Yamaha L2 Switch Intelligent L2 PoE SWR2311P-10G Command Reference Rev.2.02.
| Command Reference | TOC Contents Preface: Introduction ............................................................................................13 Chapter 1: How to read the command reference ...............................................14 1.1 Applicable firmware revision .....................................................................................................................14 1.2 How to read the command reference .......................................................................
Command Reference | TOC | 3 4.3.5 Erase startup configuration ..........................................................................................................34 4.3.6 Copy startup configuration ..........................................................................................................35 4.3.7 Set description for startup config ................................................................................................35 4.3.8 Select startup config ...............................
| Command Reference | TOC 4.10.9 Show SNMP community information .......................................................................................58 4.10.10 Show SNMP view settings ......................................................................................................58 4.10.11 Show SNMP group settings .....................................................................................................59 4.10.12 Show SNMP user settings .................................................
Command Reference | TOC | 5 4.18.3 Clear SSH host information .......................................................................................................83 4.19 E-mail notification ....................................................................................................................................83 4.19.1 SMTP e-mail server settings .....................................................................................................84 4.19.2 SMTP e-mail server name settings .....
| Command Reference | TOC 4.22 Snapshot .................................................................................................................................................111 4.22.1 Set snapshot function ...............................................................................................................111 4.22.2 Set whether to include terminals in the snapshot comparison .................................................111 4.22.3 Create snapshot ..................................
Command Reference | TOC | 7 5.2.10 Set load balance function rules ................................................................................................139 5.2.11 Show protocol status of LACP logical interface .....................................................................140 5.2.12 Set LACP port priority order ...................................................................................................142 5.3 Port authentication .......................................................
| Command Reference | TOC 5.6.5 Guard band settings ...................................................................................................................166 5.6.6 Show PoE power supply information ........................................................................................167 Chapter 6: Layer 2 functions .............................................................................168 6.1 FDB (Forwarding Data Base) ...............................................................
Command Reference | TOC | 9 6.3.21 Set MST instance for interface ................................................................................................196 6.3.22 Set interface priority for MST instance ...................................................................................196 6.3.23 Set interface path cost for MST instance .................................................................................197 6.3.24 Show MST region information ............................................
| Command Reference | TOC 7.10 IPv6 ping ................................................................................................................................................218 7.10.1 IPv6 ping .................................................................................................................................218 7.10.2 Check IPv6 route .....................................................................................................................219 7.11 DNS client .........
Command Reference | TOC | 11 9.1.15 Set VLAN access map filter ....................................................................................................245 9.1.16 Show VLAN access map .........................................................................................................245 9.1.17 Show VLAN access map filter ................................................................................................246 9.2 QoS (Quality of Service) ............................................
| Command Reference | TOC 9.4.1 Set storm control ........................................................................................................................280 9.4.2 Show storm control reception upper limit .................................................................................280 Chapter 10: Application .....................................................................................282 10.1 Local RADIUS server ..............................................................
Preface Introduction • • • • • • Unauthorized reproduction of this document in part or in whole is prohibited. The contents of this document are subject to change without notice. Yamaha disclaims all responsibility for any damages caused by loss of data or other problems resulting from the use of this product. The warranty is limited to this physical product itself. Please be aware of these points. The information contained in this document has been carefully checked and is believed to be reliable.
| Command Reference | How to read the command reference Chapter 1 How to read the command reference 1.1 Applicable firmware revision This command reference applies to firmware Yamaha Intelligent L2 Switch SWR2311P of Rev.2.02.17. For the latest firmware released after printing of this command reference, manuals, and items that differ, access the following URL and see the information in the WWW server. https://www.yamaha.com/proaudio/ 1.
Command Reference | How to read the command reference | 15 Interface type Prefix Description Examples LACP logical interface po Specify sa or po followed by "logical interface ID". To specify LACP logical interface #2: po2 1.4 Input syntax for commands starting with the word "no" Many commands also have a form in which the command input syntax starts with the word no.
| Command Reference | How to use the commands Chapter 2 How to use the commands The SWR2311P lets you perform command operations in the following two ways. Type of operation Method of operation Description Operation via console • • • Access from a console terminal Access from a TELNET client Access from a SSH client Issue commands one by one to interactively make settings or perform operations.
Command Reference | How to use the commands | 17 To make VTY port settings, use the line vty command to specify the target VTY port, and then move to line mode. ID management for virtual terminal ports is handled within the SWR2311P, but since login session and ID assignments depend on the connection timing, you should normally make the same settings for all VTY ports. 2.1.3 Access from an SSH client You can use an SSH client on a computer to connect to the SSH server of the SWR2311P and control it.
| Command Reference | How to use the commands Setting item Content of setting command Setting 1) is a function that temporarily applies to the user who is using the terminal, and is applied as soon as the command is executed. Setting 2) applies starting with the next session. 2.2 Operation via configuration (config) files A file containing a set of needed commands is called a configuration (config) file.
Command Reference | How to use the commands | 19 Applicable configuration startup-config #3 startup-config #4 startup-config #SD Applicable file Remote path Load (GET) Save (PUT) Automatic restart CONFIG file (.txt) config3 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) config4 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) configsd ✓ ✓ - All settings (.
| Command Reference | How to use the commands commands that can be entered in each mode are different. By noting the prompt, the user can see which mode they are currently in. The basic commands related to moving between command input modes are described below. For commands that move from global configuration mode mode to individual configuration mode, refer to "individual configuration mode.
Command Reference | How to use the commands | 21 individual configuration mode Transition command Prompt policy map mode policy-map command SWR2311P(config-pmap)# policy map class mode class command SWR2311P(config-pmap-c)# L2MS mode l2ms configuration command SWR2311P(config-l2ms)# LLDP agent mode lldp-agent command SWR2311P(lldp-agent)# E-mail template mode mail template command SWR2311P(config-mail)# RADIUS configuration mode radius-server local-profile command SWR2311P(config-radius)
| Command Reference | How to use the commands Keyboard operation Ctrl + D Press Esc, then D • Description and notes Delete the character at the cursor. If this operation is performed when the command line is empty, the result is the same as the exit command.
Command Reference | How to use the commands | 23 2.5.5 Command history By using the command history function, you can easily re-execute a command that you previously input, or partially modify a previously input command and re-execute it. Command history is shown as a history that is common to all modes. Operation is shown below. Keyboard operation ↑ Ctrl + P ↓ Ctrl + N Description and notes Move backward through command history Move forward through command history 2.
| Command Reference | Configuration Chapter 3 Configuration 3.1 Manage setting values The SWR2311P uses the following configurations to manage its settings. Types of configuration Description User operations that can be performed Running configuration (running-config) Setting values currently used for operation. Managed in RAM. Note / Save to startup configuration Startup configuration (startup-config) These are the saved setting values.
Command Reference | Configuration | 25 Category Setting item Default value Download URL firmware-update url http:// www.rtpro.yamaha.co.jp/firmware/ revision-up/swr2311p.
| Command Reference | Configuration Category L2 switching Traffic control PoE power supply LLDP agent • Settings for the default VLAN (vlan1) • IPv4 Address : DHCP cliant • IGMP Snooping: Enable • Querier : Disable • Fast-Leave : Disable • Check TTL : Enable Setting item Default value Spanning tree enabled Proprietary loop detection enabled QoS trust mode CoS Flow control (IEEE 802.
Command Reference | Maintenance and operation functions | 27 Chapter 4 Maintenance and operation functions 4.1 Passwords 4.1.
| Command Reference | Maintenance and operation functions [Description] Specifies the administrator password needed to enter priviledged EXEC mode. If this command is executed with the "no" syntax, the administrator password is deleted. [Note] If the password was encrypted by the password-encryption command, it is shown in the configuration in the form "enable password 8 password." The user cannot enter the password in this form when making configuration settings from the command line.
Command Reference | Maintenance and operation functions | 29 [Parameter] switch : Allow login by special password Setting value Description enable Allow disable Don't allow [Initial value] force-password enable [Input mode] global configuration mode [Description] Enable login with special password.
| Command Reference | Maintenance and operation functions Single-type alphanumeric characters and " and ' and | and ? and single-byte symbols other than space characters (32characters or less) The first character must be a single-byte alphanumeric character [Initial value] none [Input mode] global configuration mode [Description] Sets user information. A maximum of 32 items of user information can be registered. The following words cannot be registered as user names.
Command Reference | Maintenance and operation functions | 31 Line Own User Status Login time IP address --------------------------------------------------------------------------------------------con 0 user1234 Login 02:15:23 vty 0 * operators1 Login 00:12:59 192.168.100.1 vty 1 abcdefghijklmnopqrstuvwxyzabcdef Login 00:00:50 192.168.100.24 vty 2 Login 00:00:21 192.168.100.10 vty 3 vty 4 vty 5 vty 6 vty 7 http 0 user1234 Login 01:12:25 192.168.100.4 http 1 (noname) Login 00:18:04 192.168.100.
| Command Reference | Maintenance and operation functions SWR2311P> 4.3 Configuration management 4.3.1 Save running configuration [Syntax] copy running-config startup-config [config_num] [Parameter] config_num : Configuration number Setting value Description <0-4> Startup configuration #0-#4 sd Startup config in SD card [Input mode] priviledged EXEC mode [Description] Saves the current operating settings (running configuration) as the settings for startup (startup configuration).
Command Reference | Maintenance and operation functions | 33 SWR2311P#write Succeeded to write configuration. SWR2311P# 4.3.
| Command Reference | Maintenance and operation functions [Parameter] config_num : Configuration number Setting value Description <0-4> Startup configuration #0-#4 sd Startup config in SD card [Input mode] priviledged EXEC mode [Description] Shows the startup settings (startup configuration). If config_num is omitted, the startup config that will be used for the next startup is shown.
Command Reference | Maintenance and operation functions | 35 [Input mode] priviledged EXEC mode [Description] Erase the settings used at startup (startup config) and the information associated with them. If config_num is omitted, the startup config that was used for the current startup is erased. [Note] In a state in which the SD card is not mounted, executing this command on a config that is in the SD card produces an error. [Example] Erase the startup configuration.
| Command Reference | Maintenance and operation functions line : Single-byte alphanumeric characters and single-byte symbols (63 characters or less) Description for applicable startup config [Input mode] priviledged EXEC mode [Description] Specify a description for the applicable startup config. If this command is executed with the "no" syntax, the description is deleted. The description is shown at the beginning of the execution result of the show startup-config command.
Command Reference | Maintenance and operation functions | 37 list : Shows a simplified version of up to five entries of the boot information history : <0-4> [Parameter] num Shows the boot history entry of the specified number [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Show the boot information. [Note] This history is cleared when you execute the cold start command or the clear boot list command. [Example] Show the current boot information.
| Command Reference | Maintenance and operation functions [Description] Enable or disable the SD card boot function of the firmware. After this command is executed, the system will restart. Since this setting is common to the system, it cannot be specified individually for each startup configuration (startup-config #0 ~ strtup-config #4). By default, SD card boot is enabled. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Maintenance and operation functions | 39 Vendor: Yamaha PID: SWR2311P-10G VID: 0000 SN: S00000000 SWR2311P> 4.5.2 Show operating information [Syntax] show environment [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows information about the system's operating environment. The following items are shown.
| Command Reference | Maintenance and operation functions • • Area used by the system (including settings information) Temporary : Temporary area [Example] Show the disk usage status. SWR2311P#show disk-usage Category Total Used Free Used (%) ----------- -------- -------- -------- -------System 160.6M 1.1M 154.8M 1% Temporary 80.0M 2.4M 77.6M 3% 4.5.4 Show currently-executing processes [Syntax] show process [Input mode] priviledged EXEC mode [Description] Shows all currently-executing processes.
Command Reference | Maintenance and operation functions | 41 • • • • • • • • • • • • • • • • show ip forwarding show ipv6 interface brief show ipv6 forwarding show ip route show ip route database show ipv6 route show ipv6 route database show arp show ipv6 neighbors show ip igmp snooping groups show ip igmp snooping interface show radius-server local certificate status show radius-server local nas show radius-server local user show radius-server local certificate list show radius-server local certificate re
| Command Reference | Maintenance and operation functions 4.6 Time management 4.6.1 Set clock manually [Syntax] clock set time month day year [Parameter] time : hh:mm:ss Time month : <1-12> or Jan, Feb, Mar, ... , Dec Month or name of month day : <1-31> Day year : Year (four digits) [Input mode] priviledged EXEC mode [Description] Set the system time. [Example] Set the time to 0 hours 0 minutes 0 seconds on January 1, 2015. SWR2311P#clock set 00:00:00 Jan 1 2015 4.6.
