Yamaha L3 Switch Standard L3 SWX3220 Series Command Reference Rev.4.02.
| Command Reference | Contents Contents Preface: Introduction.........................................................................................................16 Chapter 1: How to read the command reference............................................................17 1.1 Applicable firmware revision........................................................................................................................................17 1.2 How to read the command reference.........................
Command Reference | Contents | 3 4.4 Manage boot information..............................................................................................................................................42 4.4.1 Show boot information...................................................................................................................................42 4.4.2 Clear boot information......................................................................................................................
| Command Reference | Contents 4.13.3 Set notification type to transmit...................................................................................................................72 4.13.4 Set system contact........................................................................................................................................72 4.13.5 Set system location...................................................................................................................................
Command Reference | Contents | 5 4.22.4 E-mail transmission template settings mode..............................................................................................106 4.22.5 E-mail transmission server ID settings.......................................................................................................106 4.22.6 E-mail transmission source address setting................................................................................................107 4.22.
| Command Reference | Contents 4.27.2 Changing the stack ID................................................................................................................................141 4.27.3 Show stack information..............................................................................................................................142 4.27.4 Set range of IP addresses used by the stack port........................................................................................143 4.27.
Command Reference | Contents | 7 5.2.8 Set LACP timeout........................................................................................................................................179 5.2.9 Clear LACP frame counters.........................................................................................................................179 5.2.10 Show LACP frame counter........................................................................................................................180 5.2.
| Command Reference | Contents 6.2.3 Set private VLAN.........................................................................................................................................212 6.2.4 Set secondary VLAN for primary VLAN....................................................................................................213 6.2.5 Set access port (untagged port)....................................................................................................................214 6.2.
Command Reference | Contents | 9 7.2.3 Show IPv4 Forwarding Information Base....................................................................................................250 7.2.4 Show IPv4 Routing Information Base.........................................................................................................251 7.2.5 Show summary of the route entries registered in the IPv4 Routing Information Base................................251 7.2.6 Clear IPv4 route......................................
| Command Reference | Contents 7.12.21 Set OSPF router ID..................................................................................................................................280 7.12.22 Set upper limit of link status advertisements handled by OSPF process.................................................280 7.12.23 Set upper limit of receivable AS external LSA........................................................................................281 7.12.
Command Reference | Contents | 11 7.12.83 Show LSA information in the link state database matching the specified conditions (IPv6)..................307 7.12.84 Show AS external LSA information in the link state database matching the specified conditions (IPv6)...............................................................................................................................................................308 7.12.85 Show Inter-Area-Prefix LSA information in the link state database (IPv6).........
| Command Reference | Contents 7.14.8 Set virtual IP address..................................................................................................................................333 7.14.9 Set virtual IP address(IPv6)........................................................................................................................333 7.14.10 Show VRRP information.........................................................................................................................334 7.
Command Reference | Contents | 13 8.4.6 Set DR priority order....................................................................................................................................367 8.4.7 Set static RP.................................................................................................................................................367 8.4.8 Set RP candidate.............................................................................................................................
| Command Reference | Contents 9.1.10 Show generated access list.........................................................................................................................404 9.1.11 Clear counters.............................................................................................................................................404 9.1.12 Show access list applied to interface..........................................................................................................
Command Reference | Contents | 15 10.1.3 DHCP server operation type settings.........................................................................................................445 10.1.4 Set DHCP pool...........................................................................................................................................445 10.1.5 Set network interface..................................................................................................................................
Preface Introduction • • • • • Unauthorized reproduction of this document in part or in whole is prohibited. The contents of this document are subject to change without notice. Yamaha disclaims all responsibility for any damages caused by loss of data or other problems resulting from the use of this product. The warranty is limited to this physical product itself. Please be aware of these points. The information contained in this document has been carefully checked and is believed to be reliable.
Command Reference | How to read the command reference | 17 Chapter 1 How to read the command reference 1.1 Applicable firmware revision This command reference applies to firmware Yamaha Standard L3 Switch SWX3220 of Rev.4.02.13. For the latest firmware released after printing of this command reference, manuals, and items that differ, access the following URL and see the information in the WWW server. http://www.rtpro.yamaha.co.jp 1.
| Command Reference | How to read the command reference Interface type Prefix static logical interface sa LACP logical interface po Description Examples Used to specify link aggregation that combines multiple LAN/SFP port. Specify sa or po followed by "logical interface ID". To specify static logical interface #1: sa1 To specify LACP logical interface #2: po2 1.
Command Reference | How to use the commands | 19 Chapter 2 How to use the commands The SWX3220 lets you perform command operations in the following two ways. Type of operation Method of operation Description Operation via console • • • Access from a console terminal Access from a TELNET client Access from a SSH client Issue commands one by one to interactively make settings or perform operations.
| Command Reference | How to use the commands • • To check the number of VTY ports, use the show running-config | include line vty command. To change the number of VTY ports, use the line vty command. (maximum 8 (ID: 0--7)) To make VTY port settings, use the line vty command to specify the target VTY port, and then move to line mode.
Command Reference | How to use the commands | 21 Setting item Content of setting Number of lines shown in one page of the terminal screen Specifies the number of lines shown on one page of the terminal screen. This can be set as 0--512 lines/page, and the default setting is 24 lines/page. When displaying in this state, 23 lines are displayed, then "--More---" is displayed and the system waits for key input.
| Command Reference | How to use the commands Applicable configuration Applicable file running-config CONFIG file (.txt) config ✓ ✓ - CONFIG file (.txt) config0 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) config1 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) config2 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) config3 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) config4 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.
Command Reference | How to use the commands | 23 SWX3220 Rev.4.02.02 (Mon Dec 14 12:07:35 2020) Copyright (c) 2021 Yamaha Corporation. All Rights Reserved. SWX3220> When logging in as the default administrator for the first time, the password change screen is displayed. Change the password. • Password change screen Username:admin Password: SWX3220 Rev.4.02.02 (Mon Dec 14 12:07:35 2020) Copyright (c) 2021 Yamaha Corporation. All Rights Reserved. Please change the default password for admin.
| Command Reference | How to use the commands The basic commands related to moving between command input modes are described below. For commands that move from global configuration mode mode to individual configuration mode, refer to "individual configuration mode." • • • • • • exit command logout command enable command / administratorcommand disable command configure terminal command end command 2.4.
Command Reference | How to use the commands | 25 individual configuration mode Transition command Prompt LLDP agent mode lldp-agent command SWX3220(lldp-agent)# OSPFv2 mode router ospf command SWX3220(config-router)# OSPFv3 mode router ipv6 ospf command SWX3220(config-router)# RIP mode router rip command SWX3220(config-router)# RIPng mode router ipv6 rip command SWX3220(config-router)# key chain mode key chain command SWX3220(config-keychain)# key chain key mode key command SWX3220(co
| Command Reference | How to use the commands Keyboard operation Ctrl + E • Description and notes Move to the end of the line Deleting an input character Keyboard operation Backspace Ctrl + H Ctrl + D Press Esc, then D • Description and notes Delete the character at the left of the cursor Delete the character at the cursor. If this operation is performed when the command line is empty, the result is the same as the exit command.
Command Reference | How to use the commands | 27 SWX3220(config)#vlan "press the key" access-map database filter SWX3220(config)#vlan 2.5.4 Entering command abbreviations When you enter commands or parameters in abbreviated form, and the characters you entered can be recognized unambiguously as a command or parameter, that command is executed. Example of entering a command abbreviation (show running-config) SWX3220# sh run 2.5.
| Command Reference | How to use the commands State Forwarding % port1.
Command Reference | Configuration | 29 Chapter 3 Configuration 3.1 Manage setting values The SWX3220 uses the following configurations to manage its settings. Types of configuration Description User operations that can be performed Running configuration (running-config) Setting values currently used for operation. Managed in RAM. Note / Save to startup configuration Startup configuration (startup-config) These are the saved setting values.
| Command Reference | Configuration Category Setting item Default value Download URL firmware-update url http:// www.rtpro.yamaha.co.jp/firmware/ revision-up/swx3220.
Command Reference | Configuration | 31 Category Common setting L2MS L2 switching Traffic control PoE power supply LLDP agent • Settings for the default VLAN (vlan1) • • IPv4 Address : 192.168.100.
| Command Reference | Maintenance and operation functions Chapter 4 Maintenance and operation functions 4.1 Passwords 4.1.
Command Reference | Maintenance and operation functions | 33 [Description] Enables password encryption. If this is enabled, the password entered by the password command, the enable password command, and the username command are saved in the configuration in an encrypted form. If this command is executed with the "no" syntax, password encryption is disabled, and the password entered by the password command, the enable password command, and the username command are saved in the configuration as plaintext.
| Command Reference | Maintenance and operation functions [Description] Sets user information. A maximum of 33 items of user information can be registered. However, while there can be up to 32 privilege off users, 1 privilege on user is required. The following words cannot be registered as user names.
Command Reference | Maintenance and operation functions | 35 [Example] Grants privileges to user1234 registered users. SWX3220(config)#username user1234 privilege on 4.2.3 Show login user information [Input mode] unprivileged EXEC mode, privileged EXEC mode, global configuration mode [Description] Shows information on the current logged-in users. The following items are shown. Item Description Shows the login method.
| Command Reference | Maintenance and operation functions vty vty vty stk stk stk stk http http http http 5 6 7 0 1 2 3 0 1 2 3 user1234 (noname) - Login Login Login - 00:33:11 01:12:25 00:18:04 - 192.168.100.4 192.168.100.102 4.2.
Command Reference | Maintenance and operation functions | 37 4.3 Configuration management 4.3.1 Save running configuration [Syntax] copy running-config startup-config [config_num] [Parameter] config_num : Configuration number Setting value Description <0-1> Startup configuration #0-#1 sd Startup config in SD card [Input mode] privileged EXEC mode [Description] Saves the current operating settings (running configuration) as the settings for startup (startup configuration).
| Command Reference | Maintenance and operation functions SWX3220#write Succeeded to write configuration. SWX3220# 4.3.
Command Reference | Maintenance and operation functions | 39 line con 0 line vty 0 7 ! end SWX3220# 4.3.4 Show startup configuration [Syntax] show startup-config [config_num] show config [config_num] [Parameter] config_num : Configuration number Setting value Description <0-1> Startup configuration #0-#1 sd Startup config in SD card [Input mode] privileged EXEC mode [Description] Shows the startup settings (startup configuration). If config_num is omitted, the following are displayed.
| Command Reference | Maintenance and operation functions 4.3.5 Erase startup configuration [Syntax] erase startup-config [config_num] [Parameter] config_num : Configuration number Setting value Description <0-1> Startup configuration #0-#1 sd Startup config in SD card [Input mode] privileged EXEC mode [Description] Erase the settings used at startup (startup config) and the information associated with them.
Command Reference | Maintenance and operation functions | 41 Succeeded to copy configuration SWX3220# 4.3.7 Select startup config [Syntax] startup-config select config_num no startup-config select [Parameter] config_num : Configuration number Setting Description <0-1> Startup config #0-#1 sd Startup config on the SD card [Initial value] startup-config select sd [Input mode] privileged EXEC mode [Description] Select the settings to use at startup (startup config), and restart.
| Command Reference | Maintenance and operation functions SWX3220#startup-config description 1 TEST_CONFIG_1 4.4 Manage boot information 4.4.
Command Reference | Maintenance and operation functions | 43 [Parameter] switch : Enable or disable SD card boot Setting Description enable Enable SD card boot disable Disable SD card boot [Initial value] boot prioritize sd enable [Input mode] privileged EXEC mode [Description] Enable or disable the SD card boot function of the firmware. After this command is executed, the system will restart.
| Command Reference | Maintenance and operation functions 4.4.5 Show the SD card boot setting information [Syntax] show boot prioritize sd [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the setting of the SD card boot function. [Example] Show the setting of the SD card boot function. SWX3220#show boot prioritize sd SD boot configuration: firmware : enable 4.5 Show unit information 4.5.
Command Reference | Maintenance and operation functions | 45 The following items are shown. • • • • • • • • • • • • • • • • • • • Boot version Firmware revision Serial number MAC address CPU usage ratio Memory usage ratio Fan status Fan speed Firmware file Startup configuration file Configuring the SD card boot auto-apply function Serial baud rate CPLD version PHY version Boot time Current time Elapsed time from boot Temperature status Temperature [Example] Show operating information.
| Command Reference | Maintenance and operation functions System Temporary 160.6M 80.0M 1.1M 2.4M 154.8M 77.6M 1% 3% 4.5.4 Show currently-executing processes [Syntax] show process [Input mode] privileged EXEC mode [Description] Shows all currently-executing processes. [Example] Show currently-executing processes. SWX3220#show process 4.5.5 Display memory usage [Syntax] show memory [Input mode] privileged EXEC mode [Description] Shows how much memory is used by each process.
Command Reference | Maintenance and operation functions | 47 Note that the commands executed using a main switch or member switch are different. Refer to the command list below for details.
| Command Reference | Maintenance and operation functions Command Stack disabled Stack enabled Main switch Member switch show ipv6 route pbr ✓ ✓ - show arp ✓ ✓ - show ipv6 neighbors ✓ ✓ - show ip rip ✓ ✓ - show ip rip interface ✓ ✓ - show ipv6 rip ✓ ✓ - show ipv6 rip interface ✓ ✓ - show ip ospf ✓ ✓ - show ip ospf database ✓ ✓ - show ip ospf interface ✓ ✓ - show ip ospf neighbor ✓ ✓ - show ip ospf route ✓ ✓ - show ipv6 ospf ✓ ✓ - show ipv6 ospf data
Command Reference | Maintenance and operation functions | 49 Command Stack disabled Stack enabled Main switch Member switch show radius-server local certificate status ✓ ✓ - show radius-server local nas ✓ ✓ - show radius-server local user ✓ ✓ - show radius-server local certificate list ✓ ✓ - show radius-server local certificate revoke ✓ ✓ - *1: This is not included when using TFTP for acquisition. [Example] Show technical support information.
| Command Reference | Maintenance and operation functions /swx3220/tech-support/YYYYMMDDHHMMSS_techsupport.txt YYYYMMDDHHMMSS ... Year month day hour minute second that the command was executed [Note] The SD card must be inserted in advance. [Example] Save technical support information to the SD card. SWX3220#copy tech-support sd SWX3220# 4.5.8 Show fan operating history [Syntax] show fan history [Input mode] unprivileged EXEC mode、privileged EXEC mode [Description] Shows the fan operating history.
Command Reference | Maintenance and operation functions | 51 ---------------------------------------------------P P P P P P P P P P P P ・・・ - Health monitoring ・・・ SFP Test: Port 13 14 15 16 -------------------N N N N 4.6.2 Executing on-demand diagnostics [Syntax] system-diagnostics on-demand execute [no-confirm] [Keyword] no-confirm : Execute on-demand diagnostics immediately without an execution check (y or n) [Input mode] privileged EXEC mode [Description] Executes on-demand diagnostics.
| Command Reference | Maintenance and operation functions [Parameter] ifname : LAN port interface name Target interface [Input mode] privileged EXEC mode [Description] Execute cable diagnostics. The previous diagnostic result can be viewed with the show cable-diagnostics tdr command. [Note] Only the prior diagnostic result is stored, and the result is overwritten when executing the cable diagnostics again. [Example] Execute diagnostics on the LAN cable connected to port1.1.
Command Reference | Maintenance and operation functions | 53 4.8.1 Set clock manually [Syntax] clock set time month day year [Parameter] time : hh:mm:ss Time month : <1-12> or Jan, Feb, Mar, ... , Dec Month or name of month day : <1-31> Day year : Year (four digits) [Input mode] privileged EXEC mode [Description] Set the system time. [Example] Set the time to 0 hours 0 minutes 0 seconds on January 1, 2015. SWX3220#clock set 00:00:00 Jan 1 2015 4.8.
| Command Reference | Maintenance and operation functions no clock summer-time [Parameter] name : Time zone name to be displayed when daylight saving time is in effect Alphanumeric characters (up to 7 characters) week : <1-4> or first, last Specifies the week of the month wday : Sun, Mon, Tue, ... , Sat Day of the week month : <1-12> or Jan, Feb, Mar, ... , Dec Month or month name time : hh:mm Time offset : <1-1440> Time to add during daylight saving time. Specify in minutes.
Command Reference | Maintenance and operation functions | 55 offset : <1-1440> Time to add during daylight saving time. Specify in minutes. The default value is 60. [Initial value] None [Input mode] global configuration mode [Description] Configure daylight saving time. Configure daylight saving time to start and end on specified dates. The first part specifies the daylight saving time start date and the second part specifies the end date.
| Command Reference | Maintenance and operation functions 4.8.
Command Reference | Maintenance and operation functions | 57 [Example] Obtain time information from the NTP server. SWX3220#ntpdate oneshot 4.8.8 Synchronize time from NTP server (update interval) [Syntax] ntpdate interval interval-time no ntpdate interval [Parameter] interval-time : <0-24> Interval (hours) for time synchronization. If this is set to 0 hours, periodic synchronization will not occur.
| Command Reference | Maintenance and operation functions 4.9 Time synchronization 4.9.1 PTP function settings (system) [Syntax] ptp type no ptp [Parameter] type : System-wide operations for the PTP function Setting value Description enable Enables the PTP function for the entire system disable Disables the PTP function for the entire system [Initial value] ptp disable [Input mode] global configuration mode [Description] Enables or disables the system-wide PTP function.
Command Reference | Maintenance and operation functions | 59 [Note] This command can be specified only for LAN/SFP port. If the system-wide PTP function is disabled, this will not operate. This command cannot be used if the stack function is enabled. [Example] Enables the PTP function for LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#ptp enable Disables the PTP function for LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#ptp disable 4.9.
| Command Reference | Maintenance and operation functions [Example] This sets the PTP operation mode to transparent clocks, the delay mechanism to end-to-end mode, and step mode to one-step mode. SWX3220(config)#ptp mode transparent delay-mechanism e2e step one-step 4.9.
Command Reference | Maintenance and operation functions | 61 4.9.6 Show interface PTP information [Syntax] show ptp interface [ifname] [Keyword] interface : Specifies the interface to show : Name of LAN/SFP port or logical interface [Parameter] ifname Interface to show [Input mode] unprivileged EXEC mode、privileged EXEC mode [Description] This shows the PTP information for the specified interface. If "interface" is omitted, information for all interfaces is shown.
| Command Reference | Maintenance and operation functions [Example] Move to line mode in order to make console terminal settings. SWX3220(config)#line con 0 SWX3220(config-line)# 4.10.
Command Reference | Maintenance and operation functions | 63 [Description] Sets the time after which automatic logout occurs if there has been no key input from the console terminal or VTY. If sec is omitted, 0 is specified. If min and sec are both set to 0, automatic logout does not occur. If this command is executed with the "no" syntax, the setting returns to the default. [Note] After this command is executed, the setting is applied starting at the next login.
| Command Reference | Maintenance and operation functions If line is set to 0, the display is not paused per page. If this command is executed with the "no" syntax, the number of lines is set to 24 in the case of a serial console, or to the window size when connected in the case of VTY. [Note] After this command is executed, the setting is applied starting at the next login. If the terminal length command is executed, the result of executing the terminal length command takes priority.
Command Reference | Maintenance and operation functions | 65 [Example] Set VLAN #2 as the management VLAN. SWX3220(config)#management interface vlan2 4.12 SYSLOG 4.12.1 Set log notification destination (SYSLOG server) [Syntax] logging host host no logging host host [Parameter] host : A.B.C.
| Command Reference | Maintenance and operation functions [Description] Change the format of messages sent to the SYSLOG server. If this command is executed with the "no" syntax, the header (time stamp, host name) is included in the SYSLOG message. [Example] Sets the format of the SYSLOG message to no header. SWX3220(config)#logging format legacy 4.12.
Command Reference | Maintenance and operation functions | 67 SWX3220(config)#logging trap debug 4.12.5 Set log output level (informational) [Syntax] logging trap informational no logging trap informational [Initial value] logging trap informational [Input mode] global configuration mode [Description] Outputs the informational level log to SYSLOG. If this command is executed with the "no" syntax, the log is not output. [Note] This can be output to the console by executing the logging stdout info command.
| Command Reference | Maintenance and operation functions [Example] Output the informational level SYSLOG to the console. SWX3220(config)#logging stdout info 4.12.8 Set log output in event units [Syntax] logging event type no logging type [Parameter] type : Type of events specified for log output Setting value lan-map Description LAN map [Initial value] no logging event lan-map [Input mode] global configuration mode [Description] Enables log output for the specified type of events.
