonal time adjustment for the Switch. repeating - Using repeating mode will enable DST seasonal time adjustment. Repeating mode requires that the DST beginning and ending date be specified using a formula.
Page 224 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#config dst repeating s_week 2 s_day tue s_mth 4 s_time 15:00 e_week 2 e_day wed e_mth 10 e_time 15:30 offset 30 Command: config dst repeating s_week 2 s_day tue s_mth 4 s_time 15:00 e_week 2 e_day wed e_mth 10 e_time 15:30 offset 30 Success.
Page 225: Arp Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ARP C OMMANDS The ARP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create arpentry <ipaddr> <macaddr> config arpentry <ipaddr>...
Page 226 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config arpentry Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure a static arp entry for the IP address 10.48.74.12 and MAC address 00:50:BA:00:07:36: DES-3526:admin#config arpentry 10.48.74.12 00-50- BA-00-07-36 Command: config arpentry 10.48.74.12 00-50-BA-00- 07-36...
Page 227 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To configure ARP aging time: DES-3526:admin#config arp_aging time 30 Command: config arp_aging time 30 Success. DES-3526:admin# show arpentry Purpose Used to display the ARP table. Syntax show arpentry {ipif <ipif_name 12> | ipaddress <ipaddr> | [static | local]} Description This command is used to display the current contents of the Switch’s ARP table.
Page 228 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual clear arptable Purpose Used to remove all dynamic ARP table entries. Syntax clear arptable Description This command is used to remove dynamic ARP table entries from the Switch’s ARP table. Static ARP table entries are not affected. Parameters None.
Page 229: Routing Table Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OUTING ABLE OMMANDS The routing table commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create iproute [default] <ipaddr> {<metric 1-65535>} delete iproute [default] show iproute...
Page 230 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#delete iproute default 10.53.13.254 Command: delete iproute default 10.53.13.254 Success. DES-3526:admin# show iproute Purpose Used to display the Switch’s current IP routing table. Syntax show iproute Description This command will display the Switch’s current IP routing table. Parameters None.
Page 231: Mac Notification Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual MAC N OTIFICATION OMMANDS The MAC notification commands in the Command Line Interface (CLI) are listed, in the following table, along with their appropriate parameters. Command Parameters enable mac_notification disable mac_notification config mac_notification {interval <int 1-2147483647>...
Page 232 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config mac_notification Purpose Used to configure MAC address notification. Syntax config mac_notification {interval <int 1-2147483647> | historysize <int 1-500>} Description MAC address notification is used to monitor MAC addresses learned and entered into the FDB. Parameters interval <sec 1-2147483647>...
Page 233 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show mac_notification Description This command is used to display the Switch’s MAC address table notification global settings. Parameters None. Restrictions None. Example usage: To view the Switch’s MAC address table notification global settings: DES-3526:admin#show mac_notification Command: show mac_notification Global Mac Notification Settings...
Page 234 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Disabled CTRL+C ESC q Quit SPACE n Next Page Previous Page Refresh...
Page 235: Access Authentication Control Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual CCESS UTHENTICATION ONTROL OMMANDS The TACACS / XTACACS / TACACS+ / RADIUS commands allows secure access to the Switch using the TACACS / XTACACS / TACACS+ / RADIUS protocols. When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password.
Page 236 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual The Access Authentication Control commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters enable authen_policy disable authen_policy show authen_policy create authen_login <string 15>...
Page 237 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Each command is listed, in detail, in the following sections. enable authen_policy Purpose Used to enable system access authentication policy. Syntax enable authen_policy Description This command will enable an administrator-defined authentication policy for users trying to access the Switch.
Page 238 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show authen_policy Restrictions User Account Command Level – Administrator. Example usage: To display the system access authentication policy: DES-3526:admin#show authen_policy Command: show authen_policy Authentication Policy: Enabled DES-3526:admin# create authen_login method_list_name Purpose Used to create a user defined method list of authentication methods for users logging on to the Switch.
