Yamaha L2 Switch Intelligent L2 SWR2310 Series Command Reference Rev.2.04.
| Command Reference | Contents Contents Preface: Introduction.........................................................................................................12 Chapter 1: How to read the command reference............................................................13 1.1 Applicable firmware revision........................................................................................................................................13 1.2 How to read the command reference.........................
Command Reference | Contents | 3 4.4 Manage boot information..............................................................................................................................................36 4.4.1 Show boot information...................................................................................................................................37 4.4.2 Clear boot information......................................................................................................................
| Command Reference | Contents 4.12.12 Show SNMP view settings.........................................................................................................................68 4.12.13 Show SNMP group settings.......................................................................................................................68 4.12.14 Show SNMP user settings..........................................................................................................................69 4.13 RMON.....
Command Reference | Contents | 5 4.21.13 Show e-mail transmission information....................................................................................................100 4.22 LLDP.........................................................................................................................................................................100 4.22.1 Enable LLDP function..........................................................................................................................
| Command Reference | Contents 4.27.5 Schedule template command execution settings........................................................................................137 4.27.6 Schedule template script execution settings...............................................................................................138 4.28 General maintenance and operation functions..........................................................................................................138 4.28.1 Set host name.........
Command Reference | Contents | 7 5.3.14 Set dynamic VLAN....................................................................................................................................176 5.3.15 Set the guest VLAN...................................................................................................................................177 5.3.16 Suppression period settings following failed authentication......................................................................177 5.3.
| Command Reference | Contents 6.3.1 Set spanning tree for the system...................................................................................................................210 6.3.2 Set forward delay time.................................................................................................................................210 6.3.3 Set maximum aging time..............................................................................................................................211 6.
Command Reference | Contents | 9 7.7.2 Show IPv6 Forwarding Information Base....................................................................................................243 7.7.3 Show IPv6 Routing Information Base.........................................................................................................243 7.7.4 Show summary of the route entries registered in the IPv6 Routing Information Base................................244 7.8 Neighbor cache..........................................
| Command Reference | Contents 9.1.11 Clear counters.............................................................................................................................................274 9.1.12 Show access list applied to interface..........................................................................................................274 9.1.13 Set VLAN access map and move to VLAN access map mode..................................................................275 9.1.
Command Reference | Contents | 11 10.1.4 RADIUS configuration mode.....................................................................................................................315 10.1.5 Authentication method settings..................................................................................................................315 10.1.6 RADIUS client (NAS) settings..................................................................................................................316 10.1.
Preface Introduction • • • • • Unauthorized reproduction of this document in part or in whole is prohibited. The contents of this document are subject to change without notice. Yamaha disclaims all responsibility for any damages caused by loss of data or other problems resulting from the use of this product. The warranty is limited to this physical product itself. Please be aware of these points. The information contained in this document has been carefully checked and is believed to be reliable.
Command Reference | How to read the command reference | 13 Chapter 1 How to read the command reference 1.1 Applicable firmware revision This command reference applies to firmware Yamaha Intelligent L2 Switch SWR2310 of Rev.2.04.14. For the latest firmware released after printing of this command reference, manuals, and items that differ, access the following URL and see the information in the WWW server. https://www.yamaha.com/proaudio/ 1.
| Command Reference | How to read the command reference Interface type Prefix static logical interface sa LACP logical interface po Description Examples Used to specify link aggregation that combines multiple LAN/SFP port. Specify sa or po followed by "logical interface ID". To specify static logical interface #1: sa1 To specify LACP logical interface #2: po2 1.
Command Reference | How to use the commands | 15 Chapter 2 How to use the commands The SWR2310 lets you perform command operations in the following two ways. Type of operation Method of operation Description Operation via console • • • Access from a console terminal Access from a TELNET client Access from a SSH client Issue commands one by one to interactively make settings or perform operations.
| Command Reference | How to use the commands • • To check the number of VTY ports, use the show running-config | include line vty command. To change the number of VTY ports, use the line vty command. (maximum 8 (ID: 0--7)) To make VTY port settings, use the line vty command to specify the target VTY port, and then move to line mode.
Command Reference | How to use the commands | 17 Setting item Content of setting Number of lines shown in one page of the terminal screen Specifies the number of lines shown on one page of the terminal screen. This can be set as 0--512 lines/page, and the default setting is 24 lines/page. When displaying in this state, 23 lines are displayed, then "--More---" is displayed and the system waits for key input.
| Command Reference | How to use the commands Applicable configuration Applicable file running-config CONFIG file (.txt) config ✓ ✓ - CONFIG file (.txt) config0 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) config1 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) configsd ✓ ✓ - All settings (.
Command Reference | How to use the commands | 19 SWR2310 Rev.2.04.01 (Thu Sep 26 17:35:20 2019) Copyright (c) 2019 Yamaha Corporation. All Rights Reserved. Please change the default password for admin. New Password: New Password(Confirm): Saving ... Succeeded to write configuration If the incorrect password is entered three times in a row, you will be restricted from logging in for one minute. After one minute has passed, please enter the correct password.
| Command Reference | How to use the commands • • • disable command configure terminal command end command 2.4.2 individual configuration mode individual configuration mode is the overall name for the mode in which you can make detailed settings for specific items such as LAN/SFP port, VLAN interface, and QoS. To enter individual configuration mode, issue the command for transitioning to the respective mode from global configuration mode.
Command Reference | How to use the commands | 21 2.5.1 Basic operations for console input The SWR2310 allows the following operations in the command line.
| Command Reference | How to use the commands SWR2310#show vlan 2.5.3 Input command completion and keyword candidate list display If you press the "Tab" key while entering a command in the console, the command name is completed. If you press the "Tab" key after entering a keyword, a list of keyword candidates that can be entered next is shown. The same operation can also be performed by pressing the "Ctrl + I" key.
Command Reference | How to use the commands | 23 % port1.1: Port Number 905 - Ifindex 5001 - Port Id 0x8389 - Role Disabled State Forwarding % port1.2: Port Number 906 - Ifindex 5002 - Port Id 0x838a - Role Disabled State Forwarding % port1.3: Port Number 907 - Ifindex 5003 - Port Id 0x838b - Role Disabled State Forwarding % port1.4: Port Number 908 - Ifindex 5004 - Port Id 0x838c - Role Disabled State Forwarding % port1.
| Command Reference | Configuration Chapter 3 Configuration 3.1 Manage setting values The SWR2310 uses the following configurations to manage its settings. Types of configuration Description User operations that can be performed Running configuration (running-config) Setting values currently used for operation. Managed in RAM. Note / Save to startup configuration Startup configuration (startup-config) These are the saved setting values.
Command Reference | Configuration | 25 Category Setting item Default value Download URL firmware-update url http:// www.rtpro.yamaha.co.jp/firmware/ revision-up/swr2310.
| Command Reference | Configuration Category Common setting L2MS L2 switching Traffic control LLDP agent • Settings for the default VLAN (vlan1) • • IPv4 Address : DHCP cliant IGMP Snooping: Enable • • • Querier : Disable Fast-Leave : Disable Check TTL : Enable Setting item Default value Speed/duplex mode setting auto Cross/straight automatic detection enabled MRU 1,522 Byte Port description none EEE disabled Port Mode Access Associated VLAN ID 1 (default VLAN) L2MS filter disabl
Command Reference | Maintenance and operation functions | 27 Chapter 4 Maintenance and operation functions 4.1 Passwords 4.1.
| Command Reference | Maintenance and operation functions [Description] Enables password encryption. If this is enabled, the password entered by the password command, the enable password command, and the username command are saved in the configuration in an encrypted form. If this command is executed with the "no" syntax, password encryption is disabled, and the password entered by the password command, the enable password command, and the username command are saved in the configuration as plaintext.
Command Reference | Maintenance and operation functions | 29 [Description] Sets user information. A maximum of 33 items of user information can be registered. However, while there can be up to 32 privilege off users, 1 privilege on user is required. The following words cannot be registered as user names.
| Command Reference | Maintenance and operation functions [Example] Grants privileges to user1234 registered users. SWR2310(config)#username user1234 privilege on 4.2.3 Show login user information [Input mode] unprivileged EXEC mode, privileged EXEC mode, global configuration mode [Description] Shows information on the current logged-in users. The following items are shown. Item Description Shows the login method.
Command Reference | Maintenance and operation functions | 31 vty vty vty stk stk stk stk http http http http 5 6 7 0 1 2 3 0 1 2 3 user1234 (noname) - Login Login Login - 00:33:11 01:12:25 00:18:04 - 192.168.100.4 192.168.100.102 4.2.
| Command Reference | Maintenance and operation functions 4.3 Configuration management 4.3.1 Save running configuration [Syntax] copy running-config startup-config [config_num] [Parameter] config_num : Configuration number Setting value Description <0-1> Startup configuration #0-#1 sd Startup config in SD card [Input mode] privileged EXEC mode [Description] Saves the current operating settings (running configuration) as the settings for startup (startup configuration).
Command Reference | Maintenance and operation functions | 33 SWR2310#write Succeeded to write configuration. SWR2310# 4.3.
| Command Reference | Maintenance and operation functions 4.3.4 Show startup configuration [Syntax] show startup-config [config_num] show config [config_num] [Parameter] config_num : Configuration number Setting value Description <0-1> Startup configuration #0-#1 sd Startup config in SD card [Input mode] privileged EXEC mode [Description] Shows the startup settings (startup configuration). If config_num is omitted, the following are displayed.
Command Reference | Maintenance and operation functions | 35 [Parameter] config_num : Configuration number Setting value Description <0-1> Startup configuration #0-#1 sd Startup config in SD card [Input mode] privileged EXEC mode [Description] Erase the settings used at startup (startup config) and the information associated with them. If config_num is omitted, the startup config that was used for the current startup is erased.
| Command Reference | Maintenance and operation functions 4.3.7 Select startup config [Syntax] startup-config select config_num no startup-config select [Parameter] config_num : Configuration number Setting Description <0-1> Startup config #0-#1 sd Startup config on the SD card [Initial value] startup-config select sd [Input mode] privileged EXEC mode [Description] Select the settings to use at startup (startup config), and restart.
Command Reference | Maintenance and operation functions | 37 4.4 Manage boot information 4.4.
| Command Reference | Maintenance and operation functions Setting Description enable Enable SD card boot disable Disable SD card boot [Initial value] boot prioritize sd enable [Input mode] privileged EXEC mode [Description] Enable or disable the SD card boot function of the firmware. After this command is executed, the system will restart. Since this setting is common to the system, it cannot be specified individually for each startup configuration (startup-config #0 ~ strtup-config #1).
Command Reference | Maintenance and operation functions | 39 [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the setting of the SD card boot function. [Example] Show the setting of the SD card boot function. SWR2310#show boot prioritize sd SD boot configuration: firmware : enable 4.5 Show unit information 4.5.
| Command Reference | Maintenance and operation functions • • • • • • • • • • • MAC address CPU usage ratio Memory usage ratio Firmware file Startup configuration file Configuring the SD card boot auto-apply function Serial baud rate CPLD version Boot time Current time Elapsed time from boot [Example] Show operating information. SWR2310>show environment SWR2310-10G BootROM Ver.1.00 SWR2310 Rev.2.04.01 (Thu Sep 26 17:35:20 2019) main=SWR2310-10G ver=00 serial=S00000000 MAC-Address=ac44.f200.
Command Reference | Maintenance and operation functions | 41 [Example] Show currently-executing processes. SWR2310#show process 4.5.5 Display memory usage [Syntax] show memory [Input mode] privileged EXEC mode [Description] Shows how much memory is used by each process. The following items are shown.
| Command Reference | Maintenance and operation functions Command Stack disabled Stack enabled Main switch Member switch show clock detail ✓ ✓ - show disk-usage ✓ ✓ ✓ show inventory ✓ ✓ ✓ show boot all ✓ ✓ ✓ show boot prioritize sd ✓ ✓ ✓ show logging ✓ ✓ ✓ show process ✓ ✓ ✓ show users ✓ ✓ ✓ show interface ✓ ✓ - show frame-counter ✓ ✓ - show vlan brief ✓ ✓ - show spanning-tree mst detail ✓ ✓ - show etherchannel status detail ✓ ✓ - show loop-detect
Command Reference | Maintenance and operation functions | 43 Command Stack disabled Stack enabled Main switch Member switch show radius-server local certificate list ✓ ✓ - show radius-server local certificate revoke ✓ ✓ - *1: Included only with models that support stacks. [Example] Show technical support information.
| Command Reference | Maintenance and operation functions [Note] The SD card must be inserted in advance. [Example] Save technical support information to the SD card. SWR2310#copy tech-support sd SWR2310# 4.6 System self-diagnostics 4.6.1 Showing system self-diagnostics results [Syntax] show system-diagnostics [Input mode] unprivileged EXEC mode、privileged EXEC mode [Description] Shows all system self-diagnostics results (bootup diagnostics, on-demand diagnostics, and health-monitoring diagnostics).
Command Reference | Maintenance and operation functions | 45 [Input mode] privileged EXEC mode [Description] Executes on-demand diagnostics. Shut down all LAN/SFP port during the diagnostics. At the end of the diagnostics, simple diagnostic results are shown and the system is automatically rebooted. If no parameters are specified, confirmation is requested as to whether to execute on-demand diagnostics. You must enter "y” to execute diagnostics or "n" to not execute diagnostics.
| Command Reference | Maintenance and operation functions 4.7.2 Clear cable diagnostic results [Syntax] clear cable-diagnostics tdr clear test cable-diagnostics tdr [Input mode] privileged EXEC mode [Description] Clears the results of the prior cable-diagnostics tdr execute interface command execution. [Example] Clear the results of the prior cable diagnostic execution. SWR2310#clear cable-diagnostics tdr SWR2310# 4.7.