Command Reference | Maintenance and operation functions | 69 [Keyword] enable : Enable log backup to SD card disable : Disable log backup to SD card [Initial value] logging backup sd disable [Input mode] global configuration mode [Description] Enables or disables backup of the log to the SD card. If this is enabled, the log is saved on the SD card when you execute the save logging command. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Maintenance and operation functions The log is maintained when the reload command or a firmware update etc. cause a reboot. [Example] Show the log. SWX3220#show logging 4.13 SNMP 4.13.
Command Reference | Maintenance and operation functions | 71 [Initial value] none [Input mode] global configuration mode [Description] Set the destination of SNMP notifications. Up to 8 entries can be specified. If this command is executed with the "no" syntax, the specified destination hosts are deleted.
| Command Reference | Maintenance and operation functions SWX3220(config)#snmp-server startup-trap-delay 30 4.13.
Command Reference | Maintenance and operation functions | 73 no snmp-server contact [Parameter] contact : Name (maximum 255 characters) to register as the system contact [Initial value] no snmp-server contact [Input mode] global configuration mode [Description] Sets the MIB variable sysContact. sysContact is a variable that is typically used to enter the name of the administrator or contact. If this command is executed with the "no" syntax, the setting is deleted.
| Command Reference | Maintenance and operation functions Setting value Description ro Read only rw Write allowed [Initial value] none [Input mode] global configuration mode [Description] Sets the SNMP community. Up to 16 communities can be registered. If this is executed with the "no" syntax, the specified community is deleted. [Example] Set the read-only community name to "public". SWX3220(config)#snmp-server community public ro Delete the "public" community.
Command Reference | Maintenance and operation functions | 75 [Example] Specify the "most" view which shows the internet node (1.3.6.1) and below. SWX3220(config)#snmp-server view most 1.3.6.1 include Specify the "standard" view which shows the mib-2 node (1.3.6.1.2.1) and below. SWX3220(config)#snmp-server view standard 1.3.6.1.2.1 include 4.13.
| Command Reference | Maintenance and operation functions 4.13.
Command Reference | Maintenance and operation functions | 77 SWX3220(config)#snmp-server user admin1 admins auth sha passwd1234 priv aes passwd1234 Create "user1" as a user. According to the specified group and the security level prescribed for that group, specify the protocol (SHA) and password (passwd5678) used for authentication and encryption. SWX3220(config)#snmp-server user user1 users auth sha passwd5678 4.13.
| Command Reference | Maintenance and operation functions It does not apply to SNMPv3 access. [Example] Permit SNMP server access only from the 192.168.100.0/24 segment. SWX3220(config)#snmp-server access permit 192.168.100.0/24 Restrict access to only 192.168.100.0/24 hosts with the ‘public’ community name and to only 192.168.100.12 hosts with the 'private’ community name. SWX3220(config)#snmp-server access permit 192.168.100.0/24 community public SWX3220(config)#snmp-server access permit 192.168.100.
Command Reference | Maintenance and operation functions | 79 [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the contents of the SNMP group settings. Shows the group name, security level, reading view, and writing view. [Example] Show the contents of the SNMP group settings. SWX3220#show snmp group SNMP Group information Group Name: admins Security Level: priv Read View: most Write View: most Group Name: users Security Level: auth Read View: standard Write View: standard 4.13.
| Command Reference | Maintenance and operation functions Setting value Description enable Enable RMON function disable Disable RMON function [Initial value] rmon enable [Input mode] global configuration mode [Description] Sets the system-wide operation of the RMON function. If this command is executed with the "no" syntax, the setting returns to the default. [Note] If this command is used to disable the system-wide RMON function, the following RMON group operations are disabled.
Command Reference | Maintenance and operation functions | 81 [Note] To enable the Ethernet statistical information group setting of the RMON function, it is necessary to enable the system-wide RMON function in addition to this command. If this command is overwritten, the previously collected statistical information is deleted, and collection is once again started. If the system-wide RMON function is disabled, collection of statistical information is interrupted.
| Command Reference | Maintenance and operation functions 4.14.
Command Reference | Maintenance and operation functions | 83 rmon alarm index variable interval interval [type] rising-threshold rising_threshold event rising_event-index [owner owner] rmon alarm index variable interval interval [type] falling-threshold falling_threshold event falling_event_index [owner owner] no rmon alarm index [Parameter] index : <1-65535> Index of alarm group (alarmIndex) variable : MIB object to be monitored (alarmVariable) interval : <1-2147483647> Sampling interval (seconds)(
| Command Reference | Maintenance and operation functions Set variable as the MIB object that will be the target of monitoring by the RMON alarm group. Of the etherStatsEntry(. 1.3.6.1.2.1.16.1.1.1) MIB objects, variable can be specified only as a MIB object that has a counter type. This can be specified in the following three formats. • • • etherStatsEntry.X.Y (OID name under etherStatsEntry).Y .1.3.6.1.2.1.16.1.1.1.X.Y For example, if specifying etherStatsPkts.1(.1.3.6.1.2.1.16.1.1.1.5.
Command Reference | Maintenance and operation functions | 85 [Description] Shows the settings and status of the RMON function. The following items are shown.
| Command Reference | Maintenance and operation functions [Example] SWX3220>show rmon statistics rmon collection index 1 stats->ifindex = 5001 input packets 7, bytes 600, drop events 0, multicast packets 4 output packets 17, bytes 2091, multicast packets 17 broadcast packets 0 4.14.8 Show RMON history group status [Syntax] show rmon history [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the settings and status of the RMON history group. The following items are shown.
Command Reference | Maintenance and operation functions | 87 4.14.10 Show RMON alarm group status [Syntax] show rmon alarm [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the settings and status of the RMON alarm group. The following items are shown.
| Command Reference | Maintenance and operation functions [Keyword] enable : Telnet server is enabled disable : Telnet server is disable : <1-65535> [Parameter] port Listening port of the Telnet server (if omitted: 23) [Initial value] telnet-server disable [Input mode] global configuration mode [Description] Enables the Telnet server. You can also specify the listening TCP port number. If this command is executed with the "no" syntax, the function is disabled.
Command Reference | Maintenance and operation functions | 89 [Input mode] global configuration mode [Description] Sets the VLAN interface that allows access to the Telnet server. If this command is executed with the "no" syntax, the specified interface is deleted. This command can be used to specify up to eight items, which are applied in the order that they are specified. If this command is not set, access is permitted only from the management VLAN.
| Command Reference | Maintenance and operation functions [Example] Permit access to the TELNET server only from 192.168.1.1 and the 192.168.10.0/24 segment. SWX3220(config)#telnet-server access permit 192.168.1.1 SWX3220(config)#telnet-server access permit 192.168.10.0/24 Deny only access to the TELNET server from the segment 192.168.10.0/24. SWX3220(config)#telnet-server access deny 192.168.10.0/24 SWX3220(config)#telnet-server access permit any 4.16 Telnet client 4.16.
Command Reference | Maintenance and operation functions | 91 [Description] Enables use of the telnet command as a Telnet client. If this command is executed with the "no" syntax, the Telnet client is disabled. [Example] Enable the Telnet client. SWX3220(config)#telnet-client enable 4.17 TFTP server 4.17.
| Command Reference | Maintenance and operation functions 4.17.3 Set hosts that can access the TFTP server [Syntax] tftp-server interface interface no tftp-server interface interface [Parameter] interface : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Sets the VLAN interface that allows access to the TFTP server.
Command Reference | Maintenance and operation functions | 93 4.18.
| Command Reference | Maintenance and operation functions 4.18.4 Set hosts that can access the HTTP server [Syntax] http-server interface interface no http-server interface interface [Parameter] interface : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Sets the VLAN interface that allows access to the HTTP server. If this command is executed with the "no" syntax, the specified interface is deleted.
Command Reference | Maintenance and operation functions | 95 Up to eight instances of this command can be set, and those that are specified earlier take priority for application. If this command is set, all access that does not satisfy the registered conditions is denied. However, if this command is not set, all access is permitted. If this command is executed with the "no" syntax, the specified setting is deleted.
| Command Reference | Maintenance and operation functions [Initial value] http-server login-timeout 5 [Input mode] global configuration mode [Description] Specify the time until automatic logout when there has been no access to the HTTP server. If sec is omitted, 0 is specified. If this command is executed with the "no" syntax, the setting returns to the default. [Note] The smallest value that can be specified is one minute. [Example] Set the timeout time for the HTTP server to 2 minutes 30 seconds.
Command Reference | Maintenance and operation functions | 97 [Input mode] global configuration mode [Description] Specifies the timeout time when acquiring the Web GUI of an L2MS agent. If this command is executed with the "no" syntax, the setting will be 60 seconds. [Example] Set HTTP Proxy function's timeout duration to two minutes. SWX3220(config)#http-proxy timeout 120 4.19.
| Command Reference | Maintenance and operation functions [Example] Start the SSH server with 12345 as the listening port number. SWX3220#ssh-server host key generate SWX3220#configure terminal SWX3220(config)#ssh-server enable 12345 4.20.2 Show SSH server settings [Syntax] show ssh-server [Input mode] privileged EXEC mode [Description] Shows the settings of the SSH server. The following items are shown.
Command Reference | Maintenance and operation functions | 99 4.20.4 Set client that can access the SSH server [Syntax] ssh-server access action info no ssh-server access [action info] [Parameter] action info : : Specifies the action for the access condition Setting value Description deny "Deny" the condition permit "Permit" the condition Specifies the transmission-source IPv4 address or IPv6 address that is the condition Setting value Description A.B.C.D Specifies an IPv4 address (A.B.C.D) A.
| Command Reference | Maintenance and operation functions Bit length of RSA key [Initial value] none [Input mode] privileged EXEC mode [Description] Sets the host RSA key and host DSA key of the SSH server. For the RSA key, the bit parameter can be used to specify the number of bits in the generated key. The DSA key generates a 1024-bit key. [Note] In order to use the SSH server function, this command must be executed in advance to generate the host keys.
Command Reference | Maintenance and operation functions | 101 SWX3220#show ssh-server host key ssh-dss XXXXXXXXXX1kc3MAAAEBAPTB9YYdgvE+4bbhF4mtoIJri+ujdAIfgr4hL/0w7Jlvc50eXg sXJoCqlPlsLRGHOOzxVYbOouPCUV/jPFCatgOIii8eJNzUqSB1e6MOFtGjmESrdYiafyIUhps+YWqd TlIo0AFnVUKMqAbYODA3Cy7kNVptYRK8rcKWk1ChbatWnT/Z7RcmEVEou0qlOyp79b3DcpFM7ofa4d 9ySb6mj06Y/Ok8lL5qFhCHmGOGtqJTKZsqb5VnPz8FYC8t1s6/tpyrUa5aG2af/yTEa5U5BDYAuc88 wNIUG9alGo/8WIHiBJAm432o7UPqTHWO/5nYEQu44gmEPQrPGJ65GT8AAAAVAOpjE0Jyei+4c5qWSF PXUgrLf5HAAABAQCnnPO+Z
| Command Reference | Maintenance and operation functions 4.20.
Command Reference | Maintenance and operation functions | 103 [Example] To the host at IPv4 address 192.168.100.1, connect via SSH using user name "uname" and port number 12345. SWX3220#ssh uname@192.168.100.1 12345 To the host at IPv6 address fe80::2a0:deff:fe11:2233, connect via SSH using user name "uname" and port number 12345. SWX3220#ssh uname@fe80::2a0:deff:fe11:2233%vlan1 12345 4.21.
| Command Reference | Maintenance and operation functions 4.22.1 SMTP e-mail server settings [Syntax] mail server smtp id host host [port port] [encrypt method] [auth username password] no mail server smtp id [Keyword] port : Specifying a port number for the e-mail server encrypt : Specifying an encryption method auth : Specifying the account information to use for SMTP authentication : <1-10> [Parameter] id Mail server ID host : Mail server address or host name IPv4 address (A.B.C.
Command Reference | Maintenance and operation functions | 105 4.22.2 SMTP e-mail server name settings [Syntax] mail server smtp id name server_name no mail server smtp id [Parameter] id : <1-10> E-mail server ID server_name : Mail server name (64 characters or less, single-byte alphanumeric characters and symbols other than ?) [Initial value] none [Input mode] global configuration mode [Description] Sets the name of the server used when sending e-mails.
| Command Reference | Maintenance and operation functions [Initial value] None [Input mode] global configuration mode [Description] Configures the settings for e-mail notification of event information for the specified function. If lan-map is specified and type is specified, you will only be notified of events related to the specified LAN map. If type is omitted, you will be notified of all events related to LAN maps.
Command Reference | Maintenance and operation functions | 107 [Input mode] E-mail template mode [Description] Sets the ID of the e-mail server to be used. [Example] Specifies server ID #1 for the e-mail server used in e-mail template #1. SWX3220(config)#mail template 1 SWX3220(config-mail)#send server 1 4.22.
| Command Reference | Maintenance and operation functions 4.22.8 Setting for subject used when sending e-mails [Syntax] send subject subject no send subject [Parameter] temp-id : Subject used when sending e-mails (128 characters or less, single-byte alphanumeric characters and symbols other than the characters ? | >) [Initial value] no send subject [Input mode] E-mail template mode [Description] Specifies the subject for e-mails that are sent.
Command Reference | Maintenance and operation functions | 109 no mail send certificate [Parameter] temp-id : <1-10> E-mail template ID [Initial value] no mail send certificate [Input mode] RADIUS configuration mode [Description] Specifies the template ID to use when sending RADIUS server client certificates. The RADIUS server client certificate is sent to the e-mail address specified by the “user” command of the RADIUS server function.
| Command Reference | Maintenance and operation functions [Example] Specifies “#2” for the template to use when sending notifications of RADIUS server client certificates by e-mail. SWX3220(config-radius)#mail send certificate-notify 2 4.22.12 Notification timing settings for expired certificates [Syntax] mail certificate expire-notify day [day] [day] no mail certificate expire-notify [Parameter] day : <1-90> No.
Command Reference | Maintenance and operation functions | 111 user3@test.com user4@test.com 4.23 LLDP 4.23.1 Enable LLDP function [Syntax] lldp run no lldp run [Initial value] none [Input mode] global configuration mode [Description] Enable the LLDP function for the entire system. If this command is executed with the "no" syntax, disable the LLDP function for the entire system. [Note] In order to enable the LLDP function for a port, the following command must be set.
| Command Reference | Maintenance and operation functions 4.23.3 Set system name [Syntax] lldp system-name name no lldp system-name [Parameter] name : System name text string (255 characters or less) [Initial value] no lldp system-name [Input mode] global configuration mode [Description] Sets the system name used by the LLDP function. If this command is executed with the "no" syntax, the setting returns to the default. By default, this is "model name".
Command Reference | Maintenance and operation functions | 113 Setting value Description enable Enable automatic setting function by LLDP disable Disable automatic setting function by LLDP [Initial value] lldp auto-setting disable [Input mode] global configuration mode [Description] Enables the function by which LLDP frames transmitted by specific Yamaha devices can automatically modify the settings of a switch.
| Command Reference | Maintenance and operation functions [Example] Set the LLDP transmission/reception mode of LAN port #1 to receive-only. SWX3220(config)#lldp run SWX3220(config)#interface port1.1 SWX3220(config-if)#lldp-agent SWX3220(lldp-agent)#set lldp enable rxonly 4.23.
Command Reference | Maintenance and operation functions | 115 (5) Management Address TLV : Management address of port (MAC address or IP address) [Example] Add basic management TLVs to the LLDP frames that are transmitted on LAN port #1. SWX3220(config)#lldp run SWX3220(config)#interface port1.1 SWX3220(config-if)#lldp-agent SWX3220(lldp-agent)#tlv-select basic-mgmt 4.23.9 Set IEEE-802.
| Command Reference | Maintenance and operation functions [Example] Add IEEE-802.3 TLVs to the LLDP frames that are transmitted on LAN port #1. SWX3220(config)#lldp run SWX3220(config)#interface port1.1 SWX3220(config-if)#lldp-agent SWX3220(lldp-agent)#tlv-select ieee-8023-org-specific 4.23.
Command Reference | Maintenance and operation functions | 117 SWX3220(config-if)#lldp-agent SWX3220(lldp-agent)#set timer msg-tx-interval 60 4.23.
| Command Reference | Maintenance and operation functions 4.23.15 Set multiplier for calculating time to live (TTL) of device information [Syntax] set msg-tx-hold value no set msg-tx-hold [Parameter] value : <1-100> Multiplier for calculating the time to live (TTL) value of device information [Initial value] set msg-tx-hold 4 [Input mode] LLDP agent mode [Description] Sets the multiplier for calculating the time to live (TTL) of device information.
Command Reference | Maintenance and operation functions | 119 4.23.17 Set maximum number of connected devices manageable by a port [Syntax] set too-many-neighbors limit max_value no set too-many-neighbors limit [Parameter] max_value : <1-1000> Maximum number of connected devices manageable by a port [Initial value] set too-many-neighbors limit 5 [Input mode] LLDP agent mode [Description] Sets the maximum number of connected devices that can be managed by a port.
| Command Reference | Maintenance and operation functions [Example] Enable the LLDP function of all LAN/SFP port, and set a mode that allows transmission and reception of LLDP frames. SWX3220(config)#lldp interface enable txrx 4.23.19 Show interface status [Syntax] show lldp interface ifname [neighbor] [Keyword] neighbor : Shows information for connected devices.
Command Reference | Maintenance and operation functions | 121 Type of interface number Interface Number Number of interface OID Number OID number Management Address MAC address os IP addresss • Interface Numbering Mandatory TLV information CHASSIS ID TYPE CHASSIS ID TLV type and value PORT ID TYPE PORT ID TLV type and value TTL (Time To Live) Time to maintain device information (seconds) • 8021 ORIGIN SPECIFIC TLV information ID of port VLAN PP Vlan id ID of protocol VLAN VLAN ID ID of
| Command Reference | Maintenance and operation functions Latitude Res Resolution of latitude (number of significant upper bits) Latitude Latitude (34 bits) Longitude Res Resolution of longitude (number of significant upper bits) Longitude Longitude (34 bits) AT Altitude type 1: meter 2: floor of building Altitude Res Resolution of altitude (number of significant upper bits) Altitude Altitude (30 bits) Datum Geodetic datum 0: USA's World Geodetic System (WGS 84) 1: North American Datum (N
Command Reference | Maintenance and operation functions | 123 [Description] Shows information for connected devices of all interfaces. (For the display format, refer to the show lldp interface ifname neighbor command) [Example] Show information for connected devices. SWX3220#show lldp neighbors Interface Name : port1.1 System Name : SWX3220-16MT System Description : SWX3220 Rev.4.02.02 (Mon Dec 14 12:07:35 2020) Port Description : port1.
| Command Reference | Maintenance and operation functions SWX3220# 4.23.21 Clear LLDP frame counters [Syntax] clear lldp counters [Input mode] privileged EXEC mode [Description] Clear the LLDP frame counter of all ports. [Example] Clear the LLDP frame counter. SWX3220>clear lldp counters 4.24 L2MS (Layer 2 management service) settings 4.24.1 Move to L2MS mode [Syntax] l2ms configuration [Input mode] global configuration mode [Description] Moves to L2MS mode in order to make L2MS settings.
Command Reference | Maintenance and operation functions | 125 SWX3220(config)#l2ms configuration SWX3220(config-l2ms)#l2ms enable 4.24.
| Command Reference | Maintenance and operation functions If you set time to a high value, the query frame is transmitted less often, but it will take longer from when the L2MS agent is connected until the L2MS manager recognizes it. If you set time to a low value, the opposite will be the case; the query frame is transmitted more often, but it will take less time from when the L2MS agent is connected until the L2MS manager recognizes it.
Command Reference | Maintenance and operation functions | 127 [Input mode] L2MS mode [Description] Enables the terminal management function. If this is enabled, information about the devices existing on the network is obtained at regular intervals. If this command is executed with the "no" syntax, disable terminal management function. [Note] Terminal management is performed only if L2MS is operating as manager. [Example] Enable the terminal management function.
| Command Reference | Maintenance and operation functions [Initial value] l2ms filter disable [Input mode] interface mode [Description] Prevents L2MS control frames from being transmitted or received. If this command is executed with the "no" syntax, L2MS control frames can be transmitted and received. [Note] This command cannot be specified for the following interfaces.