Page 239 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen_login authentication takes place using the xtacacs list, the local account database set in the Switch is used to authenticate the user. When the local method is used, the privilege level will be dependant on the local account privilege configured on the Switch.
Page 240 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen_login NOTE: Entering none or local as an authentication protocol will override any other authentication that follows it on a method list or on the default method list. Restrictions User Account Command Level – Administrator. Example usage: To configure the user defined method list “Trinity”...
Page 241 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show authen_login Purpose Used to display a previously configured user defined method list of authentication methods for users logging on to the Switch. Syntax show authen_login [default | method_list_name <string 15> | all] Description This command is used to show a list of authentication methods for user login.
Page 242 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create authen_enable method_list_name Switch, he or she must be authenticated by a method on the Switch to gain administrator privileges on the Switch, which is defined by the Administrator. A maximum of eight (8) enable method lists can be implemented on the Switch.
Page 243 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen_enable authenticated using the XTACACS protocol from the remote XTACACS server hosts of the XTACACS server group list. tacacs+ – Adding this parameter will require the user to be authenticated using the TACACS+ protocol from the remote TACACS+ server hosts of the TACACS+ server group list.
Page 244 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual...
Page 245 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To configure the default method list with authentication methods XTACACS, TACACS+ and local, in that order: DES-3526:admin#config authen_enable default method xtacacs tacacs+ local Command: config authen_enable default method xtacacs tacacs+ local Success.
Page 246 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show authen_enable queried for authentication when a user attempts to log on to the Switch. Priority ranges from 1(highest) to 4 (lowest). Method Name – Defines which security protocols are implemented, per method list name. Comment –...
Page 247 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen application (console, telnet, ssh, web) login method. login – Use this parameter to configure an application for normal login on the user level, using a previously configured method list. enable - Use this parameter to configure an application for upgrading a normal user level to administrator privileges, using a previously configured method list.
Page 248 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create authen server_host Purpose Used to create an authentication server host. Syntax create authen server_host <ipaddr> protocol [tacacs | xtacacs | tacacs+ | radius] {port <int 1-65535> | key [<key_string 254> | none] | timeout <int 1-255>...
Page 249 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen server_host Purpose Used to configure a user-defined authentication server host. Syntax create authen server_host <ipaddr> protocol [tacacs | xtacacs | tacacs+ | radius] {port <int 1-65535> | key [<key_string 254> | none] | timeout <int 1-255>...
Page 250 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# delete authen server_host Purpose Used to delete a user-defined authentication server host. Syntax delete authen server_host <ipaddr> protocol [tacacs | xtacacs | tacacs+ | radius] Description This command is used to delete a user-defined authentication server host previously created on the Switch.
Page 251 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show authen server_host Key - Authentication key to be shared with a configured TACACS+ server only. Parameters None. Restrictions User Account Command Level – Administrator. Example usage: To view authentication server hosts currently set on the Switch: DES-3526:admin#show authen server_host Command: show authen server_host IP Address...
Page 252 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen server_group categories for authentication using method lists. The user may define the type of server group by protocol or by previously defined server group. Up to eight (8) authentication server hosts may be added to any particular group Parameters server_group - The user may define the group by protocol groups built into...
Page 253 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete authen server_group Parameters <string 15> - Enter an alphanumeric string of up to 15 characters to define the previously created server group to be deleted. Restrictions User Account Command Level – Administrator. Example usage: To delete the server group “group_1”: DES-3526:admin#delete server_group group_1...
Page 254 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen parameter response_timeout Description This command will set the time the Switch will wait for a response of authentication from the user. Parameters response_timeout <int 0-255> - Set the time, in seconds, the Switch will wait for a response of authentication from the user attempting to log in from the command line interface or telnet interface.
Page 255 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show authen parameter authentication attempts. This command will display the following fields: Response timeout – The configured time allotted for the Switch to wait for a response of authentication from the user attempting to log in from the command line interface or telnet interface.