Command Reference | Maintenance and operation functions | 47 [Example] Set the time to 0 hours 0 minutes 0 seconds on January 1, 2015. SWR2310#clock set 00:00:00 Jan 1 2015 4.8.2 Set time zone [Syntax] clock timezone zone clock timezone offset no clock timezone [Parameter] zone : UTC, JST Name of the time zone shown when standard time is in effect offset : -12:00, -11:00, ... , -1:00, +1:00, ...
| Command Reference | Maintenance and operation functions [Initial value] None [Input mode] global configuration mode [Description] Configure daylight saving time. Configure daylight saving time to start and end on a specified week and day of the week every year. The first part specifies the daylight saving time start period and the second part specifies the end period. If this command is executed with the "no" syntax, the setting is cleared. [Note] Daylight saving times cannot overlap.
Command Reference | Maintenance and operation functions | 49 4.8.5 Show current time [Syntax] show clock [detail] [Keyword] detail : Also display detailed information [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the current time, year, month, and date. When detail is specified, detailed information (current time and daylight saving time) is displayed.
| Command Reference | Maintenance and operation functions [Initial value] none [Input mode] global configuration mode [Description] Registers the address or host name of the NTP server. Up to two instances of this command can be set. If this command is executed with the "no" syntax, the NTP server setting is deleted. If time synchronization is performed with two NTP servers specified, they are queried in the order of NTP server 1 and NTP server 2 as shown by the show ntpdate command.
Command Reference | Maintenance and operation functions | 51 If this command is executed with the "no" syntax, the setting returns to the default. When this command is executed, the time is updated immediately, and is subsequently updated at the specified interval. [Example] Request the time every two hours. SWR2310(config)#ntpdate interval 2 Disable periodic time synchronization. SWR2310(config)#ntpdate interval 0 4.8.
| Command Reference | Maintenance and operation functions SWR2310(config)#line con 0 SWR2310(config-line)# 4.9.2 Set VTY port and move to line mode (VTY port) [Syntax] line vty port1 [port2] no line vty port1 [port2] [Parameter] port1 : <0-7> VTY port number port2 : <0-7> Last VTY port number when specifying a range [Initial value] no line vty 0 7 [Input mode] global configuration mode [Description] After enabling the specified VTY ports, moves to line mode for making VTY port settings.
Command Reference | Maintenance and operation functions | 53 If this command is executed with the "no" syntax, the setting returns to the default. [Note] After this command is executed, the setting is applied starting at the next login. [Example] Set the console timeout time to five minutes. SWR2310(config)#line con 0 SWR2310(config-line)#exec-timeout 5 0 SWR2310(config-line)# 4.9.
| Command Reference | Maintenance and operation functions [Note] After this command is executed, the setting is applied starting at the next login. If the terminal length command is executed, the result of executing the terminal length command takes priority. [Example] Change the number of lines displayed per page for the terminal in use to 100 lines. SWR2310(config)#service terminal-length 100 SWR2310(config)# 4.10 Management 4.10.
Command Reference | Maintenance and operation functions | 55 [Description] Specifies the IP address of the SYSLOG server to which log notifications are sent. Up to 2 entries can be specified. If this command is executed with the "no" syntax, the setting returns to its default value, and notifications are not sent. [Example] Set the SYSLOG server IPv4 address to 192.168.100.1. SWR2310(config)#logging host 192.168.100.1 Set the SYSLOG server IPv6 address to fe80::2a0:deff:fe11:2233.
| Command Reference | Maintenance and operation functions [Input mode] global configuration mode [Description] Change the facility value of messages sent to the SYSLOG server. [Note] The meanings of the facility values are assigned independently on each SYSLOG server. [Example] Set the facility value of the SYSLOG message to 10. SWR2310(config)#logging facility 10 4.11.
Command Reference | Maintenance and operation functions | 57 4.11.6 Set log output level (error) [Syntax] logging trap error no logging trap error [Initial value] logging trap error [Input mode] global configuration mode [Description] Outputs the error level log to SYSLOG. If this command is executed with the "no" syntax, the log is not output. [Example] Output the error level log to SYSLOG. SWR2310(config)#logging trap error 4.11.
| Command Reference | Maintenance and operation functions If this command is executed with the "no" syntax, the log is not output. [Example] Enable log output for LAN map. SWR2310(config)#logging event lan-map 4.11.9 Back up log [Syntax] save logging [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Saves all logs accumulated in RAM to Flash ROM.
Command Reference | Maintenance and operation functions | 59 4.11.11 Clear log [Syntax] clear logging [Input mode] privileged EXEC mode [Description] Clears the log. [Example] Clear the log. SWR2310#clear logging 4.11.12 Show log [Syntax] show logging [reverse] [Keyword] reverse : Shows the log in reverse order [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the log that records the operating status of the unit.
| Command Reference | Maintenance and operation functions Setting value version : Description traps Send notifications as traps (without response confirmation) informs Send notifications as inform requests (with response confirmation). This can be specified if version is '2c' or '3'.
Command Reference | Maintenance and operation functions | 61 SWR2310(config)#snmp-server host 192.168.100.12 informs version 2c snmpinformsname Using SNMPv3, set 192.168.10.13 as the destination for notifications. Set the notification type to traps, set the security level for transmission to priv, and set the user name to "admin1". SWR2310(config)#snmp-server host 192.168.10.13 traps version 3 priv admin1 4.12.
| Command Reference | Maintenance and operation functions Setting value Description coldstart When the power is turned on/off, or when firmware is updated warmstart When reload command is executed linkdown At linkdown linkup At linkup authentication When authentication fails l2ms When L2MS agent is detected or lost errdisable When ErrorDisable is detected or canceled rmon When RMON event is executed termmonitor When terminal monitoring is detected bridge When spanning tree root is de
Command Reference | Maintenance and operation functions | 63 [Example] Set the system contact to "swx_admin@sample.com". SWR2310(config)#snmp-server contact swx_admin@sample.com 4.12.5 Set system location [Syntax] snmp-server location location no snmp-server location [Parameter] location : Name to register as the system location (255 characters or less) [Initial value] no snmp-server location [Input mode] global configuration mode [Description] Sets the MIB variable sysLocation.
| Command Reference | Maintenance and operation functions SWR2310(config)#snmp-server community public ro Delete the "public" community. SWR2310(config)#no snmp-server community public 4.12.
Command Reference | Maintenance and operation functions | 65 [Parameter] group : Group name (maximum 32 characters) seclevel : Security level required of users belonging to this group Setting value Description noauth No authentication / No encryption (noAuthNoPriv) auth Authentication / No encryption (authNoPriv) priv Authentication / Encryption (authPriv) read_view : Name of the MIB view (maximum 32 characters) that can be read by users belonging to this group write_view : Name of the MIB
| Command Reference | Maintenance and operation functions Setting value auth_pass : Description md5 HMAC-MD5-96 sha HMAC-SHA-96 Authentication password (8 or more characters, maximum 32 characters) When both ends are enclosed in "" or '', the "" and '' at both ends are not included in the number of characters priv : Encryption algorithm Setting value priv_pass : Description des DES-CBC aes AES128-CFB Encryption password (8 or more characters, maximum 32 characters) When both ends are e
Command Reference | Maintenance and operation functions | 67 Setting value permit info : Description "Permit" the condition Sets the sending source IPv4/IPv6 address information used as a condition Setting value community : Description A.B.C.D Specifies an IPv4 address (A.B.C.D) A.B.C.D/M Specifies an IPv4 address (A.B.C.
| Command Reference | Maintenance and operation functions [Description] Shows SNMP community information. Shows the community name, and access mode. [Example] Show SNMP community information. SWR2310#show snmp community SNMP Community information Community Name: public Access: Read-Only Community Name: private Access: Read-Write 4.12.12 Show SNMP view settings [Syntax] show snmp view [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the contents of the SNMP view settings.
Command Reference | Maintenance and operation functions | 69 4.12.14 Show SNMP user settings [Syntax] show snmp user [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the contents of the SNMP user settings. Shows the engine ID, user name, affiliated group name, authentication method, and encryption method. [Example] Show the contents of the SNMP user settings.
| Command Reference | Maintenance and operation functions [Example] Enable RMON function. SWR2310(config)#rmon enable Disable RMON function. SWR2310(config)#rmon disable 4.13.
Command Reference | Maintenance and operation functions | 71 interval : <1 - 3600> Interval at which to save history group items (seconds) (historyControlInterval) (if omitted : 1800) owner : Name of history group owner (historyControlOwner) Maximum 127 characters (if omitted : RMON_SNMP) [Initial value] none [Input mode] interface mode [Description] Enables RMON history group settings for the applicable interface.
| Command Reference | Maintenance and operation functions owner : Name of event group owner (eventOwner) Maximum 127 characters (if omitted : RMON_SNMP) [Initial value] none [Input mode] global configuration mode [Description] Enables the RMON event group settings. If this command is set, it will be possible to acquire the RMON MIB's eventTable. Use the rmon alarm command to set the event group for this command. If this command is executed with the "no" syntax, the setting value is deleted.
Command Reference | Maintenance and operation functions | 73 Upper threshold value (alarmRisingThreshold) rising_event_index : <1-65535> Event index (alarmRisingEventIndex) falling_threshold : <1-2147483647> Lower threshold value (alarmFallingThreshold) falling_event_inde : x <1-65535> Event index (alarmFallingEventIndex) startup : <1-3> Threshold value used for first alarm decision (alarmStartupAlarm) Setting value Description 1 Use only upper threshold value (risingAlarm) 2 Use only lower th
| Command Reference | Maintenance and operation functions If this command is set, it will be possible to acquire the RMON MIB's alarmTable. If this command is executed with the "no" syntax, the setting value is deleted. [Note] To enable the alarm group setting of the RMON function, it is necessary to enable the system-wide RMON function in addition to this command. The MIB object specified in variable is a MIB object of the Ethernet statistical information group.
Command Reference | Maintenance and operation functions | 75 Owner RMON_SNMP event: event Index = 1 Description RMON_SNMP Event type Log Event community name RMON_SNMP Last Time Sent = 00:00:58 Owner RMON_SNMP alarm: alarm Index = 1 alarm status = VALID alarm Interval = 15 alarm Type is Absolute alarm Value = 0 alarm Rising Threshold = 10 alarm Rising Event = 1 alarm Falling Threshold = 7 alarm Falling Event = 1 alarm Startup Alarm = 3 alarm Owner is RMON_SNMP 4.13.
| Command Reference | Maintenance and operation functions history index = 1 data source ifindex = 5001 buckets requested = 50 buckets granted = 50 Interval = 1800 Owner RMON_SNMP 4.13.9 Show RMON event group status [Syntax] show rmon event [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the settings and status of the RMON event group. The following items are shown.
Command Reference | Maintenance and operation functions | 77 alarm alarm alarm alarm alarm alarm alarm alarm Type is Absolute Value = 0 Rising Threshold = 10 Rising Event = 1 Falling Threshold = 7 Falling Event = 1 Startup Alarm = 3 Owner is RMON_SNMP 4.13.11 Clear counters of the RMON Ethernet statistical information group [Syntax] rmon clear counters [Input mode] interface mode [Description] Clears the counters of the RMON Ethernet statistical information group for the applicable interface.
| Command Reference | Maintenance and operation functions [Input mode] privileged EXEC mode [Description] Shows the settings of the Telnet server. The following items are shown. • • • • Telnet server function enabled/disabled status Listening port number VLAN interface that is permitted to access the TELNET server Filter that controls access to the TELNET server [Example] Show the settings of the Telnet server.
Command Reference | Maintenance and operation functions | 79 Setting value info : Description deny "Deny" the condition permit "Permit" the condition Specifies the transmission-source IPv4 address or IPv6 address that is the condition. Setting value Description A.B.C.D Specifies an IPv4 address (A.B.C.D) A.B.C.D/M Specifies an IPv4 address (A.B.C.
| Command Reference | Maintenance and operation functions [Initial value] none [Input mode] privileged EXEC mode [Description] Connects to the specified host via Telnet. [Example] Connect via Telnet to port number 12345 of the host at IPv4 address 192.168.100.1. SWR2310#telnet 192.168.100.1 12345 Connect via Telnet to port number 12345 of the host at IPv6 address fe80::2a0:deff:fe11:2233. SWR2310#telnet fe80::2a0:deff:fe11:2233%vlan1 12345 4.15.
Command Reference | Maintenance and operation functions | 81 [Initial value] tftp-server disable [Input mode] global configuration mode [Description] Enables the TFTP server. You can also specify the listening TCP port number. If this command is executed with the "no" syntax, the TFTP server is disabled. [Example] Start the TFTP server with 12345 as the listening port number. SWR2310(config)#tftp-server enable 12345 4.16.
| Command Reference | Maintenance and operation functions 4.17 HTTP server 4.17.1 Start HTTP server and change listening port number [Syntax] http-server enable [port] http-server disable no http-server [Keyword] enable : HTTP server is enabled disable : HTTP server is disabled : <1-65535> [Parameter] port Listening port number of the HTTP server (if omitted: 80) [Initial value] http-server disable [Input mode] global configuration mode [Description] Enables the HTTP server.
Command Reference | Maintenance and operation functions | 83 [Example] Start the secure HTTP server with 8080 as the listening port number. SWR2310(config)#http-server secure enable 8080 4.17.3 Show HTTP server settings [Syntax] show http-server [Input mode] privileged EXEC mode [Description] Shows the settings of the HTTP server. The following items are shown.
| Command Reference | Maintenance and operation functions no http-server access [action info] [Parameter] action : Specifies the action for the access condition Setting value info : Description deny "Deny" the condition permit "Permit" the condition Specifies the transmission-source IPv4 address or IPv6 address that is the condition. Setting value Description A.B.C.D Specifies an IPv4 address (A.B.C.D) A.B.C.D/M Specifies an IPv4 address (A.B.C.
Command Reference | Maintenance and operation functions | 85 Setting value Description japanese Japanese english English [Initial value] http-server language japanese [Input mode] global configuration mode [Description] Sets the Web GUI display language. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set the Web GUI display language to English. SWR2310(config)#http-server language english 4.17.
| Command Reference | Maintenance and operation functions [Parameter] switch : Whether to enable HTTP Proxy function Setting value Description enable Enable disable Disable [Initial value] http-proxy disable [Input mode] global configuration mode [Description] Enables the HTTP Proxy function of the HTTP server. If this command is executed with the "no" syntax, the function is disabled. [Example] Enable the HTTP Proxy function of the HTTP server. SWR2310(config)#http-proxy enable 4.18.
