SMC Networks SMC6724L3 Bedienungsanleitung

TigerSwitch 10/10024-Port Layer 3 Switch◆ 24 10BASE-T/100BASE-TX auto-MDI/MDI-X ports◆ Optional 1000BASE-T or 1000BASE-X GBIC modules◆ 8.8 Gbps aggreg

CONTENTSxMapping IP Port Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-131Copying IP Settings to Another Interface . . . . . .

CONFIGURING THE SWITCH3-52Command Usage• You can enable or disable authentication messages via the Web interface.• You can enable or disable authentic

DYNAMIC HOST CONFIGURATION PROTOCOL3-53Dynamic Host Configuration ProtocolDynamic Host Configuration Protocol (DHCP) can dynamically allocate an IP ad

CONFIGURING THE SWITCH3-54Command Usage You must specify the IP address for at least one DHCP server. Otherwise, the switch’s DHCP relay agent will no

DYNAMIC HOST CONFIGURATION PROTOCOL3-55Configuring the DHCP ServerThis switch includes a Dynamic Host Configuration Protocol (DHCP) server that can as

CONFIGURING THE SWITCH3-56Enabling the Server, Setting Excluded AddressesEnable the DHCP Server and specify the IP addresses that it should not be ass

DYNAMIC HOST CONFIGURATION PROTOCOL3-57Configuring Address PoolsYou must configure IP address pools for each IP interface that will provide addresses

CONFIGURING THE SWITCH3-58Command AttributesCreating a New Address Pool • Pool Name – A string or integer. (Range: 1-8 characters)Setting the Network

DYNAMIC HOST CONFIGURATION PROTOCOL3-59• Bootfile – The default boot image for a DHCP client. This file should placed on the Trivial File Transfer Pro

CONFIGURING THE SWITCH3-60Configuring a Network Address PoolWeb – Click DHCP, Server, Pool Configuration. Click the Configure button for any entry. Cl

DYNAMIC HOST CONFIGURATION PROTOCOL3-61Configuring a Host Address PoolWeb – Click DHCP, Server, Pool Configuration. Click the Configure button for any

CONTENTSxiSpecifying Network Interfaces for RIP . . . . . . . . . . . . . . 3-178Configuring Network Interfaces for RIP . . . . . . . . . . . . . 3-1

CONFIGURING THE SWITCH3-62CLI – This example configures a host address pool.Displaying Address BindingsYou can display the host devices which have acq

PORT CONFIGURATION3-63Web – Click DHCP, Server, IP Binding. You may use the Delete button to clear an address from the DHCP server’s database.CLI – Th

CONFIGURING THE SWITCH3-64• Speed/Duplex Status – Shows the current speed and duplex mode. (Auto, or fixed choice)• Flow Control Status – Indicates ty

PORT CONFIGURATION3-65• Speed-duplex – Shows the current speed and duplex mode. (Auto, or fixed choice)• Capabilities – Specifies the capabilities to

CONFIGURING THE SWITCH3-66CLI – This example shows the connection status for Port 13.Console#show interfaces status ethernet 1/13 4-128Information of

PORT CONFIGURATION3-67Configuring Interface ConnectionsYou can use the Port Configuration or Trunk Configuration page to enable/disable an interface,

CONFIGURING THE SWITCH3-68port connected to a hub unless it is actually required to solve a problem. Otherwise back pressure jamming signals may degra

PORT CONFIGURATION3-69Setting Broadcast Storm ThresholdsBroadcast storms may occur when a device on your network is malfunctioning, or if application

CONFIGURING THE SWITCH3-70CLI – Specify any interface, and then enter the threshold. The following sets broadcast suppression at 600 packets per secon

PORT CONFIGURATION3-71• Type – Allows you to select which traffic to mirror to the target port, Rx (receive), Tx (transmit), or Both.• Target Port – T

CONTENTSxiiMinimum Abbreviation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4Command Completion . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-72passing through each port. All values displayed have been accumulated since the last system reboot, and are shown as counts

PORT CONFIGURATION3-73Transmit Multicast PacketsThe total number of packets that higher-level protocols requested be transmitted, and which were addre

CONFIGURING THE SWITCH3-74Multiple Collision FramesA count of successfully transmitted frames for which transmission is inhibited by more than one col

PORT CONFIGURATION3-75CRC/Alignment Errors The number of CRC/alignment errors (FCS or alignment errors). Undersize Frames The total number of frames r

CONFIGURING THE SWITCH3-76Web – Click Statistics, Port Statistics. Select the required interface, and click Query. You can also use the Refresh button

PORT CONFIGURATION3-77CLI – This example shows statistics for port 13.Configuring Rate LimitsThis function allows the network manager to control the m

CONFIGURING THE SWITCH3-78Command UsageDue to a switch chip limitation, the input rate limit can only be enabled or disabled globally for all interfac

TRUNK CONFIGURATION3-79CLI - This example sets the rate limit for input and output traffic passing through port 1 to 60 Mbps.Trunk ConfigurationYou ca

CONFIGURING THE SWITCH3-80Command UsageBesides balancing the load across each port in the trunk, the other ports provide redundancy by taking over the

TRUNK CONFIGURATION3-81• A trunk formed with another switch using LACP will automatically be assigned the next available trunk ID. • If more than four

CONTENTSxiiiusername . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-33enable password . . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-82CLI – The following example enables LACP for ports 17 and 18. Just connect these ports to two LACP-enabled trunk ports on an

TRUNK CONFIGURATION3-83Web – Click Trunk, Trunk Configuration. Enter a trunk ID of 1-6 in the Trunk field, select any of the switch ports from the scr

CONFIGURING THE SWITCH3-84Address Table SettingsSwitches store the addresses for all known devices. This information is used to pass traffic directly

ADDRESS TABLE SETTINGS3-85Web – Click Address Table, Static Addresses. Specify the interface, the MAC address and VLAN, then click Add Static Address.

CONFIGURING THE SWITCH3-86• Address Table Sort Key – You can sort the information displayed based on interface (port or trunk) or MAC address.Web – Cl

SPANNING TREE ALGORITHM CONFIGURATION3-87Changing the Aging TimeYou can set the aging time for entries in the dynamic address table. Command Attribute

CONFIGURING THE SWITCH3-88STA uses a distributed algorithm to select a bridging device (STA-compliant switch, bridge or router) that serves as the roo

SPANNING TREE ALGORITHM CONFIGURATION3-89Displaying Global SettingsYou can display a summary of the current bridge STA information that applies to the

CONFIGURING THE SWITCH3-90- Root Path Cost – The path cost from the root port on this switch to the root device.• Configuration Changes – The number o

SPANNING TREE ALGORITHM CONFIGURATION3-91• Root Hold Time – The interval (in seconds) during which no more than two bridge configuration protocol data

CONTENTSxivradius-server timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-65show radius-server . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-92Configuring Global SettingsGlobal settings apply to the entire switch.Command Usage• Spanning Tree ProtocolUses RSTP for the

SPANNING TREE ALGORITHM CONFIGURATION3-93device with the lowest MAC address will then become the root device. (Note that lower numeric values indicate

CONFIGURING THE SWITCH3-94Advanced Configuration Settings for RSTP • Path Cost Method – The path cost is used to determine the best path between devic

SPANNING TREE ALGORITHM CONFIGURATION3-95CLI – This example enables Spanning Tree Protocol, and then sets the indicated attributes. Displaying Interfa

CONFIGURING THE SWITCH3-96• Designated Cost – The cost for a packet to travel from this port to the root in the current Spanning Tree configuration. T

SPANNING TREE ALGORITHM CONFIGURATION3-97• Trunk Member – Indicates if a port is a member of a trunk. (STA Port Information only)These additional para

CONFIGURING THE SWITCH3-98directly through to the spanning tree forwarding state. Specifying Edge Ports provides quicker convergence for devices such

SPANNING TREE ALGORITHM CONFIGURATION3-99CLI – This example shows the STA attributes for port 5. Configuring Interface SettingsYou can configure RSTP

CONFIGURING THE SWITCH3-100- Forwarding - Port forwards packets, and continues learning addresses.• Trunk – Indicates if a port is a member of a trunk

SPANNING TREE ALGORITHM CONFIGURATION3-101• Admin Link Type – The link type attached to this interface.- Point-to-Point – A connection to exactly one

CONTENTSxvDHCP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-97DHCP Client . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-102Web – Click Spanning Tree, STA Port Configuration or STA Trunk Configuration. Modify the required attributes, then click Ap

VLAN CONFIGURATION3-103An IEEE 802.1Q VLAN is a group of ports that can be located anywhere in the network, but communicate as though they belong to t

CONFIGURING THE SWITCH3-104switch to participate in one or more VLANs, but none of the intermediate network devices nor the host at the other end of t

VLAN CONFIGURATION3-105used to manually isolate user groups or subnets. However, you should use IEEE 802.3 tagged VLANs with GVRP whenever possible to

CONFIGURING THE SWITCH3-106still enable GVRP on these edge switches, as well as on the core switches in the network.Forwarding Tagged/Untagged FramesI

VLAN CONFIGURATION3-107Enabling or Disabling GVRP (Global Setting) GARP VLAN Registration Protocol (GVRP) defines a way for switches to exchange VLAN

CONFIGURING THE SWITCH3-108• Maximum Number of Supported VLANs – Maximum number of VLANs that can be configured on this switch. *Web OnlyWeb – Click V

VLAN CONFIGURATION3-109• Status – Shows how this VLAN was added to the switch. - Dynamic GVRP: Automatically learned via GVRP.- Permanent: Added as a

CONFIGURING THE SWITCH3-110CLI – Current VLAN information can be displayed with the following command.Creating VLANsUse the VLAN Static List to create

VLAN CONFIGURATION3-111• Remove – Removes a VLAN group from the current list. If any port is assigned to this group as untagged, it will be reassigned

CONTENTSxvishow interfaces switchport . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-131Mirror Port Commands . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-1122. VLAN 1 is the default untagged VLAN containing all ports on the switch, and can only be modified by first reassigning th

VLAN CONFIGURATION3-113Web – Click VLAN, VLAN Static Table. Select a VLAN ID from the scroll-down list. Modify the VLAN name and status if required. S

CONFIGURING THE SWITCH3-114Web – Open VLAN, VLAN Static Membership. Select an interface from the scroll-down box (Port or Trunk). Click Query to displ

VLAN CONFIGURATION3-115media access method or data rate. These values should not be changed unless you are experiencing difficulties with GVRP registr

CONFIGURING THE SWITCH3-116• GARP Join Timer* – The interval between transmitting requests/queries to participate in a VLAN group. (Range: 20-1000 cen

VLAN CONFIGURATION3-117Web – Click VLAN, VLAN Port Configuration or VLAN Trunk Configuration. Fill in the required settings for each interface, click

CONFIGURING THE SWITCH3-118Configuring Private VLANsPrivate VLANs provide port-based security and isolation between ports within the assigned VLAN. Da

VLAN CONFIGURATION3-119Configuring Uplink and Downlink PortsUse the Private VLAN Link Status page to set ports as downlink or uplink ports. Ports desi

CONFIGURING THE SWITCH3-120Class of Service ConfigurationClass of Service (CoS) allows you to specify which data packets have greater precedence when

CLASS OF SERVICE CONFIGURATION3-121Web – Click Priority, Default Port Priority or Default Trunk Priority. Modify the default priority for any interfac

CONTENTSxviiswitchport mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-166switchport acceptable-frame-types . . . . . . . .