Command Reference | Maintenance and operation functions | 43 4.6.3 Show current time [Syntax] show clock [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the current time, year, month, and date. [Example] Show current time. SWR2311P>show clock Thu Jan 1 00:00:00 JST 2015 4.6.
| Command Reference | Maintenance and operation functions SWR2311P(config)#ntpdate server ipv6 fe80::2a0:deff:fe11:2233%vlan1 Specify ntp.example.com as the NTP server. SWR2311P(config)#ntpdate server name ntp.example.com 4.6.5 Synchronize time from NTP server (one-shot update) [Syntax] ntpdate oneshot [Input mode] priviledged EXEC mode [Description] Attempts to obtain time information from the registered NTP server. This is performed only once when this command is executed.
Command Reference | Maintenance and operation functions | 45 [Example] Show time synchronization settings. *If the synchronization update interval is one hour SWR2311P#show ntpdate NTP Server 1 : ntp.nict.jp NTP Server 2 : none adjust time : Thu Jan 1 09:00:00 2015 + interval 1 hour sync server : ntp.nict.jp Show time synchronization settings. *If periodic synchronization is not being performed SWR2311P#show ntpdate NTP Server 1 : ntp.nict.
| Command Reference | Maintenance and operation functions [Description] After enabling the specified VTY ports, moves to line mode for making VTY port settings. If this command is executed with the "no" syntax, the specified VTY ports are disabled. If you specify port2, a range of ports is specified; all VTY ports from port1 through port2 are specified. port2 must be a number greater than port1.
Command Reference | Maintenance and operation functions | 47 [Description] Changes the number of lines displayed per page for the terminal in use. If line is set to 0, the display is not paused per page. If the terminal no length command is executed, the number of lines is set to 24 in the case of a serial console, or to the window size when connected in the case of VTY. [Note] When this command is executed, the change applies immediately.
| Command Reference | Maintenance and operation functions [Input mode] global configuration mode [Description] Set the VLAN that is used for management. By setting this command, it will be possible to set and acquire the IP address assigned by the L2MS master to the corresponding VLAN when operating as an L2MS slave. If this is executed with the "no" syntax, or if the VLAN is deleted, this command also returns to the default settings. [Example] Set VLAN #2 as the management VLAN.
Command Reference | Maintenance and operation functions | 49 [Description] Output the debug level log to SYSLOG. If this command is executed with the "no" syntax, the log is not output. Since enabling debug level will output a large volume of log data, you should enable this only if necessary. If you use the logging host command to send notifications to the SYSYLOG server, you should ensure that there is sufficient disk space on the host. With the default setting, this is not output.
| Command Reference | Maintenance and operation functions [Input mode] global configuration mode [Description] Outputs the informational level SYSLOG to the console. If this command is executed with the "no" syntax, the log is not output. [Example] Output the informational level SYSLOG to the console. SWR2311P(config)#logging stdout info 4.9.
Command Reference | Maintenance and operation functions | 51 4.9.8 Set log backup to SD card [Syntax] logging bakcup sd enable logging bakcup sd disable no logging bakcup sd [Keyword] enable : Enable log backup to SD card disable : Disable log backup to SD card [Initial value] logging backup sd disable [Input mode] global configuration mode [Description] Enables or disables backup of the log to the SD card. If this is enabled, the log is saved on the SD card when you execute the save logging command.
| Command Reference | Maintenance and operation functions The log contains a maximum of 10,000 events. If this maximum number is exceeded, the oldest events are successively deleted. In order to save more than the maximum number of logs, you must use the logging host command to forward the log to the SYSLOG server and save it on the host. The level of log events to be output can be specified by the logging trap command.
Command Reference | Maintenance and operation functions | 53 Setting value priv user : Description Authentication / Encryption (authPriv) User name (maximum 32 characters) This can be specified only if version is '3' [Initial value] none [Input mode] global configuration mode [Description] Set the destination of SNMP notifications. Up to 8 entries can be specified. If this command is executed with the "no" syntax, the specified destination hosts are deleted.
| Command Reference | Maintenance and operation functions Setting value Description rmon When RMON event is executed termmonitor When terminal monitoring is detected bridge When spanning tree root is detected / When topology is changed temperature When temperature abnormality is detected or resolved fan When fan speed changes / When fan stops powerethernet When a change in PoE status occurs or an error is detected all All trap types. All of the above trap types are specified in the config.
Command Reference | Maintenance and operation functions | 55 4.10.4 Set system location [Syntax] snmp-server location location no snmp-server location [Parameter] location : Name to register as the system location (255 characters or less) [Initial value] no snmp-server location [Input mode] global configuration mode [Description] Sets the MIB variable sysLocation. sysLocation is a variable that is generally used to enter the installed location of the unit.
| Command Reference | Maintenance and operation functions 4.10.6 Set SNMP view [Syntax] snmp-server view view oid type no snmp-server view view [Parameter] view : View name (maximum 32 characters) oid : MIB object ID type : Type Setting value Description include Include the specified object ID in management exclude Exclude the specified object ID from management [Initial value] none [Input mode] global configuration mode [Description] Sets the SNMP MIB view.
Command Reference | Maintenance and operation functions | 57 seclevel : Security level required of users belonging to this group Setting value Description noauth No authentication / No encryption (noAuthNoPriv) auth Authentication / No encryption (authNoPriv) priv Authentication / Encryption (authPriv) read_view : Name of the MIB view (maximum 32 characters) that can be read by users belonging to this group write_view : Name of the MIB view (maximum 32 characters) that can be written by users
| Command Reference | Maintenance and operation functions Setting value priv_pass : Description des DES-CBC aes AES128-CFB Encryption password (8 or more characters, maximum 32 characters) [Initial value] none [Input mode] global configuration mode [Description] Specifies a user.
Command Reference | Maintenance and operation functions | 59 [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the contents of the SNMP view settings. Shows the view name, object ID, and type. [Example] Show the contents of the SNMP view settings. SWR2311P#show snmp view SNMP View information View Name: most OID: 1.6.1 Type: include View Name: standard OID: 1.3.6.1.2.1 Type: include 4.10.
| Command Reference | Maintenance and operation functions Auth: sha Priv: aes User Name: user1 Group Name: users Auth: sha Priv: none 4.11 RMON 4.11.1 Set RMON function [Syntax] rmon swtich no rmon [Parameter] switch : RMON function operation Setting value Description enable Enable RMON function disable Disable RMON function [Initial value] rmon enable [Input mode] global configuration mode [Description] Sets the system-wide operation of the RMON function.
Command Reference | Maintenance and operation functions | 61 Maximum 127 characters (if omitted : RMON_SNMP) [Initial value] none [Input mode] interface mode [Description] Enables the RMON Ethernet statistical information group setting for the applicable interface. If this command is set, statistical information is collected, and the RMON MIB's etherStatsTable can be acquired. This command can be specified a maximum number of eight times for the same interface.
| Command Reference | Maintenance and operation functions [Note] To enable the history group setting of the RMON function, it is necessary to enable the system-wide RMON function in addition to this command. If this command is overwritten, the previously collected historical information is deleted, and collection is once again started. If the system-wide RMON function is disabled, collection of historical information is interrupted.
Command Reference | Maintenance and operation functions | 63 [Example] After making SNMP trap settings, enable the RMON event group setting. Set the type of event as "log-trap", and the community name of the trap as "public". SWR2311P(config)#snmp-server host 192.168.100.3 traps version 2c public SWR2311P(config)#snmp-server enable trap rmon SWR2311P(config)#rmon event 1 log-trap public 4.11.
| Command Reference | Maintenance and operation functions Setting value Description Use both upper threshold value and lower threshold value (risingOrFallingAlarm) 3 (if omitted : 3) owner : Name of alarm group owner (alarmOwner) maximum 127 characters (if omitted : RMON_SNMP) [Initial value] none [Input mode] global configuration mode [Description] Enables the RMON alarm group settings. Set variable as the MIB object that will be the target of monitoring by the RMON alarm group.
Command Reference | Maintenance and operation functions | 65 [Example] Enable the RMON alarm group settings with the following conditions. • The MIB object to be monitored is etherStatsPkts.1. • The sampling interval is 180 seconds. • The sampling type is delta. • The upper threshold value is 3000, and the event when rising above the upper threshold value is 1. • The lower threshold value is 2000, and the event when falling below the lower threshold value is 1. SWR2311P(config)#rmon alarm 1 etherStatsPkts.
| Command Reference | Maintenance and operation functions 4.11.7 Show RMON Ethernet statistical information group status [Syntax] show rmon statistics [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the settings and status of the RMON Ethernet statistical information group. The following items are shown.
Command Reference | Maintenance and operation functions | 67 • • Time of executing event Owner name [Example] SWR2311P>show rmon event event Index = 1 Description RMON_SNMP Event type Log Event community name RMON_SNMP Last Time Sent = 00:00:58 Owner RMON_SNMP 4.11.10 Show RMON alarm group status [Syntax] show rmon alarm [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the settings and status of the RMON alarm group. The following items are shown.
| Command Reference | Maintenance and operation functions SWR2311P(config)#interface port1.1 SWR2311P(config-if)#rmon clear counters 4.12 Telnet server 4.12.
Command Reference | Maintenance and operation functions | 69 4.12.3 Set host that can access the Telnet server [Syntax] telnet-server interface interface no telnet-server interface interface [Parameter] interface : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Sets the VLAN interface that allows access to the Telnet server. If this command is executed with the "no" syntax, the specified interface is deleted.
| Command Reference | Maintenance and operation functions [Description] Restrict access to the TELNET server according to the client terminal's IPv4/IPv6 address. Up to eight instances of this command can be set, and those that are specified earlier take priority for application. If this command is set, all access that does not satisfy the registered conditions is denied. However, if this command is not set, all access is permitted.
Command Reference | Maintenance and operation functions | 71 Setting value Description enable Enable disable Disable [Initial value] telnet-client disable [Input mode] global configuration mode [Description] Enables use of the telnet command as a Telnet client. If this command is executed with the "no" syntax, the Telnet client is disabled. [Example] Enable the Telnet client. SWR2311P(config)#telnet-client enable 4.14 TFTP server 4.14.
| Command Reference | Maintenance and operation functions • • Listening port number VLAN interface that is permitted to access the TFTP server [Example] Show the settings of the TFTP server. SWR2311P#show tftp-server Service:Enable Port:69 Management interface(vlan): 1 Interface(vlan):1, 2, 3 4.14.
Command Reference | Maintenance and operation functions | 73 If this command is executed with the "no" syntax, the function is disabled. [Example] Start the HTTP server with 8080 as the listening port number. SWR2311P(config)#http-server enable 8080 4.15.
| Command Reference | Maintenance and operation functions Management interface(vlan): 1 Interface(vlan):1 Access:None Login timeout:30 min 51 sec 4.15.4 Set hosts that can access the HTTP server [Syntax] http-server interface interface no http-server interface interface [Parameter] interface : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Sets the VLAN interface that allows access to the HTTP server.
Command Reference | Maintenance and operation functions | 75 [Input mode] global configuration mode [Description] Restrict access to the HTTP server according to the client terminal's IPv4/IPv6 address. Up to eight instances of this command can be set, and those that are specified earlier take priority for application. If this command is set, all access that does not satisfy the registered conditions is denied. However, if this command is not set, all access is permitted.
| Command Reference | Maintenance and operation functions Timeout time (minutes) sec : <0-2147483> Timeout time (seconds) [Initial value] http-server login-timeout 5 [Input mode] global configuration mode [Description] Specify the time until automatic logout when there has been no access to the HTTP server. If sec is omitted, 0 is specified. If this command is executed with the "no" syntax, the setting returns to the default. [Note] The smallest value that can be specified is one minute.
Command Reference | Maintenance and operation functions | 77 Time (seconds) until timeout occurs [Initial value] http-proxy timeout 60 [Input mode] global configuration mode [Description] Specifies the timeout time when acquiring the Web GUI of an L2MS slave. If this command is executed with the "no" syntax, the setting will be 60 seconds. [Example] Set HTTP Proxy function's timeout duration to two minutes. SWR2311P(config)#http-proxy timeout 120 4.16.
| Command Reference | Maintenance and operation functions [Note] In order to log in from the SSH client, the user name and password must be registered in advance (username). [Example] Start the SSH server with 12345 as the listening port number. SWR2311P#ssh-server host key generate SWR2311P#configure terminal SWR2311P(config)#ssh-server enable 12345 4.17.2 Show SSH server settings [Syntax] show ssh-server [Input mode] priviledged EXEC mode [Description] Shows the settings of the SSH server.
Command Reference | Maintenance and operation functions | 79 SWR2311P(config)#ssh-server interface vlan1 SWR2311P(config)#ssh-server interface vlan2 4.17.
| Command Reference | Maintenance and operation functions [Parameter] bit : 1024, 2048 Bit length of RSA key [Initial value] none [Input mode] priviledged EXEC mode [Description] Sets the host RSA key and host DSA key of the SSH server. For the RSA key, the bit parameter can be used to specify the number of bits in the generated key. The DSA key generates a 1024-bit key. [Note] In order to use the SSH server function, this command must be executed in advance to generate the host keys.
Command Reference | Maintenance and operation functions | 81 [Example] Show the public key.
| Command Reference | Maintenance and operation functions |. * * | +----[SHA256]-----+ 4.17.
