Yamaha L2 Switch Intelligent L2 PoE SWR2311P-10G Command Reference Rev.2.02.
| Command Reference | TOC Contents Preface: Introduction ............................................................................................13 Chapter 1: How to read the command reference ...............................................14 1.1 Applicable firmware revision .....................................................................................................................14 1.2 How to read the command reference .......................................................................
Command Reference | TOC | 3 4.3.5 Erase startup configuration ..........................................................................................................34 4.3.6 Copy startup configuration ..........................................................................................................35 4.3.7 Set description for startup config ................................................................................................36 4.3.8 Select startup config ...............................
| Command Reference | TOC 4.10.8 Set SNMP user ..........................................................................................................................59 4.10.9 Show SNMP community information .......................................................................................60 4.10.10 Show SNMP view settings ......................................................................................................60 4.10.11 Show SNMP group settings .......................................
Command Reference | TOC | 5 4.18.2 Enable SSH client ......................................................................................................................84 4.18.3 Clear SSH host information .......................................................................................................85 4.19 E-mail notification ....................................................................................................................................85 4.19.1 SMTP e-mail server settings ...
| Command Reference | TOC 4.21.14 Set whether to use the L2MS slave's zero config function ....................................................112 4.22 Snapshot .................................................................................................................................................112 4.22.1 Set snapshot function ...............................................................................................................112 4.22.
Command Reference | TOC | 7 5.2.1 Set static logical interface ..........................................................................................................140 5.2.2 Show static logical interface status ............................................................................................141 5.2.3 Set LACP logical interface ........................................................................................................141 5.2.4 Show LACP logical interface status ..................
| Command Reference | TOC 5.4.3 Set operations used for security violations ................................................................................170 5.4.4 Show port security information .................................................................................................170 5.5 Error detection function ............................................................................................................................170 5.5.1 Set automatic recovery from errdisable state ....
Command Reference | TOC | 9 6.3.11 Set edge port for interface .......................................................................................................198 6.3.12 Show spanning tree status .......................................................................................................199 6.3.13 Show spanning tree BPDU statistics .......................................................................................201 6.3.14 Clear protocol compatibility mode ............................
| Command Reference | TOC 7.7.2 Show IPv6 Forwarding Information Base .................................................................................225 7.7.3 Show IPv6 Routing Information Base .......................................................................................225 7.7.4 Show summary of the route entries registered in the IPv6 Routing Information Base .............226 7.8 Neighbor cache ..................................................................................................
Command Reference | TOC | 11 9.1.5 Add comment to IPv6 access list ...............................................................................................249 9.1.6 Apply IPv6 access list ...............................................................................................................249 9.1.7 Generate MAC access list .........................................................................................................250 9.1.8 Add comment to MAC access list .........................
| Command Reference | TOC 9.2.39 Show policy map information .................................................................................................283 9.2.40 Show map status ......................................................................................................................285 9.2.41 Set egress queue scheduling ....................................................................................................286 9.2.42 Set traffic shaping (individual port) ..................
Preface Introduction • • • • • • Unauthorized reproduction of this document in part or in whole is prohibited. The contents of this document are subject to change without notice. Yamaha disclaims all responsibility for any damages caused by loss of data or other problems resulting from the use of this product. The warranty is limited to this physical product itself. Please be aware of these points. The information contained in this document has been carefully checked and is believed to be reliable.
| Command Reference | How to read the command reference Chapter 1 How to read the command reference 1.1 Applicable firmware revision This command reference applies to firmware Yamaha Intelligent L2 Switch SWR2311P of Rev.2.02.22. For the latest firmware released after printing of this command reference, manuals, and items that differ, access the following URL and see the information in the WWW server. https://www.yamaha.com/proaudio/ 1.
Command Reference | How to read the command reference | 15 Interface type Prefix Description Examples LACP logical interface po Specify sa or po followed by "logical interface ID". To specify LACP logical interface #2: po2 1.4 Input syntax for commands starting with the word "no" Many commands also have a form in which the command input syntax starts with the word no.
| Command Reference | How to use the commands Chapter 2 How to use the commands The SWR2311P lets you perform command operations in the following two ways. Type of operation Method of operation Description Operation via console • • • Access from a console terminal Access from a TELNET client Access from a SSH client Issue commands one by one to interactively make settings or perform operations.
Command Reference | How to use the commands | 17 To make VTY port settings, use the line vty command to specify the target VTY port, and then move to line mode. ID management for virtual terminal ports is handled within the SWR2311P, but since login session and ID assignments depend on the connection timing, you should normally make the same settings for all VTY ports. 2.1.3 Access from an SSH client You can use an SSH client on a computer to connect to the SSH server of the SWR2311P and control it.
| Command Reference | How to use the commands Setting item Content of setting command Setting 1) is a function that temporarily applies to the user who is using the terminal, and is applied as soon as the command is executed. Setting 2) applies starting with the next session. 2.2 Operation via configuration (config) files A file containing a set of needed commands is called a configuration (config) file.
Command Reference | How to use the commands | 19 Applicable configuration startup-config #3 startup-config #4 startup-config #SD Applicable file Remote path Load (GET) Save (PUT) Automatic restart CONFIG file (.txt) config3 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) config4 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) configsd ✓ ✓ - All settings (.
| Command Reference | How to use the commands commands that can be entered in each mode are different. By noting the prompt, the user can see which mode they are currently in. The basic commands related to moving between command input modes are described below. For commands that move from global configuration mode mode to individual configuration mode, refer to "individual configuration mode.
Command Reference | How to use the commands | 21 individual configuration mode Transition command Prompt policy map class mode class command SWR2311P(config-pmap-c)# L2MS mode l2ms configuration command SWR2311P(config-l2ms)# LLDP agent mode lldp-agent command SWR2311P(lldp-agent)# E-mail template mode mail template command SWR2311P(config-mail)# RADIUS configuration mode radius-server local-profile command SWR2311P(config-radius)# 2.4.
| Command Reference | How to use the commands Keyboard operation Ctrl + D Press Esc, then D • Description and notes Delete the character at the cursor. If this operation is performed when the command line is empty, the result is the same as the exit command.
Command Reference | How to use the commands | 23 2.5.5 Command history By using the command history function, you can easily re-execute a command that you previously input, or partially modify a previously input command and re-execute it. Command history is shown as a history that is common to all modes. Operation is shown below. Keyboard operation ↑ Ctrl + P ↓ Ctrl + N Description and notes Move backward through command history Move forward through command history 2.
| Command Reference | Configuration Chapter 3 Configuration 3.1 Manage setting values The SWR2311P uses the following configurations to manage its settings. Types of configuration Description User operations that can be performed Running configuration (running-config) Setting values currently used for operation. Managed in RAM. Note / Save to startup configuration Startup configuration (startup-config) These are the saved setting values.
Command Reference | Configuration | 25 Category Setting item Default value Download URL firmware-update url http:// www.rtpro.yamaha.co.jp/firmware/ revision-up/swr2311p.
| Command Reference | Configuration Category L2 switching Traffic control PoE power supply LLDP agent • Settings for the default VLAN (vlan1) • IPv4 Address : DHCP cliant • IGMP Snooping: Enable • Querier : Disable • Fast-Leave : Disable • Check TTL : Enable Setting item Default value Spanning tree enabled Proprietary loop detection enabled QoS trust mode CoS Flow control (IEEE 802.
Command Reference | Maintenance and operation functions | 27 Chapter 4 Maintenance and operation functions 4.1 Passwords 4.1.
| Command Reference | Maintenance and operation functions [Description] Specifies the administrator password needed to enter priviledged EXEC mode. If this command is executed with the "no" syntax, the administrator password is deleted. [Note] If the password was encrypted by the password-encryption command, it is shown in the configuration in the form "enable password 8 password." The user cannot enter the password in this form when making configuration settings from the command line.
Command Reference | Maintenance and operation functions | 29 [Parameter] switch : Allow login by special password Setting value Description enable Allow disable Don't allow [Initial value] force-password enable [Input mode] global configuration mode [Description] Enable login with special password.
| Command Reference | Maintenance and operation functions Single-type alphanumeric characters and " and ' and | and > and ? and single-byte symbols other than space characters (32 characters or less) The first character must be a single-byte alphanumeric character [Initial value] none [Input mode] global configuration mode [Description] Sets user information. A maximum of 32 items of user information can be registered. The following words cannot be registered as user names.
Command Reference | Maintenance and operation functions | 31 Line Own User Status Login time IP address --------------------------------------------------------------------------------------------con 0 user1234 Login 02:15:23 vty 0 * operators1 Login 00:12:59 192.168.100.1 vty 1 abcdefghijklmnopqrstuvwxyzabcdef Login 00:00:50 192.168.100.24 vty 2 Login 00:00:21 192.168.100.10 vty 3 vty 4 vty 5 vty 6 vty 7 http 0 user1234 Login 01:12:25 192.168.100.4 http 1 (noname) Login 00:18:04 192.168.100.
| Command Reference | Maintenance and operation functions SWR2311P> 4.3 Configuration management 4.3.1 Save running configuration [Syntax] copy running-config startup-config [config_num] [Parameter] config_num : Configuration number Setting value Description <0-4> Startup configuration #0-#4 sd Startup config in SD card [Input mode] priviledged EXEC mode [Description] Saves the current operating settings (running configuration) as the settings for startup (startup configuration).
Command Reference | Maintenance and operation functions | 33 [Example] Save the running configuration. SWR2311P#write Succeeded to write configuration. SWR2311P# 4.3.
| Command Reference | Maintenance and operation functions 4.3.4 Show startup configuration [Syntax] show startup-config [config_num] show config [config_num] [Parameter] config_num : Configuration number Setting value Description <0-4> Startup configuration #0-#4 sd Startup config in SD card [Input mode] priviledged EXEC mode [Description] Shows the startup settings (startup configuration). If config_num is omitted, the following are displayed.
Command Reference | Maintenance and operation functions | 35 [Parameter] config_num : Configuration number Setting value Description <0-4> Startup configuration #0-#4 sd Startup config in SD card [Input mode] priviledged EXEC mode [Description] Erase the settings used at startup (startup config) and the information associated with them. If config_num is omitted, the startup config that was used for the current startup is erased.
| Command Reference | Maintenance and operation functions 4.3.7 Set description for startup config [Syntax] startup-config description config_num line no startup-config description config_num [Parameter] config_num : <0-4> Configuration number line : Single-byte alphanumeric characters and single-byte symbols (63 characters or less) Description for applicable startup config [Input mode] priviledged EXEC mode [Description] Specify a description for the applicable startup config.
Command Reference | Maintenance and operation functions | 37 4.4.1 Show boot information [Syntax] show boot num show boot all show boot list [Keyword] all : Shows up to five entries of the boot information history list : Shows a simplified version of up to five entries of the boot information history : <0-4> [Parameter] num Shows the boot history entry of the specified number [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Show the boot information.
| Command Reference | Maintenance and operation functions Setting Description enable Enable SD card boot disable Disable SD card boot [Initial value] boot prioritize sd enable [Input mode] priviledged EXEC mode [Description] Enable or disable the SD card boot function of the firmware. After this command is executed, the system will restart. Since this setting is common to the system, it cannot be specified individually for each startup configuration (startup-config #0 ~ strtup-config #4).
Command Reference | Maintenance and operation functions | 39 Item Description Vendor Vendor name PID Product ID VID Version ID, 0 if invalid SN Serial number [Example] Show inventory information. SWR2311P>show inventory NAME: L2 PoE switch DESCR: SWR2311P-10G Vendor: Yamaha PID: SWR2311P-10G VID: 0000 SN: S00000000 SWR2311P> 4.5.
| Command Reference | Maintenance and operation functions Current time: 2018/01/02 16:19:43 +09:00 Elapsed time from boot: 1days 05:06:04 Temperature status: Normal Temperature: 28 degree C SWR2311P> 4.5.3 Disk usage status [Syntax] show disk-usage [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the usage status of the disk used by the system. • Area used by the system (including settings information) • Temporary : Temporary area [Example] Show the disk usage status.
Command Reference | Maintenance and operation functions | 41 Item Explanation DATA Size of dynamic virtual memory area STK Stack size [Example] This shows how much memory is used by each process. SWR2311P#show memory 4.5.6 Show technical support information [Syntax] show tech-support [Input mode] priviledged EXEC mode [Description] Show technical support information. The technical support information includes a list of the results of executing the following commands.
| Command Reference | Maintenance and operation functions Command Executable show ip interface brief ✓ show ip forwarding ✓ show ipv6 interface brief ✓ show ipv6 forwarding ✓ show ip route ✓ show ip route database ✓ show ipv6 route ✓ show ipv6 route database ✓ show arp ✓ show ipv6 neighbors ✓ show ip igmp snooping groups ✓ show ip igmp snooping interface ✓ show ipv6 mld snooping groups ✓ show ipv6 mld snooping interface ✓ show radius-server local certificate status ✓ show
Command Reference | Maintenance and operation functions | 43 ... # # End of Information for Yamaha Technical Support # SWR2311P# 4.5.7 Save technical support information [Syntax] copy tech-support sd [Input mode] priviledged EXEC mode [Description] Saves technical support information to the SD card. This is saved on the SD card with the following file name. /swr2311p/tech-support/YYYYMMDDHHMMSS_techsupport.txt YYYYMMDDHHMMSS ...
| Command Reference | Maintenance and operation functions 4.6.2 Set time zone [Syntax] clock timezone zone clock timezone offset no clock timezone [Parameter] zone : UTC, JST Name of the time zone shown when standard time is in effect offset : -12:00, -11:00, ... , -1:00, +1:00, ... , +13:00 Enter the difference from UTC [Initial value] clock timezone UTC [Input mode] global configuration mode [Description] Sets the time zone. If this command is executed with the "no" syntax, UTC is specified.