CONFIGURING THE SWITCH3-122Mapping CoS Values to Egress QueuesThis switch processes Class of Service (CoS) priority tagged traffic by using four prior

CLASS OF SERVICE CONFIGURATION3-123Command Attributes• Priority – CoS value. (Range: 0-7, where 7 is the highest priority)• Traffic Class* – Output qu

CONFIGURING THE SWITCH3-124CLI – The following example shows how to map CoS values 0, 1 and 2 to priority queue 0, value 3 to priority queue 1, values

CLASS OF SERVICE CONFIGURATION3-125Web – Click Priority, Queue Scheduling. Select a traffic class (i.e., output queue), enter a weight, then click App

CONFIGURING THE SWITCH3-126Because different priority information may be contained in the traffic, this switch maps priority values to the output queu

CLASS OF SERVICE CONFIGURATION3-127Mapping IP PrecedenceThe Type of Service (ToS) octet in the IPv4 header includes three precedence bits defining eig

CONFIGURING THE SWITCH3-128Web – Click Priority, IP Precedence Priority. Select a port or trunk from the Interface field. Select an entry from the IP

CLASS OF SERVICE CONFIGURATION3-129Mapping DSCP PriorityThe DSCP is six bits wide, allowing coding for up to 64 different forwarding behaviors. The DS

CONFIGURING THE SWITCH3-130Web – Click Priority, IP DSCP Priority. Select a port or trunk from the Interface field. Select an entry from the DSCP tabl

CLASS OF SERVICE CONFIGURATION3-131Mapping IP Port PriorityYou can also map network applications to Class of Service values based on the IP port numbe

CONTENTSxviiiip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-197ip igmp snooping vlan static . . . . . . . . . . .

CONFIGURING THE SWITCH3-132Click Priority, IP Port Priority. Select a port or trunk from the Interface field. Enter the port number for a network appl

CLASS OF SERVICE CONFIGURATION3-133Copying IP Settings to Another InterfaceYou can copy IP Precedence, DSCP priority, or IP port priority settings fro

CONFIGURING THE SWITCH3-134Multicast Filtering Multicasting is used to support real-time applications such as videoconferencing or streaming audio. A

MULTICAST FILTERING3-135This switch not only supports IP multicast filtering by passively monitoring IGMP query and report messages and multicast rout

CONFIGURING THE SWITCH3-136Note that IGMP neither alters nor routes IP multicast packets. A multicast routing protocol must be used to deliver IP mult

MULTICAST FILTERING3-137IGMP Query (Layer 2 or 3) – IGMP Query can only be enabled globally at Layer 2, but can be enabled for individual VLAN interfa

CONFIGURING THE SWITCH3-138• Act as IGMP Querier — When enabled, the switch can serve as the Querier, which is responsible for asking hosts if they wa

MULTICAST FILTERING3-139CLI – This example modifies the settings for multicast filtering, and then displays the current status.Displaying Interfaces A

CONFIGURING THE SWITCH3-140Web – Click IGMP Snooping, Multicast Router Port Information. Select the required VLAN ID from the scroll-down list to disp

MULTICAST FILTERING3-141Web – Click IGMP Snooping, Static Multicast Router Port Configuration. Specify the interfaces attached to a multicast router,

CONTENTSxixip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-227clear ip route . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-142Displaying Port Members of Multicast Services You can display the port members associated with a specified VLAN and multica

MULTICAST FILTERING3-143Assigning Ports to Multicast Services Multicast filtering can be dynamically configured using IGMP Snooping and IGMP Query mes

CONFIGURING THE SWITCH3-144CLI – This example assigns a multicast address to VLAN 1, and then displays all the known multicast services supported on V

MULTICAST FILTERING3-145Configuring IGMP Interface ParametersThis switch uses IGMP (Internet Group Management Protocol) to query for any attached host

CONFIGURING THE SWITCH3-146• Max Query Response Time – Configures the maximum response time advertised in IGMP queries. (Range: 0-25 seconds; Default:

MULTICAST FILTERING3-147• Querier – Device currently serving as the IGMP querier for this multicast service.Web – Click IP, IGMP, Interface Settings.

CONFIGURING THE SWITCH3-148CLI – This example configures the IGMP parameters for VLAN 1.Displaying Multicast Group InformationWhen IGMP (Layer 3) is e

IP ROUTING3-149• V1 Timer – The time remaining until the switch assumes that there are no longer any IGMP Version 1 members on the IP subnet attached

CONFIGURING THE SWITCH3-150networks. However, when the switch is first booted, no default routing is defined. As with all traditional routers, the rou

IP ROUTING3-151IP SwitchingIP Switching (or packet forwarding) encompasses tasks required to forward packets for both Layer 2 and Layer 3, as well as

CONTENTSxxip ospf priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-268ip ospf retransmit-interval . . . . . . . . . .

CONFIGURING THE SWITCH3-152there, the switch broadcasts an ARP packet to all the ports on the destination VLAN to find out the destination MAC address

IP ROUTING3-153• Dynamic routing uses a routing protocol to exchange routing information, calculate routing tables, and respond to changes in the stat

CONFIGURING THE SWITCH3-154Basic IP Interface ConfigurationTo allow routing between different IP subnets, you must enable IP Routing as described in t

IP ROUTING3-155Web - Click IP, General, Global Settings. Set IP Routing Status to Disabled to restrict operation to Layer 2, or Enabled to allow multi

CONFIGURING THE SWITCH3-156• Before you configure any network interfaces on this router, you should first create a VLAN for each unique user group, or

IP ROUTING3-157Web - Click IP, General, Routing Interface. Specify an IP interface for each VLAN that will support routing to other subnets. First spe

CONFIGURING THE SWITCH3-158appropriate field in the frame header, and forwards the frame on to the next hop. IP traffic passes along the path to its f

IP ROUTING3-159request by sending its own MAC address to the requesting node. That node then sends traffic to the router, which in turn uses its own r

CONFIGURING THE SWITCH3-160Web - Click IP, ARP, General. Set the timeout to a suitable value for the ARP cache, enable Proxy ARP for subnetworks that

IP ROUTING3-161• MAC Address – MAC address statically mapped to the corresponding IP address. (Valid MAC addresses are hexadecimal numbers in the form

CONTENTSxxiip pim trigger-hello-interval . . . . . . . . . . . . . . . . . . . . . . . 4-305ip pim join-prune-holdtime . . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-162• Dynamic to Static* – Changes a selected dynamic entry to a static entry.• Clear All* – Deletes all dynamic entries from t

IP ROUTING3-163Displaying Local ARP EntriesThe ARP cache also contains entries for local interfaces, including subnet, host, and broadcast addresses.C

CONFIGURING THE SWITCH3-164Displaying ARP StatisticsYou can display statistics for ARP messages crossing all interfaces on this router.Statistical Val

IP ROUTING3-165CLI - This example provides detailed statistics on common IP-related protocols.Displaying Statistics for IP ProtocolsIP StatisticsThe I

CONFIGURING THE SWITCH3-166Statistical Values Parameter DescriptionPackets Received The total number of input datagrams received from interfaces, incl

IP ROUTING3-167Web - Click IP, Statistics, IP.CLI - See the example on page 3-164.Unknown Protocols ReceivedThe number of locally-addressed datagrams

CONFIGURING THE SWITCH3-168ICMP StatisticsInternet Control Message Protocol (ICMP) is a network layer protocol that transmits message packets to repor

IP ROUTING3-169Web - Click IP, Statistics, ICMP.CLI - See the example on page 3-164.Timestamp Replies The number of ICMP Timestamp Reply messages rec

CONFIGURING THE SWITCH3-170UDP StatisticsUser Datagram Protocol (UDP) provides a datagram mode of packet-switched communications. It uses IP as the un

IP ROUTING3-171TCP StatisticsThe Transmission Control Protocol (TCP) provides highly reliable host-to-host connections in packet-switched networks, an

CONTENTSxxii

CONFIGURING THE SWITCH3-172Web - Click IP, Statistics, TCP.CLI - See the example on page 3-164.Configuring Static RoutesThis router can dynamically co

IP ROUTING3-173Web - Click IP, Routing, Static Routes.CLI - This example forwards all traffic for subnet 192.168.1.0 to the router 192.168.5.254, usin

CONFIGURING THE SWITCH3-174• Netmask – Network mask for the associated IP subnet. This mask identifies the host address bits used for routing to speci

IP ROUTING3-175Configuring the Routing Information ProtocolThe RIP protocol is the most widely used routing protocol. The RIP protocol uses a distance

CONFIGURING THE SWITCH3-176• There are several serious problems with RIP that you should consider. First of all, RIP (version 1) has no knowledge of s

IP ROUTING3-177Command AttributesGlobal Settings• RIP Routing Process – Enables RIP routing for all IP interfaces on the router. (Default: Disabled)•

CONFIGURING THE SWITCH3-178CLI - This example sets the router to use RIP Version 2, and sets the basic timer to 15 seconds.Specifying Network Interfac

IP ROUTING3-179Web - Click Routing Protocol, RIP, Network Addresses. Add all interfaces that will participate in RIP, and click Apply. CLI - This exam

CONFIGURING THE SWITCH3-180Command UsageSpecifying Receive and Send Protocol Types• Setting the RIP Receive Version or Send Version for an interface o

IP ROUTING3-181three methods that can provide faster convergence when the network topology changes and prevent most loops from occurring:• Split Horiz

1-1CHAPTER 1INTRODUCTIONThis switch provides a broad range of features for Layer 2 switching and Layer 3 routing. It includes a management agent that

CONFIGURING THE SWITCH3-182- RIPv2: Sends only RIPv2 packets.- RIPv1 Compatible: Route information is broadcast to other routers with RIPv2. (Default)

IP ROUTING3-183Web - Click Routing Protocol, RIP, Interface Settings. Select the RIP protocol message types that will be received and sent, the method

CONFIGURING THE SWITCH3-184RIP Information and Statistics Parameter DescriptionGlobalsRIP Routing Process Indicates if RIP has been enabled or disable

IP ROUTING3-185Web - Click Routing Protocol, RIP, Statistics.