Page 256 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config admin local_enable Description This command will configure the locally enabled password for the enable admin command. When a user chooses the “local_enable” method to promote user level privileges to administrator privileges, he or she will be prompted to enter the password configured here that is set locally on the Switch.
Page 257 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual state disable Success. DES-3526:admin# show authen enable_admin Purpose Used to display the enable_admin configuration status. show authen enable_admin Syntax Description Display the enable_admin configuration status. Parameters None. Restrictions Only Administrator – level users can issue this command. Example usage: To display the parameters of authentication: DES-3526:admin# show authen enable_admin...
Page 258: Ssh Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual SSH C OMMANDS The steps required to use the Secure Shell (SSH) protocol for secure communication between a remote PC (the SSH Client) and the Switch (the SSH Server), are as follows: Create a user account with admin-level access using the create account admin <username>...
Page 259 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To enable SSH: DES-3526:admin#enable ssh Command: enable ssh Success. DES-3526:admin# disable ssh Purpose Used to disable SSH. Syntax disable ssh Description This command allows users to disable SSH on the Switch. Parameters None.
Page 260 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#config ssh authmode password enable Command: config ssh authmode password enable Success. DES-3526:admin# show ssh authmode Purpose Used to display the SSH authentication mode setting. Syntax show ssh authmode Description This command will allow users to display the current SSH authentication set on the Switch.
Page 261 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To configure the SSH server: DES-3526:admin# config ssh server maxsession 2 contimeout 300 authfail 2 Command: config ssh server maxsession 2 contimeout 300 authfail 2 Success. DES-3526:admin# show ssh server Purpose Used to display the SSH server setting.
Page 262 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config ssh user SSH user. password – This parameter should be chosen to use an administrator defined password for authentication. publickey – This parameter should be chosen to use the publickey on a SSH server for authentication.
Page 263 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config ssh algorithm Purpose Used to configure the SSH algorithm. Syntax config ssh algorithm [3DES | AES128 | AES192 | AES256 | arcfour | blowfish | cast128 | twofish128 | twofish192 | twofish256 | MD5 | SHA1 | RSA | DSA] [enable | disable] Description This command allows users to configure the desired type of SSH algorithm...
Page 264 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Usage Example: To display SSH algorithms currently set on the Switch: DES-3526:admin#show ssh algorithm Command: show ssh algorithm Encryption Algorithm 3DES :Enabled AES128 :Enabled AES192 :Enabled AES256 :Enabled ARC4 :Enabled Blowfish :Enabled Cast128 :Enabled...
Page 265: Ssl Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual SSL C OMMANDS Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client through the use of authentication, digital signatures and encryption. These security functions are implemented through the use of a ciphersuite, which is a security string that determines the exact cryptographic parameters, specific encryption algorithms and key sizes to be used for an authentication session and consists of three levels: Key Exchange: The first part of the cyphersuite string specifies the public key algorithm to be used.
Page 266 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable ssl Purpose To enable the SSL function on the Switch. Syntax enable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}} Description This command will enable SSL on the Switch by implementing any one or combination of listed ciphersuites on the Switch.
Page 267 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable ssl Purpose To disable the SSL function on the Switch. Syntax disable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}} Description This command will disable SSL on the Switch and can be used to disable any one or combination of listed ciphersuites on the Switch.
Page 268 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config ssl cachetimeout timeout host, therefore speeding up the negotiation process. Parameters timeout <value 60-86400> - Enter a timeout value between 60 and 86400 seconds to specify the total time an SSL key exchange ID stays valid before the SSL module will require a new, full SSL negotiation for connection.
Page 269 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show ssl cachetimeout Purpose Used to show the SSL cache timeout. Syntax show ssl cachetimeout Description Entering this command will allow the user to view the SSL cache timeout currently implemented on the Switch. Parameters None.