Command Reference | Maintenance and operation functions | 129 • If L2MS is operating as manager • • Number of L2MS agents being managed Information for the L2MS agents being managed • • • • • • • MAC address Model name Device name Route Uplink port Settings applied If L2MS is operating as manager and "detail" is specified • L2MS manager information • • • • Number of terminals connected to the L2MS manager Information of terminals connected to the L2MS manager • MAC address • Ports connected • Time
| Command Reference | Maintenance and operation functions Downlink Config Appear time Number of Terminals [bcae.c5a4.7fb3] Port Appear time [00a0.deae.b8bf] Model name Device name Route LinkUp Uplink Downlink Config Appear time Number of Terminals : : : : 3 None Tue Mar 13 18:43:18 2018 1 : 9 : Wed Mar 14 14:01:18 2018 : : : : : : : : : SWX2300-24G SWX2300-24G_S4L000401 port2.1-3 1 1 None None Tue Mar 13 18:43:18 2018 0 4.24.
Command Reference | Maintenance and operation functions | 131 Item Description qos-policing-speed port level Set bandwidth of reception traffic qos-shaping-use port mode Set whether to perform shaping of transmission traffic qos-shaping-speed port level Set bandwidth of transmission traffic mirroring-use mode Set whether to use the mirroring function mirroring-dest port Set port that transmits mirroring packets mirroring-src-rx port mode Set whether received packets are mirrored mirroring-src-
| Command Reference | Maintenance and operation functions Show the config information of the L2MS agent terminal whose MAC address is 00a0.de00.0001. SWX3220>show l2ms agent-config 00a0.de00.0001 [00a0.de00.0001] system-name TEST2_SWX2200-8G vlan-id 2 2 vlan-id 3 3 vlan-port-mode 1 hybrid vlan-port-mode 8 hybrid vlan-trunk 1 2 join vlan-trunk 1 3 join vlan-trunk 8 2 join vlan-trunk 8 3 join Show the config information of the L2MS agent terminal whose route is 1.23-1.23-8.
Command Reference | Maintenance and operation functions | 133 [Keyword] enable : Enable the event monitoring function disable : Disable the event monitoring function [Initial value] event-watch enable [Input mode] L2MS mode [Description] Sets whether to disable or enable the event monitoring function. If enabled, event information for the L2MS agents existing on the network is acquired at regular intervals. If this command is executed with the "no" syntax, the event monitoring function is enabled.
| Command Reference | Maintenance and operation functions [Keyword] enable : Use the L2MS agent's zero config function disable : Don't use the L2MS agent's zero config function [Initial value] config-auto-set enable [Input mode] L2MS mode [Description] Sets whether to use the L2MS agent device's zero config function.
Command Reference | Maintenance and operation functions | 135 [Keyword] except-wireless : Information for wirelessly connected terminals is excluded from the snapshot comparison. [Initial value] no snapshot trap terminal [Input mode] global configuration mode [Description] Terminal information is included in the snapshot comparison. If the except-wireless option is specified, information for terminals that are wirelessly connected below a wireless access point are excluded from the snapshot comparison.
| Command Reference | Maintenance and operation functions 4.26 Firmware update 4.26.1 Set firmware update site [Syntax] firmware-update url url no firmware-update url [Parameter] url : Single-byte alphanumeric characters and single-byte symbols (255 characters or less) URL at which the firmware is located [Initial value] firmware-update url http://www.rtpro.yamaha.co.jp/firmware/revision-up/swx3220.
Command Reference | Maintenance and operation functions | 137 [Description] Configure the HTTP proxy server used when updating firmware using a firmware file located on the web server. If no HTTP proxy server is configured, the firmware update will be performed without going through the HTTP proxy server. The port number must also be explicitly configured. If this command is executed with the "no" syntax, the HTTP proxy server setting is cleared. [Example] Set the HTTP proxy server to 192.168.100.
| Command Reference | Maintenance and operation functions [Initial value] firmware-update timeout 300 [Input mode] global configuration mode [Description] Specifies the timeout duration when downloading firmware from a web server. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set the firmware download timeout duration to 120 seconds. SWX3220(config)#firmware-update timeout 120 SWX3220(config)# 4.26.
Command Reference | Maintenance and operation functions | 139 firmware revision for next boot: reload-time: reload-method: Normal SWX3220# 4.26.
| Command Reference | Maintenance and operation functions Firmware update reload time (hour) min : <0-59> Firmware update reload time (minutes) [Input mode] global configuration mode [Description] Sets the time at which the new firmware is applied by restarting after a firmware update. If this command is executed with the "no" syntax, the new firmware is applied by restarting immediately after the firmware is updated. [Example] Specify AM 1:30 as the restart time for updating the firmware.
Command Reference | Maintenance and operation functions | 141 [Parameter] switch : Operation of the stack function Setting value Description enable Enable stack function disable Disable stack function [Initial value] stack disable [Input mode] global configuration mode [Description] Enables or disables the stack function. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be executed only for models that support stacking.
| Command Reference | Maintenance and operation functions 4.27.3 Show stack information [Syntax] show stack [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows stack-related settings and status information. The following content is shown.
Command Reference | Maintenance and operation functions | 143 -----------------------------------------------------------------------1 SWX3220-16MT Active Main S000000000 00a0.de00.0000 2 SWX3220-16MT Active Member S000000000 00a0.de00.0000 Interface Status -----------------------------------------------------------------------port1.15 up port1.16 up port2.15 up port2.16 up 4.27.
| Command Reference | Maintenance and operation functions When remote login succeeds, the stack ID is automatically shown added to the prompt. [Example] Remotely log in to a member switch (ID:2) from the main switch. SWX3220#remote-login 2 ... SWX3220-2> 4.28 Schedule 4.28.1 Schedule settings [Syntax] schedule id time date time template_id schedule id event event template_id no schedule id [Parameter] id : <1-10> Schedule number date : <1-12> or * / <1-12> or sun, mon, ...
Command Reference | Maintenance and operation functions | 145 h:m:s (the seconds can be omitted) event template_id : : Hour setting examples Setting contents 12 12:00 12.13 12:00 and 13:00 12- From 12:00 to 23:00 10-20 From 10:00 to 20:00 -20 From 0:00 to 20:00 * Hourly Minute setting examples Setting contents 30 30 minutes 15.
| Command Reference | Maintenance and operation functions 4.28.2 Schedule template description text settings [Syntax] description line no description [Parameter] line : Single-byte alphanumeric characters and single-byte symbols (64 characters or less) Schedule template description text [Initial value] no description [Input mode] Schedule template mode [Description] Sets the schedule template description text.
Command Reference | Maintenance and operation functions | 147 no schedule template [Parameter] template_id : <1-10> Schedule template number [Initial value] None [Input mode] global configuration mode [Description] Switches to the mode for setting the schedule template. If this command is executed with the "no" syntax, the specified schedule template is deleted. [Example] This switches to the mode for setting schedule template #1. SWX3220(config)#schedule template 1 SWX3220(config-schedule)# 4.28.
| Command Reference | Maintenance and operation functions encryption, ping, ping6, quit, reload, remote-login, restart, restore system, schedule, no schedule, schedule template, no schedule template, commands beginning with “show,” ssh , ssh-server host key generate, commands beginning with “stack,” commands beginning with “no stack,” startup-config select, no startup-config select, system-diagnostics on-demand execute(*1), telnet, traceroute, traceroute6 (*1): system-diagnostics on-demand execute no-co
Command Reference | Maintenance and operation functions | 149 Setting value Description enable Enables the buzzer system settings. disable Disables the buzzer system settings. [Initial value] buzzer disable [Input mode] global configuration mode [Description] Enable or disable the buzzer system settings. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Enables the buzzer system settings. SWX3220(config)#buzzer enable Disables the buzzer system settings.
| Command Reference | Maintenance and operation functions 4.29.
Command Reference | Maintenance and operation functions | 151 [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Clears mute. [Example] Clears mute. SWX3220>unmute buzzer 4.29.6 Display buzzer information [Syntax] show buzzer [Input mode] unprivileged EXEC mode、privileged EXEC mode [Description] Displays the settings and status of the buzzer. [Example] Displays the settings and status of the buzzer.
| Command Reference | Maintenance and operation functions 4.29.8 Stop the “Find this switch” function [Syntax] find switch stop [Input mode] privileged EXEC mode [Description] Stops the 'Find this switch' function. [Example] Stops the 'Find this switch' function. SWX3220#find switch stop 4.30 General maintenance and operation functions 4.30.
Command Reference | Maintenance and operation functions | 153 [Description] Reboots the system. [Note] If the currently-running settings (running configuration) have been changed from the settings at the time of boot (startup configuration), reboot will discard those changes. Therefore, if necessary, you should execute the copy running-config startup-config command, the write command or the save command before you execute the reload command.
| Command Reference | Maintenance and operation functions [Description] Unmounts the SD card. If this command is not executed, or if the SD card is removed from the SD card slot without executing the unmount process from the Web GUI, there are some cases in which the operating system will generate a warning to repair the card's file system. [Note] The SD card cannot be used if the SD card is in an unmounted state. [Example] Unmount the SD card. SWX3220>unmount sd 4.30.
Command Reference | Maintenance and operation functions | 155 4.30.8 Show port error LED status [Syntax] show error port-led [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the ID of ports that are generating an error, and the following error causes.
| Command Reference | Maintenance and operation functions This can be executed only if the SD card is mounted. [Note] This command cannot be used if the stack function is enabled. [Example] Restore system information into the unit. SWX3220# restore system restore and reboot system? (y/n) y Update the firmware. Current Revision: 4.02.01 New Revision: 4.02.03 Update to this firmware? (y/n) y Unmounted the SD card. Pull out the SD card. Updating... Finish Succeeded to restore system files.
Command Reference | Interface control | 157 Chapter 5 Interface control 5.1 Interface basic settings 5.1.1 Set description [Syntax] description line no description [Parameter] line : Single-byte alphanumeric characters and single-byte symbols (80characters or less) Description of the applicable interface [Initial value] no description [Input mode] interface mode [Description] Specifies a description of the applicable interface.
| Command Reference | Interface control no speed-duplex [Parameter] type : Communication speed and communication mode types Communication speed and communication mode types Description auto Auto negotiation 10000-full 10Gbps/Full 100-full 100Mbps/Full 100-half 100Mbps/Half [Initial value] speed-duplex auto [Input mode] interface mode [Description] Sets the communication speed and communication mode. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Interface control | 159 Communication type Explanation 10000-full 10Gbps/Full 5000-full 5Gbps/Full 2500-full 2.5Gbps/Full 1000-full 1000Mbps/Full 100-full 100Mbps/Full 100-half 100Mbps/Half [Initial value] negotiation 10000-full 5000-full 2500-full 1000-full 100-full 100-half [Input mode] interface mode [Description] Sets the communication type supported by auto negotiation. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control Interface Nego Link Advertisement ------------------------------------------------------------------------port1.1 Enabled All port1.2 Enabled 10000-full, 5000-full, 2500-full, 1000-ful, 100-full port1.3 Enabled 100-full, 100-half port1.4 Enabled All port1.5 Enabled -port1.6 Enabled -port1.7 Enabled -port1.8 Enabled -- 5.1.
Command Reference | Interface control | 161 [Note] This command can be specified only for LAN port. When this command is used to change the settings, link-down temporarily occurs for the corresponding interface. [Example] Disable cross/straight automatic detection for LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#mdix auto disable 5.1.
| Command Reference | Interface control Item Description EEE(efficient-ethernet) Whether the unit supports EEE Link Partner Whether the other unit supports EEE [Note] If another unit is not connected, the display indicates that EEE is not supported. [Example] Show EEE capabilities for LAN port #1. [If the other unit supports EEE] SWX3220#show eee capabilities interface port1.1 interface:port1.
Command Reference | Interface control | 163 [If EEE is enabled and is transitioning to low-power mode] SWX3220#show eee status interface port1.1 interface:port1.1 EEE(efficient-ethernet): Operational Rx LPI Status : Interrupted Tx LPI Status : Interrupted Wake Error Count : 0 [If EEE is enabled and has transitioned to low-power mode] SWX3220#show eee status interface port1.1 interface:port1.1 EEE(efficient-ethernet): Operational Rx LPI Status : Low Power Tx LPI Status : Low Power Wake Error Count : 0 5.1.
| Command Reference | Interface control [Keyword] interface : Specify the monitored port to show : Interface name of the LAN/SFP port [Parameter] ifname Monitored port to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the port mirroring setting. If interface is omitted, the settings for all monitored ports are shown. The following items are shown for each monitored port.
Command Reference | Interface control | 165 The following items are shown. Item Interface Description Interface name Link status *2 (if shutdown, shows the cause) Link is • • If shutdown is specified : (by shutdown) If port error is detected : (by errdisable) Hardware is Interface type (e.g.
| Command Reference | Interface control Item input Description packets Number of received packets *2 bytes Number of received bytes *2 multicast packets Number of received multicast packets *2 drop packets Number of overflowed packets received *2, *5 packets Number of transmitted packets *2 bytes Number of transmitted bytes *2 multicast packets Number of transmitted multicast packets *2 broadcast packets Number of transmitted broadcast packets *2 drop packets Number of tail-dropped pa
Command Reference | Interface control | 167 5.1.14 Show brief interface status [Syntax] show interface brief [Input mode] unprivileged EXEC mode, privileged EXEC mode, individual configuration mode [Description] Shows brief interface status. The following items are shown.
| Command Reference | Interface control Interface Status Reason Description -------------------------------------------------------------------------------vlan1 up --vlan2 down PD --------------------------------------------------------------------------------Port-channel Type PVID Mode Status Reason Speed Description Interface -------------------------------------------------------------------------------sa1 AGG 1 access up -1g -- 5.1.
Command Reference | Interface control | 169 Item Description Undersize packets Number of undersize packets received (packets smaller than 64 octets) Oversize packets Number of oversize packets received (packets larger than 1523 octets*1) Fragments Number of fragment packets received (packs smaller than 64 octets with abnormal CRC) Jabbers Number of jabber packets received (packs larger than 1523 octets with abnormal CRC*1) FCS errors Number of FCS error packets received RX errors Number of rece
| Command Reference | Interface control Received and Transmitted: 64octet packets : 65-127octet packets : 128-255octet packets : 256-511octet packets : 512-1023octet packets : 1024-MAXoctet packets : 1 166 7 1 0 0 5.1.
Command Reference | Interface control | 171 port1.27 port1.28 40.7 Unsupported 95.0 Unsupported 90.0 Unsupported -20.0 Unsupported -25.0 Unsupported Voltage (V) -----------3.37 3.34 Unsupported High Alarm Threshold -----------3.62 3.89 Unsupported High Warning Threshold -----------3.46 3.70 Unsupported Low Warning Threshold -----------3.13 2.89 Unsupported Low Alarm Threshold -----------2.97 2.70 Unsupported Current Interface (mA) ------------ -----------port1.25 4.0 port1.26 port1.27 6.2 port1.
| Command Reference | Interface control 5.1.
Command Reference | Interface control | 173 To enable transmission queue usage rate monitoring, in addition to this command, system-wide transmission queue usage rate monitoring must also be enabled. [Example] Disable transmission queue usage rate monitoring for LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#tx-queue-monitor usage-rate disable 5.1.
| Command Reference | Interface control If a LAN/SFP port is associated to a link-id for which a static logical interface does not exist, the static logical interface is newly generated. If the associated LAN/SFP port is no longer present because it was removed from the static logical interface, the static logical interface is deleted. Up to eight LAN/SFP port units can be associated with one static logical interface.
Command Reference | Interface control | 175 mode Description active Operate LACP in active mode. In active mode, it actively sends LACP frames to the other device. passive Operate LACP in passive mode. In passive mode, it sends LACP frames only if LACP frames are received from the other device. [Input mode] interface mode [Description] Associates the applicable interface with the LACP logical interface specified by link-id.
| Command Reference | Interface control [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] If ifname is omitted, shows the status of the LACP logical interface. The following items are shown for each LACP logical interface that exists. • • • LACP logical interface name Load balance function rules Interface name of associated LAN/SFP port For details on the load balance function rules, refer to the type parameter of the port-channel load-balance command.
Command Reference | Interface control | 177 Item Description Timeout Timeout value ("Long"=90 seconds, "Short"=3 seconds) Active LACP operation mode("Active", "Passive") Synchronized Synchronization flag Collecting Collecting flag Distributing Distributing flag Defaulted Defaulted flag Expired Expired flag [Example] Shows the status of LACP logical interface. SWX3220#show etherchannel % Lacp Aggregator: po10 % Load balancing: src-dst-mac % Member: port1.1 port1.2 port1.3 port1.
| Command Reference | Interface control [Note] If an LACP logical interface is connected to the other device, the system priorities are compared, and control privilege is given to the device with the higher priority. [Example] Set the LACP system priority order to 100. SWX3220(config)#lacp system-priority 100 5.2.6 Show LACP system priority [Syntax] show lacp sys-id [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the LACP system priority and the LACP system ID.
Command Reference | Interface control | 179 • Amongst the associated ports, only those with the same communication speed as the port initially linked up are made active. • • • Other ports with different communication speeds are left on standby. When set to auto negotiation, only those ports amongst the associated ports with the same communication speed as that which resulted from the initial auto negotiation are made active.
| Command Reference | Interface control If link-id is omitted, the frame counter of every existing LACP logical interface is cleared. [Example] Clear the frame counter for every LACP logical interface. SWX3220#clear lacp counters 5.2.10 Show LACP frame counter [Syntax] show lacp-counter [link-id] [Parameter] link-id : <1-127> LACP logical interface number [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show the LACP frame counter.
Command Reference | Interface control | 181 [Initial value] port-channel load-balance src-dst-mac [Input mode] global configuration mode [Description] Sets rules to specify the forwarding destination interface of the load balance function. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command is a system-wide setting.
| Command Reference | Interface control Link shows the following items. Usage status Description "Unselected" Currently communicating with LACP control protocol. "Selected" Selected as a LAN/SFP port with LACP enabled. "Standby" Specified as a standby LAN/SFP port with LACP enabled. Synchronization flag Description "no" Synchronization flag is not set. "yes" Synchronization flag is set. The state of the linked-up LAN/SFP ports are known from the usage status and the Synchronization flag.
Command Reference | Interface control | 183 Partner LAG 0x8000, 00-a0-de-11-11-11 Partner Key 0001 Link count 0/ 1 Link port1.2 Selected Synchronized port1.3 Unselected Synchronized Aggregator po127 ID 4727 Status Ready Actor LAG 0x8000, 00-a0-de-e0-e0-e0 Admin Key 0127 Partner LAG 0x8000, 00-a0-de-11-11-11 Partner Key 0001 Link count 0/ 1 Link port1.4 Selected Synchronized no no no 5.2.
| Command Reference | Interface control [Initial value] no aaa authentication dot1x [Input mode] global configuration mode [Description] Enables IEEE 802.1X authentication for the entire system. If this command is executed with the "no" syntax, disables IEEE 802.1X authentication for the entire system. Use a RADIUS server for authentication on which the radius-server host command has been configured. [Note] In order to actually use IEEE 802.1X authentication, you need to enable IEEE 802.
Command Reference | Interface control | 185 [Note] In order to actually use Web authentication, you need to enable Web authentication on the applicable interface as well. (authweb enable command) [Example] Enable Web authentication for the entire system. SWX3220(config)#aaa authentication auth-web 5.3.4 Set operation mode for the IEEE 802.1X authentication function [Syntax] dot1x port-control mode no dot1x port-control [Parameter] mode : Operation mode for IEEE 802.
| Command Reference | Interface control [Input mode] interface mode [Description] Changes the packet forwarding operation for the applicable interface when the IEEE 802.1X authentication is unauthenticated. If this command is executed with the "no" syntax, the setting returns to the default. When "both" is specified, the packets received from the supplicant are discarded, and the broadcast/multicast packets to the interface to which the supplicant is connected from other ports are also discarded.