CONFIGURING THE SWITCH3-186CLI - The information displayed by the RIP Statistics screen via the Web interface can be accessed from the CLI using the f

IP ROUTING3-187OSPF routers exist; as well as the not-so-stubby area option (RFC 1587).Command Usage• OSPF looks at more than just the simple hop coun

CONFIGURING THE SWITCH3-188• OSPFv2 is a compatible upgrade to OSPF. It involves enhancements to protocol message authentication, and the addition of

IP ROUTING3-189• OSPF Router ID – Assigns a unique router ID for this device within the autonomous system. (Default: The lowest interface address)• Ve

CONFIGURING THE SWITCH3-190• SPF Hold Time (seconds) – The hold time between making two consecutive shortest path first (SPF) calculations. (Range: 0-

IP ROUTING3-191Web - Click Routing Protocol, OSPF, General Configuration. Enable OSPF, specify the Router ID, configure the other global parameters as

INTRODUCTION1-2Description of Software FeaturesThe switch provides a wide range of advanced performance enhancing features. Flow control eliminates th

CONFIGURING THE SWITCH3-192Configuring OSPF AreasAn autonomous system must be configured with a backbone area, designated by area identifier 0.0.0.0.

IP ROUTING3-193• By default, a stub can only pass traffic to other areas in the autonomous system via the default external route. However, you also ca

CONFIGURING THE SWITCH3-194Command Usage• Before you create a stub or NSSA, first specify the address range for an area using the Network Area Address

IP ROUTING3-195Web - Click Routing Protocol, OSPF, Area Configuration. Set any area to a stub or NSSA as required, specify the cost for the default su

CONFIGURING THE SWITCH3-196Configuring Area Ranges (Route Summarization for ABRs)An OSPF area can include a large number of nodes. If the Area Border

IP ROUTING3-197Command Attributes• Area ID – Identifies an area for which the routes are summarized. (The area ID must be in the form of an IP address

CONFIGURING THE SWITCH3-198CLI - This example summarizes all the routes for area 1. Note that the default for the area range command is to advertise t

IP ROUTING3-199Field AttributesOSPF Interface List• VLAN ID – The VLAN to which an IP interface has been assigned.• Interface IP – The IP interface as

CONFIGURING THE SWITCH3-200interface when estimating this delay. Set the transmit delay according to link speed, using larger values for lower-speed l

IP ROUTING3-201• Authentication Type – Specifies the authentication type used for an interface. (Options: None, Simple password, MD5; Default: None)-

DESCRIPTION OF SOFTWARE FEATURES1-3minimum delay for moving real-time multimedia data across the network. While multicast filtering and routing provid

CONFIGURING THE SWITCH3-202- When changing to a new key, the router will send multiple copies of all protocol messages, one with the old key and anoth

IP ROUTING3-203Change any of the interface-specific protocol parameters, and then click ApplyCLI - This example configures the interface parameters fo

CONFIGURING THE SWITCH3-204Configuring Virtual LinksAll OSPF areas must connect to the backbone. If an area does not have a direct physical connection

IP ROUTING3-205Web - Click Routing Protocol, OSPF, Virtual Link Configuration. To create a new virtual link, specify the Area ID and Neighbor Router I

CONFIGURING THE SWITCH3-206Configuring Network Area AddressesOSPF protocol broadcast messages (i.e., Link State Advertisements or LSAs) are restricted

IP ROUTING3-207Command Attributes• IP Address – Address of the interfaces to add to the area.• Netmask – Network mask of the address range to add to t

CONFIGURING THE SWITCH3-208CLI - This example configures the backbone area and one transit area.Configuring Summary Addresses (for External AS Routes)

IP ROUTING3-209Command Attributes• IP Address – Summary address covering a range of addresses.• Netmask – Network mask for the summary route.Note: Th

CONFIGURING THE SWITCH3-210Redistributing External RoutesYou can configure this router to import external routing information from other routing proto

IP ROUTING3-211Command Attributes• Redistribute Protocol – Specifies the external routing protocol type for which routing information is to be redistr

INTRODUCTION1-4network traffic during periods of congestion and prevent the loss of packets when port buffer thresholds are exceeded. The switch suppo

CONFIGURING THE SWITCH3-212Configuring NSSA SettingsUse the OSPF / NSSA Settings page to configure a not-so-stubby area (NSSA), and to control the use

IP ROUTING3-213Web - Click Routing Protocol, OSPF, NSSA Settings. Create a new NSSA or modify the routing behavior for an existing NSSA, and click App

CONFIGURING THE SWITCH3-214The full database is exchanged between neighboring routers as soon as a new router is discovered. Afterwards, any changes t

IP ROUTING3-215• Adv Router – IP address of the advertising router. If not entered, information about all advertising routers is displayed.• Age* – Ag

CONFIGURING THE SWITCH3-216Displaying Information on Border RoutersYou can display entries in the local routing table for Area Border Routers (ABR) an

IP ROUTING3-217Displaying Information on Neighbor RoutersYou can display about neighboring routers on each interface within an OSPF area.Field Attribu

CONFIGURING THE SWITCH3-218Web - Click Routing Protocol, OSPF, Neighbor Information.CLI - This shows a designated router and backup designated router

MULTICAST ROUTING3-219it routing protocol independent. Also note that the Dense Mode version of PIM is supported on this router because it is suitable

CONFIGURING THE SWITCH3-220routes to forward multicast traffic only if group members appear on directly-attached subnetworks or on subnetworks attache

MULTICAST ROUTING3-221Web – Click IP, Multicast Routing, Multicast Routing Table. Click Detail to display additional information for any entry.

DESCRIPTION OF SOFTWARE FEATURES1-5IEEE 802.1D Bridge – The switch supports IEEE 802.1D transparent bridging. The address table facilitates data switc

CONFIGURING THE SWITCH3-222CLI – This example shows that multicast forwarding is enabled. The multicast routing table displays one entry for a multica

MULTICAST ROUTING3-223to build up a source-rooted multicast delivery tree that allows it to prevent looping and determine the shortest path to the sou

CONFIGURING THE SWITCH3-224Command UsageBroadcasting periodically floods the network with traffic from any active multicast server. If IGMP snooping i

MULTICAST ROUTING3-225The global settings that control the prune and graft messages (i.e., prune lifetime) should be configured to the same values on

CONFIGURING THE SWITCH3-226to the router. When the router receives these messages, it records all the downstream routers for the default route.- When

MULTICAST ROUTING3-227CLI – This sets the global parameters for DVMRP and displays the current settings.Configuring DVMRP Interface SettingsTo fully e

CONFIGURING THE SWITCH3-228• Status – Enables or disables DVMRP.- If DVMRP is enabled on any interface, Layer 3 IGMP should also be enabled on the rou

MULTICAST ROUTING3-229Displaying Neighbor InformationYou can display all the neighboring DVMRP routers.Command Attributes• Neighbor Address – The IP a

CONFIGURING THE SWITCH3-230CLI – This example displays the only neighboring DVMRP router.Displaying the Routing TableThe router learns source-routed i

MULTICAST ROUTING3-231• Up time – The time elapsed since this entry was created.• Expire – The time remaining before this entry will be aged out.Web –

INTRODUCTION1-6Virtual LANs – The switch supports up to 255 VLANs. A Virtual LAN is a collection of network nodes that share the same collision domain

CONFIGURING THE SWITCH3-232network. If it is not, the router drops the packet and sends a prune message back out the source interface. If it is the sa

MULTICAST ROUTING3-233CLI – This example enables PIM-DM globally and displays the current status.Configuring PIM-DM Interface SettingsTo fully enable

CONFIGURING THE SWITCH3-234not these neighbors are still active members of the multicast tree. (Range: 1-65535 seconds; Default: 30)• Hello Holdtime –

MULTICAST ROUTING3-235Web – Click Routing Protocol, PIM-DM, Interface Settings. Select a VLAN, enable or disable PIM-DM for the selected interface, mo

CONFIGURING THE SWITCH3-236Displaying Interface InformationYou can display a summary of the current interface status for PIM-DM, including the number

MULTICAST ROUTING3-237Displaying Neighbor InformationYou can display all the neighboring PIM-DM routers.Command Attributes• Neighbor Address – IP addr

CONFIGURING THE SWITCH3-238

4-1CHAPTER 4COMMAND LINEINTERFACEThis chapter describes how to use the Command Line Interface (CLI).Using the Command Line InterfaceAccessing the CLIW

COMMAND LINE INTERFACE4-23. When finished, exit the session with the “quit” or “exit” command.After connecting to the system through the console port,

ENTERING COMMANDS4-3After you configure the switch with an IP address, you can open a Telnet session by performing these steps:1. From the remote host

DESCRIPTION OF SOFTWARE FEATURES1-7IP Routing – The switch provides Layer 3 IP routing. To maintain a high rate of throughput, the switch forwards all

COMMAND LINE INTERFACE4-4You can enter commands as follows:• To enter a simple command, enter the command keyword. • To enter multiple commands, enter

ENTERING COMMANDS4-5Showing CommandsIf you enter a “?” at the command prompt, the system will display the first level of keywords for the current comm

COMMAND LINE INTERFACE4-6Partial Keyword LookupIf you terminate a partial keyword with a question mark, alternatives that match the initial letters ar

ENTERING COMMANDS4-7command classes and associated modes are displayed in the following table:Exec CommandsWhen you open a new console session on the