Command Reference | Maintenance and operation functions | 83 [Example] To the host at IPv4 address 192.168.100.1, connect via SSH using user name "uname" and port number 12345. SWR2311P#ssh uname@192.168.100.1 12345 To the host at IPv6 address fe80::2a0:deff:fe11:2233, connect via SSH using user name "uname" and port number 12345. SWR2311P#ssh uname@fe80::2a0:deff:fe11:2233%vlan1 12345 4.18.
| Command Reference | Maintenance and operation functions 4.19.1 SMTP e-mail server settings [Syntax] mail server smtp id host host [port port] [encrypt method] [auth username password] no mail server smtp id [Keyword] port : Specifying a port number for the e-mail server encrypt : Specifying an encryption method auth : Specifying the account information to use for SMTP authentication : <1-10> [Parameter] id Mail server ID host : Mail server address or host name IPv4 address (A.B.C.
Command Reference | Maintenance and operation functions | 85 4.19.2 SMTP e-mail server name settings [Syntax] mail server smtp id name server_name no mail server smtp id [Parameter] id : <1-10> E-mail server ID server_name : Mail server name (64 characters or less, single-byte alphanumeric characters and symbols other than ?) [Initial value] none [Input mode] global configuration mode [Description] Sets the name of the server used when sending e-mails.
| Command Reference | Maintenance and operation functions 4.19.4 E-mail transmission template settings mode [Syntax] mail temlate temp-id no temlate [Parameter] temp-id : <1-10> E-mail template ID [Initial value] none [Input mode] global configuration mode [Description] Switches to the mode for setting the template used when sending e-mails. The following items can be configured after switching to template mode. Up to 10 templates can be created.
Command Reference | Maintenance and operation functions | 87 (256 characters or less, single-byte alphanumeric characters and _ - . @) [Initial value] no send from [Input mode] E-mail template mode [Description] Sets the source e-mail address. [Example] Specifies “sample@test.com” as the source e-mail address for e-mail template #1. SWR2311P(config)#mail template 1 SWR2311P(config-mail)#send from sample@test.com 4.19.
| Command Reference | Maintenance and operation functions [Note] The subject shown below will be used if this is not set. • Event notification : Notification from SWR2311P • Certificate distribution : Certification publishment • Certificate notification : Certification expiration [Example] Sets the subject to “TestMail” for e-mails sent using e-mail template #1. SWR2311P(config)#mail template 1 SWR2311P(config-mail)#send subject TestMail 4.19.
Command Reference | Maintenance and operation functions | 89 Name : [Name] - Setting value for the NAME option in the “user” command Account : [User name] - USERID value for the “user” command MAC address : XX:XX:XX:XX:XX:XX Expire : YYYY/MM/DD --------------------------------[Example] Specifies “#1” for the template ID to use when sending RADIUS server client certificates. SWR2311P(config-radius)#mail send certificate 1 4.19.
| Command Reference | Maintenance and operation functions [Note] The day is displayed in descending order, regardless of the order in which it was inputted. [Example] Sets the number of days to notify beforehand about expired term of validity for RADIUS server client certificates to “50 days before” and “10 days before”. SWR2311P(config-radius)#mail certificate expire-notify 50 10 4.19.
Command Reference | Maintenance and operation functions | 91 [Example] Enable LLDP function transmission and reception for LAN port #1. SWR2311P#configure terminal Enter configuration commands, one per line. SWR2311P(config)#lldp run SWR2311P(config)#interface port1.1 SWR2311P(config-if)#lldp-agent SWR2311P(lldp-agent)#set lldp enable txrx End with CNTL/Z. 4.20.
| Command Reference | Maintenance and operation functions 4.20.4 Create LLDP agent [Syntax] lldp-agent no lldp-agent [Initial value] none [Input mode] interface mode [Description] Create an LLDP agent, and transition to LLDP agent mode. If this command is executed with the "no" syntax, delete the LLDP agent. [Note] When you delete the LLDP agent, the commands specified in LLDP agent mode are also deleted. [Example] Create an LLDP agent on port1.1, and transition to LLDP agent mode.
Command Reference | Maintenance and operation functions | 93 4.20.6 Set LLDP transmission/reception mode [Syntax] set lldp enable type set lldp disable no set lldp enable [Parameter] type : Transmission/reception mode Setting value Description rxonly Set receive-only mode txonly Set transmit-only mode txrx Set transmit and receive [Initial value] set lldp disable [Input mode] LLDP agent mode [Description] Sets the LLDP frame transmission/reception mode for the applicable interface.
| Command Reference | Maintenance and operation functions SWR2311P(config)#lldp run SWR2311P(config)#interface port1.1 SWR2311P(config-if)#lldp-agent SWR2311P(lldp-agent)#set management-address mac-address 4.20.8 Set basic management TLVs [Syntax] tlv-select basic-mgmt no tlv-select basic-mgmt [Initial value] none [Input mode] LLDP agent mode [Description] Adds basic management TLVs to transmitted frames.
Command Reference | Maintenance and operation functions | 95 SWR2311P(config-if)#lldp-agent SWR2311P(lldp-agent)#tlv-select ieee-8021-org-specific 4.20.10 Set IEEE-802.3 TLV [Syntax] tlv-select ieee-8023-org-specific no tlv-select ieee-8023-org-specific [Initial value] none [Input mode] LLDP agent mode [Description] Adds IEEE-802.3 TLVs to transmitted frames. If this command is executed with the "no" syntax, exclude IEEE-802.3 TLVs from transmitted frames.
| Command Reference | Maintenance and operation functions 4.20.12 Set LLDP frame transmission interval [Syntax] set timer msg-tx-interval tx_interval no set timer msg-tx-interval [Parameter] tx_interval : <5-3600> LLDP frame transmission interval (seconds) [Initial value] set timer msg-tx-interval 30 [Input mode] LLDP agent mode [Description] Sets LLDP frame transmission interval. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Maintenance and operation functions | 97 [Parameter] reinit_delay : <1-10> Time from LLDP frame transmission stop until re-initialization (seconds) [Initial value] set timer reinit-delay 2 [Input mode] LLDP agent mode [Description] Sets the time from when LLDP frame transmission stops until re-initialization occurs. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Maintenance and operation functions [Initial value] set tx-fast-init 4 [Input mode] LLDP agent mode [Description] Sets the number of LLDP frames transmitted during the high speed transmission period. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set 2 as the number of LLDP frames transmitted during the high speed transmission period on LAN port #1. SWR2311P(config)#lldp run SWR2311P(config)#interface port1.
Command Reference | Maintenance and operation functions | 99 Setting value Description rxonly Set receive-only mode txonly Set transmit-only mode txrx Set transmit and receive [Input mode] global configuration mode [Description] Enables or disables the LLDP function for all LAN/SFP port in a single operation. If this setting is enabled, set the transmission and reception mode of the specified LLDP frames. [Note] This command can be executed only for global configuration mode.
| Command Reference | Maintenance and operation functions Total frames received Number of LLDP frames received Total frames received in error Number of LLDP frame reception errors Total frames discarded Number of LLDP frames discarded Total discarded TLVs Number of TLV discarded Total unrecognised TLVs Number of TLVs that could not be recognized For show lldp interface ifname neighbor • Basic management information • Interface Name Received interface name System Name System name System D
Command Reference | Maintenance and operation functions | 101 Power that can be supplied by PSE device (0.
| Command Reference | Maintenance and operation functions Reinitialisation delay : 2 MED Enabled : Y Device Type : NETWORK_CONNECTIVITY LLDP Agent traffic statistics Total frames transmitted : 0 Total entries aged : 0 Total frames received : 0 Total frames received in error : 0 Total frames discarded : 0 Total discarded TLVs : 0 Total unrecognised TLVs : 0 SWR2311P# 4.20.
Command Reference | Maintenance and operation functions | 103 Network Policy MED Capabilities Dev Type MED Application Type MED Vlan id MED Tag/Untag MED L2 Priority MED DSCP Val MED Location Data Format Latitude Res : 0 Latitude : 0 Longitude Res : 0 Longitude : 0 AT : 0 Altitude Res : 0 Altitude : 0 Datum : 0 LCI length : 0 What : 0 Country Code : 0 CA type : 0 MED Inventory : : : : : : : End Point Class-3 Reserved 0 Untagged 0 0 ECS ELIN SWR2311P# 4.20.
| Command Reference | Maintenance and operation functions [Keyword] enable : Use the L2MS function disable : Don't use the L2MS function [Initial value] l2ms enable [Input mode] L2MS mode [Description] Sets whether to use the L2MS function. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Use the L2MS function. SWR2311P(config)#l2ms configuration SWR2311P(config-l2ms)#l2ms enable 4.21.
Command Reference | Maintenance and operation functions | 105 no slave-watch interval [Parameter] time : <2-10> Watch interval (seconds) [Initial value] slave-watch interval 3 [Input mode] L2MS mode [Description] Specifies the time interval at which to transmit an L2MS slave query frame. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Maintenance and operation functions 4.21.6 Set terminal management function [Syntax] terminal-watch enable terminal-watch disable no terminal-watch [Keyword] enable : Enable terminal management function disable : Disable terminal management function [Initial value] terminal-watch disable [Input mode] L2MS mode [Description] Enables the terminal management function. If this is enabled, information about the devices existing on the network is obtained at regular intervals.
Command Reference | Maintenance and operation functions | 107 4.21.8 Set L2MS control frame transmit/receive [Syntax] l2ms filter enable l2ms filter disable no l2ms filter [Keyword] enable : L2MS control frames cannot be transmitted or received disable : L2MS control frames can be transmitted or received [Initial value] l2ms filter disable [Input mode] interface mode [Description] Prevents L2MS control frames from being transmitted or received.
| Command Reference | Maintenance and operation functions 4.21.10 Show L2MS information [Syntax] show l2ms [detail] [Keyword] detail : Also show detailed information [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the following information according to the L2MS operating state.
Command Reference | Maintenance and operation functions | 109 [Master] Number of Terminals [Slave] Number of Slaves [ac44.f230.00a5] Model name Device name Route LinkUp Uplink Downlink Config Appear time Number of Terminals [bcae.c5a4.7fb3] Port Appear time [00a0.deae.b8bf] Model name Device name Route LinkUp Uplink Downlink Config Appear time Number of Terminals : 0 : 2 : : : : : : : : : SWR2311P-10G SWR2311P-10G_Z5301050WX port2.
| Command Reference | Maintenance and operation functions no event-watch [Keyword] enable : Enable the event monitoring function disable : Disable the event monitoring function [Initial value] event-watch enable [Input mode] L2MS mode [Description] Sets whether to disable or enable the event monitoring function. If enabled, event information for the L2MS slaves existing on the network is acquired at regular intervals.
Command Reference | Maintenance and operation functions | 111 [Keyword] enable : Use the L2MS function disable : Don't use the L2MS function [Initial value] config-auto-set enable [Input mode] L2MS mode [Description] Sets whether to use the L2MS slave device's zero config function.
| Command Reference | Maintenance and operation functions [Keyword] except-wireless : Information for wirelessly connected terminals is excluded from the snapshot comparison. [Initial value] no snapshot trap terminal [Input mode] global configuration mode [Description] Terminal information is included in the snapshot comparison. If the except-wireless option is specified, information for terminals that are wirelessly connected below a wireless access point are excluded from the snapshot comparison.
Command Reference | Maintenance and operation functions | 113 4.23 Firmware update 4.23.1 Set firmware update site [Syntax] firmware-update url url no firmware-update url [Parameter] url : Single-byte alphanumeric characters and single-byte symbols (255 characters or less) URL at which the firmware is located [Initial value] firmware-update url http://www.rtpro.yamaha.co.jp/firmware/revision-up/swr2311p.
| Command Reference | Maintenance and operation functions 4.23.3 Set firmware download timeout duration [Syntax] firmware-update timeout time no firmware-update timeout [Parameter] time : <100-86400> Timeout time (seconds) [Initial value] firmware-update timeout 300 [Input mode] global configuration mode [Description] Specifies the timeout duration when downloading firmware from a web server. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Maintenance and operation functions | 115 SWR2311P#show firmware-update url: http://www.rtpro.yamaha.co.jp/firmware/revision-up/swr2311p.bin timeout: 300 (seconds) revision-down: Disable reload-time: SWR2311P# 4.23.
| Command Reference | Maintenance and operation functions [Input mode] global configuration mode [Description] Sets the time at which the new firmware is applied by restarting after a firmware update. If this command is executed with the "no" syntax, the new firmware is applied by restarting immediately after the firmware is updated. [Example] Specify AM 1:30 as the restart time for updating the firmware. SWR2311P(config)#firmware-update reload-time 1 30 SWR2311P(config)# 4.