Command Reference | Interface control | 187 [Keyword] enable : Enable MAC authentication disable : Disable MAC authentication [Initial value] auth-mac disable [Input mode] interface mode [Description] Enables MAC authentication for the applicable interface. When this command is executed with the "no" syntax or when disable is specified, MAC authentication is disabled. [Note] This command can be specified only for both LAN/SFP port and logical interface.
| Command Reference | Interface control [Example] Change the MAC address format used for MAC authentication to all uppercase format without hyphens. SWX3220(config)#auth-mac auth-user unformatted upper-case 5.3.
Command Reference | Interface control | 189 [Note] This command can be specified only for both LAN/SFP port and logical interface. In order to actually use Web authentication, you need to enable Web authentication for the entire system as well. (aaa authentication auth-web command) You cannot enable the Web authentication function from any other mode besides multi-supplicant mode. You cannot use this together with guest VLAN. [Example] Enable the LAN port #1 Web authentication function.
| Command Reference | Interface control 5.3.12 Configuring the authentication order [Syntax] auth order dot1x auth-mac auth order auth-mac dot1x no auth order [Keyword] dot1x : IEEE 802.1x authentication method auth-mac : MAC authentication method [Initial value] auth order dot1x auth-mac [Input mode] interface mode [Description] Sets the order in which authentication occurs when authentication methods are used together in the port authentication function.
Command Reference | Interface control | 191 To use this command, you must enable the port authentication function for the applicable interface. (dot1x port-control command, auth-mac enable command, auth-web enable command) [Example] Enable re-authenticatio of LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#auth reauthentication 5.3.
| Command Reference | Interface control [Note] This command can be specified only for both LAN/SFP port and logical interface. Changing the settings for this command will make the authentication state return to the default. To use this command, you must enable the port authentication function for the applicable interface. (dot1x port-control command, auth-mac enable command) This command cannot be set when Web authentication is enabled. [Example] This specifies guest VLAN #10 for LAN port #1.
Command Reference | Interface control | 193 If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for both LAN/SFP port and logical interface. To use this command, you must enable the port authorization function and the reauthentication function for the applicable interface.
| Command Reference | Interface control [Description] Sets the reply wait time from the supplicant during port authentication for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for both LAN/SFP port and logical interface. To use this command, you must enable the port authentication function for the applicable interface.
Command Reference | Interface control | 195 The radius-server host command configured with the LLDP auto-configuration feature is suffixed with the "dynamic" option that indicates it is a temporary setting. When the "dynamic" option is added, it will not be saved to the startup configuration even if the write command is executed. [Example] Add the server at IP address 192.168.100.
| Command Reference | Interface control [Description] Sets the number of times to resend requests to a RADIUS server. If this command is executed with the "no" syntax, the setting returns to the default. [Note] If a server-specific number of resends for requests has been set using the radius-server host command, the radius-server host command settings are used. [Example] Set the number of times to resend requests to a RADIUS server to 5. SWX3220(config)#radius-server retransmit 5 5.3.
Command Reference | Interface control | 197 [Example] This sets the usage prevention for the RADIUS server to 1 minute. SWX3220(config)#radius-server deadtime 1 5.3.
| Command Reference | Interface control RADIUS server address : 192.168.100.101 (port:1812) [Interface information] Interface port1.1 (up) 802.
Command Reference | Interface control | 199 [Keyword] interface : Shows statistical information for only the specified interface : Interface name [Parameter] ifname Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows statistical information for packets during port authentication. [Example] Show statistical information for LAN port #1. SWX3220#show auth statistics interface port1.1 Interface port1.
| Command Reference | Interface control 5.3.30 Show RADIUS server setting information [Syntax] show radius-server [Input mode] privileged EXEC mode [Description] Shows setting information related to the RADIUS server. Shows setting information (server host, UDP port number for authentication, shared password, wait time for replying to requests, number of times to resend requests, server usage prevention time) for RADIUS servers registered in the authentication server list.
Command Reference | Interface control | 201 [Keyword] all : Clears the authentication state for all supplicants interface : Clears the authentication state for supplicants connected to specific interfaces supplicant : Clear the authentication state for specific supplicant : Interfacee name [Parameter] ifname Interface to clear mac-addr : hhhh.hhhh.hhhh (h is hexadecimal) Applicable MAC address [Input mode] privileged EXEC mode [Description] Clears the supplicant authentication state.
| Command Reference | Interface control [Initial value] no auth clear-state time [Input mode] interface mode [Description] Sets the time at which the authentication state of the supplicant is cleared for the applicable interface. If this command is executed with the "no" syntax, deletes the time setting for clearing the authentication state. [Note] This command can be specified only for both LAN/SFP port and logical interface.
Command Reference | Interface control | 203 5.3.
| Command Reference | Interface control [Example] Disable the EAP pass through. SWX3220(config)#pass-through eap disable 5.4 Port security 5.4.1 Set port security function [Syntax] port-security enable port-security disable no port-security [Keyword] enable : Enables port security function disable : Disables port security function [Initial value] port-security disable [Input mode] interface mode [Description] Enables the port security function for the applicable interface.
Command Reference | Interface control | 205 [Parameter] action : Operation used for port security violations Operation mode Description discard Discards packets shutdown Shuts down the port [Initial value] port-security violation discard [Input mode] interface mode [Description] Sets the action to be taken during a port security violation for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control [Keyword] interval : Automatic recovery time setting : Functions that can be the cause of errdisable [Parameter] function Setting value interval : Description bpduguard BPDU guard function loop-detect Loop detection function <10-1000000> Time (seconds) until auto-recovery [Initial value] no errdisable auto-recovery bpduguard (BPDU guard function) errdisable auto-recovery loop-detect interval 300 (Loop detection function) [Input mode] global configur
Command Reference | Interface control | 207 ---------------------------port1.1 BPDU guard port1.
| Command Reference | Layer 2 functions Chapter 6 Layer 2 functions 6.1 FDB (Forwarding Data Base) 6.1.
Command Reference | Layer 2 functions | 209 [Example] Set the dynamic entry ageing time to 400 seconds. SWX3220(config)#mac-address-table ageing-time 400 6.1.
| Command Reference | Layer 2 functions ifname : Setting value Description forward Forward discard Discard Name of LAN/SFP port or logical interface Applicable interface vlan-id : <1-4094> Applicable VLAN ID [Initial value] none [Input mode] global configuration mode [Description] Registers a static entry in the MAC address table. If action is specified as "forward," received frames that match the specified MAC address and VLAN ID are forwarded to the specified interface.
Command Reference | Layer 2 functions | 211 SWX3220>show mac-address-table VLAN port mac 1 port1.1 00a0.de11.2233 1 sa1 1803.731e.8c2b 1 sa2 782b.cbcb.218d fwd forward forward forward type static dynamic dynamic timeout 0 300 300 6.1.
| Command Reference | Layer 2 functions 6.2.
Command Reference | Layer 2 functions | 213 type : Type of private VLAN Setting value Description primary Primary VLAN community Secondary VLAN (community VLAN) isolated Secondary VLAN (isolated VLAN) [Initial value] none [Input mode] VLAN mode [Description] Uses vlan-id as a private VLAN. If this command is executed with the "no" syntax, the private VLAN setting is deleted, and it is used as a conventional VLAN.
| Command Reference | Layer 2 functions [Initial value] none [Input mode] VLAN mode [Description] Specify the association of the secondary VLAN (isolated VLAN, community VLAN) with the primary VLAN of the private VLAN. By specifying "add," specify the association of the vlan-id with the 2nd-vlan-ids. By specifying "remove," remove the association of the vlan-id and the 2nd-vlan-ids. If this command is executed with the "no" syntax, all associations to the primary VLAN are deleted.
Command Reference | Layer 2 functions | 215 [Parameter] vlan-id : <1-4094> Associated VLAN ID [Initial value] switchport access vlan 1 [Input mode] interface mode [Description] Sets the VLAN ID that is associated as an access port with the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be set only for a LAN/SFP port or logical interface for which the switchport mode access command is set.
| Command Reference | Layer 2 functions To specify the VLAN ID that is associated as a trunk port, use the switchport trunk allowed vlan command. To specify the native VLAN, use the switchport trunk native vlan command. [Example] Set LAN port #1 as a trunk port. SWX3220(config)#interface port1.1 SWX3220(config-if)#switchport mode trunk 6.2.
Command Reference | Layer 2 functions | 217 • If you specify and associate a VLAN ID that was set by the switchport trunk native vlan command, switchport trunk native vlan none is set. If you specify the switchport trunk allowed vlan add command with a combination of "-" or "," in the vlan-ids, the command setting will fail if you revert to an older version (Rev.2.00.08 or earlier). As a result, normal communication might become impossible.
| Command Reference | Layer 2 functions [Parameter] port-type : Port mode Setting value Description promiscuous Promiscuous port host Host port [Initial value] none [Input mode] interface mode [Description] Specifies the private VLAN port type for the applicable interface. If this is executed with the "no" syntax, the setting of the private VLAN specified for the applicable interface is deleted.
Command Reference | Layer 2 functions | 219 [Note] This command can be set only for a LAN/SFP port that has been set as the host port by the switchport mode private-vlan command. pri-vlan-id and 2nd-vlan-id must be associated by the private-vlan association command. If the switchport mode private-vlan command is used to set the port type to something other than host port, the setting of this command is deleted. [Example] Specify the following private VLAN for each interface.
| Command Reference | Layer 2 functions • logical interface pri-vlan-id and 2nd-vlan-ids must be associated by the private-vlan association command. If this command is applied to a logical interface, the settings of every LAN/SFP port associated with that interface are changed. If the switchport mode private-vlan command is used to set the port type to something other than promiscuous port, the setting of this command is deleted. A community VLAN can be associated with multiple promiscuous ports.
Command Reference | Layer 2 functions | 221 CoS value to specify for connected device [Initial value] switchport voice cos 5 [Input mode] interface mode [Description] Specify the CoS value to use for voice traffic by the connected device. The connected device is notified of the setting via LLDP-MED in the following cases. • • Voice VLAN is specified for the corresponding port. LLDP-MED transmission and reception is possible for the corresponding port.
| Command Reference | Layer 2 functions [Initial value] none [Input mode] interface mode [Description] Specify the group of multiple VLAN. If a group is specified for the interface, the corresponding interface can communicate only with interfaces of the same multiple VLAN group. Even if the VLAN is the same, communication is not possible if the multiple VLAN group differs. This can be specified only for a physical interface or for a link aggregation logical interface.
Command Reference | Layer 2 functions | 223 6.2.
| Command Reference | Layer 2 functions Item Description Interfaces associated with the VLAN ID Member ports • • (u) : Access port (untagged port) (t) : Trunk port (tagged port) [Example] Show all VLAN information. SWX3220>show vlan brief (u)-Untagged, (t)-Tagged VLAN ID Name State Member ports ======= ================================ ======= ======================= 1 default ACTIVE port1.1(u) port1.2(u) port1.3(u) port1.4(u) port1.5(u) port1.6(u) port1.7(u) port1.8(u) 6.2.
Command Reference | Layer 2 functions | 225 [Description] Shows the setting status for multiple VLAN groups. If the "group" specification is omitted, all groups that are actually assigned to the interface are shown. The setting state of the YMPI frame transmission function is also displayed. [Example] Shows the setting status for multiple VLAN groups. SWX3220>show vlan multiple-vlan GROUP ID Name Member ports ======== ================================ ====================== 1 GROUP0001 port1.1 port1.2 port1.
| Command Reference | Layer 2 functions [Note] The setting of this command must satisfy the following conditions. 2 x (hello time + 1) <= maximum aging time <= 2 x (forward delay time - 1) The maximum aging time can be set by the spanning-tree max-age command. The hello time is always 2 seconds, and cannot be changed. [Example] Set the forward delay time to 10 seconds. SWX3220(config)#spanning-tree forward-time 10 6.3.
Command Reference | Layer 2 functions | 227 [Description] Sets the bridge priority. Lower numbers have higher priority. If this command is executed with the "no" syntax, the setting returns to the default. [Note] In the case of MSTP, this is the setting for CIST (instance #0). [Example] Set the bridge priority to 4096. SWX3220(config)#spanning-tree priority 4096 6.3.
| Command Reference | Layer 2 functions [Input mode] interface mode [Description] Sets the link type for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
Command Reference | Layer 2 functions | 229 Setting value Description enable Enables BPDU guard disable Disables BPDU guard [Initial value] spanning-tree bpdu-guard disable [Input mode] interface mode [Description] Sets BPDU guard for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface.
| Command Reference | Layer 2 functions It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface. If a LAN/SFP port is associated with a logical interface, the setting of this command for the corresponding LAN/SFP port returns to the default. [Example] Set the path cost of LAN port #1 to 100000. SWX3220(config)#interface port1.1 SWX3220(config-if)#spanning-tree path-cost 100000 6.3.
Command Reference | Layer 2 functions | 231 If a LAN/SFP port is associated with a logical interface, the setting of this command for the corresponding LAN/SFP port returns to the default. [Example] Set LAN port #1 as the edge port. SWX3220(config)#interface port1.1 SWX3220(config-if)#spanning-tree edgeport 6.3.
| Command Reference | Layer 2 functions Item Description Configured Path Cost Path cost setting of the interface Add type Explicit ref count Number of STP domains associated with the interface Designated Port Id ID of the designated port Priority Priority of the interface Root Root bridge identifier. This consists of the root bridge priority (the first four hexadecimal digits) and MAC address Designated Bridge Bridge identifier.
Command Reference | Layer 2 functions | 233 % port1.1: % port1.1: % port1.1: % port1.1: timer 0 % port1.1: % port1.1: % port1.1: % port1.1: % port1.1: % port1.1: % port1.1: % port1.
| Command Reference | Layer 2 functions % % % % % % Message Age Timer Message Age Timer Value Topology Change Timer Topology Change Timer Value Hold Timer Hold Timer Value % Other Port-Specific Info -----------------------% Max Age Transitions % Msg Age Expiry % Similar BPDUS Rcvd % Src Mac Count % Total Src Mac Rcvd % Next State % Topology Change Time : : : : : : INACTIVE 0 INACTIVE 0 INACTIVE 0 : : : : : : : 1 0 0 0 3 Discard/Blocking 0 % Other Bridge information & Statistics ------------------
Command Reference | Layer 2 functions | 235 [Description] Moves to MST mode in order to make MST instance and MST region settings. [Note] To return from MST mode to global configuration mode, use the exit command. To return to privileged EXEC mode, use the end command. [Example] Move to MST mode. SWX3220(config)#spanning-tree mst configuration SWX3220(config-mst)# 6.3.
| Command Reference | Layer 2 functions If this command is executed with the "no" syntax, the VLAN association for the MST instance is deleted. If as a result of this deletion, not even one VLAN is associated with the MST instance, the MST instance is deleted. If you specify an MST instance that has not been generated, the MST instance will also be generated. [Note] You cannot specify a VLAN ID that is associated with another MST instance. [Example] Associate VLAN #2 with MST instance #1.
Command Reference | Layer 2 functions | 237 [Example] Set the MST region name to "Test1". SWX3220(config)#spanning-tree mst configuration SWX3220(config-mst)#region Test1 6.3.20 Set revision number of MST region [Syntax] revision revision [Parameter] revision : <0-65535> Revision number [Initial value] revision 0 [Input mode] MST mode [Description] Sets the revision number of the MST region. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Layer 2 functions 6.3.
Command Reference | Layer 2 functions | 239 [Description] Sets the path cost of the applicable interface on an MST instance. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
| Command Reference | Layer 2 functions [Example] Show MSTP information.
Command Reference | Layer 2 functions | 241 [Keyword] interface : Specifies the interface to show : <1-15> [Parameter] instance-id ID of generated MST interface ifname : Name of LAN/SFP port or logical interface Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode, interface mode [Description] Shows information for the specified MST instance. If "interface" is omitted, information is shown for all interfaces that are assigned the specified MST instance.
| Command Reference | Layer 2 functions If this command is executed with the "no" syntax, the setting returns to the default. [Note] The spanning tree function and the loop detection function can be used together on the entire system. In order to enable the loop detection function, the loop detection function must be enabled on the interface in addition to this command. Even if the loop detection function is enabled, the loop detection function does not operate on the following interfaces.
Command Reference | Layer 2 functions | 243 LPD disabled System LPD enabled STP disabled - - - - STP enabled - STP - STP STP disabled - - LPD LPD STP enabled - STP LPD STP [Example] Enable the loop detection function of LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#loop-detect enable Disable the loop detection function of LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#loop-detect disable 6.4.
| Command Reference | Layer 2 functions [Initial value] None [Input mode] global configuration mode [Description] Normally, Blocking is released immediately when the loop is cleared. When this command is configured, it detects if the loop is cleared at regular intervals. If the loop is cleared, Blocking is released, but if the loop is not cleared, Blocking continues until that time passes again. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Layer 2 functions | 245 port loop-detect port-blocking status ------------------------------------------------------port1.1 enable(*) enable Detected port1.2 enable(*) enable Blocking port1.3 enable(*) enable Normal port1.4 enable(*) disable Normal port1.5 enable(*) enable Normal port1.6 enable(*) enable Shutdown port1.7 disable enable -----: : : : ------------------------------------------------------(*): Indicates that the feature is enabled.
| Command Reference | Layer 3 functions Chapter 7 Layer 3 functions 7.1 IPv4 address management 7.1.1 Set IPv4 address [Syntax] ip address ip_address/mask [secondary] [label textline] ip address ip_address netmask [secondary] [label textline] no ip address ip_address/mask [secondary] no ip address ip_address netmask [secondary] no ip address [Keyword] label : Set label as IPv4 address secondary : Set as the secondary address : A.B.C.
Command Reference | Layer 3 functions | 247 7.1.2 Show IPv4 address [Syntax] show ip interface [interface] brief [Parameter] interface : VLAN interface name [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IPv4 address for each interface. The following content is shown. • IPv4 address • • • • For secondary addresses, “(secondary)” is appended to the end of IPv4 addresses.
| Command Reference | Layer 3 functions A secondary address cannot be set for interfaces that are set as DHCP clients. If this command is executed with the "no" syntax, the DHCP client setting is deleted. [Note] The lease time requested from the DHCP server is fixed at 72 hours. However, the actual lease time will depend on the setting of the DHCP server.
Command Reference | Layer 3 functions | 249 7.1.5 Set auto IP function [Syntax] auto-ip switch no auto-ip [Parameter] switch : Behavior of the auto IP function Setting value Description enable Enable the auto IP function disable Disable the auto IP function [Initial value] auto-ip disable [Input mode] interface mode [Description] For the VLAN interface, enables the Auto IP function which automatically generates the IPv4 link local address (169.254.xxx.xxx/16).
| Command Reference | Layer 3 functions mask : <1-31> Number of mask bits Set this to 0 if specifying the default gateway netmask : A.B.C.D Netmask in address format Set this to 0.0.0.0 if specifying the default gateway gateway : A.B.C.D IPv4 address of gateway number : <1-255> Administrative distance (priority order when selecting route) (if omitted: 1) Lower numbers have higher priority. [Initial value] none [Input mode] global configuration mode [Description] Adds a static route for IPv4.
Command Reference | Layer 3 functions | 251 [Parameter] ip_address : A.B.C.D IPv4 address mask : <0-32> Number of mask bits (if omitted: 32) [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IPv4 Forwarding Information Base (FIB). If the IPv4 address is omitted, the entire content of the FIB is shown. If the IPv4 address or network address is specified, detailed information for the routing entry that matches the destination is shown.
| Command Reference | Layer 3 functions [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows a summary of the route entries that are registered in the IPv4 Routing Information Base (RIB). [Example] Show a summary of the route entries that are registered in the IPv4 Routing Information Base. SWX3220>show ip route summary IP routing table name is Default-IP-Routing-Table(0) IP routing table maximum-paths is 1 Route Source Networks connected 2 static 3 Total 5 7.2.
Command Reference | Layer 3 functions | 253 7.3.2 Clear ARP table [Syntax] clear arp-cache [Input mode] privileged EXEC mode [Description] Clears the ARP cache. [Example] Clear the ARP cache. SWX3220#clear arp-cache 7.3.3 Set static ARP entry [Syntax] arp ip_address mac_address interface no arp ip_address [Parameter] ip_address : A.B.C.D IP address mac_address : HHHH.HHHH.HHHH MAC address interface : portN.
| Command Reference | Layer 3 functions [Description] Changes the length of time that ARP entries are maintained in the applicable VLAN interface. ARP entries that are not received within this length of time are deleted. If this command is executed with the "no" syntax, the ARP entry timeout is set to 1200 seconds. [Example] Change the ARP entry ageing timeout for VLAN #1 to five minutes. SWX3220(config)#interface vlan1 SWX3220(config)#arp-aging-timeout 300 7.4 IPv4 forwarding control 7.4.