COMMAND LINE INTERFACE4-8Configuration CommandsConfiguration commands are privileged level commands used to modify switch settings. These commands mod

ENTERING COMMANDS4-9To enter the Global Configuration mode, enter the command configure in Privileged Exec mode. The system prompt will change to “Con

COMMAND LINE INTERFACE4-10Command Line ProcessingCommands are not case sensitive. You can abbreviate commands and parameters as long as they contain e

COMMAND GROUPS4-11Command GroupsThe system commands can be broken down into the functional groups shown below.Command Group Description PageLine Sets

COMMAND LINE INTERFACE4-12The access mode shown in the following tables is indicated by these abbreviations: NE (Normal Exec) IC (Interface Configura

LINE COMMANDS4-13Line CommandsYou can access the onboard configuration program by attaching a VT100 compatible device to the server’s serial port. The

38 TeslaIrvine, CA 92618Phone: (949) 679-8000TigerSwitch 10/100Management GuideFrom SMC’s Tiger line of feature-rich workgroup LAN solutionsOctober 20

INTRODUCTION1-8Multicast Filtering – Specific multicast traffic can be assigned to its own VLAN to ensure that it does not interfere with normal netwo

COMMAND LINE INTERFACE4-14lineUse this command to identify a specific line for configuration, and to process subsequent line configuration commands.Sy

LINE COMMANDS4-15loginUse this command to enable password checking at login. Use the no form to disable password checking and allow connections withou

COMMAND LINE INTERFACE4-16Example Related Commandsusername (4-33)password (4-16)passwordUse this command to specify the password for a line. Use the n

LINE COMMANDS4-17configuration file during system bootup or when downloading the configuration file from a TFTP server. There is no need for you to ma

COMMAND LINE INTERFACE4-18Example To set the timeout to two minutes, enter this command:password-threshUse this command to set the password intrusion

LINE COMMANDS4-19Related Commandssilent-time (4-19)silent-timeUse this command to set the amount of time the management console is inaccessible after

COMMAND LINE INTERFACE4-20databitsUse this command to set the number of data bits per character that are interpreted and generated by the console port

LINE COMMANDS4-21parityUse this command to define generation of a parity bit. Use the no form to restore the default setting.Syntax parity {none | eve

COMMAND LINE INTERFACE4-22speedUse this command to set the terminal line’s baud rate. This command sets both the transmit (to terminal) and receive (f

LINE COMMANDS4-23stopbitsUse this command to set the number of the stop bits transmitted per byte. Use the no form to restore the default setting.Synt

SYSTEM DEFAULTS1-9Authentication Privileged Exec Level Username “admin”Password “admin”Normal Exec Level Username “guest”Password “guest”Enable Privil

COMMAND LINE INTERFACE4-24Example To show all lines, enter this command:General CommandsConsole#show line Console configuration: Password threshold:

GENERAL COMMANDS4-25enableUse this command to activate Privileged Exec mode. In privileged mode, additional commands are available, and certain comman

COMMAND LINE INTERFACE4-26disableUse this command to return to Normal Exec mode from privileged mode. In normal access mode, you can only display basi

GENERAL COMMANDS4-27configureUse this command to activate Global Configuration mode. You must enter this mode to modify any settings on the switch. Yo

COMMAND LINE INTERFACE4-28Example In this example, the show history command lists the contents of the command history buffer:The ! command repeats com

GENERAL COMMANDS4-29Command Usage This command resets the entire system.Example This example shows how to reset the switch:endUse this command to retu

COMMAND LINE INTERFACE4-30Example This example shows how to return to the Privileged Exec mode from the Global Configuration mode, and then quit the C

SYSTEM MANAGEMENT COMMANDS4-31System Management CommandsThese commands are used to control system logs, passwords, user names, browser configuration o

COMMAND LINE INTERFACE4-32hostnameUse this command to specify or modify the host name for this device. Use the no form to restore the default host nam

SYSTEM MANAGEMENT COMMANDS4-33usernameUse this command to add named users, require authentication at login, specify or change a user's password (

INTRODUCTION1-10Port Capability 1000BASE-SX/LX/LH –1000 Mbps full duplexFull-duplex flow control disabledSymmetric flow control disabledRate Limiting

COMMAND LINE INTERFACE4-34Command Usage The encrypted password is required for compatibility with legacy password settings (i.e., plain text or encryp

SYSTEM MANAGEMENT COMMANDS4-35Command Usage • You cannot set a null password. You will have to enter a password to change the command mode from Normal

COMMAND LINE INTERFACE4-36Default Setting 80Command Mode Global ConfigurationExampleRelated Commandsip http server (4-36)ip http serverUse this comman

SYSTEM MANAGEMENT COMMANDS4-37Event Logging Commands logging onUse this command to control logging of error messages. This command sends debug or erro

COMMAND LINE INTERFACE4-38logging historyUse this command to limit syslog messages saved to switch memory based on severity. The no form returns the l

SYSTEM MANAGEMENT COMMANDS4-39Command Mode Global ConfigurationCommand Usage The message level specified for flash memory must be a higher priority (i

COMMAND LINE INTERFACE4-40show loggingUse this command to display the logging configuration, along with any system and event messages stored in memory

SYSTEM MANAGEMENT COMMANDS4-41ExampleThe following example shows that system logging is enabled, the message level for flash memory is “errors” (i.e.,

COMMAND LINE INTERFACE4-42sntp clientUse this command to enable SNTP client requests for time synchronization from NTP or SNTP time servers specified

SYSTEM MANAGEMENT COMMANDS4-43Example Related Commandssntp server (4-43)sntp poll (4-44)sntp broadcast client (4-45)show sntp (4-45)sntp serverUse thi

SYSTEM DEFAULTS1-11IP Precedence Priority DisabledIP DSCP Priority DisabledIP Port Priority DisabledIP Settings Management. VLAN Any VLAN configured w

COMMAND LINE INTERFACE4-44Command Usage This command specifies time servers from which the switch will poll for time updates when set to SNTP client m

SYSTEM MANAGEMENT COMMANDS4-45Example Related Commandssntp client (4-42)sntp broadcast clientUse this command to synchronize the switch’s clock based

COMMAND LINE INTERFACE4-46Command Usage This command displays the current time, the poll interval used for sending time synchronization requests (when

SYSTEM MANAGEMENT COMMANDS4-47a time corresponding to your local time, you must indicate the number of hours and minutes your time zone is east (befor

COMMAND LINE INTERFACE4-48Command Usage • Use this command in conjunction with the show running-config command to compare the information in running m

SYSTEM MANAGEMENT COMMANDS4-49Related Commandsshow running-config (4-49)show running-configUse this command to display the configuration information c

COMMAND LINE INTERFACE4-50- Routing protocol configuration settings- Spanning tree settings- Any configured settings for the console port and TelnetEx

SYSTEM MANAGEMENT COMMANDS4-51show systemUse this command to display system information.Default Setting NoneCommand Mode Normal Exec, Privileged ExecC

COMMAND LINE INTERFACE4-52Command Usage The session used to execute this command is indicated by a “*” symbol next to the Line (i.e., session) index n

FLASH/FILE COMMANDS4-53Example Flash/File CommandsThese commands are used to manage the system code or configuration files.copy Use this command to

INTRODUCTION1-12

COMMAND LINE INTERFACE4-54Syntax copy file {file | running-config | startup-config | tftp}copy running-config {file | startup-config | tftp}copy start

FLASH/FILE COMMANDS4-55the download menu during a boot up to download the Boot ROM (or diagnostic) image. See “Upgrading Firmware via the Serial Port”

COMMAND LINE INTERFACE4-56deleteUse this command to delete a file or image.Syntax delete filenamefilename - Name of the configuration file or image na

FLASH/FILE COMMANDS4-57dirUse this command to display a list of files in flash memory.Syntax dir [boot-rom | config | opcode [:filename]]The type of f

COMMAND LINE INTERFACE4-58Example The following example shows how to display all file information:whichbootUse this command to display which files wer

FLASH/FILE COMMANDS4-59boot systemUse this command to specify the file or image used to start up the system.Syntax boot system {boot-rom| config | opc

COMMAND LINE INTERFACE4-60Authentication Commands You can configure this switch to authenticate users logging into the system for management access us

AUTHENTICATION COMMANDS4-61Command Mode Global ConfigurationCommand Usage • RADIUS uses UDP which only offers best effort delivery. Also, note that RA

COMMAND LINE INTERFACE4-62radius-server hostUse this command to specify the RADIUS server. Use the no form to restore the default.Syntax radius-server

AUTHENTICATION COMMANDS4-63radius-server portUse this command to set the RADIUS server network port. Use the no form to restore the default.Syntax rad

2-1CHAPTER 2INITIAL CONFIGURATIONConnecting to the SwitchConfiguration OptionsThe switch includes a built-in network management agent. The agent offer

COMMAND LINE INTERFACE4-64Command Mode Global ConfigurationExample radius-server retransmitUse this command to set the number of retries. Use the no f

AUTHENTICATION COMMANDS4-65radius-server timeoutUse this command to set the interval between transmitting authentication requests to the RADIUS server

COMMAND LINE INTERFACE4-66802.1x Port AuthenticationThe switch supports IEEE 802.1x (dot1x) port-based access control that prevents unauthorized acces

AUTHENTICATION COMMANDS4-67authentication dot1x defaultSets the default authentication server type. Use the no form to restore the default.Syntaxauthe

COMMAND LINE INTERFACE4-68dot1x max-reqSets the maximum number of times the switch port will retransmit an EAP request packet to the client before it

AUTHENTICATION COMMANDS4-69Defaultforce-authorizedCommand ModeInterface ConfigurationExampledot1x re-authenticateForces re-authentication on all ports

COMMAND LINE INTERFACE4-70Command ModeGlobal ConfigurationExampledot1x timeout quiet-periodSets the time that a switch port waits after the Max Reques

AUTHENTICATION COMMANDS4-71Default3600 secondsCommand ModeGlobal ConfigurationExampledot1x timeout tx-periodSets the time that the switch waits during

COMMAND LINE INTERFACE4-72show dot1xUse this command to show general port authentication related settings on the switch or a specific interface.Syntax

AUTHENTICATION COMMANDS4-73(page 4-71), and Port-control (page 4-68). It also displays the following information:- Status– Authorization status (autho

INITIAL CONFIGURATION2-2The switch’s Web interface, CLI configuration program, and SNMP agent allow you to perform the following management functions:

COMMAND LINE INTERFACE4-74Access Control List CommandsAccess Control Lists (ACL) provide packet filtering for IP frames (based on address, protocol, T

ACCESS CONTROL LIST COMMANDS4-75There are three filtering modes: • Standard IP ACL mode (STD-ACL) filters packets based on the source IP address. • Ex

COMMAND LINE INTERFACE4-76IP ACLs access-list ip Use this command to add an IP access list and enter configuration mode for standard or extended IP AC

ACCESS CONTROL LIST COMMANDS4-77• extended – Specifies an ACL that filters packets based on the source or destination IP address, and other more speci

COMMAND LINE INTERFACE4-78permit, deny (Standard ACL) Use this command to add a rule to a Standard IP ACL. The rule sets a filter condition for packet

ACCESS CONTROL LIST COMMANDS4-79Related Commandsaccess-list ip (4-76)permit, deny (Extended ACL) Use this command to add a rule to an Extended IP ACL.