Page 270 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show ssl Description This command is used to view the SSL status on the Switch. Parameters None. Restrictions None. Example usage: To view the SSL status on the Switch: DES-3526:admin#show ssl Command: show ssl DES-3526:admin#show ssl Command: show ssl...
Page 271 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual download certificate_fromTFTP Purpose Used to download a certificate file for the SSL function on the Switch. Syntax download certificate_fromTFTP <ipaddr> certfilename <path_filename 64> keyfilename <path_filename 64> Description This command is used to download a certificate file for the SSL function on the Switch from a TFTP server.
Page 272: D-Link Single Ip Management Commands
OMMANDS Simply put, D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. Switches using D-Link Single IP Management (labeled here as SIM) must conform to the following rules: SIM is an optional feature on the Switch and can easily be enabled or disabled.
Page 273 CS, do not belong. The Upgrade to v1.6 To better improve SIM management, the xStack DES-3500 series switches have been upgraded to version 1.6 in this release. Many improvements have been made, including: The Commander Switch (CS) now has the capability to automatically rediscover member switches that have left the SIM group, either through a reboot or web malfunction.
Page 274 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable sim Purpose Used to enable Single IP Management (SIM) on the Switch Syntax enable sim Description This command will enable SIM globally on the Switch. SIM features and functions will not function properly unless this function is enabled.
Page 275 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show sim MAC Address - Displays the MAC Address of the Switch. Capabilities – Displays the type of switch, be it Layer 2 (L2) or Layer 3 (L3). Platform – Switch Description including name and model number. SIM State –Displays the current Single IP Management State of the Switch, whether it be enabled or disabled.
Page 276 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual MAC Address Platform / Hold Firmware Device Name Capability Time Version ------------- ---------- ----- --------- --------------- 00-01-02-03-04-00 DES-3526 L2 Switch 5.01-B47 The Man 00-55-55-00-55-00 DES-3526 L2 Switch 5.01-B47 default master Total Entries: 2 DES-3526:admin# To show the member information in summary: DES-3526:admin#show sim member...
Page 277 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Port MAC Address Role ------ ------------------ --------- 00-35-26-00-11-99 Commander 00-35-26-00-11-91 Member 00-35-26-00-11-90 Candidate Total Entries: 3 DES-3526:admin# Example usage: To connect to the MS, with member ID 2, through the CS, using the command line interface: DES-3526:admin#reconfig member_id 2 Command: reconfig...
Page 278 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config sim delete 1 Command: config sim delete 1 Please wait for ACK... Success. DES-3526:admin# config sim Purpose Used to configure role parameters for the SIM protocol on the Switch. Syntax config sim [{[commander {group_name <groupname 64>...
Page 279 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To change the hold time of the discovery protocol: DES-3526:admin# config sim commander hold_time Command: config sim commander hold_time 120 Success. DES-3526:admin# To transfer the CS (commander) to be a CaS (candidate): DES-3526:admin# config sim_role candidate Command: config sim_role candidate Success.
Page 280 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual download sim will receive the firmware or switch configuration. Restrictions Only administrator-level users can issue this command. Example usage: To download firmware: DES-3526:admin# download sim firmware 10.53.13.94 c:/des3526.had members all Command: download sim firmware 10.53.13.94 c:/des3526.had members all This device is updating firmware.
Page 281 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual upload sim_ms Restrictions Only administrator-level users can issue this command. Example usage: To upload configuration files to a TFTP server: DES-3526:admin# upload sim_ms configuration 10.55.47.1 D:\configuration.txt 1 Command: upload sim_ms configuration 10.55.47.1 D:\configuration.txt 1 Success.
Page 282: Command History List
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OMMAND ISTORY The switch history commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config command_history <value 1-40> show command_history Each command is listed, in detail, in the following sections.