Command Reference | Layer 3 functions | 255 Setting value Description enable Enables IPv4 directed broadcast forwarding settings disable Disables IPv4 directed broadcast forwarding settings [Initial value] ip directed-broadcast disable [Input mode] interface mode [Description] This configures the forwarding of directed broadcasts for the VLAN interface from other VLAN interfaces. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Layer 3 functions [Input mode] privileged EXEC mode [Description] Send ICMP Echo to the specified host, and wait for ICMP Echo Reply. If there is a reply, show it. Show statistical information when the command ends. [Example] Ping the IP address 192.168.100.254 three times with a data size of 120 bytes. SWX3220#ping 192.168.100.254 repeat 3 size 120 PING 192.168.100.254 (192.168.100.254): 120 data bytes 128 bytes from 192.168.100.254: seq=0 ttl=255 time=8.368 ms 128 bytes from 192.
Command Reference | Layer 3 functions | 257 [Input mode] interface mode [Description] Enables IPv6 for the VLAN interface and automatically sets the link local address. IPv6 addresses can be assigned to a maximum of 256 VLAN interfaces. If IPv6 is disabled, related settings are also simultaneously deleted. If this command is executed with the "no" syntax, the setting returns to the default. [Note] The automatically-specified link local address can be viewed by using the show ipv6 interface brief command.
| Command Reference | Layer 3 functions [Initial value] none [Input mode] interface mode [Description] Uses RA to specify an IPv6 address for the VLAN interface. RA can be specified only for the VLAN interface for which the ipv6 enable command has been specified. This command can be used with the ipv6 address ipv6_address/prefix_len command. If this command is executed with the "no" syntax, the RA setting is deleted. [Note] This command cannot be used if the stack function is enabled.
Command Reference | Layer 3 functions | 259 7.7.
| Command Reference | Layer 3 functions [Description] Shows the IPv6 Forwarding Information Base (FIB). If the IPv6 address is omitted, the entire content of the FIB is shown. If the IPv6 address or network address is specified, detailed information for the routing entry that matches the destination is shown. [Note] This command cannot be used if the stack function is enabled. [Example] Show the entire IPv6 forwarding information base.
Command Reference | Layer 3 functions | 261 [Example] Show a summary of the IPv6 Routing Information Base. SWX3220>show ipv6 route summary IPv6 routing table name is Default-IPv6-Routing-Table(0) IPv6 routing table maximum-paths is 1 Route Source Networks connected 2 static 2 Total 4 7.7.
| Command Reference | Layer 3 functions [Input mode] global configuration mode [Description] Adds a static entry to the neighbor cache. If this command is executed with the "no" syntax, the specified static entry is deleted. [Note] This command cannot be used if the stack function is enabled. [Example] Set the MAC address of IPv6 2001:db8:cafe::1 located at port1.1 of VLAN #1, in the Neighbor cache. SWX3220(config)#ipv6 neighbor 2001:db8:cafe::1 vlan1 00a0.de80.cafe port1.1 7.8.
Command Reference | Layer 3 functions | 263 Setting value Description enable Enable forwarding of IPv6 packets disable Disable forwarding of IPv6 packets [Initial value] ipv6 forwarding enable [Input mode] global configuration mode [Description] Enables or disables forwarding of IPv6 packets. If this is executed with the "no" syntax, the setting returns to the default. 7.9.
| Command Reference | Layer 3 functions timeout : <1-65535> Time to wait for a reply (if omitted: 2) Ignored if count is specified as "continuous" ipv6_address : X:X::X:X IPv6 address [Input mode] privileged EXEC mode [Description] Send ICMPv6 Echo to the specified host, and wait for ICMPv6 Echo Reply. When it is received, indicate this. Show simple statistical information when the command ends. [Note] This command cannot be used if the stack function is enabled.
Command Reference | Layer 3 functions | 265 7.11.1 Set DNS lookup function [Syntax] dns-client switch no dns-client [Parameter] switch : Behavior of the DNS client Setting value Description enable Enable the DNS client disable Disable the DNS client [Initial value] dns-client disable [Input mode] global configuration mode [Description] Enables or disables the DNS lookup function. If this command is executed with the "no" syntax, the function is disabled. [Example] Enable the DNS lookup function.
| Command Reference | Layer 3 functions [Example] Add the IP addresses 192.168.100.1, 2001:db8::1234, and fe80::2a0:deff:fe11:2233 to the DNS server list. SWX3220(config)#dns-client name-server 192.168.100.1 SWX3220(config)#dns-client name-server 2001:db8::1234 SWX3220(config)#dns-client name-server fe80::2a0:deff:fe11:2233%vlan1 7.11.
Command Reference | Layer 3 functions | 267 SWX3220(config)#dns-client domain-list example1.com SWX3220(config)#dns-client domain-list example2.com 7.11.5 Show DNS client information [Syntax] show dns-client [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the DNS client information. The following content is shown.
| Command Reference | Layer 3 functions [Example] SWX3220(config)# router ospf SWX3220(config-router)# SWX3220(config-router)# exit SWX3220(config)# 7.12.2 Move to OSPFv3 mode (IPv6) [Syntax] router ipv6 ospf [name] no router ipv6 ospf [name] [Parameter] name : OSPFv3 process ID [Initial value] none [Input mode] global configuration mode [Description] Transition to OSPFv3 mode and make OSPF-related settings. If using multiple OSPF processes, specify name.
Command Reference | Layer 3 functions | 269 [Description] Enables authentication in the OSPF area. If "message-digest" is not specified, simple password authentication is used. In this case, the authentication key is specified for each interface by the ip ospf authentication-key command. If "message-digest" is specified, MD5 digest authentication is used. In this case, the authentication key is specified for each interface by the ip ospf message-digest-key command. This command applies to all interfaces.
| Command Reference | Layer 3 functions no area area_id filter-list access access_list_id direction [Parameter] area_id : Area ID Setting value Description A.B.C.
Command Reference | Layer 3 functions | 271 Setting value Description default-information-originate [metric <0-16777214>] [metric-type <1-2>] Notifies the applicable NSSA of the default route LSA (type 7). Use the "metric" option to specify the metric value of the default route's LSA (type 7). If omitted, this is 1. Use the "metric-type" option to specify the metric type. If omitted, this is 2. no-redistribution Route information of other areas is not provided to the applicable NSSA.
| Command Reference | Layer 3 functions range type : : Setting value Description A.B.C.D OSPF area ID in IPv4 address format <0-4294967295> OSPF area ID in four-octet integer format Summary destination network address Setting value Description A.B.C.D/M Network range in IPv4 address format A.B.C.D W.X.Y.Z Network range in IP address and subnet mask format Advertise route information Setting value Description advertise The summarized route information is advertised to other areas.
Command Reference | Layer 3 functions | 273 [Input mode] OSPFv2 mode [Description] Sets the specified area as a stub area. If the "no" syntax is used with a specified option, the specified option can be disabled. [Example] Set area 1 as a stub area. SWX3220(config-router)# area 1 stub Set area 1 as a totally stubby area. SWX3220(config-router)# area 1 stub no-summary 7.12.9 Specify virtual link on area (OSPFv2) [Syntax] area area_id virtual-link router_id [option [option ...
| Command Reference | Layer 3 functions Setting value authentication [type] Description Enables authentication for the virtual link. If type is not specified, authentication is performed using the simple password specified by the "authentication-key" option. If type is specified as "message-digest", authentication is performed using the MD5 digest authentication key specified by the "message-digest-key" option. If type is specified as "null", authentication is not performed on the virtual link.
Command Reference | Layer 3 functions | 275 [Initial value] auto-cost reference-bandwidth 100 [Input mode] OSPFv2 mode [Description] Specifies the bandwidth value used when calculating the default metric value of the interface. [Example] Calculate the default metric value with 100 Mbps as the bandwidth of the interface. SWX3220(config-router)# auto-cost reference-bandwidth 100 7.12.
| Command Reference | Layer 3 functions Setting value Description enable Enables optimization of the LSDB summary list. disable Disables optimization of the LSDB summary list. [Initial value] mode : disable [Input mode] OSPFv2 mode [Description] Enables optimization of the LSDB summary list.
Command Reference | Layer 3 functions | 277 no default-metric [Parameter] metric : <1-16777214> Default metric value [Initial value] none [Input mode] OSPFv2 mode [Description] Specifies the metric value used when advertising external route information to the OSPF routing domain. This is used in conjunction with the redistribute command. 7.12.
| Command Reference | Layer 3 functions no distribute-list access_list_id in [Parameter] access_list_id : Access list number specified by the access-list command kind : Type of route process_id : Setting value Description connected Applies to direct routes. ospf [process_id] Applies to route information held by OSPF. rip Applies to route information held by RIP. static Applies to static route information.
Command Reference | Layer 3 functions | 279 [Initial value] none [Input mode] OSPFv2 mode [Description] For the specified area, advertises the specified IP address as the stub host route. [Example] Advertise 203.0.113.1 to area 1 as the stub host route. SWX3220(config-router)# host 203.0.113.1 area 1 7.12.
| Command Reference | Layer 3 functions [Description] Associates areas with an interface running OSPF. OSPF runs on the interface to which is assigned the IP address included in the network range specified by network, and is associated with the area specified by area_id. [Example] Associate the 203.0.113.0/24 network connected to the VLAN #1 interface with the backbone area, and associate network 172.16.0.0/16 connected to the VLAN #2 interface with area 1.
Command Reference | Layer 3 functions | 281 [Initial value] lsa_num : None (No upper limit) [Input mode] OSPFv2 mode [Description] Sets the upper limit for the link status advertisements that can be handled by the OSPF process. If an upper limit is specified, the operation specified by action is executed when the number of link status advertisements reaches the upper limit. 7.12.
| Command Reference | Layer 3 functions SWX3220(config-router)# network 172.16.0.0/16 area 0 SWX3220(config-router)# passive-interface vlan3 7.12.25 Advertise the specified external route information to the OSPF area as an AS external LSA (OSPFv2) [Syntax] redistribute kind [option [option ...]] no redistribute kind [option [option ...]] [Parameter] kind option : : >Type of route Setting value Description connected Applies to direct routes.
Command Reference | Layer 3 functions | 283 tag : Setting value Description A.B.C.D/M IPv4 address with specified subnet mask length A.B.C.D E.F.G.H IPv4 address (A.B.C.D) with wildcard bits (E.F.G.H) <0-4294967295> Route tag number [Initial value] none [Input mode] OSPFv2 mode [Description] Specifies the summary destination network address for when summarizing external route information and advertising it to the OSPF area.
| Command Reference | Layer 3 functions max : <0-2147483647> Maximum delay time (milliseconds) [Initial value] timers spf exp 500 50000 [Input mode] OSPFv2 mode [Description] Sets the delay time when notified of changes related to the shortest path calculation (SPF calculation). 7.12.
Command Reference | Layer 3 functions | 285 [Initial value] area area_id default-cost 1 [Input mode] OSPFv3 mode [Description] Metric value of default route advertised to NSSA or stub area. This is enabled only for the ABR of an NSSA or stub area. [Example] With area 1 as a stub area, specify the default route's metric value as 10. SWX3220(config-router)# area 1 stub no-summary SWX3220(config-router)# area 1 default-cost 10 7.12.31 Set area as NSSA (OSPFv3) [Syntax] area area_id nssa [option [option ...
| Command Reference | Layer 3 functions Setting value Description default-information-originate [metric <0-16777214>] [metric-type <1-2>] Notifies the applicable NSSA of the default route LSA (type 7). Use the "metric" option to specify the metric value of the default route's LSA (type 7). If omitted, this is 1. Use the "metric-type" option to specify the metric type. If omitted, this is 2. no-redistribution Route information of other areas is not provided to the applicable NSSA.
Command Reference | Layer 3 functions | 287 range type : : Setting value Description A.B.C.D OSPF area ID in IPv4 address format <0-4294967295> OSPF area ID in four-octet integer format Summary destination network address Setting value Description X:X::X:X/M Specifies the IPv6 network address that will be the summary destination. This can be specified for OSPFv3 mode.
| Command Reference | Layer 3 functions If the "no" syntax is used with a specified option, the specified option can be disabled. 7.12.34 Specify virtual link on area (OSPFv3) [Syntax] area area_id virtual-link router_id [option [option ...]] no area area_id virtual-link router_id [option [option ...]] [Parameter] area_id : Area ID Setting value Description A.B.C.D OSPF area ID in IPv4 address format <0-4294967295> OSPF area ID in four-octet integer format router_id : Router ID (A.B.C.
Command Reference | Layer 3 functions | 289 [Input mode] OSPFv3 mode [Description] Specifies the bandwidth value used when calculating the default metric value of the interface. [Example] Calculate the default metric value with 100 Mbps as the bandwidth of the interface. SWX3220(config-router)# auto-cost reference-bandwidth 100 7.12.
| Command Reference | Layer 3 functions [Initial value] none [Input mode] OSPFv3 mode [Description] This specifies whether the default external route is advertised to the OSPF routing domain. This is valid only for an ASBR. If the "no" syntax is used with a specified option, the specified option can be disabled. [Example] Always advertise the default external route to the OSPF routing domain with a metric value of 10 and a metric type of 1.
Command Reference | Layer 3 functions | 291 [Input mode] OSPFv3 mode [Description] Sets priority of route taken from OSPF into FIB. If priority is specified, it is handled as the priority for all routing information. 7.12.
| Command Reference | Layer 3 functions [Input mode] OSPFv3 mode [Description] For the specified area, advertises the specified IP address as the stub host route. [Example] Advertise 1000::1 to area 1 as the stub host route. SWX3220(config-router)# host 1000::1 area 1 7.12.
Command Reference | Layer 3 functions | 293 option : Setting value Description connected Applies to direct routes. ospf [process_id] Applies to route information held by OSPF. rip Applies to route information held by RIP. static Applies to static route information. Option Setting value Description metric <0-16777214> Sets the metric value used when redistributing external routing information into the OSPF area.
| Command Reference | Layer 3 functions 7.12.46 Set summary destination network address when advertising to OSPF area (OSPFv3) [Syntax] summary-address network [not-advertise] [tag tag] no summary-address network [not-advertise] [tag tag] [Keyword] not-advertise : External route information whose destination is included in the summary destination network address is no longer advertised to the OSPF area. : Network range. OSPF runs on the interface to which the specified IP address range is assigned.
Command Reference | Layer 3 functions | 295 This command takes priority over the area authentication command. If this command is not specified, authentication enable/disable within the area is determined by the value of the area authentication command. 7.12.
| Command Reference | Layer 3 functions [Initial value] none [Input mode] interface mode [Description] Reduces LSA flooding for the specified interface. 7.12.
Command Reference | Layer 3 functions | 297 [Input mode] interface mode [Description] Sets transmission interval of Hello packets. 7.12.
| Command Reference | Layer 3 functions [Parameter] ip_address : IP address of interface (IPv4 format) interval : <1-1800> Interval time (seconds) [Initial value] ip ospf retransmit-interval 5 [Input mode] interface mode [Description] Sets the time interval at which Link State Request, Link State Update, and Database Description packets are retransmitted. 7.12.
Command Reference | Layer 3 functions | 299 7.12.59 Set time until neighboring router is considered down (IPv6) [Syntax] ipv6 ospf dead-interval interval [instance-id id] no ipv6 ospf dead-interval [instance-id id] [Parameter] interval : <1-65535> Interval time (seconds) id : <0-31><64-95> Instance ID [Initial value] ipv6 ospf dead-interval 40 [Input mode] interface mode [Description] Sets the time from when Hello packets are no longer received until the neighboring router is considered to be down.
| Command Reference | Layer 3 functions [Initial value] ipv6 ospf priority 1 [Input mode] interface mode [Description] Sets the priority for selecting the designated router (DR). The device with the highest priority in the OSPF network is selected as the designated router. If there are multiple devices that have the same priority, the designated router is selected by router ID. If the priority is specified as 0, the device will not be selected as the designed router.
Command Reference | Layer 3 functions | 301 [Initial value] none [Input mode] interface mode [Description] Specifies the OSPFv3 associated area for the specified interface. [Note] This command cannot be used if the stack function is enabled. 7.12.
| Command Reference | Layer 3 functions [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows OSPF process information. If the process_id parameter is omitted, information is shown for all currently running OSPF processes. 7.12.
Command Reference | Layer 3 functions | 303 Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source. self-originate Show only the LSAs whose advertisement source is its own router ID. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show ASBR summary LSA information (type 4) in the link state database. 7.12.
| Command Reference | Layer 3 functions [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show network LSA information (type 2) in the link state database. 7.12.72 Show NSSA AS external LSA information in the link state database [Syntax] show ip ospf [process_id] database nssa-external [condition] [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.
Command Reference | Layer 3 functions | 305 [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source. self-originate Show only the LSAs whose advertisement source is its own router ID.
| Command Reference | Layer 3 functions [Description] Shows OSPF neighbor information. 7.12.77 Show OSPF routing table (IPv4) [Syntax] show ip ospf [process_id] route [condition] [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.D Show specified route information. A.B.C.D/M Show route information within the specified network. summary Show the route information summary.
Command Reference | Layer 3 functions | 307 [Input mode] privileged EXEC mode [Description] Restarts the OSPF process, and performs OSPF processing from the beginning. If the process_id parameter is not specified, all OSPF processes are affected. [Note] This command cannot be used if the stack function is enabled. 7.12.
| Command Reference | Layer 3 functions Setting value Description adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source. max-age Show only the LSAs whose link status age is the maximum value (3600 seconds). self-originate Show only the LSAs whose advertisement source is its own router ID. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows LSA information in the link state database matching the specified conditions.
Command Reference | Layer 3 functions | 309 Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source. self-originate Show only the LSAs whose advertisement source is its own router ID. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show Inter-Area-Prefix LSA information (type 3) in the link state database.
| Command Reference | Layer 3 functions Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source. self-originate Show only the LSAs whose advertisement source is its own router ID. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show Intra-Area-Prefix LSA information (type 9) in the link state database.
Command Reference | Layer 3 functions | 311 Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source. self-originate Show only the LSAs whose advertisement source is its own router ID. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show network LSA information (type 2) in the link state database.
| Command Reference | Layer 3 functions [Note] This command cannot be used if the stack function is enabled. 7.12.92 Show OSPF neighbor information (IPv6) [Syntax] show ipv6 ospf [process_id] neighbor [condition] [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.D [detail] Show information for the specified neighbor. If "detail" is specified, detailed information is shown. interface A.B.C.
Command Reference | Layer 3 functions | 313 [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows OSPF virtual link information. [Note] This command cannot be used if the stack function is enabled. 7.12.95 Show OSPF settings and status (IPv6) [Syntax] show ipv6 protocols ospf [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the OSPF settings and status. [Note] This command cannot be used if the stack function is enabled. 7.13 RIP 7.13.
| Command Reference | Layer 3 functions [Keyword] always : Register default route in RIP routing table even if the default route is not held [Initial value] none [Input mode] RIP mode, RIPng mode [Description] Register default route (0.0.0.0/0) in RIP routing table. If "always" is not specified, the default route is registered in the RIP routing table only when that default route is held.
Command Reference | Layer 3 functions | 315 [Parameter] access_list_id : Access list number type : Direction vlan_interface : Setting value Description in in direction out out direction VLAN interface [Initial value] none [Input mode] RIP mode, RIPng mode [Description] Filters the route information between the RIB and RIP routing table. Specify the "in" direction if, within the route information received in the RIP packet, you want to filter routes that are not registered in the RIB.
| Command Reference | Layer 3 functions [Initial value] none [Input mode] RIP mode [Description] Specifies a network address advertised by RIP or the VLAN interface that is associated with that network address. RIP advertises the network that is included in the network address range specified in the direct route. 7.13.