Command Reference | Maintenance and operation functions | 117 4.24.3 Initialize settings [Syntax] cold start [Input mode] priviledged EXEC mode [Description] Reboots with the factory settings. SYSLOG is also initialized. [Note] You must enter the administrator password when executing this command. A special password can be inputted to initialize the settings only when logging in at the command prompt using a special password. [Example] Initialize the settings. SWR2311P#cold start Password: 4.24.
| Command Reference | Maintenance and operation functions 4.24.6 Set default LED mode [Syntax] led-mode default mode no led-mode default [Parameter] mode : Default LED mode Setting value Description link-act LINK/ACT mode poe PoE mode vlan VLAN mode status STATUS mode off OFF mode [Initial value] led-mode default link-act [Input mode] global configuration mode [Description] Set the default LED mode. When you execute this command, the LEDs are lit in the specified mode.
Command Reference | Maintenance and operation functions | 119 [Description] Shows the ID of ports that are generating an error, and the following error causes.
| Command Reference | Maintenance and operation functions SWR2311P# restore system restore and reboot system? (y/n) y Update the firmware. Current Revision: Rev.2.02.17 New Revision: Rev.2.02.17 Update to this firmware? (Y/N) Y Unmounted the SD card. Pull out the SD card. Updating... Finish Succeeded to restore system files.
Command Reference | Interface control | 121 Chapter 5 Interface control 5.1 Interface basic settings 5.1.1 Set description [Syntax] description line no description [Parameter] line : Single-byte alphanumeric characters and single-byte symbols (80characters or less) Description of the applicable interface [Initial value] no description [Input mode] interface mode [Description] Specifies a description of the applicable interface.
| Command Reference | Interface control [Parameter] type : Speed and duplex mode types Speed and duplex mode types Description auto Auto negotiation 10000-full 10Gbps/Full 1000-full 1000Mbps/Full 100-full 100Mbps/Full 100-half 100Mbps/Half 10-full 10Mbps/Full 10-half 10Mbps/Half [Initial value] speed-duplex auto [Input mode] interface mode [Description] Sets the speed and duplex mode. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Interface control | 123 SWR2311P(config)#interface port1.1 SWR2311P(config-if)#mru 9000 5.1.5 Set cross/straight automatic detection [Syntax] mdix auto action no mdix auto [Parameter] type : Cross/straight automatic detection operations Setting value Description enable Enable cross/straight automatic detection disable Disable cross/straight automatic detection [Initial value] mdix auto enable [Input mode] interface mode [Description] Enables cross/straight automatic detection.
| Command Reference | Interface control When this command is used to change the settings, link-down temporarily occurs for the corresponding interface. [Example] Enable EEE for LAN port #1. SWR2311P(config)#interface port1.1 SWR2311P(config-if)#eee enable 5.1.
Command Reference | Interface control | 125 Item Description interface Interface name EEE(efficient-ethernet) Whether EEE is enabled Rx LPI Status Low-power mode status of the receiving unit Tx LPI Status Low-power mode status of the transmitting unit Wake Error Count Error count [Example] Show EEE status of LAN port #1. [If EEE is disabled] SWR2311P#show eee status interface port1.1 interface:port1.
| Command Reference | Interface control Traffic direction transmit Description Transmitter [Initial value] no mirror interface [Input mode] interface mode [Description] Mirrors the traffic specified by direct, with the applicable interface as the mirror port and ifname as the monitor port. If this command is executed with the "no" syntax, the mirroring setting is deleted. [Note] This command can be specified only for LAN/SFP port. Only one interface can be specified as the mirror port.
Command Reference | Interface control | 127 5.1.11 Show interface status [Syntax] show interface [ type [ index ] ] [Parameter] type : Interface type Interface type index : Description port Physical interface vlan VLAN interface sa Static logical interface po LACP logical interface Index number Interface ID Description S.X Specifies the stack ID (S) of the physical interface, and the number printed on the chassis (X). * The SWR2311P-10G is fixed as stack ID=1.
| Command Reference | Interface control Item Description IPv4 address IP address/mask length *3 (shown only if IP address is set) broadcast IP broadcast address *3 (shown only if IP address is set) Switchport mode Mode of the switchport • access : untagged • trunk : tagged Ingress filter Status of ingress filtering • enable : enabled • disable : disabled Acceptable frame types Frame types that can be received • all : All frames are received (regardless of whether they are tagged or untagged)
Command Reference | Interface control | 129 Hardware is Ethernet HW addr: 00a0.de00.
| Command Reference | Interface control Item Description Port Ch Type of associated logical interface *1 • (S) : Static logical interface • (P) : LACP logical interface ID of associated logical interface Description Description of interface *1 Shown only for physical interface *2 hown only for physical interface and logical interface [Example] Show brief interface status.
Command Reference | Interface control | 131 Item Description Octets Number of octets transmitted/received Broadcast packets Number of broadcast packets transmitted/received Multicast packets Number of multicast packets transmitted/received Unicast packets Number of unicast packets transmitted/received Undersize packets Number of undersize packets received (packets smaller than 64 octets) Oversize packets Number of oversize packets received (packets larger than 1523 octets*1) Fragments Number
| Command Reference | Interface control Broadcast packets Multicast packets Unicast packets TX errors Collisions Drop packets : : : : : : Received and Transmitted: 64octet packets : 65-127octet packets : 128-255octet packets : 256-511octet packets : 512-1023octet packets : 1024-MAXoctet packets : 0 91 0 0 0 0 1 166 7 1 0 0 5.1.
Command Reference | Interface control | 133 Interface -----------port1.9 port1.10 Voltage (V) -----------3.28 3.28 High Alarm Threshold -----------3.60 3.60 High Warning Threshold -----------3.50 3.50 Low Warning Threshold -----------3.10 3.10 Low Alarm Threshold -----------3.00 3.00 Interface -----------port1.9 port1.10 Current (mA) -----------6.0 7.0 High Alarm Threshold -----------25.0 25.0 High Warning Threshold -----------20.0 20.0 Low Warning Threshold -----------2.0 2.
| Command Reference | Interface control [Input mode] interface mode [Description] Associates the applicable interface with the static logical interface specified by link-id. If this command is executed with the "no" syntax, the applicable interface is dissociated from the static logical interface. [Note] This command can be specified only for LAN/SFP port. If a LAN/SFP port is associated to a link-id for which a static logical interface does not exist, the static logical interface is newly generated.
Command Reference | Interface control | 135 [Parameter] link-id : <1-127> LACP logical interface number mode : Operation mode mode Description active Operate LACP in active mode. In active mode, it actively sends LACP frames to the other device. passive Operate LACP in passive mode. In passive mode, it sends LACP frames only if LACP frames are received from the other device.
| Command Reference | Interface control Interfaces that make up the LACP logical interface [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] If ifname is omitted, shows the status of the LACP logical interface. The following items are shown for each LACP logical interface that exists.
Command Reference | Interface control | 137 Item Description Ifindex Interface number Timeout Timeout value ("Long"=90 seconds, "Short"=3 seconds) Active LACP operation mode("Active", "Passive") Synchronized Synchronization flag Collecting Collecting flag Distributing Distributing flag Defaulted Defaulted flag Expired Expired flag [Example] Shows the status of LACP logical interface. SWR2311P#show etherchannel % Lacp Aggregator: po10 % Load balancing: src-dst-mac % Member: port1.1 port1.
| Command Reference | Interface control [Note] If an LACP logical interface is connected to the other device, the system priorities are compared, and control privilege is given to the device with the higher priority. [Example] Set the LACP system priority order to 100. SWR2311P(config)#lacp system-priority 100 5.2.6 Show LACP system priority [Syntax] show lacp sys-id [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the LACP system priority and the LACP system ID.
Command Reference | Interface control | 139 [Example] Set the LACP timeout of LAN port #1 to short. SWR2311P(config)#interface port1.1 SWR2311P(config-if)#lacp timeout short 5.2.8 Clear LACP frame counters [Syntax] clear lacp [link-id] counters [Parameter] link-id : <1-127> LACP logical interface number [Input mode] priviledged EXEC mode [Description] Clears the LACP frame counters. If link-id is omitted, the frame counter of every existing LACP logical interface is cleared.
| Command Reference | Interface control [Parameter] type : Rules to specify the forwarding destination interface type Description dst-ip Destination IPv4/IPv6 address dst-mac Destination MAC address dst-port Destination TCP/UDP port number src-dst-ip Source and destination IPv4/IPv6 address src-dst-mac Source and destination MAC address src-dst-port Source and destination TCP/UDP port number src-ip Source IPv4/IPv6 address src-mac Source MAC address src-port Source TCP/UDP port numb
Command Reference | Interface control | 141 Item Description Aggregator LACP logical interface ID Distinguishing ID on the LACP logical interface Actor LAG The actor's own LACP system ID (priority, MAC address) Admin Key The ID that is the basis of the actor's own LACP key (logical port number) Status Link aggregation status ("Not ready"/"Ready") Partner LAG The partner's LACP system ID (priority, MAC address) Partner Key The ID that is the basis of the partner's LACP key Link count Number
| Command Reference | Interface control ID 4727 Status Not ready Partner LAG 0x8000, 00-a0-de-11-11-11 Partner Key 0001 Link count 0/ 1 SWR2311P#show etherchannel status detail Aggregator po1 ID 4601 Status Ready Actor LAG 0x8000, 00-a0-de-e0-e0-e0 Admin Key 0001 Partner LAG 0x8000, 00-a0-de-11-11-11 Partner Key 0001 Link count 1/ 1 Link port1.
Command Reference | Interface control | 143 2 ) If the LACP port priority is the same, priority is given to the lower interface number. If an SFP port is to be given priority, its LACP port priority must be set lower than other ports. [Example] Set the LACP port priority order to 1024. SWR2311P(config-if)#channel-group 1 mode active SWR2311P(config-if)#lacp port-priority 1024 5.3 Port authentication 5.3.1 Configuring the IEEE 802.
| Command Reference | Interface control no aaa authentication auth-web [Initial value] no aaa authentication auth-web [Input mode] global configuration mode [Description] Enables Web authentication for the entire system. If this command is executed with the "no" syntax, Disables Web authentication for the entire system. Use a RADIUS server for authentication on which the radius-server host command has been configured.
Command Reference | Interface control | 145 [Parameter] direction : Sets the packet forwarding operation for unauthenticated ports Forwarding operation Description both Both send and receive packets are discarded. in Only receive packets are discarded. [Initial value] dot1x control-direction both [Input mode] interface mode [Description] Changes the packet forwarding operation for the applicable interface when the IEEE 802.1X authentication is unauthenticated.
| Command Reference | Interface control [Example] Set the EAPOL packet transmission count for LAN port #1 to "3". SWR2311P(config)#interface port1.1 SWR2311P(config-if)#dot1x max-auth-req 3 5.3.7 Set the MAC authentication function [Syntax] auth-mac enable auth-mac disable no auth-mac enable [Initial value] auth-mac disable [Input mode] interface mode [Description] Enables MAC authentication for the applicable interface.
Command Reference | Interface control | 147 During MAC authentication, the MAC address of the supplicant is used as a user name and password, and a request is sent to the RADIUS server for authentication. If this command is executed with the "no" syntax, the setting returns to the default. [Note] To use this command, you must enable the port authentication function for the applicable interface.
| Command Reference | Interface control Operation mode multi-supplicant Description This mode allows communication with multiple supplicants for each port. Communication is allowed or denied on a per-supplicant basis. [Initial value] auth host-mode single-host [Input mode] interface mode [Description] Changes the port authentication operation mode for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Interface control | 149 5.3.12 Set dynamic VLAN [Syntax] auth dynamic-vlan-creation no auth dynamic-vlan-creation [Initial value] no auth dynamic-vlan-creation [Input mode] interface mode [Description] Sets dynamic VLAN for the applicable interface. If this is executed with the "no" syntax, the dynamic VLAN is disabled. For interfaces on which dynamic VLAN is enabled, the associated VLAN is actively changed based on the property (TunnelPrivate-Group-ID) specified by the RADIUS server.
| Command Reference | Interface control SWR2311P(config)#interface port1.1 SWR2311P(config-if)#auth guest-vlan 10 5.3.
Command Reference | Interface control | 151 5.3.16 Set the reply wait time for the RADIUS server overall [Syntax] auth timeout server-timeout time no auth timeout server-timeout [Parameter] time : <1-65535> Reply wait time from the authentication server for the authentication request (seconds) [Initial value] auth timeout server-timeout 30 [Input mode] interface mode [Description] Sets the reply wait time for the RADIUS server overall when authenticating a port of the applicable interface.
| Command Reference | Interface control 5.3.