Page 283 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin# config stp Command:? config stp Command: config stp Usage: {maxage <value 6-40> | maxhops <value1-20> | hellotime <value 1-10> | forwarddelay <value 4-30> | txholdcount <value 1-10> | fbpdu [enable | disable] | lbd [enable | disable] | lbd_recover_timer [0 | <value 60-1000000>]} Description: Used to update the STP Global Configuration.
Page 284 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config command_history Purpose Used to configure the command history. Syntax config command_history <value 1-40> Description This command is used to configure the command history. <value 1-40> − The number of previously executed commands Parameters maintained in the buffer.
Page 285: Lldp Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual LLDP C OMMANDS The LLDP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters enable lldp disable lldp config lldp <sec 5 - 32768 >...
Page 286 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable lldp Purpose Used to enable LLDP operations on the switch. Syntax enable lldp Description This is a global control for the LLDP function. When this function is enabled, the switch can start to transmit LLDP packets and receive and process the LLDP packets.
Page 287 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config lldp message_tx_interval Purpose Used to change the packet transmission interval. Syntax config lldp message_tx_interval <sec 5 - 32768 > Description This interval controls how often active ports retransmit advertisements to their neighbors.
Page 288 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config lldp tx_delay Purpose Used to change the minimum time (delay-interval) of any LLDP port. It will delay advertising successive LLDP advertisements due to a change in LLDP MIB content. The tx_delay defines the minimum interval between the sending of LLDP messages due to constant changes of MIB content.
Page 289 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config lldp notification_interval Purpose Used to configure the timer of the notification interval used to send notifications to configured SNMP trap receiver(s). Syntax config lldp notification_interval <sec 5 - 3600 > Description Globally change the interval between successive LLDP change notifications generated by the switch.
Page 290 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config lldp admin_status Purpose Used to configure per-port transmit and receive modes. Syntax config lldp ports [<portlist>|all] admin_status [tx_only | rx_only | tx_and_rx | disable] Description These options enable the Switch to control which ports participate in LLDP traffic and whether the participating ports allow LLDP traffic in only one direction or in both directions.
Page 291 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config mgt_addr Purpose Used to enable or disable the port(s) which have been specified for advertising the indicated management address instances. Syntax config lldp ports [<portlist>|all] mgt_addr ipv4 <ipaddr> [enable | disable] Description This command specifies whether the system’s IP address needs to be...
Page 292 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config lldp basic_tvls Purpose Used to configure an individual port or group of ports to exclude one or more of the optional TLV data types from outbound LLDP advertisements. Syntax config lldp ports [<portlist>|all] basic_tlvs [all | {port_description | system_name | system_description | system_capabilities}] [enable | disable] Description...
Page 293 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config lldp dot1_tlv_pvid Purpose Used to configure an individual port or group of ports to exclude one or more of IEEE 802.1 Organizationally port vlan ID TLV data types come from outbound LLDP advertisements. Syntax config lldp ports [<portlist>|all] dot1_tlv_pvid [enable | disable] Description...
Page 294 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config lldp dot1_tlv_vlan_name Purpose Used to configure an individual port or group of ports to exclude one or more of the IEEE 802.1 Organizational VLAN name TLV data types from outbound LLDP advertisements. Syntax config lldp ports [<portlist>|all] dot1_tlv_vlan_name [vlan [all | <vlan_name 32>...
Page 295 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config lldp dot1_tlv_protocol_identity Purpose Used to configure an individual port or group of ports to exclude one or more of IEEE 802.1 organization protocol identity TLV data types from outbound LLDP advertisements. Syntax config lldp ports [<portlist>|all] dot1_tlv_ protocol_identity [all | {eapol | lacp | gvrp | stp }] [enable | disable]...
Page 296 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config lldp dot3_tlvs Purpose Used to configure an individual port or group of ports to exclude one or more of IEEE 802.3 organization specific TLV data types from outbound LLDP advertisements. Syntax config lldp ports [<portlist>|all] dot3_tlvs [all | {mac_phy_configuration_status | link_aggregation |...