Command Reference | Layer 3 functions | 317 [Description] The specified VLAN interface will only receive RIP packets, and will not transmit RIP packets. However, RIP packets are transmitted to the RIP router that is specified by the neighbor command. 7.13.11 Redistribute external route information to RIP network [Syntax] redistribute kind [metric metric] [Parameter] kind metric : : Type of route Setting value Description connected Directly connected routes are redistributed.
| Command Reference | Layer 3 functions [Parameter] version : <1-2> RIP version [Initial value] version 2 [Input mode] RIP mode [Description] Sets the RIP version. If the ip rip send version command and ip rip receive version command are set, those settings take priority. 7.13.14 Set key chain used for RIPv2 authentication [Syntax] ip rip authentication key-chain key_name [key_name ...] no ip rip authentication key-chain [key_name [key_name ...
Command Reference | Layer 3 functions | 319 no ip rip authentication string [password] [Parameter] password : Authentication password [Initial value] none [Input mode] interface mode [Description] Sets the password used for RIPv2 authentication. 7.13.
| Command Reference | Layer 3 functions 7.13.19 Set RIP version that can be received [Syntax] ip rip receive version version [version] no ip rip receive version [version [version]] [Parameter] version : RIP version Setting value Description 1 RIPv1 packets will be received. 2 RIPv2 packets will be received. [Initial value] None (follow the setting of the "version" command) [Input mode] interface mode [Description] Specifies the RIP version that can be received at the applicable interface.
Command Reference | Layer 3 functions | 321 Setting value Description 1 Transmit RIPv1 packets. 1-compatible Transmit RIPv2 packets to broadcast address. 2 Transmit RIPv2 packets. [Initial value] None (follow the setting of the "version" command) [Input mode] interface mode [Description] Specifies the RIP version that can be transmitted at the applicable interface. The setting of this command takes priority over the setting of the version command. 7.13.
| Command Reference | Layer 3 functions [Description] Specifies whether to disable or enable poison reverse. 7.13.
Command Reference | Layer 3 functions | 323 Setting value Description enable Enable poison reverse. disable Disable poison reverse. [Initial value] ipv6 rip poison-reverse enable [Input mode] interface mode [Description] Specifies whether to disable or enable poison reverse. [Note] This command cannot be used if the stack function is enabled. 7.13.
| Command Reference | Layer 3 functions [Parameter] number : <0-2147483647> Key number [Initial value] none [Input mode] key chain mode [Description] Generates a key for registration in the key chain. Also transitions to key chain key mode in order to specify key information for the key chain. To transition from key chain key mode to global configuration mode, use the exit command. 7.13.
Command Reference | Layer 3 functions | 325 Setting value time date duration infinite Description Date and time at which to stop receiving the key as valid The same format as the above "start" parameter <1-2147483646> Duration during which to accept the key as valid, starting from the time and date specified by the above "start" parameter Unlimited term of validity [Initial value] none [Input mode] key chain key mode [Description] Sets the term in which a key received for use in RIPv2 authentication i
| Command Reference | Layer 3 functions Setting value time date duration infinite Description Date and time at which to stop transmitting the key as valid The same format as the above "start" parameter <1-2147483646> Duration during which to transmit the key as valid, starting from the time and date specified by the above "start" parameter Unlimited term of validity [Initial value] none [Input mode] key chain key mode [Description] Sets the term in which a key is transmitted as valid for use in RI
Command Reference | Layer 3 functions | 327 7.13.34 Clear RIP statistical information [Syntax] clear ip rip statistics [vlan_interface] [Parameter] vlan_interface : VLAN interface [Input mode] privileged EXEC mode [Description] Clears the RIP statistical information. If the vlan_interface parameter is specified, RIP statistical information is cleared only for that VLAN interface. 7.13.
| Command Reference | Layer 3 functions [Input mode] privileged EXEC mode [Description] Shows the RIPng settings and status. [Note] This command cannot be used if the stack function is enabled. 7.13.38 Show RIP routing table (IPv4) [Syntax] show ip rip [Input mode] privileged EXEC mode [Description] Shows the RIP routing table. 7.13.39 Show RIPng routing table (IPv6) [Syntax] show ipv6 rip [Input mode] privileged EXEC mode [Description] Shows the RIPng routing table.
Command Reference | Layer 3 functions | 329 [Note] This command cannot be used if the stack function is enabled. 7.13.42 Show RIP statistical information [Syntax] show ip rip statistics [vlan_interface] [Parameter] vlan_interface : VLAN interface [Input mode] privileged EXEC mode [Description] Shows RIP statistical information. If VLAN interface is specified, the RIP statistical information for the specified VLAN interface is shown. 7.14 VRRP 7.14.
| Command Reference | Layer 3 functions no router ipv6 vrrp vrid ifname [Parameter] vrid : <1-255> Virtual router ID ifname : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Transition to a mode for making VRRP settings. If the applicable virtual router has not been generated, it will be generated. If this command is executed with the "no" syntax, all settings related to the applicable virtual router will be deleted.
Command Reference | Layer 3 functions | 331 7.14.4 Set circuit failover [Syntax] circuit-failover ifname value no circuit-failover ifname value [Parameter] ifname : Name of VLAN interface to be monitored value : <1-253> Value subtracted from the priority order of the virtual router [Initial value] none [Input mode] VRRP mode [Description] Specifies the circuit failover setting.
| Command Reference | Layer 3 functions [Note] This command cannot be used if the stack function is enabled. [Example] Enable the virtual router. SWX3220(config-router)#virtual-router enable 7.14.6 Set preempt mode [Syntax] preempt-mode switch no preempt-mode [Parameter] switch : Preempt mode setting Setting value Description enable Enable preempt mode disable Disable preempt mode [Initial value] preempt-mode enable [Input mode] VRRP mode [Description] Sets preempt mode.
Command Reference | Layer 3 functions | 333 [Input mode] VRRP mode [Description] Set the virtual router's priority order. If the virtual-ip command is set with the "owner" keyword, this cannot be changed from the default value (255). If the virtual-ip command is not set with the "owner" keyword, this can be set in the range of 1-254. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be set only if the virtual router is disabled.
| Command Reference | Layer 3 functions [Keyword] owner : Specify this only if setting the same IPv6 address as the IPv6 address of the VLAN interface specified by the router vrrp command. : X:X::X:X [Parameter] ipv6_address IPv6 address [Initial value] no virtual-ipv6 [Input mode] VRRP mode [Description] Set the virtual IP address. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be set only if the virtual router is disabled.
Command Reference | Layer 3 functions | 335 Operational master IP address: 192.168.100.240 Priority not configured; Current priority: 100 Advertisement interval: 100 centi sec Master Advertisement interval: 100 centi sec Skew time: 60 centi sec Accept mode: FALSE Preempt mode: TRUE Monitored circuit: vlan10, Priority Delta: 30, Status: UP Multicast membership on IPv4 interface vlan1: JOINED V2-Compatible: FALSE 7.14.
| Command Reference | Layer 3 functions [Example] Show statistical information for virtual router #1 of VLAN #1.
Command Reference | Layer 3 functions | 337 7.15.
| Command Reference | Layer 3 functions [Parameter] line : Single-byte alphanumeric characters and single-byte symbols (32characters or less) Route map description text [Initial value] none [Input mode] Route map mode [Description] Sets the route map description text. If this is executed with the "no" syntax, the description is deleted from the route map. [Note] If a description has already been set, any succeeding descriptions will overwrite that description.
Command Reference | Layer 3 functions | 339 SWX3220(config-route-map)#set ip next-hop 10.0.0.1 SWX3220(config-route-map)#exit 7.15.4 Processing content (IPv4 forwarding destination) settings for route map entries [Syntax] set ip next-hop ip_address no set ip next-hop [ip_address] [Parameter] ip_address : A.B.C.D IPv4 address for forwarding [Initial value] none [Input mode] Route map mode [Description] Sets the processing content (IPv4 forwarding destination) for route map entries.
| Command Reference | Layer 3 functions If this command is executed with the "no" syntax, deletes the processing content (IPv6 forwarding destination) for route map entries. [Note] On entries with “set ipv6 next-hop” settings, packets received that match the application parameters (match) will be forwarded to the next hop. However, when the IPv6 address of the next hop does not exist in the ARP cache, packets are forwarded using the usual routing function.
Command Reference | Layer 3 functions | 341 no ip policy route-map [route-map-id] [Parameter] route-map-id : <1-4094> Route map ID [Initial value] none [Input mode] interface mode [Description] This applies the route map for IPv4 to the interface. If this is executed with the "no" syntax, the application of the route map is cleared from the interface. [Note] The types of interfaces to which this can be adapted are as follows.
| Command Reference | Layer 3 functions If this is executed with the "no" syntax, the application of the route map is cleared from the interface. [Note] The types of interfaces to which this can be adapted are as follows. • VLAN interface Route maps that can be applied to an interface include up to one for IPv4 and IPv6 each. If a route map has already been applied, an error will occur. An error will also occur if no valid entries exist. The conditions for valid entries are shown below.
Command Reference | Layer 3 functions | 343 SWX3220(config)#pbr enable 7.15.10 Show route map information [Syntax] show route-map [route-map-id] [Parameter] route-map-id : <1-4094> Rute map ID [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows information for the registered route map. When “route-map-id” has been omitted, information for all route maps will be displayed. [Example] Shows information for all route maps.
| Command Reference | Layer 3 functions match access-list 2 set interface null vlan20 Route Map 200 10 deny match access-list 2001 7.15.12 Show IPv6 PBR information [Syntax] show ipv6 route pbr [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Displays the route map information to be applied as IPv6 for each interface. [Note] Displays all entries of the applied route map (including invalid entries and entries for which the next hop does not exist in the ARP cache).
Command Reference | IP multicast control | 345 Chapter 8 IP multicast control 8.1 IP multicast basic settings 8.1.1 Set IP multicast routing [Syntax] ip multicast-routing no ip multicast-routing [Initial value] no ip multicast-routing [Input mode] global configuration mode [Description] Enables IP multicast routing. If this command is executed with the "no" syntax, the IP multicast routing is disabled. [Example] Enable the IP multicast routing. SWX3220(config)#ip multicast-routing 8.1.
| Command Reference | IP multicast control 8.1.3 Set RFP check unicast routing information [Syntax] ip mroute source/mask [protocol] rpfneighbor [distance] no ip mroute source/mask [protocol] [Parameter] source : IPv4 address of multicast sender (A.B.C.D) mask : <0-32> Number of mask bits protocol : Unicast routing protocol Setting value Description rip Specifies RIP for the unicast routing protocol ospf Specifies OSPF for the unicast routing protocol rpfneighbor : RPF address ( A.B.C.
Command Reference | IP multicast control | 347 If the threshold value for a warning has been set, a warning message will be output when the threshold value has been exceeded. Set the threshold value for warnings to a value equal to or lower than the maximum number of entries for IP multicast routing. If this command is executed with the "no" syntax, the maximum number and threshold value are both 2147483647.
| Command Reference | IP multicast control Incoming interface: vlan2 Outgoing interface list: vlan1 (1) SWX3220#show ip mroute 239.1.1.5 IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (192.168.100.2, 239.1.1.5), uptime 00:02:26, stat expires 00:01:04 Owner PIM-DM, Flags: TF Incoming interface: vlan1 Outgoing interface list: vlan2 (1) SWX3220#show ip mroute 239.1.1.5 192.168.100.
Command Reference | IP multicast control | 349 [Example] Show the information for virtual interfaces used for IP multicasts. SWX3220#show ip mvif Interface Vif Owner TTL Local Remote Uptime Idx Module Address Address vlan1 1 PIM-DM 1 192.168.100.100 0.0.0.0 00:00:05 vlan2 2 PIM-DM 1 192.168.200.100 0.0.0.0 00:38:25 SWX3220#show ip mvif vlan1 Interface Vif Owner TTL Local Remote Uptime Idx Module Address Address vlan1 1 PIM-DM 1 192.168.100.100 0.0.0.0 00:00:44 8.1.
| Command Reference | IP multicast control SWX3220# clear ip mroute 225.1.1.1 8.1.9 Set processing method for unknown multicast frames [Syntax] l2-unknown-mcast mode [Parameter] mode : Sets the processing method for multicast frames Setting value Description discard Discard flood Flood [Initial value] l2-unknown-mcast flood [Input mode] global configuration mode [Description] Specifies the processing method for multicast frames that are not registered in the MAC address table.
Command Reference | IP multicast control | 351 [Note] The link-local multicast address in this command is within the following range. • • IPv4: 224.0.0.0/24 IPv6: ff02::/112 [Example] Frames received on VLAN #1 with the destination IPv4 address 224.0.0.251 are forwarded without discarding them as an unknown multicast. SWX3220(config)#l2-unknown-mcast discard SWX3220(config)#l2-unknown-mcast forward 224.0.0.251 vlan1 8.1.
| Command Reference | IP multicast control [Initial value] ip igmp snooping enable [Input mode] interface mode [Description] Enables the IGMP snooping setting of the interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for VLAN interface. [Example] Enable IGMP snooping for VLAN #2. SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ip igmp snooping enable Disable IGMP snooping for VLAN #2.
Command Reference | IP multicast control | 353 [Initial value] none [Input mode] interface mode [Description] Statically sets the LAN/SFP port to which the multicast router is connected. If this command is executed with the "no" syntax, the setting is discarded. [Note] This command can be specified only for VLAN interface. The multicast router must be connected to the specified LAN/SFP port. If an IGMP report is received from the receiver, it is forwarded to the specified LAN/SFP port.
| Command Reference | IP multicast control [Parameter] interval : <20-18000> Query transmission interval (seconds) [Initial value] ip igmp snooping query-interval 125 [Input mode] interface mode [Description] Sets the transmission interval for IGMP queries. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for VLAN interface. [Example] Set the VLAN #2 query transmission interval to 30 seconds.
Command Reference | IP multicast control | 355 Disnable the TTL value verification function of IGMP packets for VLAN #2. SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ip igmp snooping check ttl disable 8.2.7 Set IGMP version [Syntax] ip igmp snooping version version no ip igmp snooping version [Parameter] version : <2-3> IGMP version [Initial value] ip igmp snooping version 3 [Input mode] interface mode [Description] Sets the IGMP version.
| Command Reference | IP multicast control [Initial value] ip igmp snooping report-suppression enable [Input mode] interface mode [Description] Configures IGMP report suppression. If this command is executed with the "no" syntax, the setting returns to the default. When enabled, the minimum number of messages will be sent to the multicast router ports based on the information obtained from the received Report messages and Leave messages.
Command Reference | IP multicast control | 357 Disables suppression of data transmission to multicast router ports in VLAN #2. SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ip igmp snooping mrouter-port data-suppression disable 8.2.
| Command Reference | IP multicast control Flags: R Uptime: 01:07:10 Group mode: Exclude (Expires: 00:04:13) Last reporter: 192.168.100.11 Source list is empty 8.2.12 Show an interface's IGMP-related information [Syntax] show ip igmp snooping interface ifname [Parameter] ifname : VLAN interface name Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows IGMP-related information for a VLAN interface. [Example] Show IGMP-related information for VLAN #1.
Command Reference | IP multicast control | 359 [Input mode] privileged EXEC mode [Description] Clears IGMP group membership entries. [Example] Clear IGMP group membership entries for VLAN #1. SWX3220#clear ip igmp snooping interface vlan1 8.3 MLD snooping 8.3.
| Command Reference | IP multicast control [Description] Enables MLD snooping fast-leave for the interface. If this is executed with the "no" syntax, MLD snooping fast-leave is disabled. [Note] This command can be specified only for VLAN interfaces. Also, this can be specified only if MLD snooping is enabled. Do not enable this command on a VLAN interface for which multiple hosts are connected to the LAN/SFP port. [Example] Enable MLD snooping fast-leave for VLAN #2.
Command Reference | IP multicast control | 361 [Input mode] interface mode [Description] Enables the MLD query transmission function. If this command is executed with the "no" syntax, the MLD query transmission function is disabled. [Note] This command can be specified only forVLAN interfaces. Also, this can be specified only if MLD snooping is enabled. When using this command, you must specify the ipv6 enable command for one of the VLAN interfaces.
| Command Reference | IP multicast control [Parameter] version : <1-2> MLD version [Initial value] ipv6 mld snooping version 2 [Input mode] interface mode [Description] Sets the MLD version. If this command is executed with the "no" syntax, the MLD version returns to the default setting (V2). [Note] This command can be specified only for VLAN interfaces. Also, this can be specified only if MLD snooping is enabled.
Command Reference | IP multicast control | 363 [Keyword] detail : Detailed information X:X::X:X : Multicast group address ifname : VLAN interface name [Parameter] Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows MLD group membership information. [Example] Show MLD group membership information. SWX3220#show ipv6 mld snooping groups MLD Connected Group Membership Group Address Reporter ff15::1 fe80::a00:27ff:fe8b:87e3 Interface Uptime Expires port1.
| Command Reference | IP multicast control Number of router-ports: 0 Number of Groups: 0 Number of v1-reports: 0 Number of v1-leaves: 0 Number of v2-reports: 12 Active Ports: port1.8 8.3.
Command Reference | IP multicast control | 365 [Description] When dense-mode is specified, this enables PIM-DM; and when sparse-mode is specified, this enables PIM-SM for the applicable interface. If this command is executed with the "no" syntax, the function is disabled. The same operation mode must be used on all VLAN interfaces. When specifying a passive interface, multicast packets will be forwarded, but PIM messages will not be transmitted or received.
| Command Reference | IP multicast control [Parameter] time : <1-65535> ( seconds ) [Initial value] none [Input mode] interface mode [Description] Sets the timeout interval for Hello messages received on applicable interfaces where PIM-SM and PIM-DM are enabled. If this command is executed with the "no" syntax, the setting returns to the default. The default value is (Hello Period x 3.5).
Command Reference | IP multicast control | 367 8.4.5 Set Generation ID [Syntax] ip pim exclude-genid no ip pim exclude-genid [Initial value] none [Input mode] interface mode [Description] Configures the Hello message not to include the GenID (Generation ID). If this command is executed with the "no" syntax, includes the GenID in the PIM Hello message. [Example] Configure the Hello message not to include the GenID. SWX3220(config)#interface vlan2 SWX3220(config-if)#ip pim exclude-genid 8.4.
| Command Reference | IP multicast control [Initial value] none [Input mode] global configuration mode [Description] Statically sets the rendezvous point (RP). If this command is executed with the "no" syntax, deletes static RP information. [Note] Multiple static RPs can be registered. Also, both static RP and Bootstrap Router (BSR) mechanisms can be used together.
Command Reference | IP multicast control | 369 [Note] If both the RP that was learned by the BSR and the static RP exist simultaneously, the RP that was learned by the BSR is given priority for use. If there are multiple RPs that were learned by the BSR, the RP is selected using the RP priority and hash function. If multiple static RPs exist, the RP with the largest IP address is selected as the RP.
| Command Reference | IP multicast control [Description] Enables operations as a candidate bootstrap router (C-BSR), using the IP address configured for the interface. The BSR performs mapping of the multicast group and rendezvous point (RP). The higher the BSR priority, the greater the likelihood of selection as a BSR. If this command is executed with the "no" syntax, disables operations as a C-BSR.
Command Reference | IP multicast control | 371 [Parameter] address : Register message source IP address (A.B.C.D) ifname : Interface name. The IP address of the specified interface will be used as the source IP address for Register messages. [Initial value] none [Input mode] global configuration mode [Description] Explicitly specifies the source IP address for Register messages. When specifying, the IP address of the default RPF interface will be overwritten.
| Command Reference | IP multicast control [Parameter] limit : <1-65535> The upper limit for the number of packets that can be transmitted within 1 second. [Initial value] none [Input mode] global configuration mode [Description] For interfaces on which PIM-SM is enabled, this specifies the upper limit for the number of Register message packets that can be transmitted within 1 second. If this command is executed with the "no" syntax, cancels the limitation.
Command Reference | IP multicast control | 373 Register message transmission standby time (seconds.) [Initial value] ip pim register-suppression 60 [Input mode] global configuration mode [Description] Sets the Register Suppression Timeout time before resending a Register message after receiving a Register-Stop message. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | IP multicast control [Description] Sets the (S, G) entry Keepalive Timer (KAT) on the rendezvous point (RP). When the number of seconds on the KAT have elapsed after data traffic has stopped, the Join status on the (S, G) entries is deleted. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | IP multicast control | 375 [Input mode] global configuration mode [Description] Enables the PIM-SSM (Source Specific Multicast). When "default" is specified, 232.0.0.0/8 is used for the SSM range, and the standard IPv4 access list can be used to specify the desired SSM range. If this command is executed with the "no" syntax, disables PIM-SSM and deletes the settings for the SSM range.
| Command Reference | IP multicast control [Input mode] interface mode [Description] Sets the Graft message maximum resend count for applicable interfaces on which PIM-DM is enabled. If this command is executed with the "no" syntax, messages continue to be resent until a Graft Ack message is received. [Example] Set the Graft message maximum resend count to 5. SWX3220(config)# interface vlan2 SWX3220(config-if)# ip pim graft-retransmit 5 8.4.