Command Reference | Maintenance and operation functions | 87 SWR2310#show http-proxy Service:Enable Timeout:60 4.19 SSH server 4.19.
| Command Reference | Maintenance and operation functions SWR2310#show ssh-server Service:Enable Port:23 Hostkey:Generated Management interface(vlan): 1 Interface(vlan):1, 2, 3 Access: deny 192.168.100.5 permit 192.168.100.0/24 4.19.
Command Reference | Maintenance and operation functions | 89 Setting value Description A.B.C.D Specifies an IPv4 address (A.B.C.D) A.B.C.D/M Specifies an IPv4 address (A.B.C.
| Command Reference | Maintenance and operation functions If this command is executed when the host keys have already been specified, the user is asked to confirm whether to update the host keys. It might take several minutes of time to generate the host keys. This command can be executed only if the SSH server is disabled. [Example] Generate a 2048-bit RSA key and a DSA key. SWR2310#ssh-server host key generate bit 2048 4.19.
Command Reference | Maintenance and operation functions | 91 Show the key fingerprint of the public key. SWR2310#show ssh-server host key fingerprint ssh-dss 1024 MD5:XX:XX:a8:b9:51:93:9d:d2:ec:40:1a:43:66:3a:XX:XX +---[DSA 1024]----+ | .* . | |=*=+. o | |E+X+ o | | o . + = + . | |.. ..O X . | |oo=.B.*.o | | o + S o | | . o | | E | +------[MD5]------+ 1024 SHA256:XXXXearwsCXvYTfIKrS6yYSrjMh0fW6W0Bw7aAOXXXX +---[DSA 1024]----+ | . +E. | | o o | | o X S | | + = * . | | o . B * . | | + o . | | * * + | |X+.
| Command Reference | Maintenance and operation functions [Initial value] ssh-server client alive disable [Input mode] global configuration mode [Description] Sets whether to perform client alive checking. A message requesting a response is sent to the client at intervals of the number of seconds specified by "interval". If there is no response for a successive number of times specified by "count", the connection with this client is cut and the session is ended.
Command Reference | Maintenance and operation functions | 93 [Parameter] switch : Whether to enable SSH client Setting value Description enable Enable disable Disable [Initial value] ssh-client disable [Input mode] global configuration mode [Description] Enables use of the ssh command as an SSH client. If this command is executed with the "no" syntax, the SSH client is disabled. [Example] Enable the SSH client. SWR2310(config)#ssh-client enable 4.20.
| Command Reference | Maintenance and operation functions IPv4 address (A.B.C.D), IPv6 address (X:X::X:X) When specifying an IPv6 link local address, the transmitting interface also needs to be specified (in fe80::X%vlanN format). Host name (64 characters or less, Single-byte alphanumeric characters - .
Command Reference | Maintenance and operation functions | 95 [Description] Sets the name of the server used when sending e-mails. [Example] Sets the e-mail transmission server name to “test_mail_server”. SWR2310(config)#mail server smtp 1 name test_mail_server 4.21.3 E-mail notification trigger settings [Syntax] mail notify temp-id trigger lan-map [type [type ...
| Command Reference | Maintenance and operation functions 4.21.4 E-mail transmission template settings mode [Syntax] mail temlate temp-id no temlate [Parameter] temp-id : <1-10> E-mail template ID [Initial value] none [Input mode] global configuration mode [Description] Switches to the mode for setting the template used when sending e-mails. The following items can be configured after switching to template mode. Up to 10 templates can be created.
Command Reference | Maintenance and operation functions | 97 (256 characters or less, single-byte alphanumeric characters and _ - . @) [Initial value] no send from [Input mode] E-mail template mode [Description] Sets the source e-mail address. [Example] Specifies “sample@test.com” as the source e-mail address for e-mail template #1. SWR2310(config)#mail template 1 SWR2310(config-mail)#send from sample@test.com 4.21.
| Command Reference | Maintenance and operation functions [Description] Specifies the subject for e-mails that are sent. [Note] The subject shown below will be used if this is not set. • • • Event notification : Notification from SWR2310 Certificate distribution : Certification publishment Certificate notification : Certification expiration [Example] Sets the subject to “TestMail” for e-mails sent using e-mail template #1. SWR2310(config)#mail template 1 SWR2310(config-mail)#send subject TestMail 4.
Command Reference | Maintenance and operation functions | 99 [Note] Example of e-mail body text used when sending RADIUS server client certificates --------------------------------Certification is published.
| Command Reference | Maintenance and operation functions [Initial value] mail certificate expire-notify 30 [Input mode] RADIUS configuration mode [Description] Specifies the number of days to notify beforehand about expired term of validity for RADIUS server client certificates. Up to three numbers of days for notifications can be specified. [Note] The day is displayed in descending order, regardless of the order in which it was inputted.
Command Reference | Maintenance and operation functions | 101 [Description] Enable the LLDP function for the entire system. If this command is executed with the "no" syntax, disable the LLDP function for the entire system. [Note] In order to enable the LLDP function for a port, the following command must be set. Set the set lldp enable command's type (LLDP agent mode) to "txrx", "txonly", or "rxonly" as necessary.
| Command Reference | Maintenance and operation functions [Description] Sets the system name used by the LLDP function. If this command is executed with the "no" syntax, the setting returns to the default. By default, this is "model name". The specified value is set in "LLDP System Name TLV". [Example] Set the system name to SWITCH1. SWR2310(config)#lldp system-name SWITCH1 4.22.
Command Reference | Maintenance and operation functions | 103 • • • • • • Flow control QoS IGMP snooping EEE RADIUS server host Terminal monitoring If this command is executed with the "no" syntax, the setting returns to the default. This can be set only for a physical interface. [Note] In order to use this function, you must use the set lldp enable command to enable reception of LLDP frames. [Example] Enable automatic setting function by LLDP. SWR2310(config)#lldp auto-setting enable 4.22.
| Command Reference | Maintenance and operation functions Setting value Description ip-address Set IP address as the management address mac-address Set MAC address as the management address [Initial value] set management-address-tlv ip-address [Input mode] LLDP agent mode [Description] Sets the type of port management address used by LLDP. If this command is executed with the "no" syntax, the setting returns to the default. The specified value is set in "LLDP Management Address TLV".
Command Reference | Maintenance and operation functions | 105 [Initial value] none [Input mode] LLDP agent mode [Description] Adds IEEE-802.1 TLVs to transmitted frames. If this command is executed with the "no" syntax, exclude IEEE-802.1 TLVs from transmitted frames. This command adds the following TLVs to LLDP frames.
| Command Reference | Maintenance and operation functions [Initial value] none [Input mode] LLDP agent mode [Description] If this command is executed with the "no" syntax, exclude LLDP-MED TLVs from transmitted frames. This command adds the following TLVs to LLDP frames.
Command Reference | Maintenance and operation functions | 107 [Initial value] set timer msg-fast-tx 1 [Input mode] LLDP agent mode [Description] Sets the LLDP frame transmission interval during the high speed transmission period. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Maintenance and operation functions [Input mode] LLDP agent mode [Description] Sets the multiplier for calculating the time to live (TTL) of device information. If this command is executed with the "no" syntax, the setting returns to the default. This setting is multiplied with the LLDP frame transmission interval (msg-tx-interval), and then increased by +1 to become the TTL value (seconds). The TTL value is set in "Time To Live TLV".
Command Reference | Maintenance and operation functions | 109 [Description] Sets the maximum number of connected devices that can be managed by a port. If this command is executed with the "no" syntax, the setting returns to the default. If the maximum number of connected device for a port is exceeded, LLDP frames sent from new devices are ignored. [Note] When this command is set, the remote device management table is cleared once when the first LLDP frame is received on the applicable port.
| Command Reference | Maintenance and operation functions Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows LLDP information for the interface specified by ifname. If "neighbor" is specified, information for the device connected to the interface is shown. The following items are shown.
Command Reference | Maintenance and operation functions | 111 ID of port VLAN PP Vlan id ID of protocol VLAN VLAN ID ID of port VLAN VLAN Name Name of port VLAN Remote Protocols Advertised List of supported protocols Remote VID Usage Digestt VID Usage Digestt value Remote Management Vlan Name of management VLAN Link Aggregation Status Link aggregation enabled/disabled Link Aggregation Port ID ID of link aggregation port • Port Vlan id 8023 ORIGIN SPECIFIC TLV information Auto negotiation
| Command Reference | Maintenance and operation functions Datum Geodetic datum 0: USA's World Geodetic System (WGS 84) 1: North American Datum (NAD 83) 2: Average historical minimum sea level of North American Datum (NAD 83) LCI length Length of location information data What Place of reference location 0: Location of the DHCP server 1: Position of the network element thought to be nearest the client 2: Location of client Country Code Country code CA type CA (Civic Address) type MED Inventory
Command Reference | Maintenance and operation functions | 113 Mandatory TLVs CHASSIS ID TYPE IP ADDRESS : 0.0.0.0 PORT ID TYPE INTERFACE NAME : port1.
| Command Reference | Maintenance and operation functions SWR2310>clear lldp counters 4.23 L2MS (Layer 2 management service) settings 4.23.1 Move to L2MS mode [Syntax] l2ms configuration [Input mode] global configuration mode [Description] Moves to L2MS mode in order to make L2MS settings. [Note] To return from L2MS mode to global configuration mode, use the exit command. To return to privileged EXEC mode, use the end command. [Example] Move to L2MS mode.
Command Reference | Maintenance and operation functions | 115 Setting value Description manager Operate as an L2MS manager that sets and controls SWR series or SWX series units that are connected subordinate to it agent Be managed from a Yamaha device that is operating as an L2MS manager, such as a router, firewall, or SWX series unit that is set as the L2MS manager [Initial value] l2ms role agent [Input mode] L2MS mode [Description] Sets the role when using the L2MS function.
| Command Reference | Maintenance and operation functions SWR2310(config-l2ms)#l2ms role manager SWR2310(config-l2ms)#agent-watch interval 5 4.23.
Command Reference | Maintenance and operation functions | 117 [Example] Enable the terminal management function. SWR2310(config)#l2ms configuration SWR2310(config-l2ms)#l2ms enable SWR2310(config-l2ms)#l2ms role manager SWR2310(config-l2ms)#terminal-watch enable 4.23.
| Command Reference | Maintenance and operation functions [Note] This command cannot be specified for the following interfaces. • • VLAN interface A physical interface inside a logical interface A physical interface inside a logical interface operates according to the setting of this command on the interface inside which it exists. If the physical interface is inside the logical interface, the setting of the physical interface returns to the default.
Command Reference | Maintenance and operation functions | 119 • If L2MS is operating as manager and "detail" is specified • L2MS manager information • • • • Number of terminals connected to the L2MS manager Information of terminals connected to the L2MS manager • MAC address • Ports connected • Time at which terminal was discovered Number of L2MS agents being managed Information for the L2MS agents being managed • • • • • • • • • • MAC address Model name Device name Route Linked-up ports Uplink port D
| Command Reference | Maintenance and operation functions Uplink Downlink Config Appear time Number of Terminals : : : : : 1 None None Tue Mar 13 18:43:18 2018 0 4.23.11 Show L2MS agent config information [Syntax] show l2ms agent-config [agent] [Parameter] agent : MAC address (HHHH.HHHH.HHHH) or route (portD.D-D.D) Specify the MAC address or route of the applicable L2MS agent terminal. If omitted, this applies to all L2MS agent terminals.
Command Reference | Maintenance and operation functions | 121 Item Description counter-frame-rx-type port counter type Set type of frames counted by reception frame counter counter-frame-tx-type port counter type Set type of frames counted by transmission frame counter loopdetect-count count Set threshold value per second at which to determine that a loop has occurred loopdetect-linkdown action Set operation when loop occurs loopdetect-recovery-timer time Set time until recovery after a port's li
| Command Reference | Maintenance and operation functions Show the config information of the L2MS agent terminal whose route is 1.23-1.23-8. SWR2310>show l2ms agent-config port1.23-1.23-8 [port1.23-1.23-8] system-name TEST3_SWX2200-8G vlan-id 2 2 vlan-id 3 3 vlan-port-mode 1 hybrid vlan-access 5 2 vlan-access 6 3 vlan-trunk 1 2 join vlan-trunk 1 3 join 4.23.
Command Reference | Maintenance and operation functions | 123 [Description] Sets whether to disable or enable the event monitoring function. If enabled, event information for the L2MS agents existing on the network is acquired at regular intervals. If this command is executed with the "no" syntax, the event monitoring function is enabled. [Note] Event monitoring is performed only if L2MS is operating as manager. [Example] Disable the event monitoring function.
| Command Reference | Maintenance and operation functions [Description] Sets whether to use the L2MS agent device's zero config function. If the zero config function is enabled, and the L2MS agent's Yamaha switch or wireless AP settings (config) are saved, the saved settings (config) are automatically applied when the L2MS agent in its factory-set state is connected to the network. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Maintenance and operation functions | 125 [Description] Terminal information is included in the snapshot comparison. If the except-wireless option is specified, information for terminals that are wirelessly connected below a wireless access point are excluded from the snapshot comparison. If this command is executed with the "no" syntax, terminal information is excluded from the snapshot comparison.
| Command Reference | Maintenance and operation functions [Parameter] url : Single-byte alphanumeric characters and single-byte symbols (255 characters or less) URL at which the firmware is located [Initial value] firmware-update url http://www.rtpro.yamaha.co.jp/firmware/revision-up/swr2310.bin [Input mode] global configuration mode [Description] Specify the download source URL used when updating the firmware from a firmware file located on a web server.
Command Reference | Maintenance and operation functions | 127 SWR2310(config)#firmware-update http-proxy 192.168.100.1 8080 SWR2310(config)# 4.25.
| Command Reference | Maintenance and operation functions [Example] Set the firmware download timeout duration to 120 seconds. SWR2310(config)#firmware-update timeout 120 SWR2310(config)# 4.25.