Command Reference | Maintenance and operation functions | 45 [Parameter] ipv4_addr : IPv4 address of the NTP server ipv6_addr : IPv6 address of the NTP server If you specify an IPv6 link local address, you must also specify the output interface (fe80::X%vlanN format) fqdn : Host name of the NTP server As character types, alphabetical characters (uppercase/lowercase), numerals, .
| Command Reference | Maintenance and operation functions [Parameter] interval-time : <0-24> Interval (hours) for time synchronization. If this is set to 0 hours, periodic synchronization will not occur. [Initial value] ntpdate interval 1 [Input mode] global configuration mode [Description] Specifies the interval (in one-hour units) at which time information is periodically obtained from the registered NTP server. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Maintenance and operation functions | 47 [Initial value] line con 0 [Input mode] global configuration mode [Description] Moves to line mode in order to make console terminal settings. [Note] To return from line mode to global configuration mode, use the exit command. To return to priviledged EXEC mode, use the end command. [Example] Move to line mode in order to make console terminal settings. SWR2311P(config)#line con 0 SWR2311P(config-line)# 4.7.
| Command Reference | Maintenance and operation functions Timeout time (minutes) sec : <0-2147483> Timeout time (seconds) [Initial value] exec-timeout 10 [Input mode] line mode [Description] Sets the time after which automatic logout occurs if there has been no key input from the console terminal or VTY. If sec is omitted, 0 is specified. If min and sec are both set to 0, automatic logout does not occur. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Maintenance and operation functions | 49 Number of lines displayed per page on the terminal [Initial value] no service terminal-length [Input mode] global configuration mode [Description] Sets the number of lines displayed per page on the terminal. If line is set to 0, the display is not paused per page. If this command is executed with the "no" syntax, the number of lines is set to 24 in the case of a serial console, or to the window size when connected in the case of VTY.
| Command Reference | Maintenance and operation functions IPv4 address of the SYSLOG server : X:X::X:X IPv6 address of the SYSLOG server If you specify an IPv6 link local address, you must also specify the output interface (fe80::X%vlanN format) [Initial value] no logging host [Input mode] global configuration mode [Description] Specifies the IP address of the SYSLOG server to which log notifications are sent. Up to 2 entries can be specified.
Command Reference | Maintenance and operation functions | 51 [Note] This can be output to the console by executing the logging stdout info command. [Example] Output the informational level log to SYSLOG. SWR2311P(config)#logging trap informational 4.9.4 Set log output level (error) [Syntax] logging trap error no logging trap error [Initial value] logging trap error [Input mode] global configuration mode [Description] Outputs the error level log to SYSLOG.
| Command Reference | Maintenance and operation functions [Input mode] global configuration mode [Description] Enables log output for the specified type of events. If this command is executed with the "no" syntax, the log is not output. [Example] Enable log output for LAN map. SWR2311P(config)#logging event lan-map 4.9.7 Back up log [Syntax] save logging [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Saves all logs accumulated in RAM to Flash ROM.
Command Reference | Maintenance and operation functions | 53 [Example] Enable log backup to SD card. SWR2311P(config)#logging backup sd enable 4.9.9 Clear log [Syntax] clear logging [Input mode] priviledged EXEC mode [Description] Clears the log. [Example] Clear the log. SWR2311P#clear logging 4.9.
| Command Reference | Maintenance and operation functions If you specify an IPv6 link local address, you must also specify the output interface (fe80::X%vlanN format) type : Notification message Setting value version : Description traps Send notifications as traps (without response confirmation) informs Send notifications as inform requests (with response confirmation). This can be specified if version is '2c' or '3'.
Command Reference | Maintenance and operation functions | 55 SWR2311P(config)#snmp-server host 192.168.100.12 informs version 2c snmpinformsname Using SNMPv3, set 192.168.10.13 as the destination for notifications. Set the notification type to traps, set the security level for transmission to priv, and set the user name to "admin1". SWR2311P(config)#snmp-server host 192.168.10.13 traps version 3 priv admin1 4.10.
| Command Reference | Maintenance and operation functions 4.10.3 Set system contact [Syntax] snmp-server contact contact no snmp-server contact [Parameter] contact : Name (maximum 255 characters) to register as the system contact [Initial value] no snmp-server contact [Input mode] global configuration mode [Description] Sets the MIB variable sysContact. sysContact is a variable that is typically used to enter the name of the administrator or contact.
Command Reference | Maintenance and operation functions | 57 Setting value Description ro Read only rw Write allowed [Initial value] none [Input mode] global configuration mode [Description] Sets the SNMP community. Up to 16 communities can be registered. If this is executed with the "no" syntax, the specified community is deleted. [Example] Set the read-only community name to "public". SWR2311P(config)#snmp-server community public ro Delete the "public" community.
| Command Reference | Maintenance and operation functions [Example] Specify the "most" view which shows the internet node (1.3.6.1) and below. SWR2311P(config)#snmp-server view most 1.3.6.1 include Specify the "standard" view which shows the mib-2 node (1.3.6.1.2.1) and below. SWR2311P(config)#snmp-server view standard 1.3.6.1.2.1 include 4.10.
Command Reference | Maintenance and operation functions | 59 4.10.
| Command Reference | Maintenance and operation functions SWR2311P(config)#snmp-server user user1 users auth sha passwd5678 4.10.9 Show SNMP community information [Syntax] show snmp community [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows SNMP community information. Shows the community name, and access mode. [Example] Show SNMP community information.
Command Reference | Maintenance and operation functions | 61 SNMP Group information Group Name: admins Security Level: priv Read View: most Write View: most Group Name: users Security Level: auth Read View: standard Write View: standard 4.10.12 Show SNMP user settings [Syntax] show snmp user [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the contents of the SNMP user settings.
| Command Reference | Maintenance and operation functions [Note] If this command is used to disable the system-wide RMON function, the following RMON group operations are disabled. • Ethernet statistical information group • History group • Alarm group • Event group This command can be set using the private MIB ysrmonSetting (1.3.6.1.4.1.1182.3.7.1). [Example] Enable RMON function. SWR2311P(config)#rmon enable Disable RMON function. SWR2311P(config)#rmon disable 4.11.
Command Reference | Maintenance and operation functions | 63 [Parameter] index : <1 - 65535> Index of history group (historyControlIndex) buckets : <1 - 65535> Number of history group items to maintain (historyControlBucketsRequested) (if omitted : 50) interval : <1 - 3600> Interval at which to save history group items (seconds) (historyControlInterval) (if omitted : 1800) owner : Name of history group owner (historyControlOwner) Maximum 127 characters (if omitted : RMON_SNMP) [Initial value] no
| Command Reference | Maintenance and operation functions community : Community name (eventCommunity) Maximum 127 characters This can be specified if type is "trap" or "log-trap". description : Description of event (eventDescription) Maximum 127 characters (if omitted : RMON_SNMP) owner : Name of event group owner (eventOwner) Maximum 127 characters (if omitted : RMON_SNMP) [Initial value] none [Input mode] global configuration mode [Description] Enables the RMON event group settings.
Command Reference | Maintenance and operation functions | 65 Setting value Description absolute Compare by absolute value. Directly compare sample value and threshold value delta Compare by relative value.
| Command Reference | Maintenance and operation functions • • Use only rising_threshold • falling_threshold : Same value as rising_threshold • falling_event_index : Same value as rising_event_index • startup : 1 (Use only upper_threshold) Use only falling_threshold • rising_threshold : Same value as falling_threshold • rising_event_index : Same value as falling_event_index • startup : 2 (Use only lower_threshold) If this command is set, it will be possible to acquire the RMON MIB's alarmTable.
Command Reference | Maintenance and operation functions | 67 input packets 7, bytes 600, drop events 0, multicast packets 4 output packets 17, bytes 2091, multicast packets 17 broadcast packets 0 history: history index = 1 data source ifindex = 5001 buckets requested = 50 buckets granted = 50 Interval = 1800 Owner RMON_SNMP event: event Index = 1 Description RMON_SNMP Event type Log Event community name RMON_SNMP Last Time Sent = 00:00:58 Owner RMON_SNMP alarm: alarm Index = 1 alarm status = VALID alarm Int
| Command Reference | Maintenance and operation functions • • Interval at which to save history group items Owner name [Example] SWR2311P>show rmon history history index = 1 data source ifindex = 5001 buckets requested = 50 buckets granted = 50 Interval = 1800 Owner RMON_SNMP 4.11.9 Show RMON event group status [Syntax] show rmon event [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the settings and status of the RMON event group. The following items are shown.
Command Reference | Maintenance and operation functions | 69 [Example] SWR2311P>show rmon alarm alarm Index = 1 alarm status = VALID alarm Interval = 15 alarm Type is Absolute alarm Value = 0 alarm Rising Threshold = 10 alarm Rising Event = 1 alarm Falling Threshold = 7 alarm Falling Event = 1 alarm Startup Alarm = 3 alarm Owner is RMON_SNMP 4.11.
| Command Reference | Maintenance and operation functions 4.12.2 Show Telnet server settings [Syntax] show telnet-server [Input mode] priviledged EXEC mode [Description] Shows the settings of the Telnet server. The following items are shown. • Telnet server function enabled/disabled status • Listening port number • VLAN interface that is permitted to access the TELNET server • Filter that controls access to the TELNET server [Example] Show the settings of the Telnet server.
Command Reference | Maintenance and operation functions | 71 Setting value info : Description deny "Deny" the condition permit "Permit" the condition Specifies the transmission-source IPv4 address or IPv6 address that is the condition. Setting value Description A.B.C.D Specifies an IPv4 address (A.B.C.D) A.B.C.D/M Specifies an IPv4 address (A.B.C.
| Command Reference | Maintenance and operation functions [Initial value] none [Input mode] priviledged EXEC mode [Description] Connects to the specified host via Telnet. [Example] Connect via Telnet to port number 12345 of the host at IPv4 address 192.168.100.1. SWR2311P#telnet 192.168.100.1 12345 Connect via Telnet to port number 12345 of the host at IPv6 address fe80::2a0:deff:fe11:2233. SWR2311P#telnet fe80::2a0:deff:fe11:2233%vlan1 12345 4.13.
Command Reference | Maintenance and operation functions | 73 [Initial value] tftp-server disable [Input mode] global configuration mode [Description] Enables the TFTP server. You can also specify the listening TCP port number. If this command is executed with the "no" syntax, the TFTP server is disabled. [Example] Start the TFTP server with 12345 as the listening port number. SWR2311P(config)#tftp-server enable 12345 4.14.
| Command Reference | Maintenance and operation functions 4.15.1 Start HTTP server and change listening port number [Syntax] http-server enable [port] http-server disable no http-server [Keyword] enable : HTTP server is enabled disable : HTTP server is disabled : <1-65535> [Parameter] port Listening port number of the HTTP server (if omitted: 80) [Initial value] http-server disable [Input mode] global configuration mode [Description] Enables the HTTP server.
Command Reference | Maintenance and operation functions | 75 SWR2311P(config)#http-server secure enable 8080 4.15.3 Show HTTP server settings [Syntax] show http-server [Input mode] priviledged EXEC mode [Description] Shows the settings of the HTTP server. The following items are shown.
| Command Reference | Maintenance and operation functions [Parameter] action : Specifies the action for the access condition Setting value info : Description deny "Deny" the condition permit "Permit" the condition Specifies the transmission-source IPv4 address or IPv6 address that is the condition. Setting value Description A.B.C.D Specifies an IPv4 address (A.B.C.D) A.B.C.D/M Specifies an IPv4 address (A.B.C.
Command Reference | Maintenance and operation functions | 77 Setting value english Description English [Initial value] http-server language japanese [Input mode] global configuration mode [Description] Sets the Web GUI display language. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set the Web GUI display language to English. SWR2311P(config)#http-server language english 4.15.
| Command Reference | Maintenance and operation functions Setting value Description enable Enable disable Disable [Initial value] http-proxy disable [Input mode] global configuration mode [Description] Enables the HTTP Proxy function of the HTTP server. If this command is executed with the "no" syntax, the function is disabled. [Example] Enable the HTTP Proxy function of the HTTP server. SWR2311P(config)#http-proxy enable 4.16.