Command Reference | IP multicast control | 377 8.4.26 Set confirmation for RP-reachability messages [Syntax] ip pim register-rp-reachability no ip pim register-rp-reachability [Initial value] none [Input mode] global configuration mode [Description] Enables checking of RP-reachability messages. If this command is executed with the "no" syntax, RP-reachability messages will not be checked. [Example] Enable checking of RP-reachability messages. SWX3220(config)#ip pim register-rp-reachability 8.4.
| Command Reference | IP multicast control vlan110 (vif 0): Address 192.168.110.2, Mode: Dense DR N/A Hello period 30 seconds, Next Hello in 4 seconds Triggered Hello period 5 seconds PIM GenID sent in Hellos: 68e2d99a Graft retransmissions: infinite State refresh origination interval is 3 seconds Propagation delay is 500 milli-seconds Neighbors: 192.168.110.1 PIM neighbor count: 1 PIM configured DR priority: 1 PIM border interface: no PIM Neighbor policy: not configured vlan130 (vif 2): Address 192.
Command Reference | IP multicast control | 379 8.4.28 Show IP multicast routing information base [Syntax] show ip pim mroute [group] [source] [detail] [Keyword] detail : Shows detailed information group : Multicast group address (A.B.C.D; only when PIM-SM is used) source : Source IPv4 address (A.B.C.D; only when PIM-SM is used) [Parameter] [Initial value] none [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IP multicast routing information base.
| Command Reference | IP multicast control Local Joined Asserted Outgoing ................................ ................................ ................................ ..o............................. (192.168.30.100, 239.0.0.1, rpt) RP: 192.168.120.1 RPF nbr: 192.168.110.1 RPF idx: vlan110 Upstream State: NOT PRUNED Local ................................ Pruned ................................ Outgoing ..o.............................
Command Reference | IP multicast control | 381 [Description] Shows the PIM neighbor information. [Example] Show the PIM neighbor information when PIM-DM is in operation. SWX3220#show ip Neighbor Address 192.168.110.1 192.168.130.2 pim neighbor Interface Uptime/Expires Ver vlan110 vlan130 02:14:48/00:01:28 00:37:50/00:01:27 v2 v2 DR Priority/Mode N / N / Show the detailed PIM neighbor information when PIM-DM is in operation. SWX3220#show ip pim neighbor detail Nbr 192.168.110.
| Command Reference | IP multicast control 192.168.120.1 192.168.130.1 192.168.130.2 .RS. .R.. N..U 1 1 0 192.168.110.1 0.0.0.0 0.0.0.0 410 430 -1 vlan110 20 vlan130 3 -1 8.4.31 Show RP information [Syntax] show ip pim rp mapping [Initial value] none [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the rendezvous point (RP) information. [Example] Shows the static rendezvous point (RP) information. SWX3220#show ip pim rp mapping PIM Group-to-RP Mappings Group(s): 238.0.
Command Reference | IP multicast control | 383 8.4.33 Show BSR information [Syntax] show ip pim bsr-router [Initial value] none [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the bootstrap router (BSR) information. [Example] Show the BSR information (during non-BSR operations). SWX3220#show ip pim bsr-router PIMv2 Bootstrap information BSR address: 192.168.120.
| Command Reference | IP multicast control [Parameter] type : Specifies the action for the IGMP Setting value Description enable Enable the IGMP disable Disable the IGMP [Initial value] ip igmp disable [Input mode] interface mode [Description] Enables IGMP on the applicable interface, even when multicast routing protocols such as PIM are not in effect. When multicast routing protocols are in effect, IGMP will be enabled regardless of the settings for this command.
Command Reference | IP multicast control | 385 [Parameter] time : <1-18000> General Membership Query transmission interval (second) [Initial value] ip igmp query-interval 125 [Input mode] interface mode [Description] Sets the transmission interval for General Membership Query (Query Interval) on the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | IP multicast control [Initial value] ip igmp last-member-query-interval 1000 [Input mode] interface mode [Description] Sets the interval for transmitting Group-Specific Membership Queries (Last Member Query Interval) on the applicable interface, after receiving a Leave Group message. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | IP multicast control | 387 [Description] Sets the standby time on the applicable interface after which other queriers stop query transmission and inherit querier operations (Other Querier Present Interval). If this command is executed with the "no" syntax, the setting returns to the default. The default setting is Other Querier Present Interval = (Robustness Variable x Query Interval) + (Query Response Time x 0.5).
| Command Reference | IP multicast control [Note] When fast-leave is enabled, the entry for IGMP group membership are deleted immediately after the IGMPv2 Leave Group message is received. If there are multiple multicast receivers on the VLAN, fast-leave should not be enabled. [Example] Enable fast-leave for multicast groups on VLAN #2 within the range of 225.192.20.0 to 225.192.20.255.
Command Reference | IP multicast control | 389 [Description] Applies the IPv4 access list to the applicable interface, and limits membership to which multicast receivers may join. If this command is executed with the "no" syntax, cancels the limitations on a multicast group. [Note] The IPv4 access list should be set to allow (permit) the multicast group that will be added. [Example] Limit the range of multicast groups that can join within 225.2.0.0 to 225.2.255.255.
| Command Reference | IP multicast control [Parameter] group : Multicast group address (A.B.C.D) source : IPv4 address of a multicast sender (A.B.C.D) [Initial value] none [Input mode] interface mode [Description] Registers IGMP group membership static entries for the applicable interface. If this command is executed with the "no" syntax, delete entries. [Note] The IP address of the multicast sender can be specified only when using IGMPv3.
Command Reference | IP multicast control | 391 8.5.15 Set SSM mapping static entry [Syntax] ip igmp ssm-map static listnum source no ip igmp ssm-map static listnum source [Parameter] listnum : <1-2000> ID of IPv4 access list source : The IPv4 address of a multicast sender (A.B.C.D) [Initial value] none [Input mode] global configuration mode [Description] Sets the static entries for IGMP SSM mapping.
| Command Reference | IP multicast control Disable the multicast routing protocol on the interfaces that will use the IGMP proxy function. Multiple downstream interfaces can be specified for a single upstream interface. [Example] Set VLAN #2 as an IGMP proxy downstream interface, and set VLAN #3 as an IGMP upstream interface. SWX3220(config)#interface vlan2 SWX3220(config-if)#ip igmp mroute-proxy vlan3 8.5.
Command Reference | IP multicast control | 393 [Example] Show the multicast group information for all interfaces. SWX3220#show ip igmp groups detail IGMP Connected Group Membership Details Flags: (M - SSM Mapping, R - Remote, L - Local, SG - Static Group, SS - Static Source) Interface: vlan1 Group: 224.1.1.1 Flags: L Uptime: 00:00:04 Group mode: Exclude (Expires: 00:04:15, Static) Last reporter: 3.3.3.
| Command Reference | IP multicast control [Example] Show the IGMP SSM map information. SWX3220#show ip igmp ssm-mapping SSM Mapping: Enabled Database: Static mappings configured Show IGMP SSM map information for multicast group 232.1.1.4. SWX3220#show ip igmp ssm-map 232.1.1.4 Group address: 232.1.1.4 Database : Static Source list : 172.16.8.5 : 172.16.8.6 8.5.
Command Reference | IP multicast control | 395 group : Multicast group address ( A.B.C.D ) "*" indicates all entries ifname : Interface name [Input mode] privileged EXEC mode [Description] Clears IGMP group membership entry [Note] IGMP group membership that was statically registered will not be deleted. [Example] Delete the IGMP group membership entries for multicast group 224.1.1.1. SWX3220#clear ip igmp group 224.1.1.
| Command Reference | Traffic control Chapter 9 Traffic control 9.1 ACL 9.1.1 Generate IPv4 access list [Syntax] access-list ipv4-acl-id [seq_num] action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg] no access-list ipv4-acl-id [seq_num] [action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg]] [Keyword] ack : If tcp is specified as the protocol, the ACK flag of the TCP header is specified as a condition.
Command Reference | Traffic control | 397 Setting value src-port : Description A.B.C.D E.F.G.H Specifies an IPv4 address (A.B.C.D) with wildcard bits (E.F.G.H) A.B.C.D/M Specifies an IPv4 address (A.B.C.D) with subnet mask length (Mbit) host A.B.C.D Specifies a single IPv4 address (A.B.C.D) any Applies to all IPv4 addresses <0-65535> If protocol is specified as tcp or udp, this specifies the transmission source port number <0-65535> that is the condition. This can also be omitted.
| Command Reference | Traffic control [Example] Create access list #1 that denies communication from the source segment 192.168.1.0/24 to the destination 172.16.1.1. SWX3220(config)#access-list 1 deny any 192.168.1.0 0.0.0.255 host 172.16.1.1 Delete IPv4 access list #1. SWX3220(config)#no access-list 1 9.1.
Command Reference | Traffic control | 399 [Input mode] interface mode [Description] Applies an IPv4 access list to both LAN/SFP port and logical interface. If the received/transmitted frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the corresponding frame. If this command is executed with the "no" syntax, the applied access list is deleted from both LAN/SFP port and logical interface.
| Command Reference | Traffic control [Input mode] global configuration mode [Description] Generates an IPv6 access list. Multiple conditions (maximum 768) can be specified for the generated access list. To apply the generated access list, use the access-group command of interface mode. If the "no" syntax is used to specify "action" and following, the IPv6 access list that matches all conditions is deleted.
Command Reference | Traffic control | 401 no access-group ipv6-acl-id direction [Parameter] ipv6-acl-id : <3001-4000> ID of IPv6 access list to apply direction : Specifies the direction of applicable frames Setting value Description in Apply to received frames out Apply to transmitted frames [Initial value] none [Input mode] interface mode [Description] Applies an IPv6 access list to both LAN/SFP port and logical interface.
| Command Reference | Traffic control Setting value src-info : Description deny "Deny" the condition permit "Permit" the condition Specifies the transmission-source MAC address information that is the condition Setting value dst-info : Description HHHH.HHHH.HHHH WWWW.WWWW.WWWW Specifies the MAC address (HHHH.HHHH.HHHH) with wildcard bits (WWWW.WWWW.WWWW) host HHHH.HHHH.HHHH Specifies an individual MAC address (HHHH.HHHH.
Command Reference | Traffic control | 403 [Parameter] mac-acl-id : <2001-3000> ID of the MAC access list to which to add a description line : Description to add. Can be up to 32 ASCII characters [Initial value] none [Input mode] global configuration mode [Description] Add a description to the generated MAC access list. If this command is executed with the "no" syntax, the MAC description is cleared.
| Command Reference | Traffic control [Example] Apply access list #2001 to received frames of LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#access-group 2001 in 9.1.10 Show generated access list [Syntax] show access-list [acl_id] [Parameter] acl-id : <1-2000>, <2001-3000>, <3001-4000> ID of access list [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the registered access list. If acl-id is omitted, all access lists are shown.
Command Reference | Traffic control | 405 [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] For each interface, shows the ID of all access lists that are applied. [Example] Show a list. SWX3220>show access-group Interface port1.1 : IPv4 access group 1 in Interface port1.7 : IPv6 access group 3002 in Interface port1.8 : MAC access group 2001 in 9.1.
| Command Reference | Traffic control If this command is executed with the "no" syntax, the specified access list is deleted from the corresponding VLAN access map. [Note] Only one access list can be specified for one VLAN access map. You can use the show vlan access-map command to view the setting. [Example] Create a VLAN access map named "VAM001", and specify an access list that denies packets from 192.168.0.1. SWX3220(config)#access-list 2 deny any 192.168.0.
Command Reference | Traffic control | 407 9.1.16 Show VLAN access map [Syntax] show vlan access-map [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the registered VLAN access map. The following items are shown. • • Name of the VLAN access map Access list applied to VLAN access map [Example] Show VLAN access map information. SWX3220>show vlan access-map Vlan access-map VAM001 match ipv4 access-list 2 9.1.
| Command Reference | Traffic control [Input mode] global configuration mode [Description] Enables QoS. If this is executed with the "no" syntax, QoS is disabled. At this time, the related QoS settings are also deleted. [Note] If the flow control system setting is enabled, it is not possible to enable QoS. Many of the commands related to QoS cannot be executed unless QoS is left enabled. [Example] Enable QoS. SWX3220(config)#qos enable Disable QoS. SWX3220(config)#qos disable 9.2.
Command Reference | Traffic control | 409 [Parameter] mode : Trust mode Setting value Description cos Determines the egress queue based on the CoS value dscp Determines the egress queue based on the DSCP value port-priority Applies the specified priority to the receiving port [Initial value] qos trust cos [Input mode] interface mode [Description] Specifies the trust mode of LAN/SFP port and logical interface.
| Command Reference | Traffic control 9.2.4 Show status of QoS function setting [Syntax] show qos [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the enabled (Enable) or disabled (Disable) status of the QoS function. [Example] Show the status of the system's QoS setting. SWX3220#show qos Enable 9.2.5 Show QoS information for interface [Syntax] show qos interface [ifname] [Parameter] ifname : Name of the LAN/SFP port or logical interface.
Command Reference | Traffic control | 411 Port Default CoS Priority: 0 Egress Traffic Shaping: Rate 30016 Kbps, Burst 1876 KByte Queue Scheduling: Queue0 : Weight 1 Queue1 : Weight 1 Queue2 : Weight 2 Queue3 : Weight 5 Queue4 : Weight 5 Queue5 : Weight 5 Queue6 : SP Queue7 : SP ( 5.3%) ( 5.3%) (10.5%) (26.3%) (26.3%) (26.3%) Cos (Queue): 0(2), 1(0), 2(1), 3(3), 4(4), 5(5), 6(6), 7(7) Special Queue Assignment: Sent From CPU: Queue7 Show the QoS settings of LAN port #1.
| Command Reference | Traffic control SWX3220#show qos queue-counters port1.1 QoS: Enable Interface port1.1 Queue Counters: Queue 0 59.4 % Queue 1 15.0 % Queue 2 0.0 % Queue 3 0.0 % Queue 4 0.0 % Queue 5 3.6 % Queue 6 0.0 % Queue 7 0.1 % 9.2.
Command Reference | Traffic control | 413 9.2.8 Set DSCP - egress queue ID conversion tabl [Syntax] qos dscp-queue dscp-value queue-id no qos dscp-queue dscp-value [Parameter] dscp-value : <0-63> DSCP value of the conversion source queue-id : <0-7> Egress queue ID corresponding to DSCP value [Initial value] See [Note] [Input mode] global configuration mode [Description] Specifies the values of the DSCP - egress queue ID conversion table that is used to determine the egress queue.
| Command Reference | Traffic control [Input mode] interface mode [Description] Specifies the priority (egress queue ID) for the receiving interface to LAN/SFP port and logical interface. If this is executed with the "no" syntax, the egress queue ID for the specified interface is returned to the default setting (2). The port priority is used to determine the egress queue when the trust mode is set to "port priority." [Note] In order to execute this command, QoS must be enabled.
Command Reference | Traffic control | 415 [Input mode] global configuration mode [Description] Generates a class map. A class map defines the conditions used to classify received frames into traffic classes, and consists of conditions defined by the match command and the corresponding action (permit/deny).Class map actions are handled as follows. Class map actions are handled as follows.
| Command Reference | Traffic control • • • Permit traffic from the 10.1.0.0 network Categorize bandwidth classes as CIR:48kbps, CBS:12kbyte, and EBS:12kbyte Green: forward, Yellow: rewrite DSCP value to 10, Red: discard [Traffic class definition] SWX3220(config)#access-list 1 permit any 10.1.0.0 0.0.255.
Command Reference | Traffic control | 417 [Input mode] class map mode [Description] Uses the CoS value of the VLAN tag header as the condition to classify the traffic class. If this is executed with the "no" syntax, the CoS condition setting is deleted. The setting can be repeated up to the maximum number (eight) of registrations. [Note] In order to execute this command, QoS must be enabled. [Example] Specify CoS values "1" and "2" as the classification conditions for class map "class1.
| Command Reference | Traffic control [Note] In order to execute this command, QoS must be enabled. [Example] Specify DSCP values "48" and "56" as the classification conditions for class map "class1." SWX3220(config)#class-map class1 SWX3220(config-cmap)#match ip-dscp 48 56 9.2.
Command Reference | Traffic control | 419 [Description] Uses the VLAN ID as the condition to classify the traffic class. If this is executed with the "no" syntax, the classification conditions using VLAN ID are deleted. The setting can be repeated up to the maximum number (30) of registrations. [Note] In order to execute this command, QoS must be enabled. [Example] Specify VLAN #20 as the classification conditions for class map "class1".
| Command Reference | Traffic control Section Item Description Classification conditions (match) Match Access-List Access list ID Match ethertype Ethernet Type Match vlan VLAN ID Match vlan-range • • Match CoS CoS value Match IP precedence TOS precedence Match IP DSCP DSCP value The classification condition is shown only once for each type that is specified. A classification condition for which a corresponding command (match) is not set will not be shown.
Command Reference | Traffic control | 421 SWX3220(config)#access-list 1 permit any 10.1.0.0 0.0.255.255 any SWX3220(config)#class-map class1 SWX3220(config-cmap)#match access-list 1 SWX3220(config-cmap)#exit [Policy settings] SWX3220(config)#policy-map policy1 SWX3220(config-pmap)#class class1 SWX3220(config-pmap-c)#police 48 12 12 yellow-action remark red-action drop SWX3220(config-pmap-c)#remark-map yellow ip-dscp 10 SWX3220(config-pmap-c)#exit SWX3220(config-pmap)#exit SWX3220(config)#interface port1.
| Command Reference | Traffic control [Example] Apply policy map "policy1" to LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#service-policy input policy1 Remove policy map "policy1" from LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#no service-policy input policy1 9.2.
Command Reference | Traffic control | 423 [Description] Changes the value of the IP header's TOS precedence field of the classified traffic class to the specified TOS value. In addition, reassign the egress queue according to the egress queue ID table that corresponds to the trust mode. If this is executed with the "no" syntax, pre-marking processing of the TOS precedence corresponding to the traffic class is removed. [Note] In order to execute this command, QoS must be enabled.
| Command Reference | Traffic control [Example] Make the following settings for received frames of LAN port #1 • • Permit traffic from the 10.1.0.0 network Change the classified traffic class to the DSCP value "10." [Traffic class definition] SWX3220(config)#access-list 1 permit any 10.1.0.0 0.0.255.
Command Reference | Traffic control | 425 If this is executed with the "no" syntax, metering/policing/remarking processing is deleted. This cannot be used in conjunction with the aggregate policer (police-aggregate command). [Note] In order to execute this command, QoS must be enabled. Metering cannot be performed on the following logical interfaces. A policy map that includes metering (policer) settings (police-type commands) must not be applied.
| Command Reference | Traffic control [Description] Specifies individual policers (twin rate) for the categorized traffic classes. If the setting was already made by the police command, its content is changed. Metering on the SWX3220 is implemented as a single-rate three-color marker (RFC2697), and the following processing can be specified for the categorized bandwidth classes.
Command Reference | Traffic control | 427 Setting value value : Description cos CoS remarking ip-precedence TOS precedence remarking ip-dscp DSCP remarking <0 - 7> CoS or TOS precedence remarking value : <0 - 63> DSCP remarking value [Input mode] policy map class mode [Description] Specifies remarking operations for bandwidth classes Yellow and Red that were classified by individual policers.
| Command Reference | Traffic control 9.2.29 Generate aggregate policer [Syntax] aggregate-police name no aggregate-police name [Parameter] name : Name of aggregate policer (maximum 20 characters; uppercase and lowercase are distinguished) [Input mode] global configuration mode [Description] Generates an aggregate policer. If the policer has already been generated, this command edits its content.