Command Reference | Maintenance and operation functions | 129 [Keyword] no-confirm : Don't check for firmware update and SD card mount continuity no-reboot : Does not reboot after updating firmware sd-unmount : Unmount the SD card without checking before firmware update [Input mode] privileged EXEC mode [Description] Execute firmware update using a firmware file stored on the SD card.
| Command Reference | Maintenance and operation functions [Description] Sets the time at which the new firmware is applied by restarting after a firmware update. If this command is executed with the "no" syntax, the new firmware is applied by restarting immediately after the firmware is updated. [Example] Specify AM 1:30 as the restart time for updating the firmware. SWR2310(config)#firmware-update reload-time 1 30 SWR2310(config)# 4.25.
Command Reference | Maintenance and operation functions | 131 Setting value Description enable Enable stack function disable Disable stack function [Initial value] stack disable [Input mode] global configuration mode [Description] Enables or disables the stack function. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be executed only for models that support stacking.
| Command Reference | Maintenance and operation functions 4.26.3 Show stack information [Syntax] show stack [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows stack-related settings and status information. The following content is shown.
Command Reference | Maintenance and operation functions | 133 -----------------------------------------------------------------------1 SWR2310-28GT Active Main S000000000 00a0.de00.0000 2 SWR2310-28GT Active Member S000000000 00a0.de00.0000 Interface Status -----------------------------------------------------------------------port1.27 up port1.28 up port2.27 up port2.28 up 4.26.
| Command Reference | Maintenance and operation functions When remote login succeeds, the stack ID is automatically shown added to the prompt. [Example] Remotely log in to a member switch (ID:2) from the main switch. SWR2310#remote-login 2 ... SWR2310-2> 4.27 Schedule 4.27.1 Schedule settings [Syntax] schedule id time date time template_id schedule id event event template_id no schedule id [Parameter] id : <1-10> Schedule number date : <1-12> or * / <1-12> or sun, mon, ...
Command Reference | Maintenance and operation functions | 135 h:m:s (the seconds can be omitted) event template_id : : Hour setting examples Setting contents 12 12:00 12.13 12:00 and 13:00 12- From 12:00 to 23:00 10-20 From 10:00 to 20:00 -20 From 0:00 to 20:00 * Hourly Minute setting examples Setting contents 30 30 minutes 15.
| Command Reference | Maintenance and operation functions 4.27.2 Schedule template description text settings [Syntax] description line no description [Parameter] line : Single-byte alphanumeric characters and single-byte symbols (64 characters or less) Schedule template description text [Initial value] no description [Input mode] Schedule template mode [Description] Sets the schedule template description text.
Command Reference | Maintenance and operation functions | 137 no schedule template [Parameter] template_id : <1-10> Schedule template number [Initial value] None [Input mode] global configuration mode [Description] Switches to the mode for setting the schedule template. If this command is executed with the "no" syntax, the specified schedule template is deleted. [Example] This switches to the mode for setting schedule template #1. SWR2310(config)#schedule template 1 SWR2310(config-schedule)# 4.27.
| Command Reference | Maintenance and operation functions encryption, ping, ping6, quit, reload, remote-login, restart, restore system, schedule, no schedule, schedule template, no schedule template, commands beginning with “show,” ssh , ssh-server host key generate, commands beginning with “stack,” commands beginning with “no stack,” startup-config select, no startup-config select, system-diagnostics on-demand execute(*1), telnet, traceroute, traceroute6 (*1): system-diagnostics on-demand execute no-co
Command Reference | Maintenance and operation functions | 139 [Initial value] hostname SWR2310 [Input mode] global configuration mode [Description] Specifies the host name. The host name specified by this command is used as the command prompt. If SNMP access is possible, this is used as the value of the MIB variable sysName. If this command is executed with the "no" syntax, the setting returns to the default value. [Example] Set the host name as "yamaha." SWR2310(config)#hostname yamaha yamaha(config)# 4.
| Command Reference | Maintenance and operation functions [Example] Initialize the settings. SWR2310#cold start Password: 4.28.4 Mount SD card [Syntax] mount sd [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Mounts the SD card. When you insert an SD card, this command is executed automatically, so you do not need to execute it. If you have unmounted the card by the unmount sd command, you will need to execute this.
Command Reference | Maintenance and operation functions | 141 Setting value Description link-act LINK/ACT mode poe PoE mode vlan VLAN mode off OFF mode [Initial value] led-mode default link-act [Input mode] global configuration mode [Description] Set the default LED mode. When you execute this command, the LEDs are lit in the specified mode. The LEDs are lit in the specified mode even when a loop is detected in STATUS mode and the loop status has been resolved.
| Command Reference | Maintenance and operation functions Item Description poe error (port limit) Power supply stopped because of PoE port limit poe error (system limit) Power supply has stopped due to a PoE system limit, or power supply is suppressed due to guard band poe error (PD error) Power supply stopped because PD error detected [Example] Show the port error status. SWR2310>show error port-led ID error ----------------------------------------port1.1 poe error (PD error) port1.
Command Reference | Maintenance and operation functions | 143 Update the firmware. Current Revision: 2.04.01 New Revision: 2.04.03 Update to this firmware? (y/n) y Unmounted the SD card. Pull out the SD card. Updating... Finish Succeeded to restore system files.
| Command Reference | Interface control Chapter 5 Interface control 5.1 Interface basic settings 5.1.1 Set description [Syntax] description line no description [Parameter] line : Single-byte alphanumeric characters and single-byte symbols (80characters or less) Description of the applicable interface [Initial value] no description [Input mode] interface mode [Description] Specifies a description of the applicable interface.
Command Reference | Interface control | 145 no speed-duplex [Parameter] type : Speed and duplex mode types Speed and duplex mode types Description auto Auto negotiation 10000-full 10Gbps/Full 1000-full 1000Mbps/Full 100-full 100Mbps/Full 100-half 100Mbps/Half 10-full 10Mbps/Full 10-half 10Mbps/Half [Initial value] speed-duplex auto [Input mode] interface mode [Description] Sets the speed and duplex mode. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control [Note] This command can be specified only for LAN/SFP port. [Example] Set the LAN port #1 mru to 9000 bytes. SWR2310(config)#interface port1.1 SWR2310(config-if)#mru 9000 5.1.
Command Reference | Interface control | 147 [Description] Enables Energy Efficient Ethernet (EEE). If this command is executed with the "no" syntax, EEE is disabled. [Note] This command can be specified only for LAN port. When this command is used to change the settings, link-down temporarily occurs for the corresponding interface. [Example] Enable EEE for LAN port #1. SWR2310(config)#interface port1.1 SWR2310(config-if)#eee enable 5.1.
| Command Reference | Interface control [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the EEE status of the specified interface. The following items are shown. Item Description interface Interface name EEE(efficient-ethernet) Whether EEE is enabled Rx LPI Status Low-power mode status of the receiving unit Tx LPI Status Low-power mode status of the transmitting unit Wake Error Count Error count [Example] Show EEE status of LAN port #1.
Command Reference | Interface control | 149 Traffic direction Description both Both receiver and transmitter receive Receiver transmit Transmitter [Initial value] none [Input mode] interface mode [Description] Mirrors the traffic specified by direct, with the applicable interface as the sniffer port and ifname as the monitored port. If this command is executed with the "no" syntax, the mirroring setting is deleted. [Note] This command can be specified only for LAN/SFP port.
| Command Reference | Interface control 5.1.11 Show interface status [Syntax] show interface [ type [ index ] ] [Parameter] type : Interface type Interface type index : Description port Physical interface vlan VLAN interface sa Static logical interface po LACP logical interface Index number Interface ID Description S.X Specifies the stack ID (S) of the physical interface, and the number printed on the chassis (X). * The SWR2310-10G,18G are fixed as stack ID=1.
Command Reference | Interface control | 151 Item Description IP broadcast address *3 (shown only if IP address is set) broadcast Mode of the switchport Switchport mode • • access : untagged trunk : tagged Status of ingress filtering Ingress filter • • enable : enabled disable : disabled Frame types that can be received • Acceptable frame types • all : All frames are received (regardless of whether they are tagged or untagged) vlan-tagged only : Only frames with a VLAN tag are received VLAN ID tha
| Command Reference | Interface control Description: Connected to router ifIndex 5001, MRU 1522 Speed-Duplex: auto(configured), 1000-full(current) Auto MDI/MDIX: on Vlan info: Switchport mode : access Ingress filter : enable Acceptable frame types : all Default Vlan : 1 Configured Vlans : 1 Interface counter: input packets : 320 bytes : 25875 multicast packets: 301 output packets : 628 bytes : 129895 multicast packets: 628 broadcast packets: 0 drop packets : 0 Show the status of VLAN #1.
Command Reference | Interface control | 153 Item Description Type of associated logical interface *1 • • Port Ch (S) : Static logical interface (P) : LACP logical interface ID of associated logical interface Description Description of interface *1 Shown only for physical interface *2 hown only for physical interface and logical interface [Example] Show brief interface status.
| Command Reference | Interface control [Example] Reset LAN port #1 SWR2310#interface reset port1.1 5.1.14 Show frame counter [Syntax] show frame-counter [ifname] [Parameter] ifname : Interface name of the LAN/SFP port Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows frame counter information for the interface specified by ifname. If ifname is omitted, shows information for all interfaces. The following items are shown.
Command Reference | Interface control | 155 *1 Varies depending on the MRU of each interface. *2 Shows the transmission information when tail dropping is enabled, and the information only for reception when tail dropping is disabled. [Example] Show the frame counter of LAN port #1. SWR2310#show frame-counter port1.1 Interface port1.
| Command Reference | Interface control 5.1.16 Show SFP module status [Syntax] show ddm status [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the status of the SFP module. For each item, shows the current value, upper threshold value, and lower threshold value for each SFP port.
Command Reference | Interface control | 157 no sfp-monitor rx-power [Parameter] action : Operations for SFP module optical reception level monitoring Setting value Description enable Enables SFP module optical reception level monitoring disable Disables SFP module optical reception level monitoring [Initial value] sfp-monitor rx-power enable [Input mode] global configuration mode [Description] Sets the monitoring of SFP module optical reception levels.
| Command Reference | Interface control 5.1.
Command Reference | Interface control | 159 port1.5 port1.6 port1.7 : port2.1 : enable enable disable : enable : 5.2 Link aggregation 5.2.1 Set static logical interface [Syntax] static-channel-group link-id no static-channel-group [Parameter] link-id : <1-96> static logical interface number [Input mode] interface mode [Description] Associates the applicable interface with the static logical interface specified by link-id.
| Command Reference | Interface control • • Load balance function rules Interface name of associated LAN/SFP port For details on the load balance function rules, refer to the type parameter of the port-channel load-balance command. [Example] Show the static logical interface status. SWR2310#show static-channel-group % Static Aggregator: sa5 % Load balancing: src-dst-mac % Member: port1.1 port1.2 port1.3 port1.4 5.2.
Command Reference | Interface control | 161 • • Setting of VLAN Set QoS trust mode (including default CoS value and port priority) If a LACP logical interface is newly generated, the above settings of the LAN/SFP port are set to the default settings of the LACP logical interface. If a LAN/SFP port is associated with an LACP logical interface, the MSTP settings return to the default values. The MSTP settings also return to the default values if the LAN/SFP port is removed from the LACP logical interface.
| Command Reference | Interface control Item Description Status of the LACP protocol Receive machine transition variable Mux machine state • • • • "Detached" "Waiting" "Attached" "Collecting/Distributing" Usage status Selection • • • "Selected" "Unselectedic" "Standby" Information Refer to the table below (Actor is self, Partner is other party) Aggregator ID Distinguishing ID on LACP Information shows the following items.
Command Reference | Interface control | 163 Defaulted Expired 0 0 0 0 5.2.5 Set LACP system priority order [Syntax] lacp system-priority priority no lacp system-priority [Parameter] priority : <1-65535> LACP system priority irder Lower numbers have higher priority [Initial value] lacp system-priority 32768 [Input mode] global configuration mode [Description] Sets the LACP system priority order. If this command is executed with the "no" syntax, the setting returns to the default value.
| Command Reference | Interface control [Parameter] switch : Different-speed link aggregation function enable/disable settings Setting value Description enable Enabling different-speed link aggregation disable Disabling different-speed link aggregation [Initial value] lacp multi-speed disable [Input mode] global configuration mode [Description] Enables or disables different-speed link aggregation in an LACP.
Command Reference | Interface control | 165 LACP timeout indicates the time since the last LACP frame received from the other device, after which it is determined that the link has gone down. The LACP timeout setting is placed in a LACP frame and sent to the other device; after receiving this, the other device will transmit LACP frames at intervals of 1/3 of this LACP timeout.
| Command Reference | Interface control port1.4 port1.5 309 186 1350 186 0 0 0 0 0 0 0 0 5.2.
Command Reference | Interface control | 167 [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the status of the LACP logical interface specified by link-id. If link-id is omitted, shows the status of all LACP logical interface. If summary is specified, an abbreviated display is shown; if detail is specified, details are shown. sIf both summary and detail are omitted, the result is as though summary was specified. The following items are shown.
| Command Reference | Interface control Status Ready Partner LAG 0x8000, 00-a0-de-11-11-11 Partner Key 0001 Link count 1/ 1 Aggregator po2 ID 4602 Status Not ready Partner LAG 0x8000, 00-a0-de-11-11-11 Partner Key 0001 Link count 0/ 1 Aggregator po127 ID 4727 Status Not ready Partner LAG 0x8000, 00-a0-de-11-11-11 Partner Key 0001 Link count 0/ 1 SWR2310#show etherchannel status detail Aggregator po1 ID 4601 Status Ready Actor LAG 0x8000, 00-a0-de-e0-e0-e0 Admin Key 0001 Partner LAG 0x8000, 00-a0-de-11-1
Command Reference | Interface control | 169 [Description] Sets the LACP port priority order. If this command is executed with the "no" syntax, the setting returns to the default value. [Note] If up to eight LAN/SFP ports are combined into an LACP logical interface, they are immediately combined into the LACP logical interface; ports in excess of eight are standby ports used in case of a malfunction.
| Command Reference | Interface control If this command is executed with the "no" syntax, disables MAC authentication for the entire system. Use a RADIUS server for authentication on which the radius-server host command has been configured. [Note] In order to actually use MAC authentication, you need to enable MAC authentication on the applicable interface as well. (authmac enable command) [Example] Enable MAC authentication for the entire system. SWR2310(config)#aaa authentication auth-mac 5.3.