Command Reference | Maintenance and operation functions | 79 4.17 SSH server 4.17.1 Start SSH server and change listening port number [Syntax] ssh-server enable [port] ssh-server disable no ssh-server [Keyword] enable : SSH server is enabled disable : SSH server is disable : <1-65535> [Parameter] port Listening port of the SSH server (if omitted: 22) [Initial value] ssh-server disable [Input mode] global configuration mode [Description] Enables the SSH server.
| Command Reference | Maintenance and operation functions Management interface(vlan): 1 Interface(vlan):1, 2, 3 Access: deny 192.168.100.5 permit 192.168.100.0/24 4.17.3 Set host that can access the SSH server [Syntax] ssh-server interface ifname no ssh-server interface ifname [Parameter] ifname : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Sets the VLAN interface that allows access to the SSH server.
Command Reference | Maintenance and operation functions | 81 [Input mode] global configuration mode [Description] Restrict access to the SSH according to the client terminal's IPv4/IPv6 address. Up to eight instances of this command can be set, and those that are specified earlier take priority for application. If this command is set, all access that does not satisfy the registered conditions is denied. However, if this command is not set, all access is permitted.
| Command Reference | Maintenance and operation functions [Description] Deletes the host RSA key and host DSA key of the SSH server. [Note] This command can be executed only if the SSH server is disabled. [Example] Delete the host RSA key and host DSA key. SWR2311P#clear ssh-server host key 4.17.
Command Reference | Maintenance and operation functions | 83 | o X S | | + = * . | | o . B * . | | + o . | | * * + | |X+.@ +o= | |@*o.= o. | +----[SHA256]-----+ ssh-rsa 2048 MD5:XX:XX:b8:07:e3:5e:57:b8:80:e3:fc:b3:24:17:XX:XX +---[RSA 2048]----+ | | |...* | |*+. | | . | | . + | | | | E | | . B.. | | . oo | +------[MD5]------+ 2048 SHA256:XXXXMkUuEbkJggPD68UoR+gobWPhgu7qqXzE8iUXXXX +---[RSA 2048]----+ |*.==+ | |*o+= . . | |*=o. . S | | * S . . | | + B * o | | = = . . . | | o | | . | |.
| Command Reference | Maintenance and operation functions [Parameter] user : User name used when logging in to the remote host host : Remote host name, IPv4 address (A.B.C.D), or IPv6 address (X:X::X:X) If you specify an IPv6 link local address, you must also specify the output interface (fe80::X%vlanN format) port : <1-65535> Port number to use (if omitted: 22) [Initial value] none [Input mode] priviledged EXEC mode [Description] Connects to the specified host via SSH.
Command Reference | Maintenance and operation functions | 85 SWR2311P(config)#ssh-client enable 4.18.3 Clear SSH host information [Syntax] clear ssh host host [Parameter] host : Remote host name, IPv4 address (A.B.C.D), or IPv6 address (X:X::X:X) [Input mode] priviledged EXEC mode [Description] Delete the public key of the SSH server that is connected as an SSH client. [Example] Clear the SSH host information. SWR2311P#clear ssh host 192.168.100.1 4.19 E-mail notification 4.19.
| Command Reference | Maintenance and operation functions [Initial value] none [Input mode] global configuration mode [Description] Sets server information used when sending e-mails. [Note] When performing SMTP authentication, the AUTH LOGIN command is used for authentication. For the SSL/TLS version, TLSv1, TLSv1.1 and TLSv1.2 are supported. When setting an IPv6 address as the e-mail server address, encryption using SSL/TLS cannot be used.
Command Reference | Maintenance and operation functions | 87 stack : Notify events related to the stack function : <1-10> [Parameter] temp-id E-mail template ID Specify a template to use for event notification [Initial value] no mail notify [Input mode] global configuration mode [Description] Configures the settings for e-mail notification of event information for the specified function. [Note] Event notifications related to the stack function are only for models that support the stack function.
| Command Reference | Maintenance and operation functions [Initial value] no send server [Input mode] E-mail template mode [Description] Sets the ID of the e-mail server to be used. [Example] Specifies server ID #1 for the e-mail server used in e-mail template #1. SWR2311P(config)#mail template 1 SWR2311P(config-mail)#send server 1 4.19.
Command Reference | Maintenance and operation functions | 89 4.19.8 Setting for subject used when sending e-mails [Syntax] send subject subject no send subject [Parameter] temp-id : Subject used when sending e-mails (128 characters or less, single-byte alphanumeric characters and symbols other than the characters ? | >) [Initial value] no send subject [Input mode] E-mail template mode [Description] Specifies the subject for e-mails that are sent.
| Command Reference | Maintenance and operation functions [Parameter] temp-id : <1-10> E-mail template ID [Initial value] no mail send certificate [Input mode] RADIUS configuration mode [Description] Specifies the template ID to use when sending RADIUS server client certificates. The RADIUS server client certificate is sent to the e-mail address specified by the “user” command of the RADIUS server function.
Command Reference | Maintenance and operation functions | 91 4.19.12 Notification timing settings for expired certificates [Syntax] mail certificate expire-notify day [day] [day] no mail certificate expire-notify [Parameter] day : <1-90> No.
| Command Reference | Maintenance and operation functions 4.20.1 Enable LLDP function [Syntax] lldp run no lldp run [Initial value] none [Input mode] global configuration mode [Description] Enable the LLDP function for the entire system. If this command is executed with the "no" syntax, disable the LLDP function for the entire system. [Note] In order to enable the LLDP function for a port, the following command must be set.
Command Reference | Maintenance and operation functions | 93 [Parameter] name : System name text string (255 characters or less) [Initial value] no lldp system-name [Input mode] global configuration mode [Description] Sets the system name used by the LLDP function. If this command is executed with the "no" syntax, the setting returns to the default. By default, this is "model name". The specified value is set in "LLDP System Name TLV". [Example] Set the system name to SWITCH1.
| Command Reference | Maintenance and operation functions [Input mode] global configuration mode [Description] Enables the function by which LLDP frames transmitted by specific Yamaha devices can automatically modify the settings of a switch. The functions that can be set are flow control, QoS, IGMP snooping, and EEE. If this command is executed with the "no" syntax, the setting returns to the default. This can be set only for a physical interface.
Command Reference | Maintenance and operation functions | 95 Setting value Description ip-address Set IP address as the management address mac-address Set MAC address as the management address [Initial value] set management-address-tlv ip-address [Input mode] LLDP agent mode [Description] Sets the type of port management address used by LLDP. If this command is executed with the "no" syntax, the setting returns to the default. The specified value is set in "LLDP Management Address TLV".
| Command Reference | Maintenance and operation functions [Input mode] LLDP agent mode [Description] Adds IEEE-802.1 TLVs to transmitted frames. If this command is executed with the "no" syntax, exclude IEEE-802.1 TLVs from transmitted frames. This command adds the following TLVs to LLDP frames.
Command Reference | Maintenance and operation functions | 97 [Description] If this command is executed with the "no" syntax, exclude LLDP-MED TLVs from transmitted frames. This command adds the following TLVs to LLDP frames.
| Command Reference | Maintenance and operation functions If this command is executed with the "no" syntax, the setting returns to the default. The high speed transmission period is the period immediately after a port's connected device was newly found, and LLDP frames are transmitted according to the following commands for making high speed transmission period settings. • set timerx msg-fast-tx fast_tx : Sets the transmission interval (seconds) during the high speed transmission period.
Command Reference | Maintenance and operation functions | 99 [Example] Set 2 as the multiplier used to calculate the time to live (TTL) for device information on LAN port #1. SWR2311P(config)#lldp run SWR2311P(config)#interface port1.1 SWR2311P(config-if)#lldp-agent SWR2311P(lldp-agent)#set msg-tx-hold 2 4.20.
| Command Reference | Maintenance and operation functions SWR2311P(config-if)#lldp-agent SWR2311P(lldp-agent)#set too-many-neighbors limit 10 4.20.
Command Reference | Maintenance and operation functions | 101 Agent Mode Bridge mode (fixed as nearest bridge) Enable (tx/rx) Transmission mode/Reception mode (Y:enable, N:disable) Message fast transmit time LLDP frame transmission interval for high speed transmission period (seconds) Message transmission interval LLDP frame transmission interval (seconds) Reinitialisation delay Time from LLDP frame transmission stop until reinitialization (seconds) MED Enabled LLDP-MED TLV transmission enable/di
| Command Reference | Maintenance and operation functions Link Aggregation Port ID • ID of link aggregation port 8023 ORIGIN SPECIFIC TLV information Auto negotiation enabled/disabled AutoNego Capability Communication methods that can be auto-negotiate Operational MAU Type Communication speed and duplex mode MDI power support Whether PoE function is supported PSE power pair PSE power pair Power class PoE power supply class Type/source/priority PoE power supply type, source, and priority or
Command Reference | Maintenance and operation functions | 103 1: Position of the network element thought to be nearest the client 2: Location of client Country Code Country code CA type CA (Civic Address) type MED Inventory Inventory information list Refer to RFC 3825 for details on location information. [Example] Show LLDP information for LAN port #1. SWR2311P#show lldp interface port1.
| Command Reference | Maintenance and operation functions Remote VID Usage Digestt : Remote Management Vlan : Link Aggregation Status : Link Aggregation Port ID : 8023 ORIGIN SPECIFIC TLVs AutoNego Support : AutoNego Capability : Operational MAU Type : Power via MDI Capability (raw MDI power support : PSE power pair : Power class : Type/source/priority : PD requested power value : PSE allocated power value : Link Aggregation Status : Link Aggregation Port ID : Max Frame Size : LLDP-MED TLVs MED Capabili
Command Reference | Maintenance and operation functions | 105 [Description] Moves to L2MS mode in order to make L2MS settings. [Note] To return from L2MS mode to global configuration mode, use the exit command. To return to priviledged EXEC mode, use the end command. [Example] Move to L2MS mode. SWR2311P(config)#l2ms configuration SWR2311P(config-l2ms)# 4.21.
| Command Reference | Maintenance and operation functions [Description] Sets the role when using the L2MS function. If this command is executed with the "no" syntax, operate as a slave. [Note] If the same network includes multiple Yamaha routers or firewalls on which L2MS (switch controller function) is enabled, or multiple SWR series units that are set to be L2MS masters, the L2MS function will not operate correctly. Ensure that a single network has only one device that is the L2MS master.
Command Reference | Maintenance and operation functions | 107 [Description] Sets the number of query frames that are transmitted without receiving a response frame from the slave until it is determined that the L2MS slave is down. If this command is executed with the "no" syntax, the setting returns to the default. If the number of query frames specified by count have been transmitted without receiving a response frame from the slave, it is determined that the corresponding L2MS slave is down.
| Command Reference | Maintenance and operation functions [Input mode] L2MS mode [Description] Specifies the time interval at which network device information is acquired. Information for the devices existing on the network is acquired when the time specified by time has elapsed. If this command is executed with the "no" syntax, the setting returns to the default. [Note] If the terminal management function is not enabled, terminal information is not acquired, regardless of the setting of this command.
Command Reference | Maintenance and operation functions | 109 [Input mode] priviledged EXEC mode [Description] Removes all L2MS slaves managed by the L2MAS master from management, and searches for L2MS slaves once again. [Note] This can be executed only if L2MS is operating as master. When this command is executed, L2MS slaves that were being managed also remove themselves from the state of being managed by the L2MS master.
| Command Reference | Maintenance and operation functions • • Information of terminals connected to the L2MS slave (in the case of an AP) • SSID connected • Frequency connected • Time at which terminal was discovered If L2MS is operating as slave • Whether managed by the L2MS master • MAC address of L2MS master (if managed) [Note] Information is not shown if L2MS is not operating. Specifying "detail" is valid only if L2MS is operating as master.
Command Reference | Maintenance and operation functions | 111 [Note] If device watch is not operating, device information is not acquired, regardless of the setting of this function. [Example] Set the device information acquisition time interval to 3,600 seconds. SWR2311P(config)#l2ms configuration SWR2311P(config-l2ms)#l2ms enable SWR2311P(config-l2ms)#l2ms role master SWR2311P(config-l2ms)#terminal-watch enable SWR2311P(config-l2ms)# wireless-terminal-watch interval 3600 4.21.
| Command Reference | Maintenance and operation functions [Note] If the event monitoring function is not enabled, event information is not acquired, regardless of the setting of this command. [Example] Set the monitoring time interval to 60 seconds. SWR2311P(config)#l2ms configuration SWR2311P(config-l2ms)#l2ms enable SWR2311P(config-l2ms)#l2ms role master SWR2311P(config-l2ms)#event-watch interval 60 4.21.
Command Reference | Maintenance and operation functions | 113 If this command is executed with the "no" syntax, disables the snapshot function. [Note] This command is valid only if L2MS is operating as master. [Example] Enable the snapshot function. SWR2311P(config)#snapshot enable 4.22.
| Command Reference | Maintenance and operation functions 4.22.4 Delete snapshot [Syntax] snapshot delete [Input mode] priviledged EXEC mode [Description] Deletes the snapshot file. [Example] Delete the snapshot file. SWR2311P#snapshot delete 4.23 Firmware update 4.23.
Command Reference | Maintenance and operation functions | 115 [Note] You can use the firmware-update url command to change the download source URL. If you execute the firmware-update revision-down enable command, it will be possible to downgrade to an older revision. [Example] Update the firmware using a firmware file located on a web server. SWR2311P#firmware-update execute Found the new revision firmware Current Revision: Rev.2.02.01 New Revision: Rev.2.02.03 Downloading...
| Command Reference | Maintenance and operation functions 4.23.5 Show firmware update function settings [Syntax] show firmware-update [Input mode] priviledged EXEC mode [Description] Shows the current settings of the firmware update function. The following items are shown. • Download source URL • Download timeout duration • Allow revision-down [Example] Show the current settings of the firmware update function. SWR2311P#show firmware-update url: http://www.rtpro.yamaha.co.