Command Reference | Traffic control | 429 Setting value Operation transmit Forward drop Discard remark Remarking (CoS/TOS/DSCP) [Input mode] aggregate policer mode [Description] Specifies a single rate policer as an aggregate policer. If this is executed with the "no" syntax, metering/policing/remarking processing is deleted. Metering on the SWX3220 is implemented as a single-rate three-color marker (RFC2697), and the following processing can be specified for the categorized bandwidth classes.
| Command Reference | Traffic control PBS : <11 - 2097120> Burst size of peak token bucket (kbyte) action : Operation for packets categorized by bandwidth class Setting value Operation transmit Forward drop Discard remark Remarking (CoS/TOS/DSCP) [Input mode] aggregate policer mode [Description] Specifies a twin rate policer as an aggregate policer. If this is executed with the "no" syntax, metering/policing/remarking processing is deleted.
Command Reference | Traffic control | 431 Setting value type : Description yellow Make remarking settings for bandwidth class Yellow red Make remarking settings for bandwidth class Red Type of remarking Setting value value : Description cos CoS remarking ip-precedence TOS precedence remarking ip-dscp DSCP remarking <0 - 7> CoS or TOS precedence remarking value : <0 - 63> DSCP remarking value [Input mode] aggregate policer mode [Description] Specifies remarking operations for bandwidth c
| Command Reference | Traffic control 9.2.33 Show aggregate policers [Syntax] show aggregate-police [name] [Parameter] name : Aggregate policer name. If this is omitted, the command applies to all aggregate policers. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the contents of an aggregate policer. The contents shown are the same as in the police section shown by the show classmap command. [Note] In order to execute this command, QoS must be enabled.
Command Reference | Traffic control | 433 action drop SWX3220(config-agg-policer)#remark-map yellow ip-dscp 10 SWX3220(config-agg-policer)#exit [Set policy] SWX3220(config)#policy-map policy1 SWX3220(config-pmap)#class class1 SWX3220(config-pmap-c)#police-aggregate AGP-01 SWX3220(config-pmap-c)#exit SWX3220(config-pmap)#class class2 SWX3220(config-pmap-c)#police-aggregate AGP-01 SWX3220(config-pmap-c)#exit SWX3220(config-pmap)#exit SWX3220(config)#interface port1.
| Command Reference | Traffic control [Parameter] ifname : LAN/SFP port name or logical interface name. If this is omitted, the command applies to all ports. [Input mode] privileged EXEC mode [Description] Clears the metering totals for all policers (individual policers / aggregate policers) on the specified LAN/SFP port or logical interface. [Note] In order to execute this command, QoS must be enabled. [Example] Clear the metering totals for LAN port #1. SWX3220#clear qos metering-counter port1.
Command Reference | Traffic control | 435 9.2.38 Set egress queue (DSCP-Queue) [Syntax] set ip-dscp-queue value no set ip-dscp-queue [Parameter] value : <0 - 63> DSCP value corresponding to egress queue [Input mode] policy map class mode [Description] Assigns an egress queue to the classified traffic class. Use the DSCP value to specify the egress queue; the egress queue that is assigned is based on the "DSCP-egress queue ID conversion table.
| Command Reference | Traffic control Item Description Class-Map Name Class map information. For details, refer to the show classmap command.
Command Reference | Traffic control | 437 Policy-Map Name: policy1 State: attached Class-Map Name: class1 Qos-Access-List Name: 1 Police: Mode: SrTCM average rate (48 Kbits/sec) burst size (12 KBytes) excess burst size (12 KBytes) yellow-action (Remark [DSCP:10]) red-action (Drop) 9.2.
| Command Reference | Traffic control attach limitation CoS trust mode : Enable DSCP trust mode : Enable Port-Priority trust mode : Disable Show the status of class map "class1". SWX3220#show qos map-status class class1 class1 status policy-map association : policy1 (Detached) edit/erase : Disable attach limitation CoS trust mode : Enable DSCP trust mode : Enable Port-Priority trust mode : Disable 9.2.
Command Reference | Traffic control | 439 SWX3220(config)#qos wrr-weight 1 1 SWX3220(config)#qos wrr-weight 0 1 9.2.42 Set traffic shaping (individual port) [Syntax] traffic-shape rate kbps CIR burst BC no traffic-shape rate [Parameter] CIR : <18-10000000> Traffic rate (kbps). Due to rounding, the actual value applied may differ from the input value (see [note]) BC : <16-16000> Burst size (kbyte). Specified in 4 kbyte units.
| Command Reference | Traffic control no traffic-shpe queue 4 rate no traffic-shpe queue 5 rate no traffic-shpe queue 6 rate no traffic-shpe queue 7 rate [Input mode] interface mode [Description] Specifies shaping for the transmission queue of the port. If this command is executed with the "no" syntax, the egress queue shaping setting is disabled. [Note] In order to execute this command, QoS must be enabled. Due to the rounding of traffic rates, the actual value applied may differ from the input value.
Command Reference | Traffic control | 441 9.3.2 Set flow control (IEEE 802.3x PAUSE send/receive) (interface) [Syntax] flowcontrol type no flowcontrol [Parameter] type : Flow control operation Setting value Description auto Enable flow control auto negotiation both Enable transmission/reception of Pause frames disable Disable flow control [Initial value] flowcontrol disable [Input mode] interface mode [Description] Enables flow control for the LAN/SFP port (IEEE 802.3x PAUSE frames send/receive).
| Command Reference | Traffic control [Description] Shows information related to flow control (enabled/disabled, number of PAUSE frames sent/received). [Note] The number of PAUSE frames sent and received are shown only if flow control is enabled on the corresponding port. The number of PAUSE frames sent and received is cleared when you execute the clear frame-counters command. [Example] Show flow control information for LAN port #1. SWX3220#show flowcontrol port1.
Command Reference | Traffic control | 443 [Example] Enable broadcast storm control and multicast storm control for LAN port #1, and set the threshold value to 30%. SWX3220(config)#interface port1.1 SWX3220(config-if)#storm-control broadcast multicast level 30 9.4.
| Command Reference | Application Chapter 10 Application 10.1 DHCP server 10.1.1 Set the DHCP server function (system) [Syntax] dhcp-server switch no dhcp-server [Parameter] switch : Behavior DHCP server function Setting value Description enable Enable the DHCP server function disable Disable the DHCP server function [Initial value] dhcp-server disable [Input mode] global configuration mode [Description] Configures the operations of the DHCP server function for the entire system.
Command Reference | Application | 445 [Input mode] interface mode [Description] Configures the operations for the DHCP server of the applicable interface. This can only be set for VLAN interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] To enable the DHCP server function, you must enable the DHCP server function for the entire system in addition to using this command.
| Command Reference | Application no dhcp pool pool_name [Parameter] pool_name : DHCP pool name Single-byte alphanumeric characters and single-byte symbols(31 characters or less) [Initial value] none [Input mode] global configuration mode [Description] Moves to DHCP mode to configure the DHCP pool settings. In DHCP mode, this configures the settings for the DHCP pool name specified by this command. If this command is executed with the "no" syntax, the setting value is deleted.
Command Reference | Application | 447 The "Subnet Mask" DHCP option (option code 1) notified to the client uses the value for this command. [Example] Set the 192.168.100.0/24 network part in the applicable "pool_vlan1" DHCP pool. SWX3220(config)#dhcp pool pool_vlan1 SWX3220(config-dhcp)#network 192.168.100.0/24 10.1.6 Set range of IP addresses to be assigned [Syntax] range start_ip_address [end_ip_address] no range [start_ip_address [end_ip_address]] [Parameter] start_ip_address : A.B.C.
| Command Reference | Application MAC address of cliant [Initial value] none [Input mode] DHCP mode [Description] Sets the IP address to assign to a client in the applicable DHCP pool that has a specific MAC address. The addresses to assign must be within the network specified by the network command. The maximum bind host command setting is the 4096 for the total number of bind host commands for all pools. The same IP address cannot be specified for multiple MAC addresses within a single pool.
Command Reference | Application | 449 SWX3220(config-dhcp)#lease 0 6 0 10.1.9 Settings for duplication checks of leased IP addresses [Syntax] probe switch no probe [Parameter] switch : Operations for duplication checks of leased IP addresses Setting value Description enable Enables duplication checks disable Disables duplication checks [Initial value] probe enable [Input mode] DHCP mode [Description] Sets duplication checks of leased IP addresses for the applicable DHCP pool.
| Command Reference | Application 10.1.11 Default gateway address notification setting [Syntax] default-router ip_address no default-router [ip_address] [Parameter] ip_address : A.B.C.D IP address [Initial value] none [Input mode] DHCP mode [Description] Sets the IP address to notify as a default gateway from the applicable DHCP pool. The specified address must be within the network specified by the network command. Up to eight addresses can be set.
Command Reference | Application | 451 [Example] Sets 192.168.100.1 for the DNS to notify. SWX3220(config-dhcp)#dns-server 192.168.100.1 10.1.13 Domain name settings for notification [Syntax] domain-name domain_name no domain-name [Parameter] domain_name : Domain name Single-byte alphanumeric characters and single-byte symbols(127 characters or less) [Initial value] none [Input mode] DHCP mode [Description] Sets the domain name for the applicable DHCP pool.
| Command Reference | Application 10.1.15 Settings for the server on which the boot file is located [Syntax] next-server ip_address no next-server [Parameter] ip_address : A.B.C.D IP address [Initial value] none [Input mode] DHCP mode [Description] Configures the server on which the boot file is located for the applicable DHCP pool. If this command is executed with the "no" syntax, the setting value is deleted. [Example] Set 192.168.100.1 on the server on which the boot file is located.
Command Reference | Application | 453 4-octet integer 0..4294967295 IP address IP address Array of IP addresses IP addresses delimited by commas (Max eight) Text string Text string (Single-byte alphanumeric characters and singlebyte symbols, max 127 characters) Switches "on", "off", "1", or "0" The available options are shown below.
| Command Reference | Application Option number / Mnemonics that can be used with a command Option type 33/static_route Array of IP addresses :An even number of IP addresses must be set, consisting of a combination of destination address and router address 34/trailer_encapsulation Switches 35/arp_cache_timeout 4-octet integer 36/ethernet_encapsulation Switches 37/tcp_default_ttl 1-octet integer 38/tcp_keepalive_interval 4-octet integer 39/tcp_keepalive_garbage Switches 40/nis_domain Tex
Command Reference | Application | 455 SWX3220(config-dhcp)#option time_server 192.168.100.240 10.1.17 Show information of DHCP pool [Syntax] show dhcp pool [pool_name] [Parameter] pool_name : Pool name Pool name to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows information of DHCP pool. When POOL_NAME is specified, only the information for the specified POOL_NAME will be shown. The following items are shown.
| Command Reference | Application [Description] Shows IP address assignment information for DHCP clients. When POOL_NAME is specified, only the information for the specified POOL_NAME will be shown. The following items are shown. • • • • • • • DHCP pool name Network address Assigned IP addresses MAC address of the assigned client Type (dynamic assignment or static assignment) Lease finish time HostName [Note] IP addresses set as static assignments will always be displayed with this command.
Command Reference | Application | 457 [Description] Deletes the lease information (IP address assignment information) on the DHCP server. [Note] The DHCP server must be stopped when executing this command. Use the show dhcp server command to check the DHCP boot status. [Example] This deletes the lease information. SWX3220#clear dhcp-server lease 10.2 DHCP relay 10.2.
| Command Reference | Application [Input mode] interface mode [Description] Specifies the forwarding address for the DHCP relay agent function on the applicable interface. This can only be set for VLAN interface. The DHCP packets received on the configured VLAN interface will be forwarded to the specified IPv4 address. If this command is executed with the "no" syntax, the setting returns to the default. [Note] For VLAN interface, the IPv4 address must be specified.
Command Reference | Application | 459 [Description] Shows the status of the DHCP relay agent. The following items are shown. • • • • • DHCP relay agent boot status The interface on which the DHCP relay agent has been started.
| Command Reference | Application [Parameter] switch : DNS relay function operation Setting value Description enable Enable the DNS relay function disable Disable the DNS relay function [Initial value] dns-forwarding disable [Input mode] interface mode [Description] Specifies the forwarding address for the DNS relay function on the applicable interface. This can only be set for VLAN interface.
Command Reference | Application | 461 If this command is executed with the "no" syntax, the specified server is deleted from the forwarding destination addresses of the DNS relay function. [Note] The domain name is referenced as the best match for the latter portion. For example, if rtpro.yamaha.co.jp is specified as 192.168.100.2, and yamaha.co.jp is specified as 192.168.100.3, then rtpro.yamaha.co.jp is forwarded to 192.168.100.2 and network.yamaha.co.jp is forwarded to 192.168.100.3.
| Command Reference | Application 10.3.6 Set DNS relay function static record [Syntax] dns-forwarding static-host host address [time] no dns-forwarding static-host host address [Parameter] host : Host name Single-byte alphanumeric characters, dot '.', and hyphen '-' (253 characters or less) address : A.B.C.
Command Reference | Application | 463 running interface list : vlan1 DNS forwarding system setting : enable DNS forwarding interface setting list : vlan1 Server address list : 192.168.200.1 192.168.100.100 swr.example.com Static host list : yamaha.swr.com 192.168.100.200 10.3.8 Show cache of DNS relay [Syntax] show dns-forwarding cache [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show the cache of the DNS relay. The following items are shown.
| Command Reference | Application [Description] Enables/disables the settings for the local RADIUS server function. You can also change the authentication UDP port number. If this command is executed with the "no" syntax, the setting returns to the default. [Note] To use the local RADIUS server functions, you must first use the crypto pki generate ca command to generate a route certificate authority. [Example] Enables the local RADIUS server function. SWX3220(config)#radius-server local enable 10.4.
Command Reference | Application | 465 If this command is executed with the "no" syntax, the specified route certificate authority is deleted. [Note] If a route certificate authority has not been generated, the functions of the local RADIUS server cannot be used. When setting a different route certificate authority name when a route certificate authority has already been generated, the route certificate authority will be overwritten.
| Command Reference | Application The authentication method must be set to “eap-md5” when using MD5. [Example] This restricts the authentication method to PEAP and EAP-MD5. SWX3220(config)#radius-server local-profile SWX3220(config-radius)#authentication peap eap-md5 10.4.
Command Reference | Application | 467 10.4.
| Command Reference | Application Setting value Description pap PAP authentication method (this type uses the user ID and password) peap PEAP, EAP-MD5, EAP-TTLS authentication method (this type uses the user ID and password) eap-tls EAP-TLS authentication method (this type uses the user ID and password) When abbreviating, use “eap-tls” date : Date (“2037/12/31” is used when omitted) (YYYY/MM/DD from current date to 2037/12/31) [Initial value] none [Input mode] RADIUS configuration mode [Descr
Command Reference | Application | 469 [Description] Sets the reauthentication interval that is notified to the RADIUS client (NAS). The RADIUS client (NAS) determines whether the reauthentication interval will be used. If this command is executed with the "no" syntax, the setting returns to the default. [Example] This sets the reauthentication interval to 604800 seconds. SWX3220(config)#radius-server local-profile SWX3220(config-radius)#reauth interval 604800 10.4.
| Command Reference | Application This automatically revokes the client certificates for users whose authentication methods have been changed from EAP-TLS to a method other than EAP-TLS. When the “mail” keyword is specified, this sends a client certificate to the e-mail address set using the user command. The e-mail subject and body text follow the e-mail settings template (mail send certificate command) used when the certificate was sent. E-mails cannot be sent if an e-mail address has not been set.
Command Reference | Application | 471 (within 3–32 characters; cannot specify “DEFAULT”) Authentication method certificate-id : Characters that can be inputted EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces EAP-TLS Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces Client certificate ID Combination of “user ID” and “serial number” [Input mode] privileged EXEC mode [De
| Command Reference | Application If specified using “compress,” the client certificates will be compressed to a ZIP file and then exported. Export target Contents all Compress all client certificates as “certificate_all.zip” user Compress client certificates for specified users as “certificate_.zip” [Note] Only the newest client certificate (1) can be exported. [Example] This exports the client certificate for the user ID “Yamaha” to an SD card.
Command Reference | Application | 473 [Parameter] src_config_num : Copy source configuration number Setting value dst_config_num : Description <0-1> Configuration #0-#1 sd Configuration on the SD card Copy destination configuration number Setting value Description <0-1> Configuration #0-#1 sd Configuration on the SD card [Input mode] privileged EXEC mode [Description] This copies the entire set of data in connection with the local RADIUS server.
| Command Reference | Application [Example] Shows the RADIUS clients (NAS) with an IP address of “192.168.100.0/24”. SWX3220#show radius-server local nas 192.168.100.0/24 host key ------------------------------------------------------------------------------------------------------192.168.100.0/24 abcde 10.4.
Command Reference | Application | 475 [Description] Shows the issuance status for client certificates. Issuance status Contents done Client certificate issuance completed, or not issued processing Now issuing client certificate aborted Issuance of client certificate aborted by executing “certificate abort” or other command [Example] Shows the issuance status for client certificates. SWX3220#show radius-server local certificate status certificate process: done. 10.4.
| Command Reference | Application [Description] This shows a list of client certificates that have been processed for revocation. Reason for revocation Contents revoked Manual revocation expired Revocation due to expired term of validity [Example] Displays the list of revoked client certificates.
Command Reference | Index | 477 Index A C aaa authentication auth-mac 184 aaa authentication auth-web 184 aaa authentication dot1x 183 accept-lifetime 324 access-group (IPv4) 398 access-group (IPv6) 400 access-group (MAC) 403 access-list (IPv4) 396 access-list (IPv6) 399 access-list (MAC) 401 access-list description (IPv4) 398 access-list description (IPv6) 400 access-list description (MAC) 402 action 146 advertisement-interval 330 agent-watch down-count 126 agent-watch interval 125 aggregate-police 427
| Command Reference | Index default-metric (OSPFv3) 290 default-metric (RIP) 314 default-router 450 description 157 description (route-map) 337 description (schedule) 145 dhcp pool 445 dhcp-relay 457 dhcp-relay broadcast 458 dhcp-relay server-address 457 dhcp-server (global configuration mode) 444 dhcp-server (interface mode) 444 distance (OSPFv2) 277 distance (OSPFv3) 290 distance (RIP) 314 distribute-list (OSPFv2) 277 distribute-list (OSPFv3) 291 distribute-list (RIP) 314 dns-client 264 dns-client dom
Command Reference | Index | 479 ip pim rp-candidate 368 ip pim rp-register-kat 373 ip pim spt-disable 374 ip pim ssm 374 ip pim state-refresh origination-interval 375 ip pim unicast-bsm 376 ip policy route-map 340 ip rip authentication key-chain 318 ip rip authentication mode 318 ip rip authentication string 318 ip rip metric-zero-accept 319 ip rip poison-reverse 321 ip rip receive version 320 ip rip receive-packet 319 ip rip send version 320 ip rip send-packet 320 ip rip split-horizon 321 ip route 249 ipv6
| Command Reference | Index P pass-through eap 203 passive-interface (OSPFv2) 281 passive-interface (OSPFv3) 292 passive-interface (RIP) 316 password-encryption 32 pbr enable 342 ping 255 ping6 263 police single-rate (aggregate policer mode) 428 police single-rate (policy map class mode) 424 police twin-rate (aggregate policer mode) 429 police twin-rate (policy map class mode) 425 police-aggregate 432 policy-map 420 port-channel load-balance 180 port-security enable 204 port-security mac-address 204 po
Command Reference | Index | 481 show etherchannel 175 show etherchannel status 181 show fan history 50 show firmware-update 138 show flowcontrol 441 show frame-counter 168 show http-proxy 97 show http-server 93 show interface 164 show interface brief 167 show interface negotiation 159 show inventory 44 show ip forwarding 254 show ip igmp groups 392 show ip igmp interface 393 show ip igmp proxy 394 show ip igmp snooping groups 357 show ip igmp snooping interface 358 show ip igmp snooping mrouter 357 show ip
| Command Reference | Index show vlan multiple-vlan 224 show vlan private-vlan 224 show vrrp 334 show vrrp ipv6 335 show vrrp ipv6 statistics 336 show vrrp statistics 335 shutdown 157 snapshot delete 135 snapshot enable 134 snapshot save 135 snapshot trap terminal 134 snmp-server access 77 snmp-server community 73 snmp-server contact 72 snmp-server enable trap 72 snmp-server group 75 snmp-server host 70 snmp-server location 73 snmp-server startup-trap-delay 71 snmp-server user 75 snmp-server view 74 spa