Page 297 DES-3526:admin#show lldp Command: show lldp LLDP system information Chassis Id Subtype : MACADDRESS Chassis Id : 00-15-E9-41-5A-A7 System Name : D-Link System Description : Fast Ethernet Switch System Capabilities : Repeater, Bridge, LLDP Configurations LLDP Status : Disable LLDP Forward Status...
Page 298 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show lldp mgt_addr Purpose Used to display the lldp management address information. Syntax show lldp mgt_addr {ipv4 <ipaddr>} Description Displays the lldp management address information. Parameters Ipv4 - IP address of IPV4. Restrictions None.
Page 299 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3526:admin#show lldp ports 1 Command: show lldp ports 1 Port ID ---------------------------------------------------------------------- Admin Status : TX_and_RX Notification Status : Disable Advertised TLVs Option Port Description Disable System Name Disable System Description Disable System Capabilities Disable...
Page 300 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display outbound LLDP advertisements for individual ports in detail: DES-3526:admin# show lldp local_ports 1 mode detailed Command: show lldp local_ports 1 mode detailed Port ID : 1 -------------------------------------------------------------------- Port Id Subtype : LOCAL Port Id...
Page 301 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Port ID : 1 --------------------------------------------------------- Port Id Subtype : LOCAL Port Id : 1/1 Port Description : RMON Port 1 on Unit 1 DES-3526:admin# show lldp remote_ports Purpose Used to display the information learned from the neighbor. Syntax show lldp remote_ports {<portlist>} [brief | normal | detailed] Description...
Page 302 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display remote table entries in brief mode: DES-3526:admin#show lldp remote_ports 1-2 brief Command: show lldp remote_ports 1-2 brief Port ID: 1 ----------------------------------------------------------- Remote Entities Count : 3 Entity 1 Chassis ID Subtype : MAC Address Chassis ID...
Page 303 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To display remote table entries in normal mode: DES-3526:admin# show lldp remote_ports ports 1 normal Command: show lldp remote_ports ports 1 normal Port ID : 1 ----------------------------------------------------------- Remote Entities Count : 2 Entity 1 Chassis ID Subtype : MAC Address...
Page 304 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To display remote table entries in detailed mode: DES-3526:admin# show lldp remote_ports 1 mode detailed Command: show lldp remote_ports 1 mode detailed Port ID : 1 ---------------------------------------------------------------------- Remote Entities count : 1 Entity 1 Chassis Id Subtype : MACADDRESS...
Page 305 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Aggregation status : not currently in aggregation Aggregation port ID Maximum Frame Size : 1536 Unknown TLVs count (None) DES-3526:admin# show lldp statistics Purpose Used to display the system LLDP statistics information. Syntax show lldp statistics Description...
Page 306 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show lldp statistics ports Purpose Used to display the ports LLDP statistics information. Syntax show lldp statistics ports{<portlist>} Description The per-port LLDP statistics command displays per-port LLDP statistics. Parameters portlist - Specified a range of ports to be configured. (UnitID:port number).
Page 307: Cpu Filtering Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual CPU F ILTERING OMMANDS The CPU Filtering commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config cpu_filter l3_control_pkt <portlist> [dvmrp|pim|igmp_query|ospf|rip|vrrp|all] state [enable | disable] show cpu_filter l3_control_pkt {<portlist>}...
Page 308 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show cpu_filter 13_control_pkt Purpose Used to display the l3 control packet CPU filtering status. Syntax show cpu_filter l3_control_pkt {<portlist>} Description Used to display the l3 control packet CPU filtering status. Parameters portlist - Specify the port list to filter control packets.
Page 309: Cable Diagnostics Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ABLE IAGNOSTICS OMMANDS The Cable Diagnostics commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters cable_diag ports [<portlist>| all] Each command is listed, in detail, in the following sections. cable_diag ports Purpose Used to test the copper cable.