Command Reference | Maintenance and operation functions | 117 Updating... Finish SWR2311P# 4.23.7 Set firmware update reload time [Syntax] firmware-update reload-time hour [min] no firmware-update reload-time [Parameter] hour : <0-23> Firmware update reload time (hour) min : <0-59> Firmware update reload time (minutes) [Input mode] global configuration mode [Description] Sets the time at which the new firmware is applied by restarting after a firmware update.
| Command Reference | Maintenance and operation functions time : Day setting examples Setting contents 2- From the 2nd to the 12th 2-7 From the 2nd to the 7th -7 From the 1st to the 7th mon Monday sat,sun Saturday and Sunday mon-fri From Monday to Friday -fri From Sunday to Friday * Monthly <0-23> or * : <0-59> or * : <0-59> h:m:s (the seconds can be omitted) event template_id : : Hour setting examples Setting contents 12 12:00 12.
Command Reference | Maintenance and operation functions | 119 If this command is executed with the "no" syntax, the schedule with the specified ID is deleted. [Note] When multiple schedules are executed at the same time, they are executed beginning with the schedule with the smallest ID. When specifying the day, you cannot specify using a mix of numbers and weekdays. If the seconds are omitted, the settings will be the same as when specifying “00” seconds.
| Command Reference | Maintenance and operation functions Specifying “disable” with this command makes it possible to stop execution of actions due to trigger startup. If this command is executed with the "no" syntax, the schedule template is enabled. [Example] Disables schedule template #1. SWR2311P(config)#schedule template 1 SWR2311P(config-schedule)#action disable 4.24.
Command Reference | Maintenance and operation functions | 121 If multiple commands are specified, the remaining commands will still be executed even if the command results in an execution error while running. As commands are executed in privileged EXEC mode when the trigger starts, some commands may need to be configured along with commands that switch to an appropriate mode. The last “write” command must be executed to save the settings. Commands cannot be specified in abbreviated form.
| Command Reference | Maintenance and operation functions 4.25.1 Set host name [Syntax] hostname hostname no hostname [hostname] [Parameter] hostname : Single-byte alphanumeric characters and single-byte symbols (63characters or less) Host name [Initial value] hostname SWR2311P [Input mode] global configuration mode [Description] Specifies the host name. The host name specified by this command is used as the command prompt.
Command Reference | Maintenance and operation functions | 123 A special password can be inputted to initialize the settings only when logging in at the command prompt using a special password. [Example] Initialize the settings. SWR2311P#cold start Password: 4.25.4 Mount SD card [Syntax] mount sd [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Mounts the SD card. When you insert an SD card, this command is executed automatically, so you do not need to execute it.
| Command Reference | Maintenance and operation functions Setting value Description vlan VLAN mode off OFF mode [Initial value] led-mode default link-act [Input mode] global configuration mode [Description] Set the default LED mode. When you execute this command, the LEDs are lit in the specified mode. The LEDs are lit in the specified mode even when a loop is detected in STATUS mode and the loop status has been resolved.
Command Reference | Maintenance and operation functions | 125 Item Description poe error (system limit) Power supply has stopped due to a PoE system limit, or power supply is suppressed due to guard band poe error (PD error) Power supply stopped because PD error detected [Example] Show the port error status. SWR2311P>show error port-led ID error ----------------------------------------port1.1 poe error (PD error) port1.2 loop-detected (blocking) 4.25.
| Command Reference | Maintenance and operation functions Finish Succeeded to restore system files.
Command Reference | Interface control | 127 Chapter 5 Interface control 5.1 Interface basic settings 5.1.1 Set description [Syntax] description line no description [Parameter] line : Single-byte alphanumeric characters and single-byte symbols (80characters or less) Description of the applicable interface [Initial value] no description [Input mode] interface mode [Description] Specifies a description of the applicable interface.
| Command Reference | Interface control [Parameter] type : Speed and duplex mode types Speed and duplex mode types Description auto Auto negotiation 10000-full 10Gbps/Full 1000-full 1000Mbps/Full 100-full 100Mbps/Full 100-half 100Mbps/Half 10-full 10Mbps/Full 10-half 10Mbps/Half [Initial value] speed-duplex auto [Input mode] interface mode [Description] Sets the speed and duplex mode. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Interface control | 129 SWR2311P(config)#interface port1.1 SWR2311P(config-if)#mru 9000 5.1.5 Set cross/straight automatic detection [Syntax] mdix auto action no mdix auto [Parameter] type : Cross/straight automatic detection operations Setting value Description enable Enable cross/straight automatic detection disable Disable cross/straight automatic detection [Initial value] mdix auto enable [Input mode] interface mode [Description] Enables cross/straight automatic detection.
| Command Reference | Interface control When this command is used to change the settings, link-down temporarily occurs for the corresponding interface. [Example] Enable EEE for LAN port #1. SWR2311P(config)#interface port1.1 SWR2311P(config-if)#eee enable 5.1.
Command Reference | Interface control | 131 Item Description interface Interface name EEE(efficient-ethernet) Whether EEE is enabled Rx LPI Status Low-power mode status of the receiving unit Tx LPI Status Low-power mode status of the transmitting unit Wake Error Count Error count [Example] Show EEE status of LAN port #1. [If EEE is disabled] SWR2311P#show eee status interface port1.1 interface:port1.
| Command Reference | Interface control Traffic direction transmit Description Transmitter [Initial value] no mirror interface [Input mode] interface mode [Description] Mirrors the traffic specified by direct, with the applicable interface as the mirror port and ifname as the monitor port. If this command is executed with the "no" syntax, the mirroring setting is deleted. [Note] This command can be specified only for LAN/SFP port. Only one interface can be specified as the mirror port.
Command Reference | Interface control | 133 5.1.11 Show interface status [Syntax] show interface [ type [ index ] ] [Parameter] type : Interface type Interface type index : Description port Physical interface vlan VLAN interface sa Static logical interface po LACP logical interface Index number Interface ID Description S.X Specifies the stack ID (S) of the physical interface, and the number printed on the chassis (X). * The SWR2311P-10G is fixed as stack ID=1.
| Command Reference | Interface control Item Description IPv4 address IP address/mask length *3 (shown only if IP address is set) broadcast IP broadcast address *3 (shown only if IP address is set) Switchport mode Mode of the switchport • access : untagged • trunk : tagged Ingress filter Status of ingress filtering • enable : enabled • disable : disabled Acceptable frame types Frame types that can be received • all : All frames are received (regardless of whether they are tagged or untagged)
Command Reference | Interface control | 135 Hardware is Ethernet HW addr: 00a0.de00.
| Command Reference | Interface control Item Description Port Ch Type of associated logical interface *1 • (S) : Static logical interface • (P) : LACP logical interface ID of associated logical interface Description Description of interface *1 Shown only for physical interface *2 hown only for physical interface and logical interface [Example] Show brief interface status.
Command Reference | Interface control | 137 [Example] Reset LAN port #1 SWR2311P#interface reset port1.1 5.1.14 Show frame counter [Syntax] show frame-counter [ifname] [Parameter] ifname : Interface name of the LAN/SFP port Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows frame counter information for the interface specified by ifname. If ifname is omitted, shows information for all interfaces. The following items are shown.
| Command Reference | Interface control Item Description Number of packets with 1024--maximum octet length (*1) transmitted/received 1024-MAXoctet packets *1 Varies depending on the MRU of each interface. *2 Shows the transmission information when tail dropping is enabled, and the information only for reception when tail dropping is disabled. [Example] Show the frame counter of LAN port #1. SWR2311P#show frame-counter port1.1 Interface port1.
Command Reference | Interface control | 139 [Example] Clear the frame counters of LAN port #1. SWR2311P#clear counters port1.1 5.1.16 Show SFP module status [Syntax] show ddm status [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the status of the SFP module. For each item, shows the current value, upper threshold value, and lower threshold value for each SFP port.
| Command Reference | Interface control [Parameter] action : Operations for SFP module optical reception level monitoring Setting value Description enable Enables SFP module optical reception level monitoring disable Disables SFP module optical reception level monitoring [Initial value] sfp-monitor rx-power enable [Input mode] global configuration mode [Description] Sets the monitoring of SFP module optical reception levels. [Example] Disable SFP module optical reception level monitoring.
Command Reference | Interface control | 141 [Example] Associate LAN port #1 with static logical interface #5. SWR2311P(config)#interface port1.1 SWR2311P(config-if)#static-channel-group 5 5.2.2 Show static logical interface status [Syntax] show static-channel-group [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the static logical interface status. The following items are shown for each static logical interface that exists.
| Command Reference | Interface control If it is dissociated from the LACP logical interface, the lacp timeout command setting of the corresponding LAN/SFP port is deleted. If you associate a LAN/SFP port to a link-id for which a LACP logical interface does not exist, the LACP logical interface is newly generated. If the associated LAN/SFP port is no longer present because it was removed from the LACP logical interface, the LACP logical interface is deleted.
Command Reference | Interface control | 143 Item Description Receive machine state Status of the LACP protocol Receive machine transition variable • "Invalid" • "Initialize" • "Port disabled" • "LACP disabled" • "Expired" • "Defaulted" • "Current" Periodic Transmission machine state Status of the LACP protocol Periodic Transmission transition variable • "Invalid" • "No periodic" • "Fast periodic" (transmitted at one-second intervals) • "Slow periodic" (transmitted at 30 second intervals) • "Periodic"
| Command Reference | Interface control port1.2 port1.3 port1.4 Shows the status of the LAN/SFP ports that make up the LACP logical interface. SWR2311P#show etherchannel port1.1 Etherchannel port1.
Command Reference | Interface control | 145 [Note] The LACP system priority can be set by the lacp system-priority command. The LACP system ID is generated from the MAC address. [Example] Show the LACP system priority. SWR2311P>show lacp sys-id % System 0x8000, 00-a0-de-e0-e0-e0 5.2.
| Command Reference | Interface control duration long Description Sets the timeout to 90 seconds [Input mode] interface mode [Description] Sets the LACP timeout. [Note] This command can be set only for a LAN/SFP port that is associated with an LACP logical interface. If a LAN/SFP port is associated with an LACP logical interface, lacp timeout long command is specified for the corresponding LAN/SFP port.
Command Reference | Interface control | 147 [Description] Show the LACP frame counter. If link-id is omitted, the frame counter of every existing LACP logical interface is shown. The following items are shown for each associated LAN/SFP port. • LACP frames sent and received • Marker protocol frames sent and received • Error frames sent and received [Example] Show the frame counter for every LACP logical interface.
| Command Reference | Interface control SWR2311P(config)#port-channel load-balance src-dst-ip 5.2.12 Show protocol status of LACP logical interface [Syntax] show etherchannel status [link-id] [summary | detail] [Keyword] summary : Abbreviated display detail : Detailed display : <1-127> [Parameter] link-id LACP logical interface number [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the status of the LACP logical interface specified by link-id.
Command Reference | Interface control | 149 Usage status Synchronization State of the linked-up LAN/SFP port Unselected no Currently communicating with LACP control protocol. Selected no Selected as a LAN/SFP port with LACP enabled. Currently negotiating to combine for link aggregation. Standby no Selected as a LAN/SFP port with LACP enabled, and specified as a standby port. Selected yes Selected as a LAN/SFP port with LACP enabled.
| Command Reference | Interface control 5.2.13 Set LACP port priority order [Syntax] lacp port-priority priority no lacp port-priority [Parameter] priority : <1-65535> LACP port priority order Lower numbers have higher priority [Initial value] lacp port-priority 32768 [Input mode] interface mode [Description] Sets the LACP port priority order. If this command is executed with the "no" syntax, the setting returns to the default value.
Command Reference | Interface control | 151 SWR2311P(config)#aaa authentication dot1x 5.3.2 Configuring the MAC authentication function for the entire system [Syntax] aaa authentication auth-mac no aaa authentication auth-mac [Initial value] no aaa authentication auth-mac [Input mode] global configuration mode [Description] Enables MAC authentication for the entire system. If this command is executed with the "no" syntax, disables MAC authentication for the entire system.
| Command Reference | Interface control Operation mode Description force-authorized Sets the authenticated port for IEEE 802.1X authentication to a fixed port force-unauthorized Sets the unauthenticated port for IEEE 802.1X authentication to a fixed port [Initial value] no dot1x port-control [Input mode] interface mode [Description] Configures the IEEE 802.1X authentication operation mode for the applicable interface. If this command is executed with the "no" syntax, the IEEE 802.
Command Reference | Interface control | 153 To use this command, you must enable the port authentication function for the applicable interface. (dot1x port-control command) [Example] Discard received packets only for the packet forwarding operation on an unauthenticated port of LAN port #1. SWR2311P(config)#interface port1.1 SWR2311P(config-if)#dot1x control-direction in 5.3.
| Command Reference | Interface control 5.3.