COMMAND LINE INTERFACE4-80• host – Keyword followed by a specific IP address.• source-port – TCP/UDP source port number. (Range: 0-65535)• destination

ACCESS CONTROL LIST COMMANDS4-81- Both SYN and ACK valid, use “control-code 18 18”- SYN valid and ACK invalid, use “control-code 2 18”ExampleThis exam

COMMAND LINE INTERFACE4-82Default SettingNoneCommand ModeInterface Configuration (Ethernet)Example Related Commandsshow ip access-list (4-83)show ip a

ACCESS CONTROL LIST COMMANDS4-83show ip access-list Use this command to display the rules for configured IP ACLs.Syntaxshow ip access-list {standard |

CONNECTING TO THE SWITCH2-3To connect a terminal to the console port, complete the following steps: 1. Connect the console cable to the serial port on

COMMAND LINE INTERFACE4-84MAC ACLs access-list mac Use this command to add a MAC access list and enter MAC ACL configuration mode. Use the no form to

ACCESS CONTROL LIST COMMANDS4-85the bottom of the list. To create an ACL, you must add at least one rule to the list.•To remove a rule, use the no per

COMMAND LINE INTERFACE4-86• any – Any MAC source address, destination address, or Ethernet protocol. • source – Source MAC address.• source bitmask –

ACCESS CONTROL LIST COMMANDS4-87mac access-groupUse this command to bind a port to a MAC ACL. Use the no form to remove the port.Syntaxmac access-grou

COMMAND LINE INTERFACE4-88Example Related Commandsmac access-group (4-87)show mac access-list Use this command to display the rules for configured MAC

ACCESS CONTROL LIST COMMANDS4-89ACL Informationshow access-listUse this command to show all ACLs and associated rules.Command ModePrivileged ExecExamp

COMMAND LINE INTERFACE4-90SNMP CommandsControls access to this switch from management stations using the Simple Network Management Protocol (SNMP), as

SNMP COMMANDS4-91Default Setting • public - Read-only access. Authorized management stations are only able to retrieve MIB objects.• private - Read/wr

COMMAND LINE INTERFACE4-92Related Commandssnmp-server location (4-92)snmp-server locationUse this command to set the system location string. Use the n

SNMP COMMANDS4-93snmp-server host Use this command to specify the recipient of a Simple Network Management Protocol notification operation. Use the no

INITIAL CONFIGURATION2-4Remote ConnectionsPrior to accessing the switch’s onboard agent via a network connection, you must first configure it with a v

COMMAND LINE INTERFACE4-94• However, some notification types cannot be controlled with the snmp-server enable traps command. For example, some notific

SNMP COMMANDS4-95notifications are enabled. If you enter the command with a keyword, only the notification type related to that keyword is enabled. •T

COMMAND LINE INTERFACE4-96ExampleConsole#show snmpSNMP traps: Authentication: enable Link-up-down: enableSNMP communities: 1. private, and the pri

DHCP COMMANDS4-97DHCP CommandsThese commands are used to configure Dynamic Host Configuration Protocol (DHCP) client, relay, and server functions. You

COMMAND LINE INTERFACE4-98Default Setting NoneCommand Mode Interface Configuration (VLAN)Command Usage This command is used to include a client identi

DHCP COMMANDS4-99• If the BOOTP or DHCP server has been moved to a different domain, the network portion of the address provided to the client will be

COMMAND LINE INTERFACE4-100Default Setting DisabledCommand Mode Interface Configuration (VLAN)Command Usage This command is used to configure DHCP rel

DHCP COMMANDS4-101ip dhcp relay serverUse this command to specify the addresses of DHCP servers to be used by the switch’s DHCP relay agent. Use the n

COMMAND LINE INTERFACE4-102DHCP Server Command Function Mode Pageservice dhcp Enables the DHCP server feature on this switchGC 4-103ip dhcp excluded-a

DHCP COMMANDS4-103service dhcpUse this command to enable the DHCP server on this switch. Use the no form to disable the DHCP server.Syntaxservice dhcp

BASIC CONFIGURATION2-5Basic ConfigurationConsole ConnectionThe CLI program provides two different command levels — normal access level (Normal Exec) a

COMMAND LINE INTERFACE4-104ip dhcp excluded-addressUse this command to specify IP addresses that the DHCP server should not assign to DHCP clients. Us

DHCP COMMANDS4-105Command ModeGlobal ConfigurationUsage Guidelines • After executing this command, the switch changes to DHCP Pool Configuration mode,

COMMAND LINE INTERFACE4-106Usage Guidelines • When a client request is received, the switch first checks for a network address pool matching the gatew

DHCP COMMANDS4-107Command ModeDHCP Pool ConfigurationUsage Guidelines The IP address of the router should be on the same subnet as the client. You can

COMMAND LINE INTERFACE4-108dns-serverUse this command to specify the Domain Name System (DNS) IP servers available to a DHCP client. Use the no form t

DHCP COMMANDS4-109next-serverUse this command to configure the next server in the boot process of a DHCP client. Use the no form to remove the boot se

COMMAND LINE INTERFACE4-110Default Setting NoneCommand ModeDHCP Pool ConfigurationExample Related Commandsnext-server (4-109)netbios-name-serverUse th

DHCP COMMANDS4-111Example Related Commandsnetbios-node-type (4-111)netbios-node-typeUse this command to configure the NetBIOS node type for Microsoft

COMMAND LINE INTERFACE4-112leaseUse this command to configure the duration that an IP address is assigned to a DHCP client. Use the no form to restore

DHCP COMMANDS4-113hostUse this command to specify the IP address and network mask to manually bind to a DHCP client. Use the no form to remove the IP

Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable. However, no responsibility is assumed by SMC for its use, n

INITIAL CONFIGURATION2-6Setting PasswordsNote: If this is your first time to log into the CLI program, you should define new passwords for both defau

COMMAND LINE INTERFACE4-114is used (see page 3-178). This command is valid for manual bindings only.•The no host command only clears the address from

DHCP COMMANDS4-115• BOOTP clients cannot transmit a client identifier. To bind an address to a BOOTP client, you must associate a hardware address wit

COMMAND LINE INTERFACE4-116Command Usage This command identifies a DHCP or BOOTP client to bind to an address specified in the host command. BOOTP cli

DHCP COMMANDS4-117ExampleRelated Commandsshow ip dhcp binding (4-117)show ip dhcp bindingUse this command to display address bindings on the DHCP serv

COMMAND LINE INTERFACE4-118Interface CommandsThese commands are used to display or set communication parameters for an Ethernet port, aggregated link,

INTERFACE COMMANDS4-119interfaceUse this command to configure an interface type and enter interface configuration mode. Use the no form to remove a tr

COMMAND LINE INTERFACE4-120Default Setting NoneCommand Mode Interface Configuration (Ethernet, Port Channel)Example The following example adds a descr

INTERFACE COMMANDS4-121Command Usage• To force operation to the speed and duplex mode specified in a speed-duplex command, use the no negotiation comm

COMMAND LINE INTERFACE4-122Command Usage • When auto-negotiation is enabled the switch will negotiate the best settings for a link based on the capabi

INTERFACE COMMANDS4-123• symmetric (Gigabit only) - When specified, the port transmits and receives pause frames; when not specified, the port will au

BASIC CONFIGURATION2-7Manual ConfigurationYou can manually assign an IP address to the switch. You may also need to specify a default gateway that res

COMMAND LINE INTERFACE4-124flowcontrolUse this command to enable flow control. Use the no form to disable flow control.Syntax flowcontrolno flowcontro

INTERFACE COMMANDS4-125ExampleThe following example enables flow control on port 5.Related Commands negotiation (4-121)capabilities (flowcontrol, symm

COMMAND LINE INTERFACE4-126switchport broadcast packet-rateUse this command to configure broadcast storm control. Use the no form to disable broadcast

INTERFACE COMMANDS4-127clear countersUse this command to clear statistics on an interface.Syntax clear counters interfaceinterface • ethernet unit/por

COMMAND LINE INTERFACE4-128show interfaces statusUse this command to display the status for an interface.Syntax show interfaces status [interface]inte

INTERFACE COMMANDS4-129Example show interfaces countersUse this command to display interface statistics. Syntax show interfaces counters [interface]in

COMMAND LINE INTERFACE4-130Command Usage If no interface is specified, information on all interfaces is displayed. For a description of the items disp

INTERFACE COMMANDS4-131show interfaces switchportUse this command to display the administrative and operational status of the specified interfaces.Syn

COMMAND LINE INTERFACE4-132Field DescriptionBroadcast threshold Shows if broadcast storm suppression is enabled or disabled; if enabled it also shows

MIRROR PORT COMMANDS4-133Mirror Port CommandsThis section describes how to mirror traffic from a source port to a target port. port monitorUse this co

INITIAL CONFIGURATION2-8Dynamic ConfigurationIf you select the “bootp” or “dhcp” option, IP will be enabled but will not function until a BOOTP or DHC

COMMAND LINE INTERFACE4-134probe to the destination port and study the traffic crossing the source port in a completely unobtrusive manner. • The dest

RATE LIMIT COMMANDS4-135Example The following shows mirroring configured from port 6 to port 11:Rate Limit CommandsThis function allows the network ma

COMMAND LINE INTERFACE4-136rate-limitUse this command to define the rate limit for a specific interface. Use this command without specifying a rate to