Command Reference | Interface control | 171 If this command is executed with the "no" syntax, the IEEE 802.1X authentication function will be disabled for the applicable interface. [Note] This command can be specified only for both LAN/SFP port and logical interface. [Example] This command can be specified only for LAN/SFP port. SWR2310(config)#interface port1.1 SWR2310(config-if)#dot1x port-control auto 5.3.5 Set for forwarding control on an unauthenticated port for IEEE 802.
| Command Reference | Interface control Maximum number of times EAPOL packets are transmitted [Initial value] dot1x max-auth-req 2 [Input mode] interface mode [Description] Sets the maximum value for the EAPOL packet transmission count for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for both LAN/SFP port and logical interface.
Command Reference | Interface control | 173 Setting value case : Format hyphen xx-xx-xx-xx-xx-xx colon xx:xx:xx:xx:xx:xx unformatted xxxxxxxxxxxx Specify upper or lowercase Setting value Description lower-case Lower case(a~f) upper-case Upper case(A~F) [Initial value] auth-mac auth-user hyphen lower-case [Input mode] global configuration mode [Description] Changes the format of the user name and password used for authentication during MAC authentication.
| Command Reference | Interface control Static registrations (authentication information) can be cleared with the clear auth state command or the auth clear-state time command. To use this command, the MAC authentication function must be enabled on the target interface. (auth-mac enable command) [Example] Enable static registration of MAC authentication for LAN port #1. SWR2310(config)#interface port1.1 SWR2310(config-if)#auth-mac static enable 5.3.
Command Reference | Interface control | 175 Operation mode Description single-host This mode allows communications for only one supplicant per port. Only the first supplicant that passes authentication is allowed. multi-host This mode allows communication with multiple supplicants for each port. If the first supplicant passes authentication, all other supplicants of the same port will be allowed to communicate without authentication.
| Command Reference | Interface control [Note] This command can only be set for LAN/SFP port and logical interface. Regardless of this setting, Web authentication is performed when an ID/Password is entered on the Web authentication screen. If the IEEE 802.1X authentication, MAC authentication, or Web authentication setting is disabled, that authentication method is not performed. To use this command, the port authentication function must be enabled on the target interface.
Command Reference | Interface control | 177 For interfaces on which dynamic VLAN is enabled, the associated VLAN is actively changed based on the property (TunnelPrivate-Group-ID) specified by the RADIUS server. [Note] This command can be specified only for both LAN/SFP port and logical interface. Changing the settings for this command will make the authentication state return to the default. When using dynamic VLAN in multi-supplicant mode, the VLAN can be specified for individual supplicants.
| Command Reference | Interface control [Initial value] auth timeout quiet-period 60 [Input mode] interface mode [Description] Sets the period during which authentication is suppressed for the applicable interface after authentication fails. If this command is executed with the "no" syntax, the setting returns to the default. All packets received during the authentication suppression period will be discarded. [Note] This command can be specified only for both LAN/SFP port and logical interface.
Command Reference | Interface control | 179 [Initial value] auth timeout server-timeout 30 [Input mode] interface mode [Description] Sets the reply wait time for the RADIUS server overall when authenticating a port of the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for both LAN/SFP port and logical interface.
| Command Reference | Interface control timeout : Sets the reply standby time for requests sent to the RADIUS server retransmit : Sets the number of times to resend the request to the RADIUS server key : Sets the password used for communicating with the RADIUS server : IPv4 address (A.B.C.D) or IPv6 address (X:X::X:X) [Parameter] host When specifying an IPv6 link local address, the transmitting interface also needs to be specified (fe80::X%vlanN format).
Command Reference | Interface control | 181 [Parameter] time : <1-1000> Standby time for replying to requests (seconds) [Initial value] radius-server timeout 5 [Input mode] global configuration mode [Description] Sets the reply wait time for each RADIUS server. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control [Parameter] secret : Shared password Single-byte alphanumeric characters, and single-byte symbols other than the characters '?' and spaces (128 characters or less) [Initial value] no radius-server key [Input mode] global configuration mode [Description] Sets the shared password used when communicating with a RADIUS server. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Interface control | 183 [Input mode] global configuration mode [Description] Specifies a desired text string that is sent as the NAS-Identifier attribute to the RADIUS server for port authentication. If this setting is made, it is notified to RADIUS server as the NAS-Identifier attribute. If this setting is deleted, notification is stopped. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control Interface port1.4 (down) 802.
Command Reference | Interface control | 185 SWR2310#show auth statistics interface port1.1 Interface port1.1 EAPOL frames: Received frames : 11 EAPOL Start : 1 EAPOL Logoff : 0 EAP Response ID : 1 EAP Response : 9 Invalid EAPOL : 0 EAP Length error : 0 Last EAPOL version : 1 Last EAPOL source : 0011.2233.
| Command Reference | Interface control Authentication Port Secret Key Timeout Retransmit Count Deadtime : : : : : 1812 abcde 10 sec 5 0 min Server Host : 192.168.100.102 Authentication Port : 1645 Secret Key : fghij Timeout : 5 sec Retransmit Count : 3 Deadtime : 0 min 5.3.
Command Reference | Interface control | 187 [Example] Clear the authentication state for supplicants connected to LAN port #1. SWR2310#clear auth state interface port1.1 5.3.
| Command Reference | Interface control 5.3.
Command Reference | Interface control | 189 [Input mode] privileged EXEC mode [Description] Deletes the file for customizing the Web authentication screen. [Note] In a state in which the SD card is not mounted, executing this command on a config that is in the SD card produces an error. [Example] Deletes logo.png from startup configuration #0. SWR2310#erase auth-web startup-config logo.png 0 5.3.
| Command Reference | Interface control [Initial value] port-security disable [Input mode] interface mode [Description] Enables the port security function for the applicable interface. If this is executed with the "no" syntax, or disable is specified, port security will be disabled for the applicable interface. [Note] This command can be specified only for both LAN/SFP port and logical interface. Any unregistered terminals will be discarded at the time when the port security function is enabled.
Command Reference | Interface control | 191 [Note] When restoring ports in shutdown mode that have been shut down, use the no shutdown command. This command can be specified only for both LAN/SFP port and logical interface. [Example] Change the operation used for a violation on LAN port #1 to "port shutdown." SWR2310(config)#interface port1.1 SWR2310(config-if)#port-security violation shutdown 5.4.
| Command Reference | Interface control [Input mode] global configuration mode [Description] Enables the function that automatically recovers after the error detection function causes the errdisable state, and specifies the time until automatic recovery. If interval is omitted, 300 seconds is specified. this is executed with the "no" syntax, the automatic recovery function is disabled.
Command Reference | Layer 2 functions | 193 Chapter 6 Layer 2 functions 6.1 FDB (Forwarding Data Base) 6.1.
| Command Reference | Layer 2 functions [Example] Set the dynamic entry ageing time to 400 seconds. SWR2310(config)#mac-address-table ageing-time 400 6.1.
Command Reference | Layer 2 functions | 195 ifname : Setting value Description forward Forward discard Discard Name of LAN/SFP port or logical interface Applicable interface vlan-id : <1-4094> Applicable VLAN ID [Initial value] none [Input mode] global configuration mode [Description] Registers a static entry in the MAC address table. If action is specified as "forward," received frames that match the specified MAC address and VLAN ID are forwarded to the specified interface.
| Command Reference | Layer 2 functions SWR2310>show mac-address-table VLAN port mac 1 port1.1 00a0.de11.2233 1 sa1 1803.731e.8c2b 1 sa2 782b.cbcb.218d fwd forward forward forward type static dynamic dynamic timeout 0 300 300 6.1.
Command Reference | Layer 2 functions | 197 6.2.
| Command Reference | Layer 2 functions type : Type of private VLAN Setting value Description primary Primary VLAN community Secondary VLAN (community VLAN) isolated Secondary VLAN (isolated VLAN) [Initial value] none [Input mode] VLAN mode [Description] Uses vlan-id as a private VLAN. If this command is executed with the "no" syntax, the private VLAN setting is deleted, and it is used as a conventional VLAN.
Command Reference | Layer 2 functions | 199 [Initial value] none [Input mode] VLAN mode [Description] Specify the association of the secondary VLAN (isolated VLAN, community VLAN) with the primary VLAN of the private VLAN. By specifying "add," specify the association of the vlan-id with the 2nd-vlan-ids. By specifying "remove," remove the association of the vlan-id and the 2nd-vlan-ids. If this command is executed with the "no" syntax, all associations to the primary VLAN are deleted.
| Command Reference | Layer 2 functions [Parameter] vlan-id : <1-4094> Associated VLAN ID [Initial value] switchport access vlan 1 [Input mode] interface mode [Description] Sets the VLAN ID that is associated as an access port with the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be set only for a LAN/SFP port or logical interface for which the switchport mode access command is set.
Command Reference | Layer 2 functions | 201 To specify the VLAN ID that is associated as a trunk port, use the switchport trunk allowed vlan command. To specify the native VLAN, use the switchport trunk native vlan command. [Example] Set LAN port #1 as a trunk port. SWR2310(config)#interface port1.1 SWR2310(config-if)#switchport mode trunk 6.2.
| Command Reference | Layer 2 functions • If you specify and associate a VLAN ID that was set by the switchport trunk native vlan command, switchport trunk native vlan none is set. If you specify the switchport trunk allowed vlan add command with a combination of "-" or "," in the vlan-ids, the command setting will fail if you revert to an older version (Rev.2.00.08 or earlier). As a result, normal communication might become impossible.
Command Reference | Layer 2 functions | 203 [Parameter] port-type : Port mode Setting value Description promiscuous Promiscuous port host Host port [Initial value] none [Input mode] interface mode [Description] Specifies the private VLAN port type for the applicable interface. If this is executed with the "no" syntax, the setting of the private VLAN specified for the applicable interface is deleted.
| Command Reference | Layer 2 functions [Note] This command can be set only for a LAN/SFP port that has been set as the host port by the switchport mode private-vlan command. pri-vlan-id and 2nd-vlan-id must be associated by the private-vlan association command. If the switchport mode private-vlan command is used to set the port type to something other than host port, the setting of this command is deleted. [Example] Specify the following private VLAN for each interface.
Command Reference | Layer 2 functions | 205 • logical interface pri-vlan-id and 2nd-vlan-ids must be associated by the private-vlan association command. If this command is applied to a logical interface, the settings of every LAN/SFP port associated with that interface are changed. If the switchport mode private-vlan command is used to set the port type to something other than promiscuous port, the setting of this command is deleted. A community VLAN can be associated with multiple promiscuous ports.
| Command Reference | Layer 2 functions CoS value to specify for connected device [Initial value] switchport voice cos 5 [Input mode] interface mode [Description] Specify the CoS value to use for voice traffic by the connected device. The connected device is notified of the setting via LLDP-MED in the following cases. • • Voice VLAN is specified for the corresponding port. LLDP-MED transmission and reception is possible for the corresponding port.
Command Reference | Layer 2 functions | 207 [Initial value] none [Input mode] interface mode [Description] Specify the group of multiple VLAN. If a group is specified for the interface, the corresponding interface can communicate only with interfaces of the same multiple VLAN group. Even if the VLAN is the same, communication is not possible if the multiple VLAN group differs. This can be specified only for a physical interface or for a link aggregation logical interface.
| Command Reference | Layer 2 functions 6.2.
Command Reference | Layer 2 functions | 209 Item Description Interfaces associated with the VLAN ID Member ports • • (u) : Access port (untagged port) (t) : Trunk port (tagged port) [Example] Show all VLAN information. SWR2310>show vlan brief (u)-Untagged, (t)-Tagged VLAN ID Name State Member ports ======= ================================ ======= ======================= 1 default ACTIVE port1.1(u) port1.2(u) port1.3(u) port1.4(u) port1.5(u) port1.6(u) port1.7(u) port1.8(u) 6.2.
| Command Reference | Layer 2 functions [Description] Shows the setting status for multiple VLAN groups. If the "group" specification is omitted, all groups that are actually assigned to the interface are shown. The setting state of the YMPI frame transmission function is also displayed. [Example] Shows the setting status for multiple VLAN groups. SWR2310>show vlan multiple-vlan GROUP ID Name Member ports ======== ================================ ====================== 1 GROUP0001 port1.1 port1.2 port1.
Command Reference | Layer 2 functions | 211 [Note] The setting of this command must satisfy the following conditions. 2 x (hello time + 1) <= maximum aging time <= 2 x (forward delay time - 1) The maximum aging time can be set by the spanning-tree max-age command. The hello time is always 2 seconds, and cannot be changed. [Example] Set the forward delay time to 10 seconds. SWR2310(config)#spanning-tree forward-time 10 6.3.
| Command Reference | Layer 2 functions [Description] Sets the bridge priority. Lower numbers have higher priority. If this command is executed with the "no" syntax, the setting returns to the default. [Note] In the case of MSTP, this is the setting for CIST (instance #0). [Example] Set the bridge priority to 4096. SWR2310(config)#spanning-tree priority 4096 6.3.
Command Reference | Layer 2 functions | 213 [Input mode] interface mode [Description] Sets the link type for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
| Command Reference | Layer 2 functions Setting value Description enable Enables BPDU guard disable Disables BPDU guard [Initial value] spanning-tree bpdu-guard disable [Input mode] interface mode [Description] Sets BPDU guard for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface.
Command Reference | Layer 2 functions | 215 It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface. If a LAN/SFP port is associated with a logical interface, the setting of this command for the corresponding LAN/SFP port returns to the default. [Example] Set the path cost of LAN port #1 to 100000. SWR2310(config)#interface port1.1 SWR2310(config-if)#spanning-tree path-cost 100000 6.3.
| Command Reference | Layer 2 functions If a LAN/SFP port is associated with a logical interface, the setting of this command for the corresponding LAN/SFP port returns to the default. [Example] Set LAN port #1 as the edge port. SWR2310(config)#interface port1.1 SWR2310(config-if)#spanning-tree edgeport 6.3.