Command Reference | Interface control | 155 You cannot enable the Web authentication function from any other mode besides multi-supplicant mode. You cannot use this together with guest VLAN. [Example] Enable the LAN port #1 Web authentication function. SWR2311P(config)#interface port1.1 SWR2311P(config-if)#auth-web enable 5.3.
| Command Reference | Interface control [Initial value] no auth reauthentication [Input mode] interface mode [Description] Enables reauthentication of supplicants for the applicable interface. If this is executed with the "no" syntax, the re-authentication is disabled. When this setting is enabled, this periodically reauthenticates supplicants that have been successfully authenticated. The reauthentication interval can be changed using the auth timeout reauth-period command.
Command Reference | Interface control | 157 no auth guest-vlan [Parameter] vlan-id : <1-4094> VLAN ID for guest VLAN [Initial value] no auth guest-vlan [Input mode] interface mode [Description] If the supplicant connected to the applicable interface is unauthorized or if authorization has failed, this specifies the guest VLAN to which the supplicant is associated. If this command is executed with the "no" syntax, the guest VLAN setting is deleted.
| Command Reference | Interface control 5.3.15 Set reauthentication interval [Syntax] auth timeout reauth-period time no auth timeout reauth-period [Parameter] time : <300-86400> Supplication reauthentication interval (seconds) [Initial value] auth timeout reauth-period 3600 [Input mode] interface mode [Description] Sets the reauthentication interval of the supplicant for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Interface control | 159 5.3.17 Set supplicant reply wait time [Syntax] auth timeout supp-timeout time no auth timeout supp-timeout [Parameter] time : <1-65535> Supplicant reply wait time (seconds) [Initial value] auth timeout supp-timeout 30 [Input mode] interface mode [Description] Sets the reply wait time from the supplicant during port authentication for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control Shared password (the settings for the radius-server key command are used if this is omitted) [Initial value] none [Input mode] global configuration mode [Description] Adds a server to the authentication server list. The maximum number of entries is 8. If this command is executed with the "no" syntax, this deletes the specified server from the authentication server list. [Example] Add the server at IP address 192.168.100.
Command Reference | Interface control | 161 [Parameter] count : <0-100> Number of times to resend request [Initial value] radius-server retransmit 3 [Input mode] global configuration mode [Description] Sets the number of times to resend requests to a RADIUS server. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control [Input mode] global configuration mode [Description] Sets the time during which the usage of the relevant server is prevented, when a request to the RADIUS server has timed out. If this command is executed with the "no" syntax, the setting returns to the default. [Example] This sets the usage prevention for the RADIUS server to 1 minute. SWR2311P(config)#radius-server deadtime 1 5.3.
Command Reference | Interface control | 163 Clear-state time : Not configured Redirect URL : Not configured Auth-web custom-file : There is no custom-file RADIUS server address : 192.168.100.101 (port:1812) [Interface information] Interface port1.1 (up) 802.
| Command Reference | Interface control -------- ----------------- ----------------- --------------- ---- -----port1.1 0011.2233.4455 user Authenticated 1 802.1X 5.3.
Command Reference | Interface control | 165 [Description] Clears the packet statistical information during port authentication. [Example] Clear the statistical information for LAN port #1. SWR2311P#clear auth statistics interface port1.1 5.3.28 Show RADIUS server setting information [Syntax] show radius-server [Input mode] priviledged EXEC mode [Description] Shows setting information related to the RADIUS server.
| Command Reference | Interface control 5.3.30 Clear the authentication state [Syntax] clear auth state [all] [interface ifname] [supplicant mac-addr] [Keyword] all : Clears the authentication state for all supplicants interface : Clears the authentication state for supplicants connected to specific interfaces supplicant : Clear the authentication state for specific supplicant : Interfacee name [Parameter] ifname Interface to clear mac-addr : hhhh.hhhh.
Command Reference | Interface control | 167 [Parameter] time : <0-23> Time at which the authentication state is cleared [Initial value] no auth clear-state time [Input mode] interface mode [Description] Sets the time at which the authentication state of the supplicant is cleared for the applicable interface. If this command is executed with the "no" syntax, deletes the time setting for clearing the authentication state.
| Command Reference | Interface control [Example] Copy all of the files for customizing the Web authentication screen from the SD card to startup configuration #0. SWR2311P#copy auth-web startup-config all sd 0 5.3.
Command Reference | Interface control | 169 If this is executed with the "no" syntax, or if "enable" is specified, EAPOL frames are forwarded. [Note] For interfaces on which 802.1X authentication is enabled, authentication functionality is given priority, and EAP pass-through settings are not applied. [Example] Disable the EAP pass through. SWR2311P(config)#pass-through eap disable 5.4 Port security 5.4.
| Command Reference | Interface control 5.4.3 Set operations used for security violations [Syntax] port-security violation action no port-security violation [Parameter] action : Operation used for port security violations Operation mode Description discard Discards packets shutdown Shuts down the port [Initial value] port-security violation discard [Input mode] interface mode [Description] Sets the action to be taken during a port security violation for the applicable interface.
Command Reference | Interface control | 171 5.5.
| Command Reference | Interface control function auto recovery interval ----------------------------------------------BPDU guard disable Loop detect enable 300 Port-security disable port reason ---------------------------port1.1 BPDU guard port1.7 Loop detect 5.6 PoE 5.6.
Command Reference | Interface control | 173 Setting value Description enable Enables the PoE power supply function for the applicable interface disable Disables the PoE power supply function for the applicable interface [Initial value] power-inline enable [Input mode] interface mode [Description] Set the applicable interface PoE power supply function as enabled or disabled. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control 5.6.4 Set PoE port power supply priority [Syntax] power-inline priority priority no power-inline priority [Parameter] priority : Power supply priority Setting value Description critical Highest high High low Low [Initial value] power-inline priority low [Input mode] interface mode [Description] Sets the power supply priority for the applicable interface.
Command Reference | Interface control | 175 [Example] Sets the guard band to 30W. SWR2311P(config)#power-inline guardband 30 Disables the guard band. SWR2311P(config)#power-inline guardband 0 Resets the guard band to default values. SWR2311P(config)#no power-inline guardband 5.6.
| Command Reference | Interface control Powered device type PoE admin Priority Powering status Detection status Current power consumption Powered device class Powered allocated Powered pairs * - Assigned by LLDP.
Command Reference | Layer 2 functions | 177 Chapter 6 Layer 2 functions 6.1 FDB (Forwarding Data Base) 6.1.
| Command Reference | Layer 2 functions SWR2311P(config)#mac-address-table ageing-time 400 6.1.3 Clear dynamic entry [Syntax] clear clear clear clear mac-address-table mac-address-table mac-address-table mac-address-table dynamic dynamic adress mac-addr dynamic vlan vlan-id dynamic interface ifname [instance inst] [Keyword] address : Specifies the MAC address vlan : Specifies the VLAN ID interface : Specifies the interface instance : Specifies the MST instance : hhhh.hhhh.
Command Reference | Layer 2 functions | 179 ifname : Setting value Description discard Discard Name of LAN/SFP port or logical interface Applicable interface vlan-id : <1-4094> Applicable VLAN ID [Initial value] none [Input mode] global configuration mode [Description] Registers a static entry in the MAC address table. If action is specified as "forward," received frames that match the specified MAC address and VLAN ID are forwarded to the specified interface.
| Command Reference | Layer 2 functions 1 1 sa1 sa2 1803.731e.8c2b 782b.cbcb.218d forward forward dynamic dynamic 300 300 6.1.
Command Reference | Layer 2 functions | 181 [Keyword] name : Specifies the name of the VLAN state : Specifies the state of the VLAN : <2-4094> [Parameter] vlan-id VLAN ID name : Single-byte alphanumeric characters and single-byte symbols(32characters or less) Name of the VLAN state : Whether frame forwarding is enabled or disabled Setting value Description enable Frames are forwarded disable Frames are not forwarded [Initial value] none [Input mode] VLAN mode [Description] Sets the VLAN
| Command Reference | Layer 2 functions Setting value Description isolated Secondary VLAN (isolated VLAN) [Initial value] none [Input mode] VLAN mode [Description] Uses vlan-id as a private VLAN. If this command is executed with the "no" syntax, the private VLAN setting is deleted, and it is used as a conventional VLAN.
Command Reference | Layer 2 functions | 183 [Description] Specify the association of the secondary VLAN (isolated VLAN, community VLAN) with the primary VLAN of the private VLAN. By specifying "add," specify the association of the vlan-id with the 2nd-vlan-ids. By specifying "remove," remove the association of the vlan-id and the 2nd-vlan-ids. If this command is executed with the "no" syntax, all associations to the primary VLAN are deleted.
| Command Reference | Layer 2 functions [Input mode] interface mode [Description] Sets the VLAN ID that is associated as an access port with the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be set only for a LAN/SFP port or logical interface for which the switchport mode access command is set.
Command Reference | Layer 2 functions | 185 6.2.
| Command Reference | Layer 2 functions SWR2311P(config)#interface port1.1 SWR2311P(config-if)#switchport mode trunk SWR2311P(config-if)#switchport trunk allowed vlan add 2 6.2.
Command Reference | Layer 2 functions | 187 [Initial value] none [Input mode] interface mode [Description] Specifies the private VLAN port type for the applicable interface. If this is executed with the "no" syntax, the setting of the private VLAN specified for the applicable interface is deleted. [Note] This command can be set only for a LAN/SFP port for which the switchport mode access command is set. In addition, promiscuous can be specified for the following interfaces.
| Command Reference | Layer 2 functions SWR2311P(config)# interface port1.1 SWR2311P(config-if)# switchport mode private-vlan host SWR2311P(config-if)# switchport private-vlan host-association 100 add 101 SWR2311P(config-if)# interface port1.2 SWR2311P(config-if)# switchport mode private-vlan host SWR2311P(config-if)# switchport private-vlan host-association 100 add 102 SWR2311P(config-if)# interface port1.
Command Reference | Layer 2 functions | 189 SWR2311P(config)# interface port1.1 SWR2311P(config-if)# switchport mode private-vlan promiscuous SWR2311P(config-if)# switchport private-vlan mapping 100 add 101 SWR2311P(config-if)# switchport private-vlan mapping 100 add 102 SWR2311P(config-if)# switchport private-vlan mapping 100 add 103 6.2.
| Command Reference | Layer 2 functions SWR2311P(config)#interface port1.1 SWR2311P(config-if)#switchport voice cos 6 6.2.15 Set DSCP value for voice VLAN [Syntax] switchport voice dscp value no switchport voice dscp [Parameter] value : <0-63> DSCP value to specify for connected device [Initial value] switchport voice dscp 0 [Input mode] interface mode [Description] Specify the DSCP value to use for voice traffic by the connected device.
Command Reference | Layer 2 functions | 191 Even if multiple VLAN is specified, correct communication might not be possible due to the following. • Spanning tree block status • IGMP snooping or MLD snooping status • Loop detection block status [Example] Assign LAN port #1 to multiple VLAN group #10. SWR2311P(config)#interface port1.1 SWR2311P(config-if)#switchport multiple-vlan group 10 SWR2311P(config-if)#exit 6.2.
| Command Reference | Layer 2 functions Item Description Name Name of the VLAN State VLAN status (whether frames are forwarded) • ACTIVE : forwarded • SUSPEND : not forwarded Member ports Interfaces associated with the VLAN ID • (u) : Access port (untagged port) • (t) : Trunk port (tagged port) [Example] Show all VLAN information.
Command Reference | Layer 2 functions | 193 [Parameter] group-id : <1-256> Multiple VLAN group ID [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the setting status for multiple VLAN groups. If the "group" specification is omitted, all groups that are actually assigned to the interface are shown. [Example] Shows the setting status for multiple VLAN groups.
| Command Reference | Layer 2 functions If this command is executed with the "no" syntax, the setting returns to the default. [Note] The setting of this command must satisfy the following conditions. 2 x (hello time + 1) <= maximum aging time <= 2 x (forward delay time - 1) The maximum aging time can be set by the spanning-tree max-age command. The hello time is always 2 seconds, and cannot be changed. [Example] Set the forward delay time to 10 seconds. SWR2311P(config)#spanning-tree forward-time 10 6.
Command Reference | Layer 2 functions | 195 [Note] In the case of MSTP, this is the setting for CIST (instance #0). [Example] Set the bridge priority to 4096. SWR2311P(config)#spanning-tree priority 4096 6.3.
| Command Reference | Layer 2 functions [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface. If a LAN/SFP port is associated with a logical interface, the setting of this command for the corresponding LAN/SFP port returns to the default. [Example] Set the LAN port #1 link type to "shared." SWR2311P(config)#interface port1.