Command Reference | Interface control | 153 [Parameter] time : <1-1000> Standby time for replying to requests (seconds) [Initial value] radius-server timeout 5 [Input mode] global configuration mode [Description] Sets the reply wait time for each RADIUS server. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control Single-byte alphanumeric characters, and single-byte symbols other than the characters '?' and spaces (64 characters or less) [Initial value] no radius-server key [Input mode] global configuration mode [Description] Sets the shared password used when communicating with a RADIUS server. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Interface control | 155 If this setting is made, it is notified to RADIUS server as the NAS-Identifier attribute. If this setting is deleted, notification is stopped. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set "Nas-ID-001" as the NAS-Identifier attribute that is sent to the RADIUS server. SWR2311P(config)#auth radius attribute nas-identifier Nas-ID-001 5.3.
| Command Reference | Interface control Dynamic VLAN creation Guest VLAN Reauthentication Reauthentication period MAX request Supplicant timeout Server timeout Quiet period Controlled directions Protocol version Clear-state time : : : : : : : : : : : Disabled Disabled Disabled 3600 sec 2 times 30 sec 30 sec 60 sec In (configured:both) 2 Not configured 5.3.
Command Reference | Interface control | 157 EAP Response Invalid EAPOL EAP Length error Last EAPOL version Last EAPOL source Transmitted frames EAP Request ID EAP Request EAP Success EAP Fail RADIUS packets: Received packets Access Request Access Challenge Access Accept Access Reject Transmitted packets Access Request : : : : : : : : : : 9 0 0 1 0011.2233.4455 11 1 9 1 0 : : : : : : : 10 0 9 1 0 10 10 5.3.
| Command Reference | Interface control Authentication Port Secret Key Timeout Retransmit Count Deadtime : : : : : 1645 fghij 5 sec 3 0 min 5.3.
Command Reference | Interface control | 159 no auth clear-state time [Parameter] time : <0-23> Time at which the authentication state is cleared [Initial value] no auth clear-state time [Input mode] global configuration mode [Description] Sets the time at which the authentication state for the supplicant is cleared for the entire system. If this command is executed with the "no" syntax, deletes the time setting for clearing the authentication state.
| Command Reference | Interface control [Parameter] filename : Single-byte alphanumeric characters and single-byte symbols Filename of the file for customizing the Web authentication screen src_config_num dst_config_num : : Copy source configuration number Setting value Description 0-4 Number of the start-up config sd SD card Copy destination configuration number Setting value Description 0−4 Number of the start-up config sd SD card [Input mode] priviledged EXEC mode [Description] Cop
Command Reference | Interface control | 161 [Example] Deletes logo.png from startup configuration #0. SWR2311P#erase auth-web startup-config logo.png 0 5.3.
| Command Reference | Interface control [Note] This command can be specified only for both LAN/SFP port and logical interface. Any unregistered terminals will be discarded at the time when the port security function is enabled. [Example] Enable port security for LAN port #1. SWR2311P(config)#interface port1.1 SWR2311P(config-if)#port-security enable 5.4.
Command Reference | Interface control | 163 5.4.4 Show port security information [Syntax] show port-security status [Input mode] priviledged EXEC mode [Description] Shows the port security information. [Example] Show the port security information. SWR2311P#show port-security status Port Security Action Status Last violation -------- --------- --------- --------- ----------------port1.1 Enabled Discard Blocking 00a0.de00.0003 port1.2 Disabled Discard Normal port1.3 Disabled Discard Normal port1.
| Command Reference | Interface control [Note] For a LAN/SFP port that was put in the errdisable state by the BPDU guard function before this command was executed, the change in the setting is applied the next time BPDU is detected. [Example] Enable automatic recovery after BPDU guard has caused the errdisable state, and set the recovery time to 600 seconds. SWR2311P(config)#errdisable auto-recovery bpduguard interval 600 Disable automatic recovery after loop detection has caused the errdisable state.
Command Reference | Interface control | 165 [Description] Set the system-wide PoE power supply function as enabled or disabled. If this command is executed with the "no" syntax, the setting returns to the default. [Note] Even if the system-wide PoE power supply function is enabled, power supply will be disabled for each port if the power supply function is disabled for individual ports. [Example] Enable the system-wide PoE power supply function.
| Command Reference | Interface control no power-inline description [Parameter] line : Single-byte alphanumeric characters (64 characters or less) [Initial value] none [Input mode] interface mode [Description] Sets the description text of the PD device to connect to PoE port. [Note] The description text that was set is shown with the show power-inline command. [Example] Set the description of the PD device connected to port1.1 as "AP1". SWR2311P(config)#interface port1.
Command Reference | Interface control | 167 [Parameter] watts : <0-30> Guard band value (W) [Initial value] power-inline guardband 7 [Input mode] global configuration mode [Description] Sets the guard band. The guard band serves as a margin in respect to the overall power supply amount, preventing unintended interruptions in power. If the amount of usable power is equal to or less than the guard band, power will not be supplied even if a new PD device is connected to PoE port.
| Command Reference | Layer 2 functions Chapter 6 Layer 2 functions 6.1 FDB (Forwarding Data Base) 6.1.
Command Reference | Layer 2 functions | 169 SWR2311P(config)#mac-address-table ageing-time 400 6.1.3 Clear dynamic entry [Syntax] clear clear clear clear mac-address-table mac-address-table mac-address-table mac-address-table dynamic dynamic adress mac-addr dynamic vlan vlan-id dynamic interface ifname [instance inst] [Keyword] address : Specifies the MAC address vlan : Specifies the VLAN ID interface : Specifies the interface instance : Specifies the MST instance : hhhh.hhhh.
| Command Reference | Layer 2 functions ifname : Setting value Description discard Discard Name of LAN/SFP port or logical interface Applicable interface vlan-id : <1-4094> Applicable VLAN ID [Initial value] none [Input mode] global configuration mode [Description] Registers a static entry in the MAC address table. If action is specified as "forward," received frames that match the specified MAC address and VLAN ID are forwarded to the specified interface.
Command Reference | Layer 2 functions | 171 1 1 sa1 sa2 1803.731e.8c2b 782b.cbcb.218d forward forward dynamic dynamic 300 300 6.1.
| Command Reference | Layer 2 functions [Keyword] name : Specifies the name of the VLAN state : Specifies the state of the VLAN : <2-4094> [Parameter] vlan-id VLAN ID name : Single-byte alphanumeric characters and single-byte symbols(32characters or less) Name of the VLAN state : Whether frame forwarding is enabled or disabled Setting value Description enable Frames are forwarded disable Frames are not forwarded [Initial value] none [Input mode] VLAN mode [Description] Sets the VLAN
Command Reference | Layer 2 functions | 173 Setting value Description isolated Secondary VLAN (isolated VLAN) [Initial value] none [Input mode] VLAN mode [Description] Uses vlan-id as a private VLAN. If this command is executed with the "no" syntax, the private VLAN setting is deleted, and it is used as a conventional VLAN.
| Command Reference | Layer 2 functions [Description] Specify the association of the secondary VLAN (isolated VLAN, community VLAN) with the primary VLAN of the private VLAN. By specifying "add," specify the association of the vlan-id with the 2nd-vlan-ids. By specifying "remove," remove the association of the vlan-id and the 2nd-vlan-ids. If this command is executed with the "no" syntax, all associations to the primary VLAN are deleted.
Command Reference | Layer 2 functions | 175 [Input mode] interface mode [Description] Sets the VLAN ID that is associated as an access port with the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be set only for a LAN/SFP port or logical interface for which the switchport mode access command is set.
| Command Reference | Layer 2 functions 6.2.
Command Reference | Layer 2 functions | 177 SWR2311P(config)#interface port1.1 SWR2311P(config-if)#switchport mode trunk SWR2311P(config-if)#switchport trunk allowed vlan add 2 6.2.
| Command Reference | Layer 2 functions [Initial value] none [Input mode] interface mode [Description] Specifies the private VLAN port type for the applicable interface. If this is executed with the "no" syntax, the setting of the private VLAN specified for the applicable interface is deleted. [Note] This command can be set only for a LAN/SFP port for which the switchport mode access command is set. In addition, promiscuous can be specified for the following interfaces.
Command Reference | Layer 2 functions | 179 SWR2311P(config)# interface port1.1 SWR2311P(config-if)# switchport mode private-vlan host SWR2311P(config-if)# switchport private-vlan host-association 100 add 101 SWR2311P(config-if)# interface port1.2 SWR2311P(config-if)# switchport mode private-vlan host SWR2311P(config-if)# switchport private-vlan host-association 100 add 102 SWR2311P(config-if)# interface port1.
| Command Reference | Layer 2 functions SWR2311P(config)# interface port1.1 SWR2311P(config-if)# switchport mode private-vlan promiscuous SWR2311P(config-if)# switchport private-vlan mapping 100 add 101 SWR2311P(config-if)# switchport private-vlan mapping 100 add 102 SWR2311P(config-if)# switchport private-vlan mapping 100 add 103 6.2.
Command Reference | Layer 2 functions | 181 SWR2311P(config)#interface port1.1 SWR2311P(config-if)#switchport voice cos 6 6.2.15 Set DSCP value for voice VLAN [Syntax] switchport voice dscp value no switchport voice dscp [Parameter] value : <0-63> DSCP value to specify for connected device [Initial value] switchport voice dscp 0 [Input mode] interface mode [Description] Specify the DSCP value to use for voice traffic by the connected device.
| Command Reference | Layer 2 functions Even if multiple VLAN is specified, correct communication might not be possible due to the following. • Spanning tree block status • IGMP snooping or MLD snooping status • Loop detection block status [Example] Assign LAN port #1 to multiple VLAN group #10. SWR2311P(config)#interface port1.1 SWR2311P(config-if)#switchport multiple-vlan group 10 SWR2311P(config-if)#exit 6.2.
Command Reference | Layer 2 functions | 183 Item Description Name Name of the VLAN State VLAN status (whether frames are forwarded) • ACTIVE : forwarded • SUSPEND : not forwarded Member ports Interfaces associated with the VLAN ID • (u) : Access port (untagged port) • (t) : Trunk port (tagged port) [Example] Show all VLAN information.
| Command Reference | Layer 2 functions [Parameter] group-id : <1-256> Multiple VLAN group ID [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the setting status for multiple VLAN groups. If the "group" specification is omitted, all groups that are actually assigned to the interface are shown. [Example] Shows the setting status for multiple VLAN groups.
Command Reference | Layer 2 functions | 185 If this command is executed with the "no" syntax, the setting returns to the default. [Note] The setting of this command must satisfy the following conditions. 2 x (hello time + 1) <= maximum aging time <= 2 x (forward delay time - 1) The maximum aging time can be set by the spanning-tree max-age command. The hello time is always 2 seconds, and cannot be changed. [Example] Set the forward delay time to 10 seconds. SWR2311P(config)#spanning-tree forward-time 10 6.
| Command Reference | Layer 2 functions [Note] In the case of MSTP, this is the setting for CIST (instance #0). [Example] Set the bridge priority to 4096. SWR2311P(config)#spanning-tree priority 4096 6.3.
Command Reference | Layer 2 functions | 187 [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface. If a LAN/SFP port is associated with a logical interface, the setting of this command for the corresponding LAN/SFP port returns to the default. [Example] Set the LAN port #1 link type to "shared." SWR2311P(config)#interface port1.
| Command Reference | Layer 2 functions [Initial value] spanning-tree bpdu-guard disable [Input mode] interface mode [Description] Sets BPDU guard for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
Command Reference | Layer 2 functions | 189 SWR2311P(config)#interface port1.1 SWR2311P(config-if)#spanning-tree path-cost 100000 6.3.10 Set interface priority [Syntax] spanning-tree priority priority no spanning-tree priority [Parameter] priority : <0-240> (multiple of 16) Priority value [Initial value] spanning-tree priority 128 [Input mode] interface mode [Description] Sets the priority of the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Layer 2 functions 6.3.12 Show spanning tree status [Syntax] show spanning-tree [interface ifname] [Keyword] interface : Specifies the interface to show : Name of LAN/SFP port or logical interface [Parameter] ifname Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the spanning tree status. If "interface" is omitted, the status of all interfaces is shown. In the case of MSTP, shows CIST (instance #0) information.
Command Reference | Layer 2 functions | 191 Item Description Root Root bridge identifier. This consists of the root bridge priority (the first four hexadecimal digits) and MAC address Designated Bridge Bridge identifier.
| Command Reference | Layer 2 functions % % % % % % port1.1: port1.1: port1.1: port1.1: port1.1: port1.1: No portfast configured - Current portfast off bpdu-guard disabled - Current bpdu-guard off bpdu-filter disabled - Current bpdu-filter off no root guard configured - Current root guard off Configured Link Type point-to-point - Current point-to-point No auto-edge configured - Current port Auto Edge off 6.3.
Command Reference | Layer 2 functions | 193 % Other Port-Specific Info -----------------------% Max Age Transitions % Msg Age Expiry % Similar BPDUS Rcvd % Src Mac Count % Total Src Mac Rcvd % Next State % Topology Change Time : : : : : : : 1 0 0 0 3 Discard/Blocking 0 % Other Bridge information & Statistics -------------------------------------% STP Multicast Address : 01:80:c2:00:00:00 % Bridge Priority : 32768 % Bridge Mac Address : ac:44:f2:30:01:10 % Bridge Hello Time : 2 % Bridge Forward Delay : 15
| Command Reference | Layer 2 functions [Example] Move to MST mode. SWR2311P(config)#spanning-tree mst configuration SWR2311P(config-mst)# 6.3.16 Generate MST instance [Syntax] instance instance-id no instance [Parameter] instance-id : <1-15> Instance ID [Initial value] none [Input mode] MST mode [Description] Generates an MST instance. If this command is executed with the "no" syntax, the MST instance is deleted.