LINK AGGREGATION COMMANDS4-137Link Aggregation CommandsPorts can be statically grouped into an aggregate link (i.e., trunk) to increase the bandwidth

COMMAND LINE INTERFACE4-138• All the ports in a trunk have to be treated as a whole when moved from/to, added or deleted from a VLAN via the specified

LINK AGGREGATION COMMANDS4-139lacpUse this command to enable 802.3ad Link Aggregation Control Protocol (LACP) for the current interface. Use the no fo

COMMAND LINE INTERFACE4-140ExampleThe following shows LACP enabled on ports 11-13. Because LACP has also been enabled on the ports at the other end of

ADDRESS TABLE COMMANDS4-141Address Table CommandsThese commands are used to configure the address table for filtering specified addresses, displaying

COMMAND LINE INTERFACE4-142• action - - delete-on-reset - Assignment lasts until the switch is reset. - permanent - Assignment is permanent. Default S

ADDRESS TABLE COMMANDS4-143Command Mode Privileged ExecExample show mac-address-tableUse this command to view classes of entries in the bridge-forward

BASIC CONFIGURATION2-96. Then save your configuration changes by typing “copy running-config startup-config.” Enter the startup file name and press &l

COMMAND LINE INTERFACE4-144Command Usage • The MAC Address Table contains the MAC addresses associated with each interface. Note that the Type field m

ADDRESS TABLE COMMANDS4-145Command Usage The aging time is used to age out dynamically learned forwarding information.Example show mac-address-table a

COMMAND LINE INTERFACE4-146Spanning Tree CommandsThis section includes commands that configure the Spanning Tree Algorithm (STA) globally for the swit

SPANNING TREE COMMANDS4-147spanning-treeUse this command to enable the Spanning Tree Algorithm globally for the switch. Use the no form to disable it.

COMMAND LINE INTERFACE4-148spanning-tree modeUse this command to select the spanning tree mode for this switch. Use the no form to restore the default

SPANNING TREE COMMANDS4-149Example The following example configures the switch to use Rapid Spanning Tree:spanning-tree forward-timeUse this command t

COMMAND LINE INTERFACE4-150spanning-tree hello-timeUse this command to configure the spanning tree bridge hello time globally for this switch. Use the

SPANNING TREE COMMANDS4-151Default Setting 20 secondsCommand Mode Global ConfigurationCommand Usage This command sets the maximum time (in seconds) a

COMMAND LINE INTERFACE4-152Command Mode Global ConfigurationCommand Usage Bridge priority is used in selecting the root device, root port, and designa

SPANNING TREE COMMANDS4-153Example spanning-tree transmission-limitUse this command to configure the minimum interval between the transmission of cons

INITIAL CONFIGURATION2-10The default strings are:• public - with read-only access. Authorized management stations are only able to retrieve MIB object

COMMAND LINE INTERFACE4-154spanning-tree costUse this command to configure the spanning tree path cost for the specified interface. Use the no form to

SPANNING TREE COMMANDS4-155spanning-tree port-priorityUse this command to configure the priority for the specified interface. Use the no form to resto

COMMAND LINE INTERFACE4-156spanning-tree edge-portUse this command to specify an interface as an edge port. Use the no form to restore the default.Syn

SPANNING TREE COMMANDS4-157spanning-tree portfastUse this command to set an interface to fast forwarding. Use the no form to disable fast forwarding.S

COMMAND LINE INTERFACE4-158Related Commandsspanning-tree edge-port (4-156)spanning-tree link-typeUse this command to configure the link type for Rapid

SPANNING TREE COMMANDS4-159spanning-tree protocol-migrationUse this command to re-check the appropriate BPDU format to send on the selected interface.

COMMAND LINE INTERFACE4-160show spanning-treeUse this command to show the spanning tree configuration.Syntax show spanning-tree [interface]interface •

SPANNING TREE COMMANDS4-161ExampleConsole#show spanning-treeSpanning-tree information--------------------------------------------------------------- S

COMMAND LINE INTERFACE4-162VLAN CommandsA VLAN is a group of ports that can be located anywhere in the network, but communicate as though they belong

VLAN COMMANDS4-163Command Mode Global ConfigurationCommand Usage • Use the VLAN database command mode to add, change, and delete VLANs. After finishin

BASIC CONFIGURATION2-11Trap ReceiversYou can also specify SNMP stations that are to receive traps from the switch.To configure a trap receiver, comple

COMMAND LINE INTERFACE4-164Default Setting By default only VLAN 1 exists and is active.Command Mode VLAN Database ConfigurationCommand Usage • no vlan

VLAN COMMANDS4-165interface vlanUse this command to enter interface configuration mode for VLANs, and configure a physical interface.Syntax interface

COMMAND LINE INTERFACE4-166switchport modeUse this command to configure the VLAN membership mode for a port. Use the no form to restore the default.Sy

VLAN COMMANDS4-167switchport acceptable-frame-types Use this command to configure the acceptable frame types for a port. Use the no form to restore th

COMMAND LINE INTERFACE4-168switchport ingress-filtering Use this command to enable ingress filtering for an interface. Use the no form to restore the

VLAN COMMANDS4-169switchport native vlanUse this command to configure the PVID (i.e., default VLAN ID) for a port. Use the no form to restore the defa

COMMAND LINE INTERFACE4-170switchport allowed vlanUse this command to configure VLAN groups on the selected interface. Use the no form to restore the

VLAN COMMANDS4-171• If a VLAN on the forbidden list for an interface is manually added to that interface, the VLAN is automatically removed from the f

COMMAND LINE INTERFACE4-172Example The following example shows how to prevent port 1 from being added to VLAN 3:Displaying VLAN Informationshow vlanUs

VLAN COMMANDS4-173Example The following example shows how to display information for VLAN 1:Configuring Private VLANsPrivate VLANs provide port-based

INITIAL CONFIGURATION2-12Managing System FilesThe switch’s flash memory supports three types of system files that can be managed by the CLI program, W

COMMAND LINE INTERFACE4-174Command Usage• A private VLAN provides port-based security and isolation between ports within the VLAN. Data traffic on the

GVRP AND BRIDGE EXTENSION COMMANDS4-175GVRP and Bridge Extension CommandsGARP VLAN Registration Protocol defines a way for switches to exchange VLAN i

COMMAND LINE INTERFACE4-176Command Mode Global ConfigurationCommand Usage GVRP defines a way for switches to exchange VLAN information in order to reg

GVRP AND BRIDGE EXTENSION COMMANDS4-177Example switchport gvrpUse this command to enable GVRP for a port. Use the no form to disable it.Syntax switchp

COMMAND LINE INTERFACE4-178show gvrp configurationUse this command to show if GVRP is enabled.Syntax show gvrp configuration [interface]interface • et

GVRP AND BRIDGE EXTENSION COMMANDS4-179Default Setting • join: 20 centiseconds• leave: 60 centiseconds• leaveall: 1000 centisecondsCommand Mode Interf

COMMAND LINE INTERFACE4-180show garp timerUse this command to show the GARP timers for the selected interface.Syntax show garp timer [interface]interf

PRIORITY COMMANDS4-181Priority CommandsThe commands described in this section allow you to specify which data packets have greater precedence when tra

COMMAND LINE INTERFACE4-182switchport priority defaultUse this command to set a priority for incoming untagged frames. Use the no form to restore the

PRIORITY COMMANDS4-183Example The following example shows how to set a default priority on port 3 to 5:queue bandwidth Use this command to assign weig

MANAGING SYSTEM FILES2-13Note that configuration files should be downloaded using a file name that reflects the contents or usage of the file settings

COMMAND LINE INTERFACE4-184queue cos-mapUse this command to assign class of service (CoS) values to the priority queues (i.e., hardware output queues

PRIORITY COMMANDS4-185Command Usage CoS assigned at the ingress port is used to select a CoS priority at the egress port.Example The following example

COMMAND LINE INTERFACE4-186show queue cos-mapUse this command to show the class of service priority map.Syntax show queue cos-map [interface]interface

PRIORITY COMMANDS4-187Priority Commands (Layer 3 and 4) map ip port (Global Configuration)Use this command to enable IP port mapping (i.e., class of s

COMMAND LINE INTERFACE4-188Example The following example shows how to enable TCP/UDP port mapping globally:map ip port (Interface Configuration)Use th

PRIORITY COMMANDS4-189map ip precedence (Global Configuration)Use this command to enable IP precedence mapping (i.e., IP Type of Service). Use the no

COMMAND LINE INTERFACE4-190Default Setting The list below shows the default priority mapping.Command Mode Interface Configuration (Ethernet, Port Chan

PRIORITY COMMANDS4-191map ip dscp (Global Configuration)Use this command to enable IP DSCP mapping (i.e., Differentiated Services Code Point mapping).

COMMAND LINE INTERFACE4-192Default Setting The DSCP default values are defined in the following table. Note that all the DSCP values that are not spec

PRIORITY COMMANDS4-193show map ip portUse this command to show the IP port priority map.Syntax show map ip port [interface]interface • ethernet unit/p

INITIAL CONFIGURATION2-14

COMMAND LINE INTERFACE4-194show map ip precedenceUse this command to show the IP precedence priority map.Syntax show map ip precedence [interface]inte

PRIORITY COMMANDS4-195show map ip dscpUse this command to show the IP DSCP priority map.Syntax show map ip dscp [interface]interface • ethernet unit/p

COMMAND LINE INTERFACE4-196Multicast Filtering CommandsThis switch uses IGMP (Internet Group Management Protocol) to query for any attached hosts that

MULTICAST FILTERING COMMANDS4-197ip igmp snoopingUse this command to enable IGMP snooping on this switch. Use the no form to disable it.Syntax ip igmp

COMMAND LINE INTERFACE4-198Default Setting NoneCommand Mode Global ConfigurationExample The following shows how to statically configure a multicast gr

MULTICAST FILTERING COMMANDS4-199Example The following configures the switch to use IGMP Version 1:show ip igmp snoopingUse this command to show the I

COMMAND LINE INTERFACE4-200show mac-address-table multicastUse this command to show known multicast addresses.Syntax show mac-address-table multicast

MULTICAST FILTERING COMMANDS4-201IGMP Query Commands (Layer 2) ip igmp snooping querierUse this command to enable the switch as an IGMP querier. Use t