Command Reference | Layer 2 functions | 197 [Initial value] spanning-tree bpdu-guard disable [Input mode] interface mode [Description] Sets BPDU guard for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
| Command Reference | Layer 2 functions SWR2311P(config)#interface port1.1 SWR2311P(config-if)#spanning-tree path-cost 100000 6.3.10 Set interface priority [Syntax] spanning-tree priority priority no spanning-tree priority [Parameter] priority : <0-240> (multiple of 16) Priority value [Initial value] spanning-tree priority 128 [Input mode] interface mode [Description] Sets the priority of the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Layer 2 functions | 199 6.3.12 Show spanning tree status [Syntax] show spanning-tree [interface ifname] [Keyword] interface : Specifies the interface to show : Name of LAN/SFP port or logical interface [Parameter] ifname Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the spanning tree status. If "interface" is omitted, the status of all interfaces is shown. In the case of MSTP, shows CIST (instance #0) information.
| Command Reference | Layer 2 functions Item Description Root Root bridge identifier. This consists of the root bridge priority (the first four hexadecimal digits) and MAC address Designated Bridge Bridge identifier.
Command Reference | Layer 2 functions | 201 % % % % % % port1.1: port1.1: port1.1: port1.1: port1.1: port1.1: No portfast configured - Current portfast off bpdu-guard disabled - Current bpdu-guard off bpdu-filter disabled - Current bpdu-filter off no root guard configured - Current root guard off Configured Link Type point-to-point - Current point-to-point No auto-edge configured - Current port Auto Edge off 6.3.
| Command Reference | Layer 2 functions % Other Port-Specific Info -----------------------% Max Age Transitions % Msg Age Expiry % Similar BPDUS Rcvd % Src Mac Count % Total Src Mac Rcvd % Next State % Topology Change Time : : : : : : : 1 0 0 0 3 Discard/Blocking 0 % Other Bridge information & Statistics -------------------------------------% STP Multicast Address : 01:80:c2:00:00:00 % Bridge Priority : 32768 % Bridge Mac Address : ac:44:f2:30:01:10 % Bridge Hello Time : 2 % Bridge Forward Delay : 15
Command Reference | Layer 2 functions | 203 [Example] Move to MST mode. SWR2311P(config)#spanning-tree mst configuration SWR2311P(config-mst)# 6.3.16 Generate MST instance [Syntax] instance instance-id no instance [Parameter] instance-id : <1-15> Instance ID [Initial value] none [Input mode] MST mode [Description] Generates an MST instance. If this command is executed with the "no" syntax, the MST instance is deleted.
| Command Reference | Layer 2 functions SWR2311P(config)#spanning-tree mst configuration SWR2311P(config-mst)#instance 1 vlan 2 6.3.18 Set priority of MST instance [Syntax] instance instance-id priority priority no instance instance-id priority [Parameter] instance-id : <1-15> Instance ID priority : <0-61440> (multiple of 4096) Priority value [Initial value] instance instance-id priority 32768 [Input mode] MST mode [Description] Sets the priority of the MST instance.
Command Reference | Layer 2 functions | 205 [Parameter] revision : <0-65535> Revision number [Initial value] revision 0 [Input mode] MST mode [Description] Sets the revision number of the MST region. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set the revision number as 2 for the MST region. SWR2311P(config)#spanning-tree mst configuration SWR2311P(config-mst)#revision 2 6.3.
| Command Reference | Layer 2 functions Priority value [Initial value] spanning-tree instance instance-id priority 128 [Input mode] interface mode [Description] Sets the priority for the applicable interface in the MST instance. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
Command Reference | Layer 2 functions | 207 SWR2311P(config)#interface port1.1 SWR2311P(config-if)#spanning-tree instance 2 SWR2311P(config-if)#spanning-tree instance 2 path-cost 100000 6.3.24 Show MST region information [Syntax] show spanning-tree mst config [Input mode] unprivileged EXEC mode, priviledged EXEC mode, interface mode [Description] Shows distinguishing information for the MST region. [Example] Show distinguishing information for the MST region.
| Command Reference | Layer 2 functions % % 0: 1: 1 100 (port1.8) Show detailed MSTP information for LAN port #8. SWR2311P>show spanning-tree mst detail interface port1.
Command Reference | Layer 2 functions | 209 [Description] Shows information for the specified MST instance. If "interface" is omitted, information is shown for all interfaces that are assigned the specified MST instance. [Note] A LAN/SFP port that is associated with a logical interface cannot be specified as ifname. [Example] Show information for MST instance #1.
| Command Reference | Layer 2 functions SWR2311P(config)#loop-detect enable Disable the loop detection function for the entire system. SWR2311P(config)#loop-detect disable 6.4.
Command Reference | Layer 2 functions | 211 6.4.
| Command Reference | Layer 2 functions The following items are shown. • Setting of the system-wide loop detection function • Loop detection status for each LAN/SFP port • Interface name (port) • Setting of the loop detection function (loop-detect) for LAN/SFP port. If the loop detection function is operating, (*) is added • Status of the Port Blocking setting (port-blocking) • Loop detection status (status) [Example] Show the loop detection status.
Command Reference | Layer 3 functions | 213 Chapter 7 Layer 3 functions 7.1 IPv4 address management 7.1.1 Set IPv4 address [Syntax] ip ip no no no address ip_address/mask [secondary] [label textline] address ip_address netmask [secondary] [label textline] ip address ip_address/mask [secondary] ip address ip_address netmask [secondary] ip address [Keyword] label : Set label as IPv4 address secondary : Set as the secondary address : A.B.C.
| Command Reference | Layer 3 functions [Parameter] interface : VLAN interface name [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the IPv4 address for each interface. The following content is shown. • IPv4 address • For secondary addresses, “(secondary)” is appended to the end of IPv4 addresses. • If an IPv4 address has been specified by the ip address dhcp command, an "*" is shown added before the displayed IPv4 address.
Command Reference | Layer 3 functions | 215 [Note] The lease time requested from the DHCP server is fixed at 72 hours. However, the actual lease time will depend on the setting of the DHCP server. Even if this command is used to obtain the default gateway, DNS server, and default domain name from the DHCP server, the settings of the ip route, ip name-server, ip domain-name commands take priority.
| Command Reference | Layer 3 functions [Parameter] switch : Behavior of the auto IP function Setting value Description enable Enable the auto IP function disable Disable the auto IP function [Initial value] auto-ip disable [Input mode] interface mode [Description] For the VLAN interface, enables the Auto IP function which automatically generates the IPv4 link local address (169.254.xxx.xxx/16).
Command Reference | Layer 3 functions | 217 Netmask in address format Set this to 0.0.0.0 if specifying the default gateway gateway : A.B.C.D IPv4 address of gateway number : <1-255> Administrative distance (priority order when selecting route) (if omitted: 1) Lower numbers have higher priority. [Initial value] none [Input mode] global configuration mode [Description] Adds a static route for IPv4. If this command is executed with the "no" syntax, the specified route is deleted.
| Command Reference | Layer 3 functions Known via "connected", distance 0, metric 0, best * is directly connected, vlan1 7.2.3 Show IPv4 Routing Information Base [Syntax] show ip route database [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the IPv4 Routing Information Base (RIB). [Example] Show the IPv4 routing information base. SWR2311P>show ip route database Codes: C - connected, S - static > - selected route, * - FIB route S S S C C *> *> *> *> *> 0.0.0.
Command Reference | Layer 3 functions | 219 7.3.2 Clear ARP table [Syntax] clear arp-cache [Input mode] priviledged EXEC mode [Description] Clears the ARP cache. [Example] Clear the ARP cache. SWR2311P#clear arp-cache 7.3.3 Set static ARP entry [Syntax] arp ip_address mac_address interface no arp ip_address [Parameter] ip_address : A.B.C.D IP address mac_address : HHHH.HHHH.HHHH MAC address interface : portN.
| Command Reference | Layer 3 functions If this command is executed with the "no" syntax, the ARP entry timeout is set to 1200 seconds. [Example] Change the ARP entry ageing timeout for VLAN #1 to five minutes. SWR2311P(config)#interface vlan1 SWR2311P(config)#arp-aging-timeout 300 7.4 IPv4 forwarding control 7.4.
Command Reference | Layer 3 functions | 221 [Parameter] host : Target to which ICMP Echo is sent Host name, or target IP address (A.B.C.
| Command Reference | Layer 3 functions 5 6 192.168.50.1 (192.168.50.1) 7.689 ms 7.527 ms 7.168 ms 192.168.100.1 (192.168.100.1) 33.948 ms 10.413 ms 7.681 ms 7.6 IPv6 address management 7.6.
Command Reference | Layer 3 functions | 223 Up to 8 IPv6 addresses can be configured for the system overall (excepting link local addresses that are automatically assigned). If this command is executed with the "no" syntax, the specified IPv6 address is deleted. If no IPv6 address is specified, all IPv6 addresses (including RA settings) are deleted. [Note] It is not possible to assign an IPv6 address of the same subnet to multiple interfaces. [Example] Specify 2001:db8:1::2 as the IPv6 address for VLAN #1.
| Command Reference | Layer 3 functions SWR2311P>show ipv6 interface brief Interface IPv6-Address Link-Status vlan1 2001:db8:1::2/64 2001:db8:2::2/64 fe80::2a0:deff:fe:2/64 vlan2 2001:db8:2::2/64 fe80::2a0:deff:fe:2/64 down vlan3 unassigned down Admin-Status up up up up 7.7 IPv6 route control 7.7.
Command Reference | Layer 3 functions | 225 7.7.2 Show IPv6 Forwarding Information Base [Syntax] show ipv6 route [ipv6_address[/prefix_len]] [Parameter] ipv6_address : X:X::X:X IPv6 address mask : <0-128> IPv6 prefix length (if omitted: 128) [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the IPv6 Forwarding Information Base (FIB). If the IPv6 address is omitted, the entire content of the FIB is shown.
| Command Reference | Layer 3 functions 7.7.4 Show summary of the route entries registered in the IPv6 Routing Information Base [Syntax] show ipv6 route summary [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows a summary of the route entries that are registered in the IPv6 Routing Information Base (RIB). [Note] [Example] Show a summary of the IPv6 Routing Information Base.
Command Reference | Layer 3 functions | 227 [Description] Shows the neighbor cache table. [Note] [Example] Show the neighbor cache table. SWR2311P>show ipv neighbors IPv6 Address 2001:db8:1:0:3538:5dc7:6bc4:1a23 2001:db8:cafe::1 fe80::0211:22ff:fe33:4455 fe80::6477:88ff:fe99:aabb MAC Address 0011.2233.4455 00a0.de80.cafe 0011.2233.4455 6677.8899.aabb Interface vlan1 vlan1 vlan1 vlan1 Type dynamic static dynamic dynamic 7.8.
| Command Reference | Layer 3 functions [Description] Shows the IPv6 packet forwarding settings. [Example] Shows the IPv6 packet forwarding settings. SWR2311P>show ipv6 forwarding IPv6 forwarding is on 7.10 IPv6 ping 7.10.
Command Reference | Layer 3 functions | 229 64 bytes from fe80::2a0:deff:fe11:2233: seq=4 ttl=64 time=10.210 ms --- fe80::2a0:deff:fe11:2233%vlan1 ping statistics --5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 2.681/7.554/10.210 ms 7.10.
| Command Reference | Layer 3 functions 7.11.2 Set DNS server list [Syntax] dns-client name-server server no dns-client name-server server [Parameter] server : A.B.C.D IPv4 addtess of the DNS server : X:X::X:X IPv6 address of the DNS server If you specify an IPv6 link local address, you must also specify the output interface (fe80::X%vlanN format) [Initial value] none [Input mode] global configuration mode [Description] Adds a server to the DNS server list. Up to three servers can be specified.
Command Reference | Layer 3 functions | 231 [Example] Set the default domain name to "example.com". SWR2311P(config)#dns-client domain-name example.com 7.11.4 Set search domain list [Syntax] dns-client domain-list name no dns-client domain-list name [Parameter] name : Domain name (maximum 255 characters) [Initial value] none [Input mode] global configuration mode [Description] Adds a domain name to the list of domain names used for DNS queries.
| Command Reference | Layer 3 functions * - Values assigned by DHCP Client.
Command Reference | IP multicast control | 233 Chapter 8 IP multicast control 8.1 IP multicast basic settings 8.1.
| Command Reference | IP multicast control [Example] Enable IGMP snooping for VLAN #2. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ip igmp snooping enable Disable IGMP snooping for VLAN #2. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ip igmp snooping disable 8.2.
Command Reference | IP multicast control | 235 The multicast router must be connected to the specified LAN/SFP port. If an IGMP report is received from the receiver, it is forwarded to the specified LAN/SFP port. [Example] Specify LAN port #8 as a connection destination of the multicast router. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ip igmp snooping mrouter interface port1.8 Remove LAN port #8 as a connection destination of the multicast router.
| Command Reference | IP multicast control [Note] This command can be specified only for VLAN interface. Also, this can be specified only if IGMP snooping is enabled. [Example] Set the VLAN #2 query transmission interval to 30 seconds. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ip igmp snooping query-interval 30 Return the VLAN #2 query transmission interval to the default setting.
Command Reference | IP multicast control | 237 IGMP version [Initial value] ip igmp snooping version 3 [Input mode] interface mode [Description] Sets the IGMP version. If this command is executed with the "no" syntax, the IGMP version returns to the default setting (V3). [Note] This command can be specified only for VLAN interface. Also, this can be specified only if IGMP snooping is enabled. If an IGMP packet of a different version than this setting is received, the following action occurs.
| Command Reference | IP multicast control [Parameter] A.B.C.D : Multicast group address ifname : VLAN interface name Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows IGMP group membership information. [Example] Show IGMP group membership information. SWR2311P#show ip igmp snooping groups IGMP Snooping Group Membership Group source list: (R - Remote, S - Static) Vlan Group/Source Address Interface Reporter Version 1 239.255.255.250 port1.5 192.168.