Command Reference | Layer 2 functions | 217 Item Description Configured Path Cost Path cost setting of the interface Add type Explicit ref count Number of STP domains associated with the interface Designated Port Id ID of the designated port Priority Priority of the interface Root Root bridge identifier. This consists of the root bridge priority (the first four hexadecimal digits) and MAC address Designated Bridge Bridge identifier.
| Command Reference | Layer 2 functions % port1.1: % port1.1: % port1.1: % port1.1: timer 0 % port1.1: % port1.1: % port1.1: % port1.1: % port1.1: % port1.1: % port1.1: % port1.
Command Reference | Layer 2 functions | 219 % % % % % % Message Age Timer Message Age Timer Value Topology Change Timer Topology Change Timer Value Hold Timer Hold Timer Value % Other Port-Specific Info -----------------------% Max Age Transitions % Msg Age Expiry % Similar BPDUS Rcvd % Src Mac Count % Total Src Mac Rcvd % Next State % Topology Change Time : : : : : : INACTIVE 0 INACTIVE 0 INACTIVE 0 : : : : : : : 1 0 0 0 3 Discard/Blocking 0 % Other Bridge information & Statistics ------------------
| Command Reference | Layer 2 functions [Description] Moves to MST mode in order to make MST instance and MST region settings. [Note] To return from MST mode to global configuration mode, use the exit command. To return to privileged EXEC mode, use the end command. [Example] Move to MST mode. SWR2310(config)#spanning-tree mst configuration SWR2310(config-mst)# 6.3.
Command Reference | Layer 2 functions | 221 If this command is executed with the "no" syntax, the VLAN association for the MST instance is deleted. If as a result of this deletion, not even one VLAN is associated with the MST instance, the MST instance is deleted. If you specify an MST instance that has not been generated, the MST instance will also be generated. [Note] You cannot specify a VLAN ID that is associated with another MST instance. [Example] Associate VLAN #2 with MST instance #1.
| Command Reference | Layer 2 functions [Example] Set the MST region name to "Test1". SWR2310(config)#spanning-tree mst configuration SWR2310(config-mst)#region Test1 6.3.20 Set revision number of MST region [Syntax] revision revision [Parameter] revision : <0-65535> Revision number [Initial value] revision 0 [Input mode] MST mode [Description] Sets the revision number of the MST region. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Layer 2 functions | 223 6.3.
| Command Reference | Layer 2 functions [Description] Sets the path cost of the applicable interface on an MST instance. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
Command Reference | Layer 2 functions | 225 [Example] Show MSTP information.
| Command Reference | Layer 2 functions [Keyword] interface : Specifies the interface to show : <1-15> [Parameter] instance-id ID of generated MST interface ifname : Name of LAN/SFP port or logical interface Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode, interface mode [Description] Shows information for the specified MST instance. If "interface" is omitted, information is shown for all interfaces that are assigned the specified MST instance.
Command Reference | Layer 2 functions | 227 If this command is executed with the "no" syntax, the setting returns to the default. [Note] The spanning tree function and the loop detection function can be used together on the entire system. In order to enable the loop detection function, the loop detection function must be enabled on the interface in addition to this command. Even if the loop detection function is enabled, the loop detection function does not operate on the following interfaces.
| Command Reference | Layer 2 functions LPD disabled System LPD enabled STP disabled - - - - STP enabled - STP - STP STP disabled - - LPD LPD STP enabled - STP LPD STP [Example] Enable the loop detection function of LAN port #1. SWR2310(config)#interface port1.1 SWR2310(config-if)#loop-detect enable Disable the loop detection function of LAN port #1. SWR2310(config)#interface port1.1 SWR2310(config-if)#loop-detect disable 6.4.
Command Reference | Layer 2 functions | 229 [Initial value] None [Input mode] global configuration mode [Description] Normally, Blocking is released immediately when the loop is cleared. When this command is configured, it detects if the loop is cleared at regular intervals. If the loop is cleared, Blocking is released, but if the loop is not cleared, Blocking continues until that time passes again. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Layer 2 functions port loop-detect port-blocking status ------------------------------------------------------port1.1 enable(*) enable Detected port1.2 enable(*) enable Blocking port1.3 enable(*) enable Normal port1.4 enable(*) disable Normal port1.5 enable(*) enable Normal port1.6 enable(*) enable Shutdown port1.7 disable enable -----: : : : ------------------------------------------------------(*): Indicates that the feature is enabled.
Command Reference | Layer 3 functions | 231 Chapter 7 Layer 3 functions 7.1 IPv4 address management 7.1.1 Set IPv4 address [Syntax] ip address ip_address/mask [secondary] [label textline] ip address ip_address netmask [secondary] [label textline] no ip address ip_address/mask [secondary] no ip address ip_address netmask [secondary] no ip address [Keyword] label : Set label as IPv4 address secondary : Set as the secondary address : A.B.C.
| Command Reference | Layer 3 functions 7.1.2 Show IPv4 address [Syntax] show ip interface [interface] brief [Parameter] interface : VLAN interface name [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IPv4 address for each interface. The following content is shown. • IPv4 address • • • • For secondary addresses, “(secondary)” is appended to the end of IPv4 addresses.
Command Reference | Layer 3 functions | 233 A secondary address cannot be set for interfaces that are set as DHCP clients. If this command is executed with the "no" syntax, the DHCP client setting is deleted. [Note] The lease time requested from the DHCP server is fixed at 72 hours. However, the actual lease time will depend on the setting of the DHCP server.
| Command Reference | Layer 3 functions 7.1.5 Set auto IP function [Syntax] auto-ip switch no auto-ip [Parameter] switch : Behavior of the auto IP function Setting value Description enable Enable the auto IP function disable Disable the auto IP function [Initial value] auto-ip disable [Input mode] interface mode [Description] For the VLAN interface, enables the Auto IP function which automatically generates the IPv4 link local address (169.254.xxx.xxx/16).
Command Reference | Layer 3 functions | 235 mask : <1-31> Number of mask bits Set this to 0 if specifying the default gateway netmask : A.B.C.D Netmask in address format Set this to 0.0.0.0 if specifying the default gateway gateway : A.B.C.D IPv4 address of gateway number : <1-255> Administrative distance (priority order when selecting route) (if omitted: 1) Lower numbers have higher priority. [Initial value] none [Input mode] global configuration mode [Description] Adds a static route for IPv4.
| Command Reference | Layer 3 functions S S C C 172.16.0.0/16 [1/0] via 192.168.200.240, vlan100 192.168.1.1/32 [1/0] is directly connected, vlan100 192.168.100.0/24 is directly connected, vlan1 192.168.200.0/24 is directly connected, vlan100 Show the route used for sending packets that are addressed to 192.168.100.10. SWR2310>show ip route 192.168.100.10 Routing entry for 192.168.100.0/24 Known via "connected", distance 0, metric 0, best * is directly connected, vlan1 7.2.
Command Reference | Layer 3 functions | 237 [Description] Shows the ARP cache. [Example] Show the ARP cache. SWR2310>show arp IP Address MAC Address Interface Type 192.168.100.10 00a0.de00.0000 vlan1 dynamic 192.168.100.100 00a0.de00.0001 vlan1 static 7.3.2 Clear ARP table [Syntax] clear arp-cache [Input mode] privileged EXEC mode [Description] Clears the ARP cache. [Example] Clear the ARP cache. SWR2310#clear arp-cache 7.3.
| Command Reference | Layer 3 functions ARP entry ageing timeout (seconds) [Initial value] arp-ageing-timeout 1200 [Input mode] interface mode [Description] Changes the length of time that ARP entries are maintained in the applicable VLAN interface. ARP entries that are not received within this length of time are deleted. If this command is executed with the "no" syntax, the ARP entry timeout is set to 1200 seconds. [Example] Change the ARP entry ageing timeout for VLAN #1 to five minutes.
Command Reference | Layer 3 functions | 239 7.5.
| Command Reference | Layer 3 functions [Input mode] privileged EXEC mode [Description] Shows information for the route to the specified host. [Example] Check the route to 192.168.100.1. SWR2310#traceroute 192.168.100.1 traceroute to 192.168.100.1 (192.168.100.1), 30 hops 1 192.168.10.1 (192.168.10.1) 0.563 ms 0.412 ms 2 192.168.20.1 (192.168.20.1) 0.561 ms 0.485 ms 3 192.168.30.1 (192.168.30.1) 0.864 ms 0.693 ms 4 192.168.40.1 (192.168.40.1) 0.751 ms 0.783 ms 5 192.168.50.1 (192.168.50.1) 7.689 ms 7.
Command Reference | Layer 3 functions | 241 [Parameter] ipv6_address : X:X::X:X IPv6 address prefix_len : <1-127> IPv6 prefix length [Input mode] interface mode [Description] Specifies the IPv6 address and prefix length for the VLAN interface. An IPv6 address can be set for a VLAN interface for which the ipv6 enable command has been set. This command can be used with the ipv6 address autoconfig command.
| Command Reference | Layer 3 functions [Parameter] interface : VLAN interface name Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IPv6 address for each interface. • IPv6 address • • • If an IPv6 address has not been set, this will be "unassigned." Physical layer status Data link layer status If an interface is specified, information for that interface is shown.
Command Reference | Layer 3 functions | 243 number : <1-255> Management route (priority order when selecting route) (if omitted: 1) Lower numbers have higher priority. [Input mode] global configuration mode [Description] Adds a static route for IPv6. If this command is executed with the "no" syntax, the specified route is deleted. [Note] For the default gateway setting, the static route setting takes priority over the RA setting. This command cannot be used if the stack function is enabled.
| Command Reference | Layer 3 functions 7.7.3 Show IPv6 Routing Information Base [Syntax] show ipv6 route database [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IPv6 Routing Information Base (RIB). [Note] This command cannot be used if the stack function is enabled. [Example] Show the IPv6 routing information base.
Command Reference | Layer 3 functions | 245 MAC address interface : portN.M Physical interface name [Input mode] global configuration mode [Description] Adds a static entry to the neighbor cache. If this command is executed with the "no" syntax, the specified static entry is deleted. [Note] This command cannot be used if the stack function is enabled. [Example] Set the MAC address of IPv6 2001:db8:cafe::1 located at port1.1 of VLAN #1, in the Neighbor cache.
| Command Reference | Layer 3 functions 7.9.1 IPv6 forwarding settings [Syntax] ipv6 forwarding switch no ipv6 forwarding [switch] [Parameter] switch : IPv6 packet forwarding settings Setting value Description enable Enable forwarding of IPv6 packets disable Disable forwarding of IPv6 packets [Initial value] ipv6 forwarding disable [Input mode] global configuration mode [Description] Enables or disables forwarding of IPv6 packets.
Command Reference | Layer 3 functions | 247 datalen : Setting value Description <1-2147483647> Execute the specified number of times continuous Execute repeatedly until Ctrl+C is entered <36-18024> Length of ICMP payload (if omitted: 56) timeout : <1-65535> Time to wait for a reply (if omitted: 2) Ignored if count is specified as "continuous" ipv6_address : X:X::X:X IPv6 address [Input mode] privileged EXEC mode [Description] Send ICMPv6 Echo to the specified host, and wait for ICMPv6 Echo R
| Command Reference | Layer 3 functions 4 5 6 2001:db8:40::1 (2001:db8:40::1) 0.751 ms 0.783 ms 2001:db8:50::1 (2001:db8:50::1) 7.689 ms 7.527 ms 2001:db8:1::2 (2001:db8:1::2) 33.948 ms 10.413 ms 0.673 ms 7.168 ms 7.681 ms 7.11 DNS client 7.11.
Command Reference | Layer 3 functions | 249 [Note] If the ip address dhcp command was used to obtain the DNS server list from the DHCP server, the setting of this command takes priority. However if fewer than three items were registered to the DNS server list by this command, up to a total of three items of the DNS server list obtained from the DHCP server are added to the end of this list. [Example] Add the IP addresses 192.168.100.1, 2001:db8::1234, and fe80::2a0:deff:fe11:2233 to the DNS server list.
| Command Reference | Layer 3 functions [Note] If a search domain list is specified by this command, the default domain name specified by the dns-client domain-name command and the default domain name automatically specified by the ip address dhcp command are not used. [Example] Add the domain names "example1.com" and "example2.com" to the search domain list. SWR2310(config)#dns-client domain-list example1.com SWR2310(config)#dns-client domain-list example2.com 7.11.
Command Reference | IP multicast control | 251 Chapter 8 IP multicast control 8.1 IP multicast basic settings 8.1.
| Command Reference | IP multicast control When specifying an IPv4 multicast address, frames received on the specified VLAN interface with the specified IPv4 multicast address as the destination are forwarded. If you specify IPv4 multicast addresses, you can set up to 100 addresses. If this command is executed with the "no" syntax, the specified setting is cleared. [Note] The link-local multicast address in this command is within the following range. • • IPv4: 224.0.0.
Command Reference | IP multicast control | 253 Setting value Description enable Enable IGMP snooping disable Disable IGMP snooping [Initial value] ip igmp snooping enable [Input mode] interface mode [Description] Enables the IGMP snooping setting of the interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for VLAN interface. [Example] Enable IGMP snooping for VLAN #2.
| Command Reference | IP multicast control no ip igmp snooping mrouter interface ifname [Parameter] ifname : LAN/SFP port interface name Interface to set [Initial value] none [Input mode] interface mode [Description] Statically sets the LAN/SFP port to which the multicast router is connected. If this command is executed with the "no" syntax, the setting is discarded. [Note] This command can be specified only for VLAN interface. The multicast router must be connected to the specified LAN/SFP port.
Command Reference | IP multicast control | 255 8.2.5 Set IGMP query transmission interval [Syntax] ip igmp snooping query-interval interval no ip igmp snooping query-interval [Parameter] interval : <20-18000> Query transmission interval (seconds) [Initial value] ip igmp snooping query-interval 125 [Input mode] interface mode [Description] Sets the transmission interval for IGMP queries. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | IP multicast control [Example] Enable the TTL value verification function of IGMP packets for VLAN #2. SWR2310#configure terminal SWR2310(config)#interface vlan2 SWR2310(config-if)#ip igmp snooping check ttl enable Disnable the TTL value verification function of IGMP packets for VLAN #2. SWR2310#configure terminal SWR2310(config)#interface vlan2 SWR2310(config-if)#ip igmp snooping check ttl disable 8.2.