Command Reference | Layer 2 functions | 195 SWR2311P(config)#spanning-tree mst configuration SWR2311P(config-mst)#instance 1 vlan 2 6.3.18 Set priority of MST instance [Syntax] instance instance-id priority priority no instance instance-id priority [Parameter] instance-id : <1-15> Instance ID priority : <0-61440> (multiple of 4096) Priority value [Initial value] instance instance-id priority 32768 [Input mode] MST mode [Description] Sets the priority of the MST instance.
| Command Reference | Layer 2 functions [Parameter] revision : <0-65535> Revision number [Initial value] revision 0 [Input mode] MST mode [Description] Sets the revision number of the MST region. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set the revision number as 2 for the MST region. SWR2311P(config)#spanning-tree mst configuration SWR2311P(config-mst)#revision 2 6.3.
Command Reference | Layer 2 functions | 197 Priority value [Initial value] spanning-tree instance instance-id priority 128 [Input mode] interface mode [Description] Sets the priority for the applicable interface in the MST instance. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
| Command Reference | Layer 2 functions SWR2311P(config)#interface port1.1 SWR2311P(config-if)#spanning-tree instance 2 SWR2311P(config-if)#spanning-tree instance 2 path-cost 100000 6.3.24 Show MST region information [Syntax] show spanning-tree mst config [Input mode] unprivileged EXEC mode, priviledged EXEC mode, interface mode [Description] Shows distinguishing information for the MST region. [Example] Show distinguishing information for the MST region.
Command Reference | Layer 2 functions | 199 % % 0: 1: 1 100 (port1.8) Show detailed MSTP information for LAN port #8. SWR2311P>show spanning-tree mst detail interface port1.
| Command Reference | Layer 2 functions [Description] Shows information for the specified MST instance. If "interface" is omitted, information is shown for all interfaces that are assigned the specified MST instance. [Note] A LAN/SFP port that is associated with a logical interface cannot be specified as ifname. [Example] Show information for MST instance #1.
Command Reference | Layer 2 functions | 201 SWR2311P(config)#loop-detect enable Disable the loop detection function for the entire system. SWR2311P(config)#loop-detect disable 6.4.
| Command Reference | Layer 2 functions 6.4.
Command Reference | Layer 2 functions | 203 The following items are shown. • Setting of the system-wide loop detection function • Loop detection status for each LAN/SFP port • Interface name (port) • Setting of the loop detection function (loop-detect) for LAN/SFP port. If the loop detection function is operating, (*) is added • Status of the Port Blocking setting (port-blocking) • Loop detection status (status) [Example] Show the loop detection status.
| Command Reference | Layer 3 functions Chapter 7 Layer 3 functions 7.1 IPv4 address management 7.1.1 Set IPv4 address [Syntax] ip address ip_address/mask [label textline] ip address ip_address netmask [label textline] no ip address [Keyword] label : Set label as IPv4 address : A.B.C.D [Parameter] ip_address IPv4 address mask : <1-31> Number of mask bits netmask : A.B.C.D Netmask in address format textline : Label (maximum 64 characters) [Initial value] ip address 192.168.100.
Command Reference | Layer 3 functions | 205 [Description] Shows the IPv4 address for each interface. The following content is shown. • IPv4 address • If an IPv4 address has been specified by the ip address dhcp command, an "*" is shown added before the displayed IPv4 address. • If the IPv4 address is not specified after setting the ip address dhcp command (such as while searching for the server), then "searching" is shown. • If the ip address command has not been set, the indication "unassigned" is shown.
| Command Reference | Layer 3 functions SWR2311P(config)#interface vlan100 SWR2311P(config-if)#ip address dhcp 7.1.4 Show DHCP client status [Syntax] show dhcp lease [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the DHCP client status. The following items are shown.
Command Reference | Layer 3 functions | 207 [Description] For the VLAN interface, enables the Auto IP function which automatically generates the IPv4 link local address (169.254.xxx.xxx/16). The Auto IP function works only if an IPv4 address cannot be obtained from the DHCP server after the ip address dhcp command is specified. The Auto IP function can be enabled for only one VLAN interface. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Layer 3 functions [Description] Adds a static route for IPv4. If this command is executed with the "no" syntax, the specified route is deleted. [Example] Set the default gateway to 192.168.1.1. SWR2311P(config)#ip route 0.0.0.0/0 192.168.1.1 For the destination 172.16.0.0/16, set the gateway to 192.168.2.1. SWR2311P(config)#ip route 172.16.0.0 255.255.0.0 192.168.2.1 7.2.
Command Reference | Layer 3 functions | 209 SWR2311P>show ip route database Codes: C - connected, S - static > - selected route, * - FIB route S S S C C *> *> *> *> *> 0.0.0.0/0 [1/0] via 192.168.100.1, vlan1 172.16.0.0/16 [1/0] via 192.168.200.240, vlan100 192.168.1.1/32 [1/0] is directly connected, vlan100 192.168.100.0/24 is directly connected, vlan1 192.168.200.0/24 is directly connected, vlan100 Gateway of last resort is not set 7.2.
| Command Reference | Layer 3 functions 7.3.3 Set static ARP entry [Syntax] arp ip_address mac_address interface no arp ip_address [Parameter] ip_address : A.B.C.D IP address mac_address : HHHH.HHHH.HHHH MAC address interface : portN.M Physical interface name [Initial value] none [Input mode] global configuration mode [Description] Creates a static group ARP entry. If this command is executed with the "no" syntax, the specified entry is deleted.
Command Reference | Layer 3 functions | 211 no ip forwarding [switch] [Parameter] switch : IPv4 packet forwarding settings Setting value Description enable Enable forwarding of IPv4 packets disable Disable forwarding of IPv4 packets [Initial value] ip forwarding disable [Input mode] global configuration mode [Description] Enables or disables forwarding of IPv4 packets. If this is executed with the "no" syntax, the setting returns to the default. 7.4.
| Command Reference | Layer 3 functions timeout : <1-65535> Time to wait for a reply (if omitted: 2) This is ignored if the number of times to execute is specified as "continuous" [Input mode] priviledged EXEC mode [Description] Send ICMP Echo to the specified host, and wait for ICMP Echo Reply. If there is a reply, show it. Show statistical information when the command ends. [Example] Ping the IP address 192.168.100.254 three times with a data size of 120 bytes. SWR2311P#ping 192.168.100.
Command Reference | Layer 3 functions | 213 Setting value Description disable Disable the IPv6 [Initial value] ipv6 disable [Input mode] interface mode [Description] Enables IPv6 for the VLAN interface and automatically sets the link local address. IPv6 addresses can be assigned to a maximum of 8 VLAN interfaces. If IPv6 is disabled, related settings are also simultaneously deleted. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Layer 3 functions [Initial value] none [Input mode] interface mode [Description] Uses RA to specify an IPv6 address for the VLAN interface. RA can be specified only for the VLAN interface for which the ipv6 enable command has been specified. If the ipv6 address ipv6_address/prefix_len command was executed before executing this command, the setting of the ipv6 address ipv6_address/prefix_len command is automatically deleted.
Command Reference | Layer 3 functions | 215 no ipv6 route ipv6_address/prefix_len [gateway [number]] no ipv6 route ipv6_address/prefix_len [null [number]] [Keyword] null : Discard packet without forwarding it : X:X::X:X [Parameter] ipv6_address IPv6 address Set this to :: (abbreviated 0:0:0:0:0:0:0:0) if specifying the default gateway prefix_len : <1-127> IPv6 prefix Set this to 0 if specifying the default gateway gateway : X:X::X:X IPv6 address of gateway If you specify an IPv6 link local addres
| Command Reference | Layer 3 functions [Note] [Example] Show the entire IPv6 forwarding information base. SWR2311P>show ipv6 route Codes: C - connected, S - static Timers: Uptime S C S C ::/0 [1/0] via fe80::2a0:deff:fe:1, vlan1, 00:03:08 2001:db8:1::/64 via ::, vlan1, 00:01:10 2001:db8:2::/64 [1/0] via 2001:db8:1::1, vlan1, 00:01:52 fe80::/64 via ::, vlan1, 00:03:08 Show the route used for sending packets that are addressed to 2001:db8:1::2.
Command Reference | Layer 3 functions | 217 7.8 Neighbor cache 7.8.1 Set static neighbor cache entry [Syntax] ipv6 neighbor ipv6_address interface mac_address interface no ipv6 neighbor ipv6_address interface [Parameter] ipv6_address : X:X::X:X IPv6 address interface : vlanN VLAN interface name mac_address : HHHH.HHHH.HHHH MAC address interface : portN.M Physical interface name [Input mode] global configuration mode [Description] Adds a static entry to the neighbor cache.
| Command Reference | Layer 3 functions [Description] Clears the neighbor cache. [Note] [Example] Clear the neighbor cache. SWR2311P#clear ipv6 neighbors 7.9 IPv6 forwarding control 7.9.
Command Reference | Layer 3 functions | 219 [Parameter] host : Host name, or target IPv6 address (X:X::X:X) Target to which ICMPv6 Echo is sent If you specify an IPv6 link local address, you must also specify the output interface (fe80::X%vlanN format) count datalen : : Number of times to execute (if omitted: 5) Setting value Description <1-2147483647> Execute the specified number of times continuous Execute repeatedly until Ctrl+C is entered <36-18024> Length of ICMP payload (if omitted: 56)
| Command Reference | Layer 3 functions 1 2 3 4 5 6 2001:db8:10::1 (2001:db8:10::1) 0.563 ms 0.412 2001:db8:20::1 (2001:db8:20::1) 0.561 ms 0.485 2001:db8:30::1 (2001:db8:30::1) 0.864 ms 0.693 2001:db8:40::1 (2001:db8:40::1) 0.751 ms 0.783 2001:db8:50::1 (2001:db8:50::1) 7.689 ms 7.527 2001:db8:1::2 (2001:db8:1::2) 33.948 ms 10.413 ms ms ms ms ms ms 0.428 ms 0.476 ms 21.104 ms 0.673 ms 7.168 ms 7.681 ms 7.11 DNS client 7.11.
Command Reference | Layer 3 functions | 221 [Note] If the ip address dhcp command was used to obtain the DNS server list from the DHCP server, the setting of this command takes priority. However if fewer than three items were registered to the DNS server list by this command, up to a total of three items of the DNS server list obtained from the DHCP server are added to the end of this list. [Example] Add the IP addresses 192.168.100.1, 2001:db8::1234, and fe80::2a0:deff:fe11:2233 to the DNS server list.
| Command Reference | Layer 3 functions [Note] If a search domain list is specified by this command, the default domain name specified by the dns-client domain-name command and the default domain name automatically specified by the ip address dhcp command are not used. [Example] Add the domain names "example1.com" and "example2.com" to the search domain list. SWR2311P(config)#dns-client domain-list example1.com SWR2311P(config)#dns-client domain-list example2.com 7.11.
Command Reference | IP multicast control | 223 Chapter 8 IP multicast control 8.1 IP multicast basic settings 8.1.
| Command Reference | IP multicast control [Example] Enable IGMP snooping for VLAN #2. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ip igmp snooping enable Disable IGMP snooping for VLAN #2. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ip igmp snooping disable 8.2.
Command Reference | IP multicast control | 225 The multicast router must be connected to the specified LAN/SFP port. If an IGMP report is received from the receiver, it is forwarded to the specified LAN/SFP port. [Example] Specify LAN port #8 as a connection destination of the multicast router. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ip igmp snooping mrouter interface port1.8 Remove LAN port #8 as a connection destination of the multicast router.
| Command Reference | IP multicast control [Note] This command can be specified only for VLAN interface. Also, this can be specified only if IGMP snooping is enabled. [Example] Set the VLAN #2 query transmission interval to 30 seconds. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ip igmp snooping query-interval 30 Return the VLAN #2 query transmission interval to the default setting.
Command Reference | IP multicast control | 227 IGMP version [Initial value] ip igmp snooping version 3 [Input mode] interface mode [Description] Sets the IGMP version. If this command is executed with the "no" syntax, the IGMP version returns to the default setting (V3). [Note] This command can be specified only for VLAN interface. Also, this can be specified only if IGMP snooping is enabled. If an IGMP packet of a different version than this setting is received, the following action occurs.
| Command Reference | IP multicast control [Parameter] A.B.C.D : Multicast group address ifname : VLAN interface name Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows IGMP group membership information. [Example] Show IGMP group membership information. SWR2311P#show ip igmp snooping groups IGMP Snooping Group Membership Group source list: (R - Remote, S - Static) Vlan Group/Source Address Interface Reporter Version 1 239.255.255.250 port1.5 192.168.