Command Reference | IP multicast control | 239 Number of v2-leaves: 0 Number of v3-reports: 127 Active Ports: port1.5 port1.8 8.2.11 Clear IGMP group membership entries [Syntax] clear ip igmp snooping clear ip igmp snooping group A.B.C.D clear ip igmp snooping interface ifname [Keyword] group : Specifies the multicast group address to be cleared interface : Specifies the VLAN interface to be cleared : Multicast group address [Parameter] A.B.C.
| Command Reference | IP multicast control [Example] Enable MLD snooping for VLAN #2. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ipv6 mld snooping enable Disnable MLD snooping for VLAN #2. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ipv6 mld snooping disable 8.3.
Command Reference | IP multicast control | 241 The multicast router must be connected to the specified LAN/SFP port. If an MLD report is received from the receiver, it is forwarded to the specified LAN/SFP port. [Example] Specify LAN port #8 as a connection destination of the multicast router. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ipv6 mld snooping mrouter interface port1.8 Remove LAN port #8 as a connection destination of the multicast router.
| Command Reference | IP multicast control [Note] This command can be specified only for VLAN interfaces. Also, this can be specified only if MLD snooping is enabled. [Example] Set the VLAN #2 query transmission interval to 30 seconds. SWR2311P#configure terminal SWR2311P(config)#interface vlan2 SWR2311P(config-if)#ipv6 mld snooping query-interval 30 Return the VLAN #2 query transmission interval to the default setting.
Command Reference | IP multicast control | 243 Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the multicast router connection port information that was dynamically learned or statically set. [Example] Show multicast router connection port information for VLAN #2. SWR2311P#show ipv6 mld snooping mrouter vlan2 VLAN Interface IP-address Expires 2 port1.11(dynamic) fe80::ae44:f2ff:fe30:291 00:01:04 8.3.
| Command Reference | IP multicast control [Parameter] ifname : VLAN interface name Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Show a VLAN interface's MLD-related information. [Example] Show MLD-related information for VLAN #1.
Command Reference | Traffic control | 245 Chapter 9 Traffic control 9.1 ACL 9.1.1 Generate IPv4 access list [Syntax] access-list ipv4-acl-id [seq_num] action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg] no access-list ipv4-acl-id [seq_num] [action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg]] [Keyword] ack : If tcp is specified as the protocol, the ACK flag of the TCP header is specified as a condition.
| Command Reference | Traffic control Setting value src-port : Description A.B.C.D/M Specifies an IPv4 address (A.B.C.D) with subnet mask length (Mbit) host A.B.C.D Specifies a single IPv4 address (A.B.C.D) any Applies to all IPv4 addresses <0-65535> If protocol is specified as tcp or udp, this specifies the transmission source port number <0-65535> that is the condition. This can also be omitted.
Command Reference | Traffic control | 247 SWR2311P(config)#access-list 1 deny any 192.168.1.0 0.0.0.255 host 172.16.1.1 Delete IPv4 access list #1. SWR2311P(config)#no access-list 1 9.1.2 Add comment to IPv4 access list [Syntax] access-list ipv4-acl-id description line no access-list ipv4-acl-id description [Parameter] ipv4-acl-id : <1-2000> ID of IPv4 access list to which a comment will be added line : Comment to add.
| Command Reference | Traffic control If the received/transmitted frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the corresponding frame. If this command is executed with the "no" syntax, the applied access list is deleted from both LAN/SFP port and logical interface. [Note] Only one access list for each direction can be registered for incoming frames (in) and for outgoing frames (out) on the same interface.
Command Reference | Traffic control | 249 To apply the generated access list, use the access-group command of interface mode. If the "no" syntax is used to specify "action" and following, the IPv6 access list that matches all conditions is deleted. If the "no" syntax is used without specifying "action" and following, the IPv6 access list of the matching ID of access list is deleted. [Note] An access list that is applied to LAN/SFP port and logical interface cannot be deleted using the "no" syntax.
| Command Reference | Traffic control Setting value Description in Apply to received frames out Apply to transmitted frames [Initial value] none [Input mode] interface mode [Description] Applies an IPv6 access list to both LAN/SFP port and logical interface. If the received/transmitted frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the corresponding frame.
Command Reference | Traffic control | 251 Setting value dst-info : Description HHHH.HHHH.HHHH WWWW.WWWW.WWWW Specifies the MAC address (HHHH.HHHH.HHHH) with wildcard bits (WWWW.WWWW.WWWW) host HHHH.HHHH.HHHH Specifies an individual MAC address (HHHH.HHHH.HHHH) any Applies to all MAC addresses Specifies the destination MAC address information that is the condition Setting value Description HHHH.HHHH.HHHH WWWW.WWWW.WWWW Specifies the MAC address (HHHH.HHHH.HHHH) with wildcard bits (WWWW.WWWW.
| Command Reference | Traffic control [Initial value] none [Input mode] global configuration mode [Description] Adds a comment (remark) to the already-generated MAC access list. If this is executed with the "no" syntax, the comment is deleted from the MAC access list. [Note] You can use this command to add a comment even after the access list has been applied to LAN/SFP port and logical interface. (The last-written comment overwrites the previous one.
Command Reference | Traffic control | 253 9.1.10 Show generated access list [Syntax] show access-list [acl_id] [Parameter] acl-id : <1-2000>, <2001-3000>, <3001-4000> ID of access list [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the registered access list. If acl-id is omitted, all access lists are shown.
| Command Reference | Traffic control SWR2311P>show access-group Interface port1.1 : IPv4 access group 1 in Interface port1.7 : IPv6 access group 3002 in Interface port1.8 : MAC access group 2001 in 9.1.
Command Reference | Traffic control | 255 9.1.15 Set VLAN access map filter [Syntax] vlan filter access-map-name vlan-id [direction] no vlan filter access-map-name vlan-id [direction] [Parameter] access-map-name : Single-byte alphanumeric characters and single-byte symbols(256 characters or less) Access map name specified by the vlan access-map command vlan-id : <1-4094> VLAN ID set to the "enable" status by the vlan command direction : Specifies the direction of applicable frames.
| Command Reference | Traffic control [Example] Show VLAN access map information. SWR2311P>show vlan access-map Vlan access-map VAM001 match ipv4 access-list 2 9.1.17 Show VLAN access map filter [Syntax] show vlan filter [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Show VLAN access map filter application information. The following items are shown.
Command Reference | Traffic control | 257 SWR2311P(config)#qos disable 9.2.2 Set default CoS [Syntax] qos cos value no qos cos [Parameter] value : <0-7> Default CoS value [Initial value] qos cos 0 [Input mode] interface mode [Description] Sets the default CoS of LAN/SFP port and logical interface. If this is executed with the "no" syntax, the default value (CoS=0) is specified. The default CoS is used if untagged frames are received when the interface's trust mode is set to CoS.
| Command Reference | Traffic control [Description] Specifies the trust mode of LAN/SFP port and logical interface. If this is executed with the "no" syntax, the default value (CoS trust mode) is specified. In the case of "CoS" trust mode, the CoS value of incoming frames is used to determine the egress queue. In the case of "DSCP," the DSCP value of incoming frames is used to determine the egress queue.
Command Reference | Traffic control | 259 [Parameter] ifname : Name of the LAN/SFP port or logical interface. If this is omitted, the command applies to all ports. Interface to show [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows QoS settings for the specified interface. The following content is shown.
| Command Reference | Traffic control Port Trust Mode: DSCP Egress Traffic Shaping: Not Configured Queue Scheduling: Queue0 : SP Queue1 : SP Queue2 : SP Queue3 : SP Queue4 : SP Queue5 : SP Queue6 : SP Queue7 : SP DSCP (Queue): 0(2), 8(0), 16(1), 24(3), 32(4), 40(5), 48(6), 56(7), 1(2), 9(0), 17(1), 25(3), 33(4), 41(5), 49(6), 57(7), 2(2), 10(0), 18(1), 26(3), 34(4), 42(5), 50(6), 58(7), 3(2), 11(0), 19(1), 27(3), 35(4), 43(5), 51(6), 59(7), 4(2), 12(0), 20(1), 28(3), 36(4), 44(5), 52(6), 60(7), 5(
Command Reference | Traffic control | 261 CoS value of conversion source queue-id : <0-7> Egress queue ID corresponding to CoS value [Initial value] See [Note] [Input mode] global configuration mode [Description] Specifies the values of the CoS - egress queue ID conversion table that is used to determine the egress queue. If this is executed with the "no" syntax, the egress queue ID for the specified CoS value is returned to the default setting.
| Command Reference | Traffic control The DSCP - egress queue ID conversion table is used when the trust mode is set to DSCP. [Note] In order to execute this command, QoS must be enabled. The following table shows the default settings of the DSCP - egress queue ID conversion table. DSCP value Egress queue 0-7 2 8-15 0 16-23 1 24-31 3 32-39 4 40-47 5 48-55 6 56-63 7 [Example] Assign egress queue #4 to DSCP value "0.
Command Reference | Traffic control | 263 9.2.10 Specify egress queue of frames transmitted from the switch itself [Syntax] qos queue sent-from-cpu queue-id no qos queue sent-from-cpu [Parameter] queue-id : <0-7> Egress queue ID [Initial value] qos queue sent-from-cpu 7 [Input mode] global configuration mode [Description] Specifies the egress queue for the storage destination of frames sent to each LAN/SFP port from the switch itself (CPU).
| Command Reference | Traffic control SWR2311P(config)#class-map class1 SWR2311P(config-cmap)# 9.2.12 Associate class map [Syntax] class name no class name [Parameter] name : Class map name [Input mode] policy map mode [Description] Associates a class map to a policy map. When the class map association succeeds, move to policy map class mode. In policy map class mode, you can make the following settings for each traffic class.
Command Reference | Traffic control | 265 IPv4 access list ID : <2001 - 3000> MAC access list ID : <3001 - 4000> IPv6 access list ID [Input mode] class map mode [Description] Uses the access list as the conditions to classify the traffic class. If the received frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the traffic class. If this is executed with the "no" syntax, the condition settings of the access list are deleted.
| Command Reference | Traffic control [Input mode] class map mode [Description] Uses the value of the IP header's TOS precedence field as a condition to classify the traffic class. If this is executed with the "no" syntax, the classification conditions using TOS precedence are deleted. The setting can be repeated up to the maximum number (eight) of registrations. [Note] In order to execute this command, QoS must be enabled.
Command Reference | Traffic control | 267 Setting value Description 0xXXXX Hexadecimal expression of type value any All frame [Input mode] class map mode [Description] Uses the Ethernet frame's type value and the presence of a VLAN tag as the conditions to classify the traffic class. If this command is executed with the "no" syntax, deletes conditional settings based on the Ethernet frame's type value and the presence of a VLAN tag.
| Command Reference | Traffic control Ending VLAN ID value used as classification condition. The range from the specified starting value to the ending value can be a maximum of 30. [Input mode] class map mode [Description] Uses the VLAN ID as the condition to classify the traffic class. To delete the classification condition, use the no match vlan command. This can be used in conjunction with the setting of the match vlan command.
Command Reference | Traffic control | 269 9.2.21 Generate policy map for received frames [Syntax] policy-map name no policy-map name [Parameter] name : Name of policy map (maximum 32 characters; uppercase and lowercase are distinguished) [Input mode] global configuration mode [Description] Generates a policy map. The policy map combines the following processing for received frames, for each traffic class.
| Command Reference | Traffic control [Description] Applies the policy map to the corresponding LAN/SFP port and logical interface. If this is executed with the "no" syntax, the policy map is deleted from the LAN/SFP port and logical interface. [Note] In order to execute this command, QoS must be enabled. If a policy map has already been applied to the LAN/SFP port and logical interface, an error occurs.
Command Reference | Traffic control | 271 Pre-marking cannot be used in conjunction with the set egress queue function. [Example] Make the following settings for received frames of LAN port #1 • Permit traffic from the 10.1.0.0 network • Change the classified traffic class to the CoS value "2" [Traffic class definition] SWR2311P(config)#access-list 1 permit any 10.1.0.0 0.0.255.
| Command Reference | Traffic control 9.2.25 Set pre-marking (DSCP) [Syntax] set ip-dscp value no set dscp [Parameter] value : <0 - 63> DSCP value specified by pre-marking [Input mode] policy map class mode [Description] Changes the DSCP value of the classified traffic class to the specified DSCP value. In addition, reassign the egress queue according to the egress queue ID table that corresponds to the trust mode.
Command Reference | Traffic control | 273 [Parameter] CIR : <1 - 102300000> Traffic rate (kbps) CBS : <11 - 2097120> Burst size of conformant token bucket (kbyte) EBS : <11 - 2097120> Burst size of excess token bucket (kbyte) action : Operation for packets categorized by bandwidth class Setting value Operation transmit Forward drop Discard remark Remarking (CoS/TOS/DSCP) [Input mode] policy map class mode [Description] Specifies individual policers (single rate) for the categorized traffi
| Command Reference | Traffic control 9.2.27 Set individual policers (twin rate) [Syntax] police twin-rate CIR PIR CBS PBS yellow-action action red-action action no police [Keyword] twin-rate : Use twin rate policers : <1 - 102300000> [Parameter] CIR Traffic rate (kbps) PIR : <1 - 102300000> Peak traffic rate (kbps). A value less than CIR cannot be specified.