Command Reference | IP multicast control | 257 Setting value Description enable Enable disable Disable [Initial value] ip igmp snooping report-suppression enable [Input mode] interface mode [Description] Configures IGMP report suppression. If this command is executed with the "no" syntax, the setting returns to the default. When enabled, the minimum number of messages will be sent to the multicast router ports based on the information obtained from the received Report messages and Leave messages.
| Command Reference | IP multicast control [Note] This command can only be specified for VLAN interface. [Example] Enables suppression of data transmission to multicast router ports at VLAN #2. SWR2310#configure terminal SWR2310(config)#interface vlan2 SWR2310(config-if)#ip igmp snooping mrouter-port data-suppression enable Disables suppression of data transmission to multicast router ports in VLAN #2.
Command Reference | IP multicast control | 259 1 239.255.255.250 192.168.100.11 V3 port1.5 R Show detailed IGMP group membership information. SWR2310#show ip igmp snooping groups detail IGMP Snooping Group Membership Details Flags: (R - Remote, S - Static) Interface: port1.5 Group: 239.255.255.250 Flags: R Uptime: 01:07:10 Group mode: Exclude (Expires: 00:04:13) Last reporter: 192.168.100.11 Source list is empty 8.2.
| Command Reference | IP multicast control [Parameter] A.B.C.D : Multicast group address "*" indicates all entries ifname : VLAN interface name Interface to clear [Input mode] privileged EXEC mode [Description] Clears IGMP group membership entries. [Example] Clear IGMP group membership entries for VLAN #1. SWR2310#clear ip igmp snooping interface vlan1 8.3 MLD snooping 8.3.
Command Reference | IP multicast control | 261 [Initial value] none [Input mode] interface mode [Description] Enables MLD snooping fast-leave for the interface. If this is executed with the "no" syntax, MLD snooping fast-leave is disabled. [Note] This command can be specified only for VLAN interfaces. Also, this can be specified only if MLD snooping is enabled. Do not enable this command on a VLAN interface for which multiple hosts are connected to the LAN/SFP port.
| Command Reference | IP multicast control 8.3.4 Set query transmission function [Syntax] ipv6 mld snooping querier no ipv6 mld snooping querier [Initial value] none [Input mode] interface mode [Description] Enables the MLD query transmission function. If this command is executed with the "no" syntax, the MLD query transmission function is disabled. [Note] This command can be specified only forVLAN interfaces. Also, this can be specified only if MLD snooping is enabled.
Command Reference | IP multicast control | 263 8.3.6 Set MLD version [Syntax] ipv6 mld snooping version version no ipv6 mld snooping version [Parameter] version : <1-2> MLD version [Initial value] ipv6 mld snooping version 2 [Input mode] interface mode [Description] Sets the MLD version. If this command is executed with the "no" syntax, the MLD version returns to the default setting (V2). [Note] This command can be specified only for VLAN interfaces.
| Command Reference | IP multicast control 8.3.8 Show MLD group membership information [Syntax] show ipv6 mld snooping groups [detail] show ipv6 mld snooping groups X:X::X:X [detail] show ipv6 mld snooping groups ifname [detail] [Keyword] detail : Detailed information X:X::X:X : Multicast group address ifname : VLAN interface name [Parameter] Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows MLD group membership information.
Command Reference | IP multicast control | 265 MLD Snooping enabled Snooping Querier none MLD Snooping other querier timeout is 255 seconds Group Membership interval is 260 seconds MLDv1 fast-leave is disabled MLDv1 Report suppression enabled MLDv2 Report suppression enabled Router port detection using MLD Queries Number of router-ports: 0 Number of Groups: 0 Number of v1-reports: 0 Number of v1-leaves: 0 Number of v2-reports: 12 Active Ports: port1.8 8.3.
| Command Reference | Traffic control Chapter 9 Traffic control 9.1 ACL 9.1.1 Generate IPv4 access list [Syntax] access-list ipv4-acl-id [seq_num] action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg] no access-list ipv4-acl-id [seq_num] [action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg]] [Keyword] ack : If tcp is specified as the protocol, the ACK flag of the TCP header is specified as a condition.
Command Reference | Traffic control | 267 Setting value src-port : Description A.B.C.D E.F.G.H Specifies an IPv4 address (A.B.C.D) with wildcard bits (E.F.G.H) A.B.C.D/M Specifies an IPv4 address (A.B.C.D) with subnet mask length (Mbit) host A.B.C.D Specifies a single IPv4 address (A.B.C.D) any Applies to all IPv4 addresses <0-65535> If protocol is specified as tcp or udp, this specifies the transmission source port number <0-65535> that is the condition. This can also be omitted.
| Command Reference | Traffic control [Example] Create access list #1 that denies communication from the source segment 192.168.1.0/24 to the destination 172.16.1.1. SWR2310(config)#access-list 1 deny any 192.168.1.0 0.0.0.255 host 172.16.1.1 Delete IPv4 access list #1. SWR2310(config)#no access-list 1 9.1.
Command Reference | Traffic control | 269 [Input mode] interface mode [Description] Applies an IPv4 access list to both LAN/SFP port and logical interface. If the received/transmitted frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the corresponding frame. If this command is executed with the "no" syntax, the applied access list is deleted from both LAN/SFP port and logical interface.
| Command Reference | Traffic control [Input mode] global configuration mode [Description] Generates an IPv6 access list. Multiple conditions (maximum 256) can be specified for the generated access list. To apply the generated access list, use the access-group command of interface mode. If the "no" syntax is used to specify "action" and following, the IPv6 access list that matches all conditions is deleted.
Command Reference | Traffic control | 271 no access-group ipv6-acl-id direction [Parameter] ipv6-acl-id : <3001-4000> ID of IPv6 access list to apply direction : Specifies the direction of applicable frames Setting value Description in Apply to received frames out Apply to transmitted frames [Initial value] none [Input mode] interface mode [Description] Applies an IPv6 access list to both LAN/SFP port and logical interface.
| Command Reference | Traffic control Setting value src-info : Description deny "Deny" the condition permit "Permit" the condition Specifies the transmission-source MAC address information that is the condition Setting value dst-info : Description HHHH.HHHH.HHHH WWWW.WWWW.WWWW Specifies the MAC address (HHHH.HHHH.HHHH) with wildcard bits (WWWW.WWWW.WWWW) host HHHH.HHHH.HHHH Specifies an individual MAC address (HHHH.HHHH.
Command Reference | Traffic control | 273 [Parameter] mac-acl-id : <2001-3000> ID of the MAC access list to which to add a description line : Description to add. Can be up to 32 ASCII characters [Initial value] none [Input mode] global configuration mode [Description] Add a description to the generated MAC access list. If this command is executed with the "no" syntax, the MAC description is cleared.
| Command Reference | Traffic control [Example] Apply access list #2001 to received frames of LAN port #1. SWR2310(config)#interface port1.1 SWR2310(config-if)#access-group 2001 in 9.1.10 Show generated access list [Syntax] show access-list [acl_id] [Parameter] acl-id : <1-2000>, <2001-3000>, <3001-4000> ID of access list [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the registered access list. If acl-id is omitted, all access lists are shown.
Command Reference | Traffic control | 275 [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] For each interface, shows the ID of all access lists that are applied. [Example] Show a list. SWR2310>show access-group Interface port1.1 : IPv4 access group 1 in Interface port1.7 : IPv6 access group 3002 in Interface port1.8 : MAC access group 2001 in 9.1.
| Command Reference | Traffic control If this command is executed with the "no" syntax, the specified access list is deleted from the corresponding VLAN access map. [Note] Only one access list can be specified for one VLAN access map. You can use the show vlan access-map command to view the setting. [Example] Create a VLAN access map named "VAM001", and specify an access list that denies packets from 192.168.0.1. SWR2310(config)#access-list 2 deny any 192.168.0.
Command Reference | Traffic control | 277 9.1.16 Show VLAN access map [Syntax] show vlan access-map [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the registered VLAN access map. The following items are shown. • • Name of the VLAN access map Access list applied to VLAN access map [Example] Show VLAN access map information. SWR2310>show vlan access-map Vlan access-map VAM001 match ipv4 access-list 2 9.1.
| Command Reference | Traffic control [Input mode] global configuration mode [Description] Enables QoS. If this is executed with the "no" syntax, QoS is disabled. At this time, the related QoS settings are also deleted. [Note] If the flow control system setting is enabled, it is not possible to enable QoS. Many of the commands related to QoS cannot be executed unless QoS is left enabled. [Example] Enable QoS. SWR2310(config)#qos enable Disable QoS. SWR2310(config)#qos disable 9.2.
Command Reference | Traffic control | 279 [Parameter] mode : Trust mode Setting value Description cos Determines the egress queue based on the CoS value dscp Determines the egress queue based on the DSCP value port-priority Applies the specified priority to the receiving port [Initial value] qos trust cos [Input mode] interface mode [Description] Specifies the trust mode of LAN/SFP port and logical interface.
| Command Reference | Traffic control 9.2.4 Show status of QoS function setting [Syntax] show qos [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the enabled (Enable) or disabled (Disable) status of the QoS function. [Example] Show the status of the system's QoS setting. SWR2310#show qos Enable 9.2.5 Show QoS information for interface [Syntax] show qos interface [ifname] [Parameter] ifname : Name of the LAN/SFP port or logical interface.
Command Reference | Traffic control | 281 Port Default CoS Priority: 0 Egress Traffic Shaping: Rate 30016 Kbps, Burst 1876 KByte Queue Scheduling: Queue0 : Weight 1 Queue1 : Weight 1 Queue2 : Weight 2 Queue3 : Weight 5 Queue4 : Weight 5 Queue5 : Weight 5 Queue6 : SP Queue7 : SP ( 5.3%) ( 5.3%) (10.5%) (26.3%) (26.3%) (26.3%) Cos (Queue): 0(2), 1(0), 2(1), 3(3), 4(4), 5(5), 6(6), 7(7) Special Queue Assignment: Sent From CPU: Queue7 Show the QoS settings of LAN port #1.
| Command Reference | Traffic control SWR2310#show qos queue-counters port1.1 QoS: Enable Interface port1.1 Queue Counters: Queue 0 59.4 % Queue 1 15.0 % Queue 2 0.0 % Queue 3 0.0 % Queue 4 0.0 % Queue 5 3.6 % Queue 6 0.0 % Queue 7 0.1 % 9.2.
Command Reference | Traffic control | 283 9.2.8 Set DSCP - egress queue ID conversion tabl [Syntax] qos dscp-queue dscp-value queue-id no qos dscp-queue dscp-value [Parameter] dscp-value : <0-63> DSCP value of the conversion source queue-id : <0-7> Egress queue ID corresponding to DSCP value [Initial value] See [Note] [Input mode] global configuration mode [Description] Specifies the values of the DSCP - egress queue ID conversion table that is used to determine the egress queue.
| Command Reference | Traffic control [Input mode] interface mode [Description] Specifies the priority (egress queue ID) for the receiving interface to LAN/SFP port and logical interface. If this is executed with the "no" syntax, the egress queue ID for the specified interface is returned to the default setting (2). The port priority is used to determine the egress queue when the trust mode is set to "port priority." [Note] In order to execute this command, QoS must be enabled.
Command Reference | Traffic control | 285 [Input mode] global configuration mode [Description] Generates a class map. A class map defines the conditions used to classify received frames into traffic classes, and consists of conditions defined by the match command and the corresponding action (permit/deny).Class map actions are handled as follows. Class map actions are handled as follows.
| Command Reference | Traffic control • • • Permit traffic from the 10.1.0.0 network Categorize bandwidth classes as CIR:48kbps, CBS:12kbyte, and EBS:12kbyte Green: forward, Yellow: rewrite DSCP value to 10, Red: discard [Traffic class definition] SWR2310(config)#access-list 1 permit any 10.1.0.0 0.0.255.
Command Reference | Traffic control | 287 [Input mode] class map mode [Description] Uses the CoS value of the VLAN tag header as the condition to classify the traffic class. If this is executed with the "no" syntax, the CoS condition setting is deleted. The setting can be repeated up to the maximum number (eight) of registrations. [Note] In order to execute this command, QoS must be enabled. [Example] Specify CoS values "1" and "2" as the classification conditions for class map "class1.
| Command Reference | Traffic control [Note] In order to execute this command, QoS must be enabled. [Example] Specify DSCP values "48" and "56" as the classification conditions for class map "class1." SWR2310(config)#class-map class1 SWR2310(config-cmap)#match ip-dscp 48 56 9.2.
Command Reference | Traffic control | 289 [Description] Uses the VLAN ID as the condition to classify the traffic class. If this is executed with the "no" syntax, the classification conditions using VLAN ID are deleted. The setting can be repeated up to the maximum number (30) of registrations. [Note] In order to execute this command, QoS must be enabled. [Example] Specify VLAN #20 as the classification conditions for class map "class1".
| Command Reference | Traffic control Section Item Description Classification conditions (match) Match Access-List Access list ID Match ethertype Ethernet Type Match vlan VLAN ID Match vlan-range • • Match CoS CoS value Match IP precedence TOS precedence Match IP DSCP DSCP value The classification condition is shown only once for each type that is specified. A classification condition for which a corresponding command (match) is not set will not be shown.
Command Reference | Traffic control | 291 SWR2310(config)#access-list 1 permit any 10.1.0.0 0.0.255.255 any SWR2310(config)#class-map class1 SWR2310(config-cmap)#match access-list 1 SWR2310(config-cmap)#exit [Policy settings] SWR2310(config)#policy-map policy1 SWR2310(config-pmap)#class class1 SWR2310(config-pmap-c)#police 48 12 12 yellow-action remark red-action drop SWR2310(config-pmap-c)#remark-map yellow ip-dscp 10 SWR2310(config-pmap-c)#exit SWR2310(config-pmap)#exit SWR2310(config)#interface port1.
| Command Reference | Traffic control [Example] Apply policy map "policy1" to LAN port #1. SWR2310(config)#interface port1.1 SWR2310(config-if)#service-policy input policy1 Remove policy map "policy1" from LAN port #1. SWR2310(config)#interface port1.1 SWR2310(config-if)#no service-policy input policy1 9.2.