Page 310: Dhcp Local Relay Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DHCP L OCAL ELAY OMMANDS The DHCP Local Relay commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config dhcp_local _relay [vlan<vlan_name 32>...
Page 311 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable dhcp_local_relay Purpose Used to enable the DHCP local relay function on the switch. Syntax enable dhcp_local_relay Description The enable dhcp_local _relay command globally enables the DHCP local relay function on the switch. Parameters None.
Page 312 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show dhcp_local_relay Purpose Used to display the current DHCP local relay configuration. Syntax show dhcp_local_relay Description The show dhcp_local_relay command displays the current DHCP local relay configuration. Parameters None. Restrictions None. Example usage: To show DHCP local relay function: DES-3526:admin# show dhcp_local_relay...
Page 313: Gratuitous Arp Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ARP C RATUITOUS OMMANDS The Gratuitous ARP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config gratuitous_arp send [enable | disable] ipif_status_up config gratuitous_arp send [enable|disable]...
Page 314 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config gratuitous_arp send duplicate_ip_detected system has received an ARP request packet that was sent by an IP address that matched the system’s own IP address. In this case, the system knows that somebody out there uses an IP address that is conflicting with the system.
Page 315 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config gratuitous_arp periodical_send Purpose Used to configure the interval for periodical sending of gratuitous ARP request packets. Syntax config gratuitous_arp send periodically ipif <ipif_name 12> interval <value 0-65535> Description This command is used to configure the interval for periodical sending of gratuitous ARP request packets.
Page 316 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show gratuitous_arp Parameters <ipif_name 12> - Interface name of L3 interface. Restrictions Only Administrator or Operator – level users can issue this command. Example usage: To display gratuitous ARP log and trap states: DES-3526:admin#show gratuitous_arp Command: show gratuitous_arp Send on IPIF status up...
Page 317: Arp Spoofing Prevention Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ARP S POOFING REVENTION OMMANDS The ARP Spoofing Prevention commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config arp_spoofing_prevention [add(1) gateway_ip <ipaddr>...
Page 318 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To display the ARP Spoofing Prevention state: DES-3526:admin#show arp_spoofing_prevention Command: show arp_spoofing_prevention Gateway IP Gateway MAC Ports ----------- ----------------- ------- 10.254.254.251 00-00-00-11-11-11 Total entries : 1 DES-3526:admin#...
Page 319: Technical Support Commands
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ECHNICAL UPPORT OMMANDS The Technical Support commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters show tech_support Each command is listed, in detail, in the following sections. show tech_support Purpose Used to show the information for technical support.
Page 320 Default Gateway : 0.0.0.0 Boot PROM Version : Build 3.00.008 Firmware Version : Build 5.01-B47 Hardware Version : 0A3G Serial number System Name : D-Link System Location System Contact Spanning Tree : Disabled GVRP : Disabled IGMP Snooping : Disabled 802.1x...
Page 321: Technical Specifications
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ECHNICAL PECIFICATIONS General Standards IEEE 802.3 Nway auto-negotiation IEEE 802.3 10BASE-T Ethernet IEEE 802.3u 100BASE-TX Fast Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.3z 1000BASE-T (SFP “Mini GBIC”) IEEE 802.1D Spanning Tree IEEE 802.1w Rapid Spanning Tree IEEE 802.1s Multiple Spanning Tree IEEE 802.1Q VLAN...
Page 322 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Physical and Environmental Internal power supply AC Input: 100 – 120; 200 – 240 VAC, 50/60 Hz DC 60W DC Power Input: 48V Output: 12V Power Consumption For DES-3526/ DES-3526DC, Max. 23 watts For DES-3550, Max.

This manual is also suitable for:

Xstack des-3526 Xstack des-3526dc Xstack des-3550

D-Link xStack DES-3500 Series Manual

Quick Links

Related Manuals for D-Link xStack DES-3500 Series

Summary of Contents for D-Link xStack DES-3500 Series

This manual is also suitable for:

Table of Contents