Command Reference | Traffic control | 275 SWR2311P(config-cmap)#match access-group 1 SWR2311P(config-cmap)#exit [Policy settings] SWR2311P(config)#policy-map policy1 SWR2311P(config-pmap)#class class1 SWR2311P(config-pmap-c)#police twin-rate 48 96 12 12 yellow-action remark red-action drop SWR2311P(config-pmap-c)#remark-map yellow ip-dscp 10 SWR2311P(config-pmap-c)#exit SWR2311P(config-pmap)#exit SWR2311P(config)#interface port1.1 SWR2311P(config-if)#service-policy input policy1 9.2.
| Command Reference | Traffic control PHB DSCP value RFC default 0 2474 Class Selector 0, 8, 16, 24, 32, 40, 48, 56 2474 Assured Forwarding 10, 12, 14, 18, 20, 22, 26, 28, 30, 34, 36, 2597 38 Expedited Forwarding(EF) 46 2598 [Example] Make the following settings for received frames of LAN port #1@ • Permit traffic from the 10.1.0.
Command Reference | Traffic control | 277 9.2.
| Command Reference | Traffic control no police [Keyword] twin-rate : Use twin rate policers : <1 - 102300000> [Parameter] CIR Traffic rate (kbps) PIR : <1 - 102300000> Peak traffic rate (kbps). A value less than CIR cannot be specified.
Command Reference | Traffic control | 279 [Parameter] color : Bandwidth class to remark Setting value type : Description yellow Make remarking settings for bandwidth class Yellow red Make remarking settings for bandwidth class Red Type of remarking Setting value value : Description cos CoS remarking ip-precedence TOS precedence remarking ip-dscp DSCP remarking <0 - 7> CoS or TOS precedence remarking value : <0 - 63> DSCP remarking value [Input mode] aggregate policer mode [Description
| Command Reference | Traffic control 9.2.33 Show aggregate policers [Syntax] show aggregate-police [name] [Parameter] name : Aggregate policer name. If this is omitted, the command applies to all aggregate policers. [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the contents of an aggregate policer. The contents shown are the same as in the police section shown by the show classmap command. [Note] In order to execute this command, QoS must be enabled.
Command Reference | Traffic control | 281 SWR2311P(config)#policy-map policy1 SWR2311P(config-pmap)#class class1 SWR2311P(config-pmap-c)#police-aggregate AGP-01 SWR2311P(config-pmap-c)#exit SWR2311P(config-pmap)#class class2 SWR2311P(config-pmap-c)#police-aggregate AGP-01 SWR2311P(config-pmap-c)#exit SWR2311P(config-pmap)#exit SWR2311P(config)#interface port1.1 SWR2311P(config-if)#service-policy input policy1 9.2.
| Command Reference | Traffic control [Input mode] priviledged EXEC mode [Description] Clears the metering totals for all policers (individual policers / aggregate policers) on the specified LAN/SFP port or logical interface. [Note] In order to execute this command, QoS must be enabled. [Example] Clear the metering totals for LAN port #1. SWR2311P#clear qos metering-counter port1.1 9.2.
Command Reference | Traffic control | 283 [Parameter] value : <0 - 63> DSCP value corresponding to egress queue [Input mode] policy map class mode [Description] Assigns an egress queue to the classified traffic class. Use the DSCP value to specify the egress queue; the egress queue that is assigned is based on the "DSCP-egress queue ID conversion table." If this is executed with the "no" syntax, the specification of egress queue based on traffic class is removed.
| Command Reference | Traffic control Item Description - Match ethertype (Ethernet Type) - Match vlan (VLAN ID) - Match vlan-range (VLAN ID) - Match CoS (CoS value) - Match IP precedence (TOS precedence) - Match IP DSCP (DSCP value) Set Pre-marking setting, egress queue setting - Set CoS (Pre-marking setting : CoS value) - Set IP precedence (Pre-marking setting : TOS precedence) - Set IP DSCP (Pre-marking setting : DSCP value) - Set CoS-Queue (Specify egress queue : CoS - Set IP-DSCP-Queue (Specify e
Command Reference | Traffic control | 285 average rate (48 Kbits/sec) burst size (12 KBytes) excess burst size (12 KBytes) yellow-action (Remark [DSCP:10]) red-action (Drop) 9.2.40 Show map status [Syntax] show qos map-status type [name] [Parameter] type : Type of map to show Setting value name : Description policy Show policy map status information class Show class map status information The name of the policy map (or class map) to show.
| Command Reference | Traffic control SWR2311P#show qos map-status class class1 class1 status policy-map association : policy1 (Detached) edit/erase : Disable attach limitation CoS trust mode : Enable DSCP trust mode : Enable Port-Priority trust mode : Disable 9.2.
Command Reference | Traffic control | 287 [Parameter] CIR : <18-1000000> Traffic rate (kbps). Since rounding occurs, the value actually applied to the input value might be less (see [Note]) BC : <4-16000> Burst size (kbyte). Specified in 4-kbyte units. [Initial value] no traffic-shape rate [Input mode] interface mode [Description] Specifies shaping for the port. If this is executed with the "no" syntax, the port shaping setting is disabled. [Note] In order to execute this command, QoS must be enabled.
| Command Reference | Traffic control [Description] Specifies shaping for the egress queue of the port. If this is executed with the "no" syntax, the egress queue shaping setting is disabled. [Note] In order to execute this command, QoS must be enabled. Since rounding occurs on the traffic rate, the value actually applied to the input value might be less. Input value Traffic rate granularity (kbps) 18 - 23476 17.
Command Reference | Traffic control | 289 [Parameter] type : Flow control operation Setting value Description auto Enable flow control auto negotiation both Enable transmission/reception of Pause frames disable Disable flow control [Initial value] flowcontrol disable [Input mode] interface mode [Description] Enables flow control for the LAN/SFP port (IEEE 802.3x PAUSE frames send/receive). If this is executed with the "no" syntax, flow control is disabled.
| Command Reference | Traffic control SWR2311P#show flowcontrol port1.1 Port FlowControl RxPause TxPause ------------------------- ------port1.1 Both 4337 0 Show flow control information for all ports. SWR2311P#show flowcontrol System flow-control: Enable Port FlowControl ------------------port1.1 Both port1.2 Disable port1.3 Both port1.4 Disable port1.5 Disable port1.6 Disable port1.7 Disable port1.8 Disable RxPause TxPause ------- ------4337 0 0 1732 - 9.4 Storm control 9.4.
Command Reference | Traffic control | 291 [Parameter] ifname : LAN/SFP port interface name Interface to show [Initial value] none [Input mode] unprivileged EXEC mode, priviledged EXEC mode [Description] Shows the upper limit value for frame reception. If the interface name is omitted, all interfaces are shown. [Example] Show the setting status of all interfaces. SWR2311P#show storm-control Port BcastLevel McastLevel port1.1 30.00% 30.00% port1.2 20.00% 20.00% port1.3 100.00% 100.00% port1.4 100.00% 100.
| Command Reference | Application Chapter 10 Application 10.1 Local RADIUS server 10.1.
Command Reference | Application | 293 10.1.3 Generate a route certificate authority [Syntax] crypto pki generate ca [ca-name] no crypto pki generate ca [Parameter] ca-name : Certificate authority name Characters that can be inputted for the certificate authority name • Within 3–32 characters • Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces • Cannot specify “DEFAULT” [Initial value] none [Input mode] global configuration mode [Description] Generates a route
| Command Reference | Application Setting value Description pap PAP authentication method peap PEAP authentication method eap-md5 EAP-MD5 authentication method eap-tls EAP-TLS authentication method eap-ttls EAP-TTLS authentication method [Initial value] authentication pap peap eap-md5 eap-tls eap-ttls [Input mode] RADIUS configuration mode [Description] Specifies the authentication method used for the local RADIUS server.
Command Reference | Application | 295 [Input mode] RADIUS configuration mode [Description] Adds a RADIUS client (NAS) to the RADIUS client list. The maximum number of registered entries is 100. If this command is executed with the "no" syntax, the specified RADIUS client setting is deleted. [Note] RADIUS client (NAS) information configured using this command will not display in running-config or startup-config.
| Command Reference | Application mac-address : hhhh.hhhh.hhhh (h is hexadecimal) MAC address for terminal (user) to authenticate ssid : SSID connection point (32 characters or less, single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces ) name : User name (32 characters or less, single-byte alphanumeric characters and symbols other than the characters " ? and spaces mail-address : Mail address (256 characters or less, single-byte alphanumeric character
Command Reference | Application | 297 10.1.8 Reauthentication interval setting [Syntax] reauth interval time no reauth interval [Parameter] time : <3600,43200,86400,604800> Reauthentication interval (no. of seconds) [Initial value] reauth interval 3600 [Input mode] RADIUS configuration mode [Description] Sets the reauthentication interval that is notified to the RADIUS client (NAS). The RADIUS client (NAS) determines whether the reauthentication interval will be used.
| Command Reference | Application Authentication method Characters that can be inputted EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces EAP-TLS Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces [Input mode] priviledged EXEC mode [Description] This issues client certificates to users for which the EAP-TLS certification method is specified.
Command Reference | Application | 299 10.1.
| Command Reference | Application Authentication method Characters that can be inputted EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces EAP-TLS Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces [Input mode] priviledged EXEC mode [Description] This exports the client certificates to an SD card.
Command Reference | Application | 301 Client certificates to be sent are ZIP files, compressed using the passwords for each user. E-mail cannot be sent to users whose e-mail addresses have not been set. To send e-mail, the e-mail destination server and e-mail recipient name must be configured in the e-mail template, and an email template ID for use when sending the e-mail must be set using the mail send certificate command. [Note] Only the newest client certificate (1) can be sent via e-mail.
| Command Reference | Application Setting value Description IPv4 address (A.B.C.D) Range from 0.0.0.1 to 223.255.255.255, except for 127.0.0.1 IPv4 network address (A.B.C.
Command Reference | Application | 303 SWR2311P#show radius-server local user detail 00a0de000001 Total 1 userid : password : mode : vlan : MAC : SSID : name : mail-address: expire date : certificated: 00a0de000001 secretpassword eap-tls 10 00a0.de00.0001 YamahaTaro test.com 2037/12/31 Not 10.1.18 Client certificate issuance status display [Syntax] show radius-server local certificate status [Input mode] priviledged EXEC mode [Description] Shows the issuance status for client certificates.
| Command Reference | Application [Example] This displays client certificates that have been issued for specific users. SWR2311P#show radius-server local certificate list detail Yamaha userid certificate number enddate -------------------------------------------------------------------------------------------Yamaha Yamaha-DF598EE9B44D22CC 2018/12/31 Yamaha-DF598EE9B44D22CD 2019/12/31 10.1.
Command Reference | Index | 305 Index A aaa authentication auth-mac 151 aaa authentication auth-web 151 aaa authentication dot1x 150 access-group (IPv4) 247 access-group (IPv6) 249 access-group (MAC) 252 access-list (IPv4) 245 access-list (IPv6) 248 access-list (MAC) 250 access-list description (IPv4) 247 access-list description (IPv6) 249 access-list description (MAC) 251 action 119 aggregate-police 276 arp 219 arp-ageing-timeout 219 auth clear-state time (global configuration mode) 166 auth clear-state t
| Command Reference | Index http-server login-timeout 77 http-server secure 74 I instance 203 instance priority 204 instance vlan 203 interface reset 136 ip address 213 ip address dhcp 214 ip forwarding 220 ip igmp snooping 233 ip igmp snooping check ttl 236 ip igmp snooping fast-leave 234 ip igmp snooping mrouter interface 234 ip igmp snooping querier 235 ip igmp snooping query-interval 235 ip igmp snooping version 236 ip route 216 ipv6 222 ipv6 address 222 ipv6 address autoconfig 223 ipv6 forwarding
Command Reference | Index | 307 qos queue sent-from-cpu 263 qos trust 257 qos wrr-weight 286 R radius-server deadtime 161 radius-server host 159 radius-server key 161 radius-server local enable 292 radius-server local interface 292 radius-server local refresh 297 radius-server local-profile 293 radius-server retransmit 160 radius-server timeout 160 reauth interval 297 region 204 reload 122 remark-map (aggregate policer mode) 278 remark-map (policy map class mode) 275 restart 122 restore system 125 revision
| Command Reference | Index show radius-server local certificate revoke 304 show radius-server local certificate status 303 show radius-server local nas 301 show radius-server local user 302 show rmon 66 show rmon alarm 68 show rmon event 68 show rmon history 67 show rmon statistics 67 show running-config 33 show snmp community 60 show snmp group 60 show snmp user 61 show snmp view 60 show spanning-tree 199 show spanning-tree mst 207 show spanning-tree mst config 207 show spanning-tree mst instance 208