Command Reference | Traffic control | 293 [Description] Changes the value of the IP header's TOS precedence field of the classified traffic class to the specified TOS value. In addition, reassign the egress queue according to the egress queue ID table that corresponds to the trust mode. If this is executed with the "no" syntax, pre-marking processing of the TOS precedence corresponding to the traffic class is removed. [Note] In order to execute this command, QoS must be enabled.
| Command Reference | Traffic control [Example] Make the following settings for received frames of LAN port #1 • • Permit traffic from the 10.1.0.0 network Change the classified traffic class to the DSCP value "10." [Traffic class definition] SWR2310(config)#access-list 1 permit any 10.1.0.0 0.0.255.
Command Reference | Traffic control | 295 If this is executed with the "no" syntax, metering/policing/remarking processing is deleted. This cannot be used in conjunction with the aggregate policer (police-aggregate command). [Note] In order to execute this command, QoS must be enabled. Metering cannot be performed on the following logical interfaces. A policy map that includes metering (policer) settings (police-type commands) must not be applied.
| Command Reference | Traffic control [Description] Specifies individual policers (twin rate) for the categorized traffic classes. If the setting was already made by the police command, its content is changed. Metering on the SWR2310 is implemented as a single-rate three-color marker (RFC2697), and the following processing can be specified for the categorized bandwidth classes.
Command Reference | Traffic control | 297 Setting value value : Description cos CoS remarking ip-precedence TOS precedence remarking ip-dscp DSCP remarking <0 - 7> CoS or TOS precedence remarking value : <0 - 63> DSCP remarking value [Input mode] policy map class mode [Description] Specifies remarking operations for bandwidth classes Yellow and Red that were classified by individual policers.
| Command Reference | Traffic control 9.2.29 Generate aggregate policer [Syntax] aggregate-police name no aggregate-police name [Parameter] name : Name of aggregate policer (maximum 20 characters; uppercase and lowercase are distinguished) [Input mode] global configuration mode [Description] Generates an aggregate policer. If the policer has already been generated, this command edits its content.
Command Reference | Traffic control | 299 [Input mode] aggregate policer mode [Description] Specifies a single rate policer as an aggregate policer. If this is executed with the "no" syntax, metering/policing/remarking processing is deleted. Metering on the SWR2310 is implemented as a single-rate three-color marker (RFC2697), and the following processing can be specified for the categorized bandwidth classes.
| Command Reference | Traffic control Setting value Operation transmit Forward drop Discard remark Remarking (CoS/TOS/DSCP) [Input mode] aggregate policer mode [Description] Specifies a twin rate policer as an aggregate policer. If this is executed with the "no" syntax, metering/policing/remarking processing is deleted. Metering on the SWR2310 is implemented as a single-rate three-color marker (RFC2697), and the following processing can be specified for the categorized bandwidth classes.
Command Reference | Traffic control | 301 Setting value value : Description cos CoS remarking ip-precedence TOS precedence remarking ip-dscp DSCP remarking <0 - 7> CoS or TOS precedence remarking value : <0 - 63> DSCP remarking value [Input mode] aggregate policer mode [Description] Specifies remarking operations for bandwidth classes Yellow and Red that were classified by aggregate policers.
| Command Reference | Traffic control [Description] Shows the contents of an aggregate policer. The contents shown are the same as in the police section shown by the show classmap command. [Note] In order to execute this command, QoS must be enabled. [Example] Show the contents of aggregate policer "AGP-01".
Command Reference | Traffic control | 303 SWR2310(config)#interface port1.1 SWR2310(config-if)#service-policy input policy1 9.2.35 Show metering counters [Syntax] show qos metering-counters [ifname] [Parameter] ifname : LAN/SFP port name or logical interface name. If this is omitted, the command applies to all ports.
| Command Reference | Traffic control [Note] In order to execute this command, QoS must be enabled. [Example] Clear the metering totals for LAN port #1. SWR2310#clear qos metering-counter port1.1 9.2.37 Set egress queue (CoS-Queue) [Syntax] set cos-queue value no set cos-queue [Parameter] value : <0 - 7> CoS value corresponding to egress queue [Input mode] policy map class mode [Description] Assigns an egress queue to the classified traffic class.
Command Reference | Traffic control | 305 [Input mode] policy map class mode [Description] Assigns an egress queue to the classified traffic class. Use the DSCP value to specify the egress queue; the egress queue that is assigned is based on the "DSCP-egress queue ID conversion table." If this is executed with the "no" syntax, the specification of egress queue based on traffic class is removed. [Note] In order to execute this command, QoS must be enabled.
| Command Reference | Traffic control Item Description Match Classification conditions - Match Access-List (Access list ID) - Match ethertype (Ethernet Type) - Match vlan (VLAN ID) - Match vlan-range (VLAN ID) - Match CoS (CoS value) - Match IP precedence (TOS precedence) - Match IP DSCP (DSCP value) Set Pre-marking setting, egress queue setting - Set CoS (Pre-marking setting : CoS value) - Set IP precedence (Pre-marking setting : TOS precedence) - Set IP DSCP (Pre-marking setting : DSCP value) - S
Command Reference | Traffic control | 307 Class-Map Name: class1 Qos-Access-List Name: 1 Police: Mode: SrTCM average rate (48 Kbits/sec) burst size (12 KBytes) excess burst size (12 KBytes) yellow-action (Remark [DSCP:10]) red-action (Drop) 9.2.
| Command Reference | Traffic control DSCP trust mode : Enable Port-Priority trust mode : Disable Show the status of class map "class1". SWR2310#show qos map-status class class1 class1 status policy-map association : policy1 (Detached) edit/erase : Disable attach limitation CoS trust mode : Enable DSCP trust mode : Enable Port-Priority trust mode : Disable 9.2.
Command Reference | Traffic control | 309 9.2.42 Set traffic shaping (individual port) [Syntax] traffic-shape rate kbps CIR burst BC no traffic-shape rate [Parameter] CIR : <18-1000000> Traffic rate (kbps). Due to rounding, the actual value applied may differ from the input value (see [note]) BC : <4-16000> Burst size (kbyte). Specified in 4-kbyte units. [Initial value] no traffic-shape rate [Input mode] interface mode [Description] Specifies shaping for the port.
| Command Reference | Traffic control no traffic-shpe queue 7 rate [Input mode] interface mode [Description] Specifies shaping for the egress queue of the port. If this is executed with the "no" syntax, the egress queue shaping setting is disabled. [Note] In order to execute this command, QoS must be enabled. Due to the rounding of traffic rates, the actual value applied may differ from the input value. [Example] Reduce transmission from queue #0 of LAN port #1 down to CIR:10 Mbps and Bc:64000 byte.
Command Reference | Traffic control | 311 [Parameter] type : Flow control operation Setting value Description auto Enable flow control auto negotiation both Enable transmission/reception of Pause frames disable Disable flow control [Initial value] flowcontrol disable [Input mode] interface mode [Description] Enables flow control for the LAN/SFP port (IEEE 802.3x PAUSE frames send/receive). If this is executed with the "no" syntax, flow control is disabled.
| Command Reference | Traffic control The number of PAUSE frames sent and received is cleared when you execute the clear frame-counters command. [Example] Show flow control information for LAN port #1. SWR2310#show flowcontrol port1.1 Port FlowControl RxPause TxPause ------------------------- ------port1.1 Both 4337 0 Show flow control information for all ports. SWR2310#show flowcontrol System flow-control: Enable Port FlowControl RxPause TxPause ------------------------- ------port1.
Command Reference | Traffic control | 313 9.4.2 Show storm control reception upper limit [Syntax] show storm-control [ifname] [Parameter] ifname : LAN/SFP port interface name Interface to show [Initial value] none [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the upper limit value for frame reception. If the interface name is omitted, all interfaces are shown. [Example] Show the setting status of all interfaces. SWR2310#show storm-control Port BcastLevel McastLevel port1.
| Command Reference | Application Chapter 10 Application 10.1 Local RADIUS server 10.1.
Command Reference | Application | 315 SWR2310(config)#radius-server local interface vlan1 SWR2310(config)#radius-server local interface vlan100 10.1.3 Generate a route certificate authority [Syntax] crypto pki generate ca [ca-name] no crypto pki generate ca [Parameter] ca-name : Certificate authority name Characters that can be inputted for the certificate authority name • • • Within 3–32 characters Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces Cannot spe
| Command Reference | Application [Parameter] mode : Authentication method Setting value Description pap PAP authentication method peap PEAP authentication method eap-md5 EAP-MD5 authentication method eap-tls EAP-TLS authentication method eap-ttls EAP-TTLS authentication method [Initial value] authentication pap peap eap-md5 eap-tls eap-ttls [Input mode] RADIUS configuration mode [Description] Specifies the authentication method used for the local RADIUS server.
Command Reference | Application | 317 [Initial value] nas 127.0.0.1 key secret_local [Input mode] RADIUS configuration mode [Description] Adds a RADIUS client (NAS) to the RADIUS client list. The maximum number of registered entries is 100. If this command is executed with the "no" syntax, the specified RADIUS client setting is deleted. [Note] RADIUS client (NAS) information configured using this command will not display in running-config or startup-config.
| Command Reference | Application vlan-id : <1-4094> VLAN number for dynamic VLAN mac-address : hhhh.hhhh.hhhh (h is hexadecimal) MAC address for terminal (user) to authenticate ssid : SSID connection point (32 characters or less, single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces ) name : User name (32 characters or less, single-byte alphanumeric characters and symbols other than the characters " ? and spaces mail-address : Mail address (256 cha
Command Reference | Application | 319 SWR2310(config)#radius-server local-profile SWR2310(config-radius)#user yamaha secretpassword mac 00a0.de00.0001 auth peap name YamahaTaro 10.1.8 Reauthentication interval setting [Syntax] reauth interval time no reauth interval [Parameter] time : <3600,43200,86400,604800> Reauthentication interval (no.
| Command Reference | Application (within 3–32 characters; cannot specify “DEFAULT”) Authentication method Characters that can be inputted EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces EAP-TLS Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces [Input mode] privileged EXEC mode [Description] This issues client certificates to users for which the EAP-TLS certification
Command Reference | Application | 321 SWR2310#certificate abort 10.1.
| Command Reference | Application (within 3–32 characters; cannot specify “DEFAULT”) Authentication method Characters that can be inputted EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces EAP-TLS Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces [Input mode] privileged EXEC mode [Description] This exports the client certificates to an SD card.
Command Reference | Application | 323 Client certificates to be sent are ZIP files, compressed using the passwords for each user. E-mail cannot be sent to users whose e-mail addresses have not been set. To send e-mail, the e-mail destination server and e-mail recipient name must be configured in the e-mail template, and an email template ID for use when sending the e-mail must be set using the mail send certificate command. [Note] Only the newest client certificate (1) can be sent via e-mail.
| Command Reference | Application Setting value Description IPv4 address (A.B.C.D) Range from 0.0.0.1 to 223.255.255.255, except for 127.0.0.1 IPv4 network address (A.B.C.
Command Reference | Application | 325 SWR2310#show radius-server local user detail 00a0de000001 Total 1 userid : password : mode : vlan : MAC : SSID : name : mail-address: expire date : certificated: 00a0de000001 secretpassword eap-tls 10 00a0.de00.0001 YamahaTaro test.com 2037/12/31 Not 10.1.18 Client certificate issuance status display [Syntax] show radius-server local certificate status [Input mode] privileged EXEC mode [Description] Shows the issuance status for client certificates.
| Command Reference | Application [Example] This displays client certificates that have been issued for specific users. SWR2310#show radius-server local certificate list detail Yamaha userid certificate number enddate -------------------------------------------------------------------------------------------Yamaha Yamaha-DF598EE9B44D22CC 2018/12/31 Yamaha-DF598EE9B44D22CD 2019/12/31 10.1.
Command Reference | Index | 327 Index A aaa authentication auth-mac 169 aaa authentication auth-web 170 aaa authentication dot1x 169 access-group (IPv4) 268 access-group (IPv6) 270 access-group (MAC) 273 access-list (IPv4) 266 access-list (IPv6) 269 access-list (MAC) 271 access-list description (IPv4) 268 access-list description (IPv6) 270 access-list description (MAC) 272 action 136 agent-watch down-count 116 agent-watch interval 115 aggregate-police 297 arp 237 arp-ageing-timeout 237 auth clear-state tim
| Command Reference | Index http-server interface 83 http-server language 84 http-server login-timeout 85 http-server secure 82 I instance 220 instance priority 221 instance vlan 220 interface reset 153 ip address 231 ip address dhcp 232 ip forwarding 238 ip igmp snooping 252 ip igmp snooping check ttl 255 ip igmp snooping fast-leave 253 ip igmp snooping mrouter interface 253 ip igmp snooping mrouter-port data-suppression 257 ip igmp snooping querier 254 ip igmp snooping query-interval 254 ip igmp snoo
Command Reference | Index | 329 radius-server host 179 radius-server key 181 radius-server local enable 314 radius-server local interface 314 radius-server local refresh 319 radius-server local-profile 315 radius-server retransmit 181 radius-server timeout 180 reauth interval 319 region 221 reload 139 remark-map (aggregate policer mode) 300 remark-map (policy map class mode) 296 remote-login 133 restart 139 restore system 142 revision 222 rmon 69 rmon alarm 72 rmon clear counters 77 rmon event 71 rmon histo
| Command Reference | Index show spanning-tree mst instance 225 show spanning-tree statistics 218 show ssh-server 87 show ssh-server host key 90 show stack 131 show startup-config 33 show static-channel-group 159 show storm-control 312 show system-diagnostics 44 show tech-support 41 show telnet-server 77 show test cable-diagnostics tdr 46 show tftp-server 81 show tx-queue-monitor 158 show users 30 show vlan 208 show vlan access-map 276 show vlan filter 277 show vlan multiple-vlan 209 show vlan private-v