Command Reference | IP multicast control | 229 Number of v2-leaves: 0 Number of v3-reports: 127 Active Ports: port1.5 port1.8 8.2.11 Clear IGMP group membership entries [Syntax] clear ip igmp snooping clear ip igmp snooping group A.B.C.D clear ip igmp snooping interface ifname [Keyword] group : Specifies the multicast group address to be cleared interface : Specifies the VLAN interface to be cleared : Multicast group address [Parameter] A.B.C.
| Command Reference | IP multicast control [Example] Enable MLD snooping for VLAN #2. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ipv6 mld snooping enable Disnable MLD snooping for VLAN #2. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ipv6 mld snooping disable 8.3.
Command Reference | IP multicast control | 231 The multicast router must be connected to the specified LAN/SFP port. If an MLD report is received from the receiver, it is forwarded to the specified LAN/SFP port. [Example] Specify LAN port #8 as a connection destination of the multicast router. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ipv6 mld snooping mrouter interface port1.8 Remove LAN port #8 as a connection destination of the multicast router.
| Command Reference | IP multicast control [Note] This command can be specified only for VLAN interfaces. Also, this can be specified only if MLD snooping is enabled. [Example] Set the VLAN #2 query transmission interval to 30 seconds. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ipv6 mld snooping query-interval 30 Return the VLAN #2 query transmission interval to the default setting.
Command Reference | IP multicast control | 233 Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the multicast router connection port information that was dynamically learned or statically set. [Example] Show multicast router connection port information for VLAN #2. SWR2311P#show ipv6 mld snooping mrouter vlan2 VLAN Interface IP-address Expires 2 port1.11(dynamic) fe80::ae44:f2ff:fe30:291 00:01:04 8.3.
| Command Reference | IP multicast control [Parameter] ifname : VLAN interface name Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Show a VLAN interface's MLD-related information. [Example] Show MLD-related information for VLAN #1.
Command Reference | Traffic control | 235 Chapter 9 Traffic control 9.1 ACL 9.1.1 Generate IPv4 access list [Syntax] access-list ipv4-acl-id [seq_num] action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg] no access-list ipv4-acl-id [seq_num] [action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg]] [Keyword] ack : If tcp is specified as the protocol, the ACK flag of the TCP header is specified as a condition.
| Command Reference | Traffic control Setting value src-port : Description A.B.C.D/M Specifies an IPv4 address (A.B.C.D) with subnet mask length (Mbit) host A.B.C.D Specifies a single IPv4 address (A.B.C.D) any Applies to all IPv4 addresses <0-65535> If protocol is specified as tcp or udp, this specifies the transmission source port number <0-65535> that is the condition. This can also be omitted.
Command Reference | Traffic control | 237 SWR2311P(config)#access-list 1 deny any 192.168.1.0 0.0.0.255 host 172.16.1.1 Delete IPv4 access list #1. SWR2311P(config)#no access-list 1 9.1.2 Add comment to IPv4 access list [Syntax] access-list ipv4-acl-id description line no access-list ipv4-acl-id description [Parameter] ipv4-acl-id : <1-2000> ID of IPv4 access list to which a comment will be added line : Comment to add.
| Command Reference | Traffic control If the received/transmitted frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the corresponding frame. If this command is executed with the "no" syntax, the applied access list is deleted from both LAN/SFP port and logical interface. [Note] Only one access list for each direction can be registered for incoming frames (in) and for outgoing frames (out) on the same interface.
Command Reference | Traffic control | 239 To apply the generated access list, use the access-group command of interface mode. If the "no" syntax is used to specify "action" and following, the IPv6 access list that matches all conditions is deleted. If the "no" syntax is used without specifying "action" and following, the IPv6 access list of the matching ID of access list is deleted. [Note] An access list that is applied to LAN/SFP port and logical interface cannot be deleted using the "no" syntax.
| Command Reference | Traffic control Setting value Description in Apply to received frames out Apply to transmitted frames [Initial value] none [Input mode] interface mode [Description] Applies an IPv6 access list to both LAN/SFP port and logical interface. If the received/transmitted frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the corresponding frame.
Command Reference | Traffic control | 241 Setting value dst-info : Description HHHH.HHHH.HHHH WWWW.WWWW.WWWW Specifies the MAC address (HHHH.HHHH.HHHH) with wildcard bits (WWWW.WWWW.WWWW) host HHHH.HHHH.HHHH Specifies an individual MAC address (HHHH.HHHH.HHHH) any Applies to all MAC addresses Specifies the destination MAC address information that is the condition Setting value Description HHHH.HHHH.HHHH WWWW.WWWW.WWWW Specifies the MAC address (HHHH.HHHH.HHHH) with wildcard bits (WWWW.WWWW.
| Command Reference | Traffic control [Initial value] none [Input mode] global configuration mode [Description] Adds a comment (remark) to the already-generated MAC access list. If this is executed with the "no" syntax, the comment is deleted from the MAC access list. [Note] You can use this command to add a comment even after the access list has been applied to LAN/SFP port and logical interface. (The last-written comment overwrites the previous one.
Command Reference | Traffic control | 243 9.1.10 Show generated access list [Syntax] show access-list [acl_id] [Parameter] acl-id : <1-2000>, <2001-3000>, <3001-4000> ID of access list [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the registered access list. If acl-id is omitted, all access lists are shown.
| Command Reference | Traffic control SWR2311P>show access-group Interface port1.1 : IPv4 access group 1 in Interface port1.7 : IPv6 access group 3002 in Interface port1.8 : MAC access group 2001 in 9.1.
Command Reference | Traffic control | 245 9.1.15 Set VLAN access map filter [Syntax] vlan filter access-map-name vlan-id [direction] no vlan filter access-map-name vlan-id [direction] [Parameter] access-map-name : Single-byte alphanumeric characters and single-byte symbols(256 characters or less) Access map name specified by the vlan access-map command vlan-id : <1-4094> VLAN ID set to the "enable" status by the vlan command direction : Specifies the direction of applicable frames.
| Command Reference | Traffic control [Example] Show VLAN access map information. SWR2311P>show vlan access-map Vlan access-map VAM001 match ipv4 access-list 2 9.1.17 Show VLAN access map filter [Syntax] show vlan filter [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Show VLAN access map filter application information. The following items are shown.
Command Reference | Traffic control | 247 SWR2311P(config)#qos disable 9.2.2 Set default CoS [Syntax] qos cos value no qos cos [Parameter] value : <0-7> Default CoS value [Initial value] qos cos 0 [Input mode] interface mode [Description] Sets the default CoS of LAN/SFP port and logical interface. If this is executed with the "no" syntax, the default value (CoS=0) is specified. The default CoS is used if untagged frames are received when the interface's trust mode is set to CoS.
| Command Reference | Traffic control [Description] Specifies the trust mode of LAN/SFP port and logical interface. If this is executed with the "no" syntax, the default value (CoS trust mode) is specified. In the case of "CoS" trust mode, the CoS value of incoming frames is used to determine the egress queue. In the case of "DSCP," the DSCP value of incoming frames is used to determine the egress queue.
Command Reference | Traffic control | 249 [Parameter] ifname : Name of the LAN/SFP port or logical interface. If this is omitted, the command applies to all ports. Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows QoS settings for the specified interface. The following content is shown.
| Command Reference | Traffic control Port Trust Mode: DSCP Egress Traffic Shaping: Not Configured Queue Scheduling: Queue0 : SP Queue1 : SP Queue2 : SP Queue3 : SP Queue4 : SP Queue5 : SP Queue6 : SP Queue7 : SP DSCP (Queue): 0(2), 8(0), 16(1), 24(3), 32(4), 40(5), 48(6), 56(7), 1(2), 9(0), 17(1), 25(3), 33(4), 41(5), 49(6), 57(7), 2(2), 10(0), 18(1), 26(3), 34(4), 42(5), 50(6), 58(7), 3(2), 11(0), 19(1), 27(3), 35(4), 43(5), 51(6), 59(7), 4(2), 12(0), 20(1), 28(3), 36(4), 44(5), 52(6), 60(7), 5(
Command Reference | Traffic control | 251 CoS value of conversion source queue-id : <0-7> Egress queue ID corresponding to CoS value [Initial value] See [Note] [Input mode] global configuration mode [Description] Specifies the values of the CoS - egress queue ID conversion table that is used to determine the egress queue. If this is executed with the "no" syntax, the egress queue ID for the specified CoS value is returned to the default setting.
| Command Reference | Traffic control The DSCP - egress queue ID conversion table is used when the trust mode is set to DSCP. [Note] In order to execute this command, QoS must be enabled. The following table shows the default settings of the DSCP - egress queue ID conversion table. DSCP value Egress queue 0-7 2 8-15 0 16-23 1 24-31 3 32-39 4 40-47 5 48-55 6 56-63 7 [Example] Assign egress queue #4 to DSCP value "0.
Command Reference | Traffic control | 253 9.2.10 Specify egress queue of frames transmitted from the switch itself [Syntax] qos queue sent-from-cpu queue-id no qos queue sent-from-cpu [Parameter] queue-id : <0-7> Egress queue ID [Initial value] qos queue sent-from-cpu 7 [Input mode] global configuration mode [Description] Specifies the egress queue for the storage destination of frames sent to each LAN/SFP port from the switch itself (CPU).
| Command Reference | Traffic control SWR2311P(config)#class-map class1 SWR2311P(config-cmap)# 9.2.12 Associate class map [Syntax] class name no class name [Parameter] name : Class map name [Input mode] policy map mode [Description] Associates a class map to a policy map. When the class map association succeeds, move to policy map class mode. In policy map class mode, you can make the following settings for each traffic class.
Command Reference | Traffic control | 255 IPv4 access list ID : <2001 - 3000> MAC access list ID : <3001 - 4000> IPv6 access list ID [Input mode] class map mode [Description] Uses the access list as the conditions to classify the traffic class. If the received frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the traffic class. If this is executed with the "no" syntax, the condition settings of the access list are deleted.
| Command Reference | Traffic control [Input mode] class map mode [Description] Uses the value of the IP header's TOS precedence field as a condition to classify the traffic class. If this is executed with the "no" syntax, the classification conditions using TOS precedence are deleted. The setting can be repeated up to the maximum number (eight) of registrations. [Note] In order to execute this command, QoS must be enabled.
Command Reference | Traffic control | 257 Setting value Description 0xXXXX Hexadecimal expression of type value any All frame [Input mode] class map mode [Description] Uses the Ethernet frame's type value and the presence of a VLAN tag as the conditions to classify the traffic class. If this command is executed with the "no" syntax, deletes conditional settings based on the Ethernet frame's type value and the presence of a VLAN tag.
| Command Reference | Traffic control Ending VLAN ID value used as classification condition. The range from the specified starting value to the ending value can be a maximum of 30. [Input mode] class map mode [Description] Uses the VLAN ID as the condition to classify the traffic class. To delete the classification condition, use the no match vlan command. This can be used in conjunction with the setting of the match vlan command.
Command Reference | Traffic control | 259 9.2.21 Generate policy map for received frames [Syntax] policy-map name no policy-map name [Parameter] name : Name of policy map (maximum 32 characters; uppercase and lowercase are distinguished) [Input mode] global configuration mode [Description] Generates a policy map. The policy map combines the following processing for received frames, for each traffic class.
| Command Reference | Traffic control [Description] Applies the policy map to the corresponding LAN/SFP port and logical interface. If this is executed with the "no" syntax, the policy map is deleted from the LAN/SFP port and logical interface. [Note] In order to execute this command, QoS must be enabled. If a policy map has already been applied to the LAN/SFP port and logical interface, an error occurs.
Command Reference | Traffic control | 261 Pre-marking cannot be used in conjunction with the set egress queue function. [Example] Make the following settings for received frames of LAN port #1 • Permit traffic from the 10.1.0.0 network • Change the classified traffic class to the CoS value "2" [Traffic class definition] SWR2311P(config)#access-list 1 permit any 10.1.0.0 0.0.255.
| Command Reference | Traffic control 9.2.25 Set pre-marking (DSCP) [Syntax] set ip-dscp value no set dscp [Parameter] value : <0 - 63> DSCP value specified by pre-marking [Input mode] policy map class mode [Description] Changes the DSCP value of the classified traffic class to the specified DSCP value. In addition, reassign the egress queue according to the egress queue ID table that corresponds to the trust mode.
Command Reference | Traffic control | 263 [Parameter] CIR : <1 - 102300000> Traffic rate (kbps) CBS : <11 - 2097120> Burst size of conformant token bucket (kbyte) EBS : <11 - 2097120> Burst size of excess token bucket (kbyte) action : Operation for packets categorized by bandwidth class Setting value Operation transmit Forward drop Discard remark Remarking (CoS/TOS/DSCP) [Input mode] policy map class mode [Description] Specifies individual policers (single rate) for the categorized traffi
| Command Reference | Traffic control 9.2.27 Set individual policers (twin rate) [Syntax] police twin-rate CIR PIR CBS PBS yellow-action action red-action action no police [Keyword] twin-rate : Use twin rate policers : <1 - 102300000> [Parameter] CIR Traffic rate (kbps) PIR : <1 - 102300000> Peak traffic rate (kbps). A value less than CIR cannot be specified.