COMMAND LINE INTERFACE4-202ip igmp snooping query-countUse this command to configure the query count. Use the no form to restore the default.Syntax ip

MULTICAST FILTERING COMMANDS4-203ip igmp snooping query-intervalUse this command to configure the query interval. Use the no form to restore the defau

3-1CHAPTER 3CONFIGURING THE SWITCHUsing the Web InterfaceThis switch provides an embedded HTTP Web agent. Using a Web browser you can configure the sw

COMMAND LINE INTERFACE4-204Command Usage• The switch must be using IGMPv2 for this command to take effect. • This command defines the time after a que

MULTICAST FILTERING COMMANDS4-205Command Mode Global ConfigurationCommand Usage The switch must use IGMPv2 for this command to take effect.Example The

COMMAND LINE INTERFACE4-206ip igmpUse this command to enable IGMP on a VLAN interface. Use the no form of this command to disable IGMP on the specifie

MULTICAST FILTERING COMMANDS4-207ip igmp robustval Use this command to specify the robustness (i.e., expected packet loss) for this interface. Use the

COMMAND LINE INTERFACE4-208Default Setting 125 secondsCommand Mode Interface Configuration (VLAN)Command Usage • Multicast routers send host query mes

MULTICAST FILTERING COMMANDS4-209Command Mode Interface Configuration (VLAN)Command Usage• The switch must be using IGMPv2 for this command to take ef

COMMAND LINE INTERFACE4-210Default Setting 1 secondCommand Mode Interface Configuration (VLAN)Command Usage• A multicast client sends an IGMP leave me

MULTICAST FILTERING COMMANDS4-211Command Mode Interface Configuration (VLAN)Command Usage• All routers on the subnet must support the same version. Ho

COMMAND LINE INTERFACE4-212Example The following example shows the IGMP configuration for VLAN 1, as well as the device currently serving as the IGMP

MULTICAST FILTERING COMMANDS4-213Example The following example clears all multicast group entries for VLAN 1:show ip igmp groupsUse this command to di

vLIMITED WARRANTYLimited Warranty Statement: SMC Networks, Inc. (“SMC”) warrants its products to be free from defects in workmanship and materials, un

CONFIGURING THE SWITCH3-2Notes: 1. You are allowed three attempts to enter the correct password; on the third failed attempt the current connection is

COMMAND LINE INTERFACE4-214Example The following shows the IGMP groups currently active on VLAN 1: Console#show ip igmp groups vlan 1 GroupAddress

IP INTERFACE COMMANDS4-215IP Interface CommandsThere are no IP addresses assigned to this router by default. You must manually configure a new address

COMMAND LINE INTERFACE4-216ip addressUse this command to set the IP address for the currently selected VLAN interface. Use the no form to restore the

IP INTERFACE COMMANDS4-217You can manually configure a specific IP address, or direct the device to obtain an address from a BOOTP or DHCP server. Val

COMMAND LINE INTERFACE4-218ip default-gatewayUse this command to a establish a static route between this router and devices that exist on another netw

IP INTERFACE COMMANDS4-219show ip interfaceUse this command to display the settings of an IP interface.Default Setting All interfacesCommand Mode Priv

COMMAND LINE INTERFACE4-220pingUse this command to send ICMP echo request packets to another node on the network.Syntax ping host [count count][size s

IP INTERFACE COMMANDS4-221Example Related Commands interface (4-119)Address Resolution Protocol (ARP) Console#ping 10.1.0.9Type ESC to abort.PING to 1

COMMAND LINE INTERFACE4-222arpUse this command to add a static entry in the Address Resolution Protocol (ARP) cache. Use the no form to remove an entr

IP INTERFACE COMMANDS4-223arp-timeoutUse this command to set the aging time for dynamic entries in the Address Resolution Protocol (ARP) cache. Use th

NAVIGATING THE WEB BROWSER INTERFACE3-3Navigating the Web Browser InterfaceTo access the Web-browser interface you must first enter a user name and pa

COMMAND LINE INTERFACE4-224show arpUse this command to display entries in the Address Resolution Protocol (ARP) cache.Command Mode Normal Exec, Privil

IP ROUTING COMMANDS4-225Command Mode Interface Configuration (VLAN)Command Usage Proxy ARP allows a non-routing device to determine the MAC address of

COMMAND LINE INTERFACE4-226Global Routing Configurationip routingUse this command to enable IP routing. Use the no form to disable IP routing.Syntax i

IP ROUTING COMMANDS4-227ip routeUse this command to configure static routes. Use the no form to remove static routes.Syntax ip route {destination-ip n

COMMAND LINE INTERFACE4-228clear ip routeUse this command to remove dynamically learned entries from the IP routing table.Syntax clear ip route {netwo

IP ROUTING COMMANDS4-229Command Usage If the address is specified without the netmask parameter, the router displays all routes for the corresponding

COMMAND LINE INTERFACE4-230ExampleConsole#show ip trafficIP statistics: Rcvd: 5 total, 5 local destination 0 checksum errors 0 unkno

IP ROUTING COMMANDS4-231Routing Information Protocol (RIP)router ripUse this command to enable Routing Information Protocol (RIP) routing for all IP i

COMMAND LINE INTERFACE4-232Command Mode Global ConfigurationDefault Setting DisabledCommand Usage • RIP is used to specify how routers exchange routin

IP ROUTING COMMANDS4-233Command Usage •The update timer sets the rate at which updates are sent. This is the fundamental timer used to control all bas

CONFIGURING THE SWITCH3-4Configuration OptionsConfigurable parameters have a dialog box or a drop-down list. Once a configuration change has been made

COMMAND LINE INTERFACE4-234Default Setting No networks are specified.Command Usage • RIP only sends updates to interfaces specified by this command.•

IP ROUTING COMMANDS4-235Command Usage This command can be used to configure a static neighbor with which this router will exchange information, rather

COMMAND LINE INTERFACE4-236ExampleThis example sets the global version for RIP to send and receive version 2 packets.Related Commandsip rip receive ve

IP ROUTING COMMANDS4-237• You can specify the receive version based on these options:- Use “none” if you do not want to add any dynamic entries to the

COMMAND LINE INTERFACE4-238Default Setting The default depends on the setting specified with the version command:Global RIPv1 - Routes broadcast to ot

IP ROUTING COMMANDS4-239ip split-horizonUse this command to enable split-horizon or poison-reverse (a variation) on an interface. Use the no form to d

COMMAND LINE INTERFACE4-240ip rip authentication keyUse this command to enable authentication for RIPv2 packets and to specify the key that must be us

IP ROUTING COMMANDS4-241ip rip authentication modeUse this command to specify the type of authentication that can be used on an interface. Note that t

COMMAND LINE INTERFACE4-242show rip globalsUse this command to display global configuration settings for RIP.Command Mode Privileged ExecExample show

IP ROUTING COMMANDS4-243Command Mode Privileged ExecExample Console#show ip rip configuration Interface SendMode ReceiveMode Poison

NAVIGATING THE WEB BROWSER INTERFACE3-5Main Menu Using the onboard Web agent, you can define system parameters, manage and control the switch, and all

COMMAND LINE INTERFACE4-244Open Shortest Path First (OSPF) Version Whether RIPv1 or RIPv2 packets were received from this peer.RcvBadPackets Number of

IP ROUTING COMMANDS4-245Interface Configurationip ospf authenticationSpecifies the authentication type for an interfaceIC 4-263ip ospf authentication-

COMMAND LINE INTERFACE4-246router ospfUse this command to enable Open Shortest Path First (OSPF) routing for all IP interfaces on the router. Use the

IP ROUTING COMMANDS4-247router-idUse this command to assign a unique router ID for this device within the autonomous system. Use the no form to use th

COMMAND LINE INTERFACE4-248compatible rfc1583Use this command to calculate summary route costs using RFC 1583 (OSPFv1). Use the no form to calculate c

IP ROUTING COMMANDS4-249Command Mode Router ConfigurationDefault Setting DisabledCommand Usage • The metric for the default external route is used to

COMMAND LINE INTERFACE4-250timers spfUse this command to configure the hold time between making two consecutive shortest path first (SPF) calculations

IP ROUTING COMMANDS4-251area rangeUse this command to summarize the routes advertised by an Area Border Router (ABR). Use the no form to disable this

COMMAND LINE INTERFACE4-252area default-costUse this command to specify a cost for the default summary route sent into a stub or not-so-stubby area (N

IP ROUTING COMMANDS4-253summary-addressUse this command to aggregate routes learned from other protocols. Use the no form to remove a summary address.

CONFIGURING THE SWITCH3-6Spanning Tree 3-87STA Information Displays STA values used for the bridge 3-89STA Configuration Configures global bridge set

COMMAND LINE INTERFACE4-254redistributeUse this command to import external routing information from other routing domains (i.e., protocols) into the a

IP ROUTING COMMANDS4-255• Metric type specifies the way to advertise routes to destinations outside the AS via External LSAs. Specify Type 1 to add th

COMMAND LINE INTERFACE4-256Command Usage • An area ID uniquely defines an OSPF broadcast area. The area ID 0.0.0.0 indicates the OSPF backbone for an

IP ROUTING COMMANDS4-257area stubUse this command to define a stub area. To remove a stub, use the no form without the optional keyword. To remove the

COMMAND LINE INTERFACE4-258Related Commandsarea default-cost (4-252)area nssaUse this command to define a not-so-stubby area (NSSA). To remove an NSSA

IP ROUTING COMMANDS4-259Command Usage • All routers in a NSSA must be configured with the same area ID.• An NSSA is similar to a stub, because when th

COMMAND LINE INTERFACE4-260area virtual-linkUse this command to define a virtual link. To remove a virtual link, use the no form with no optional keyw

IP ROUTING COMMANDS4-261to an autonomous system. (Range: 1-65535 seconds; Default: 10 seconds)• retransmit-interval seconds - Specifies the interval a

COMMAND LINE INTERFACE4-262Default Setting area-id: Nonerouter-id: Nonehello-interval: 10 secondsretransmit-interval: 5 secondstransmit-delay: 1 secon

IP ROUTING COMMANDS4-263ip ospf authenticationUse this command to specify the authentication type used for an interface. Enter this command without an

NAVIGATING THE WEB BROWSER INTERFACE3-7Traffic Classes Maps IEEE 802.1p priority tags to output queues3-122Queue Scheduling Configures Weighted Round