Command Reference | Traffic control | 265 SWR2311P(config-cmap)#match access-group 1 SWR2311P(config-cmap)#exit [Policy settings] SWR2311P(config)#policy-map policy1 SWR2311P(config-pmap)#class class1 SWR2311P(config-pmap-c)#police twin-rate 48 96 12 12 yellow-action remark red-action drop SWR2311P(config-pmap-c)#remark-map yellow ip-dscp 10 SWR2311P(config-pmap-c)#exit SWR2311P(config-pmap)#exit SWR2311P(config)#interface port1.1 SWR2311P(config-if)#service-policy input policy1 9.2.
| Command Reference | Traffic control PHB DSCP value RFC default 0 2474 Class Selector 0, 8, 16, 24, 32, 40, 48, 56 2474 Assured Forwarding 10, 12, 14, 18, 20, 22, 26, 28, 30, 34, 36, 2597 38 Expedited Forwarding(EF) 46 2598 [Example] Make the following settings for received frames of LAN port #1@ • Permit traffic from the 10.1.0.
Command Reference | Traffic control | 267 9.2.
| Command Reference | Traffic control no police [Keyword] twin-rate : Use twin rate policers : <1 - 102300000> [Parameter] CIR Traffic rate (kbps) PIR : <1 - 102300000> Peak traffic rate (kbps). A value less than CIR cannot be specified.
Command Reference | Traffic control | 269 [Parameter] color : Bandwidth class to remark Setting value type : Description yellow Make remarking settings for bandwidth class Yellow red Make remarking settings for bandwidth class Red Type of remarking Setting value value : Description cos CoS remarking ip-precedence TOS precedence remarking ip-dscp DSCP remarking <0 - 7> CoS or TOS precedence remarking value : <0 - 63> DSCP remarking value [Input mode] aggregate policer mode [Description
| Command Reference | Traffic control 9.2.33 Show aggregate policers [Syntax] show aggregate-police [name] [Parameter] name : Aggregate policer name. If this is omitted, the command applies to all aggregate policers. [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the contents of an aggregate policer. The contents shown are the same as in the police section shown by the show classmap command. [Note] In order to execute this command, QoS must be enabled.
Command Reference | Traffic control | 271 SWR2311P(config)#policy-map policy1 SWR2311P(config-pmap)#class class1 SWR2311P(config-pmap-c)#police-aggregate AGP-01 SWR2311P(config-pmap-c)#exit SWR2311P(config-pmap)#class class2 SWR2311P(config-pmap-c)#police-aggregate AGP-01 SWR2311P(config-pmap-c)#exit SWR2311P(config-pmap)#exit SWR2311P(config)#interface port1.1 SWR2311P(config-if)#service-policy input policy1 9.2.
| Command Reference | Traffic control [Input mode] priviledged EXEC mode [Description] Clears the metering totals for all policers (individual policers / aggregate policers) on the specified LAN/SFP port or logical interface. [Note] In order to execute this command, QoS must be enabled. [Example] Clear the metering totals for LAN port #1. SWR2311P#clear qos metering-counter port1.1 9.2.
Command Reference | Traffic control | 273 [Parameter] value : <0 - 63> DSCP value corresponding to egress queue [Input mode] policy map class mode [Description] Assigns an egress queue to the classified traffic class. Use the DSCP value to specify the egress queue; the egress queue that is assigned is based on the "DSCP-egress queue ID conversion table." If this is executed with the "no" syntax, the specification of egress queue based on traffic class is removed.
| Command Reference | Traffic control Item Description - Match ethertype (Ethernet Type) - Match vlan (VLAN ID) - Match vlan-range (VLAN ID) - Match CoS (CoS value) - Match IP precedence (TOS precedence) - Match IP DSCP (DSCP value) Set Pre-marking setting, egress queue setting - Set CoS (Pre-marking setting : CoS value) - Set IP precedence (Pre-marking setting : TOS precedence) - Set IP DSCP (Pre-marking setting : DSCP value) - Set CoS-Queue (Specify egress queue : CoS - Set IP-DSCP-Queue (Specify e
Command Reference | Traffic control | 275 average rate (48 Kbits/sec) burst size (12 KBytes) excess burst size (12 KBytes) yellow-action (Remark [DSCP:10]) red-action (Drop) 9.2.40 Show map status [Syntax] show qos map-status type [name] [Parameter] type : Type of map to show Setting value name : Description policy Show policy map status information class Show class map status information The name of the policy map (or class map) to show.
| Command Reference | Traffic control SWR2311P#show qos map-status class class1 class1 status policy-map association : policy1 (Detached) edit/erase : Disable attach limitation CoS trust mode : Enable DSCP trust mode : Enable Port-Priority trust mode : Disable 9.2.
Command Reference | Traffic control | 277 [Parameter] CIR : <18-1000000> Traffic rate (kbps). Since rounding occurs, the value actually applied to the input value might be less (see [Note]) BC : <4-16000> Burst size (kbyte). Specified in 4-kbyte units. [Initial value] no traffic-shape rate [Input mode] interface mode [Description] Specifies shaping for the port. If this is executed with the "no" syntax, the port shaping setting is disabled. [Note] In order to execute this command, QoS must be enabled.
| Command Reference | Traffic control [Description] Specifies shaping for the egress queue of the port. If this is executed with the "no" syntax, the egress queue shaping setting is disabled. [Note] In order to execute this command, QoS must be enabled. Since rounding occurs on the traffic rate, the value actually applied to the input value might be less. Input value Traffic rate granularity (kbps) 18 - 23476 17.
Command Reference | Traffic control | 279 [Parameter] type : Flow control operation Setting value Description auto Enable flow control auto negotiation both Enable transmission/reception of Pause frames disable Disable flow control [Initial value] flowcontrol disable [Input mode] interface mode [Description] Enables flow control for the LAN/SFP port (IEEE 802.3x PAUSE frames send/receive). If this is executed with the "no" syntax, flow control is disabled.
| Command Reference | Traffic control SWR2311P#show flowcontrol port1.1 Port FlowControl RxPause TxPause ------------------------- ------port1.1 Both 4337 0 Show flow control information for all ports. SWR2311P#show flowcontrol System flow-control: Enable Port FlowControl ------------------port1.1 Both port1.2 Disable port1.3 Both port1.4 Disable port1.5 Disable port1.6 Disable port1.7 Disable port1.8 Disable RxPause TxPause ------- ------4337 0 0 1732 - 9.4 Storm control 9.4.
Command Reference | Traffic control | 281 [Parameter] ifname : LAN/SFP port interface name Interface to show [Initial value] none [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the upper limit value for frame reception. If the interface name is omitted, all interfaces are shown. [Example] Show the setting status of all interfaces. SWR2311P#show storm-control Port BcastLevel McastLevel port1.1 30.00% 30.00% port1.2 20.00% 20.00% port1.3 100.00% 100.00% port1.4 100.00% 100.
| Command Reference | Application Chapter 10 Application 10.1 Local RADIUS server 10.1.
Command Reference | Application | 283 10.1.3 Generate a route certificate authority [Syntax] crypto pki generate ca [ca-name] no crypto pki generate ca [Parameter] ca-name : Certificate authority name Characters that can be inputted for the certificate authority name • Within 3–32 characters • Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces • Cannot specify “DEFAULT” [Initial value] none [Input mode] global configuration mode [Description] Generates a route
| Command Reference | Application Setting value Description pap PAP authentication method peap PEAP authentication method eap-md5 EAP-MD5 authentication method eap-tls EAP-TLS authentication method eap-ttls EAP-TTLS authentication method [Initial value] authentication pap peap eap-md5 eap-tls eap-ttls [Input mode] RADIUS configuration mode [Description] Specifies the authentication method used for the local RADIUS server.
Command Reference | Application | 285 [Input mode] RADIUS configuration mode [Description] Adds a RADIUS client (NAS) to the RADIUS client list. The maximum number of registered entries is 100. If this command is executed with the "no" syntax, the specified RADIUS client setting is deleted. [Note] RADIUS client (NAS) information configured using this command will not display in running-config or startup-config.
| Command Reference | Application mac-address : hhhh.hhhh.hhhh (h is hexadecimal) MAC address for terminal (user) to authenticate ssid : SSID connection point (32 characters or less, single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces ) name : User name (32 characters or less, single-byte alphanumeric characters and symbols other than the characters " ? and spaces mail-address : Mail address (256 characters or less, single-byte alphanumeric character
Command Reference | Application | 287 10.1.8 Reauthentication interval setting [Syntax] reauth interval time no reauth interval [Parameter] time : <3600,43200,86400,604800> Reauthentication interval (no. of seconds) [Initial value] reauth interval 3600 [Input mode] RADIUS configuration mode [Description] Sets the reauthentication interval that is notified to the RADIUS client (NAS). The RADIUS client (NAS) determines whether the reauthentication interval will be used.
| Command Reference | Application Authentication method Characters that can be inputted EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces EAP-TLS Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces [Input mode] priviledged EXEC mode [Description] This issues client certificates to users for which the EAP-TLS certification method is specified.
Command Reference | Application | 289 10.1.
| Command Reference | Application Authentication method Characters that can be inputted EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces EAP-TLS Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces [Input mode] priviledged EXEC mode [Description] This exports the client certificates to an SD card.
Command Reference | Application | 291 Client certificates to be sent are ZIP files, compressed using the passwords for each user. E-mail cannot be sent to users whose e-mail addresses have not been set. To send e-mail, the e-mail destination server and e-mail recipient name must be configured in the e-mail template, and an email template ID for use when sending the e-mail must be set using the mail send certificate command. [Note] Only the newest client certificate (1) can be sent via e-mail.
| Command Reference | Application Setting value Description IPv4 address (A.B.C.D) Range from 0.0.0.1 to 223.255.255.255, except for 127.0.0.1 IPv4 network address (A.B.C.
Command Reference | Application | 293 SWR2311P#show radius-server local user detail 00a0de000001 Total 1 userid : password : mode : vlan : MAC : SSID : name : mail-address: expire date : certificated: 00a0de000001 secretpassword eap-tls 10 00a0.de00.0001 YamahaTaro test.com 2037/12/31 Not 10.1.18 Client certificate issuance status display [Syntax] show radius-server local certificate status [Input mode] priviledged EXEC mode [Description] Shows the issuance status for client certificates.
| Command Reference | Application [Example] This displays client certificates that have been issued for specific users. SWR2311P#show radius-server local certificate list detail Yamaha userid certificate number enddate -------------------------------------------------------------------------------------------Yamaha Yamaha-DF598EE9B44D22CC 2018/12/31 Yamaha-DF598EE9B44D22CD 2019/12/31 10.1.
Command Reference | Index | 295 Index A aaa authentication auth-mac 143 aaa authentication auth-web 143 aaa authentication dot1x 143 access-group (IPv4) 237 access-group (IPv6) 239 access-group (MAC) 242 access-list (IPv4) 235 access-list (IPv6) 238 access-list (MAC) 240 access-list description (IPv4) 237 access-list description (IPv6) 239 access-list description (MAC) 241 aggregate-police 266 arp 210 arp-ageing-timeout 210 auth clear-state time (global configuration mode) 158 auth clear-state time (interf
| Command Reference | Index I instance 194 instance priority 195 instance vlan 194 ip address 204 ip address dhcp 205 ip forwarding 210 ip igmp snooping 223 ip igmp snooping check ttl 226 ip igmp snooping fast-leave 224 ip igmp snooping mrouter interface 224 ip igmp snooping querier 225 ip igmp snooping query-interval 225 ip igmp snooping version 226 ip route 207 ipv6 212 ipv6 address 213 ipv6 address autoconfig 213 ipv6 forwarding 218 ipv6 mld snooping 229 ipv6 mld snooping fast-leave 230 ipv6 mld sno
Command Reference | Index | 297 R radius-server deadtime 154 radius-server host 152 radius-server key 153 radius-server local enable 282 radius-server local interface 282 radius-server local refresh 287 radius-server local-profile 283 radius-server retransmit 153 radius-server timeout 152 reauth interval 287 region 195 reload 116 remark-map (aggregate policer mode) 268 remark-map (policy map class mode) 265 restore system 119 revision 195 rmon 60 rmon alarm 63 rmon clear counters 67 rmon event 62 rmon hist
| Command Reference | Index show snmp user 59 show snmp view 58 show spanning-tree 190 show spanning-tree mst 198 show spanning-tree mst config 198 show spanning-tree mst instance 199 show spanning-tree statistics 192 show ssh-server 78 show ssh-server host key 80 show startup-config 33 show static-channel-group 134 show storm-control 280 show tech-support 40 show telnet-server 68 show tftp-server 71 show users 30 show vlan 182 show vlan access-map 245 show vlan filter 246 show vlan multiple-vlan 183 sh