COMMAND LINE INTERFACE4-264ip ospf authentication-keyUse this command to assign a simple password to be used by neighboring routers. Use the no form t

IP ROUTING COMMANDS4-265ip ospf message-digest-keyUse this command to enable message-digest (MD5) authentication on the specified interface and to ass

COMMAND LINE INTERFACE4-266Related Commandsip ospf authentication (4-263)ip ospf costUse this command to explicitly set the cost of sending a packet o

IP ROUTING COMMANDS4-267ip ospf dead-intervalUse this command to set the interval at which hello packets are not seen before neighbors declare the rou

COMMAND LINE INTERFACE4-268ip ospf hello-intervalUse this command to specify the interval between sending hello packets on an interface. Use the no fo

IP ROUTING COMMANDS4-269Command Mode Interface Configuration (VLAN)Default Setting 1Command Usage • Set the priority to zero to prevent a router from

COMMAND LINE INTERFACE4-270Command Usage A router will resend an LSA to a neighbor if it receives no acknowledgment. The retransmit interval should be

IP ROUTING COMMANDS4-271show ip ospfUse this command to show basic information about the routing configuration.Command Mode Privileged ExecExampleCons

COMMAND LINE INTERFACE4-272show ip ospf border-routersUse this command to show entries in the routing table that lead to an Area Border Router (ABR) o

IP ROUTING COMMANDS4-273show ip ospf databaseUse this command to show information about different OSPF Link State Advertisements (LSAs) stored in this

CONFIGURING THE SWITCH3-8Statistics Lists Ethernet and RMON port statistics 3-71Rate Limit 3-77Input Rate Limit Port Configuration Sets the input rat

COMMAND LINE INTERFACE4-274Also, note that when an Type 5 ASBR External LSA is describing a default route, its link-state-id is set to the default des

IP ROUTING COMMANDS4-275The following shows output when using the asbr-summary keyword.Console#show ip ospf database asbr-summaryOSPF Router with id(1

COMMAND LINE INTERFACE4-276The following shows output when using the database-summary keyword.The following shows output when using the external keywo

IP ROUTING COMMANDS4-277Field DescriptionOSPF Router id Router IDLS age Age of LSA (in seconds)Options Optional capabilities associated with the LSALS

COMMAND LINE INTERFACE4-278The following shows output when using the network keyword.Console#show ip ospf database networkOSPF Router with id(10.1.1.2

IP ROUTING COMMANDS4-279The following shows output when using the router keyword.Console#show ip ospf database routerOSPF Router with id(10.1.1.253)

COMMAND LINE INTERFACE4-280The following shows output when using the summary keyword.Link ID Link type and corresponding Router ID or network addressL

IP ROUTING COMMANDS4-281show ip ospf interfaceUse this command to display summary information for OSPF interfaces.Syntax show ip ospf interface [vlan

COMMAND LINE INTERFACE4-282show ip ospf neighborUse this command to display information about neighboring routers on each interface within an OSPF are

IP ROUTING COMMANDS4-283show ip ospf summary-addressUse this command to display all summary address information.Syntax show ip ospf summary-addressCom

NAVIGATING THE WEB BROWSER INTERFACE3-9Dynamic Addresses Shows dynamically learned entries in the IP routing table3-161Other Addresses Shows internal

COMMAND LINE INTERFACE4-284Related Commandssummary-address (4-253)show ip ospf virtual-linksUse this command to display detailed information about vir

MULTICAST ROUTING COMMANDS4-285Multicast Routing CommandsThis router uses IGMP snooping and query to determine the ports connected to downstream multi

COMMAND LINE INTERFACE4-286ip igmp snooping vlan mrouterUse this command to statically configure a multicast router port. Use the no form to remove th

MULTICAST ROUTING COMMANDS4-287show ip igmp snooping mrouter Use this command to display information on statically configured and dynamically learned

COMMAND LINE INTERFACE4-288ip multicast-routingUse this command to enable IP multicast routing. Use the no form to disable IP multicast routing.Syntax

MULTICAST ROUTING COMMANDS4-289Command Mode Privileged ExecCommand Usage This command displays information for multicast routing. If no optional param

COMMAND LINE INTERFACE4-290This example lists all entries in the multicast table in summary form:DVMRP Multicast Routing Commands Console#show ip mrou

MULTICAST ROUTING COMMANDS4-291router dvmrpUse this command to enable Distance-Vector Multicast Routing (DVMRP) globally for the router and to enter r

COMMAND LINE INTERFACE4-292Related Commands ip dvmrp (4-296)show router dvmrp (4-298)probe-intervalUse this command to set the interval for sending ne

MULTICAST ROUTING COMMANDS4-293nbr-timeoutUse this command to set the interval to wait for messages from a DVMRP neighbor before declaring it dead. Us

CONFIGURING THE SWITCH3-10Routing Protocol 3-152RIP 3-175General Settings Enables or disables RIP, sets the global RIP version and timer values3-176Ne

COMMAND LINE INTERFACE4-294Command Mode Router ConfigurationExampleflash-update-intervalUse this command to specify how often to send trigger updates,

MULTICAST ROUTING COMMANDS4-295Default Setting 7200 secondsCommand Mode Router ConfigurationCommand Usage This command sets the prune state lifetime.

COMMAND LINE INTERFACE4-296to the router. When the router receives these messages, it records all the downstream routers for the default route.• When

MULTICAST ROUTING COMMANDS4-297Exampleip dvmrp metricUse this command to configure the metric used in selecting the reverse path to networks connected

COMMAND LINE INTERFACE4-298clear ip dvmrp routeUse this command to clear all dynamic routes learned by DVMRP.Command Mode Privileged ExecExampleAs sho

MULTICAST ROUTING COMMANDS4-299ExampleThe default settings are shown in the following example:show ip dvmrp routeUse this command to display all entri

COMMAND LINE INTERFACE4-300show ip dvmrp neighborUse this command to display all of the DVMRP neighbor routers.Command Mode Normal Exec, Privileged Ex

MULTICAST ROUTING COMMANDS4-301show ip dvmrp interfaceUse this command to display the DVMRP configuration for interfaces which have enabled DVMRP.Comm

COMMAND LINE INTERFACE4-302router pimUse this command to enable Protocol-Independent Multicast - Dense Mode (PIM-DM) globally for the router and to en

MULTICAST ROUTING COMMANDS4-303ip pim dense-modeUse this command to enable PIM-DM on the specified interface. Use the no form to disable PIM-DM on thi

NAVIGATING THE WEB BROWSER INTERFACE3-11NSSA Settings Configures settings for importing routes into or exporting routes out of not-so-stubby areas3-21

COMMAND LINE INTERFACE4-304Exampleip pim hello-intervalUse this command to configure the frequency at which PIM hello messages are transmitted. Use th

MULTICAST ROUTING COMMANDS4-305ip pim hello-holdtimeUse this command to configure the interval to wait for hello messages from a neighboring PIM route

COMMAND LINE INTERFACE4-306Default Setting 5 secondsCommand Mode Interface Configuration (VLAN)Command Usage • When a router first starts or PIM is en

MULTICAST ROUTING COMMANDS4-307Command Usage The multicast interface that first receives a multicast stream from a particular source forwards this tra

COMMAND LINE INTERFACE4-308Exampleip pim max-graft-retriesUse this command to configure the maximum number of times to resend a Graft message if it ha

MULTICAST ROUTING COMMANDS4-309show ip pim interfaceUse this command to display information about interfaces configured for PIM.Syntax show ip pim int

COMMAND LINE INTERFACE4-310Command Mode Normal Exec, Privileged ExecExample Console#show ip pim neighbor Address VLAN Interface Uptime Exp

A-1APPENDIX ATROUBLESHOOTINGTroubleshooting ChartSymptom ActionCannot connect using Telnet, Web browser, or SNMP software• Be sure you have configured

TROUBLESHOOTINGA-2

B-1APPENDIX BUPGRADING FIRMWARE VIATHE SERIAL PORTThe switch contains three firmware components that can be upgraded; the loader code, diagnostics (or

viWARRANTIES EXCLUSIVE: IF AN SMC PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE, CUSTOMER’S SOLE REMEDY SHALL BE REPAIR OR REPLACEMENT OF THE PRODUCT IN

CONFIGURING THE SWITCH3-12Basic ConfigurationDisplaying System InformationYou can easily identify the system by displaying the device name, location a

UPGRADING FIRMWARE VIA THE SERIAL PORTB-2power on or rebooting the switch. Screen text similar to that shown below displays: 5. Press <c> to cha

B-312. If using Windows HyperTerminal, click the “Transfer” button, and then click “Send File...” Select the XModem Protocol and then use the “Browse

UPGRADING FIRMWARE VIA THE SERIAL PORTB-416. To set the new downloaded file as the startup file, use the [S]et Startup File menu option.17. When you h

Glossary-1GLOSSARYAccess Control List (ACL)ACLs can limit network traffic and restrict access to certain users or devices by checking each packet for

GLOSSARYGlossary-2Dynamic Host Control Protocol (DHCP)Provides a framework for passing configuration information to hosts on a TCP/IP network. DHCP is

GLOSSARYGlossary-3IEEE 802.1QVLAN Tagging—Defines Ethernet frame tags which carry VLAN information. It allows switches to assign endstations to differ

GLOSSARYGlossary-4Internet Group Management Protocol (IGMP)A protocol through which hosts can register with their local router for multicast services.

GLOSSARYGlossary-5Management Information Base (MIB)An acronym for Management Information Base. It is a set of database objects that contains informati

GLOSSARYGlossary-6Private VLANsPrivate VLANs provide port-based security and isolation between ports within the assigned VLAN. Data traffic on downlin

GLOSSARYGlossary-7Simple Network Time Protocol (SNTP)SNTP allows a device to set its internal clock based on periodic updates from a Network Time Prot

BASIC CONFIGURATION3-13Web – Click System, System Information. Specify the system name, location, and contact information for the system administrator

GLOSSARYGlossary-8XModemA protocol used to transfer files between devices. Data is grouped in 128-byte blocks and error-corrected.

Index-1Aacceptable frame type 3-115, 4-167Access Control List See ACLACLExtended IP 3-42, 4-75, 4-76, 4-79MAC 3-42, 4-75, 4-84, 4-84–4-88Standard IP

INDEXIndex-2Ffirmwaredisplaying version 3-14, 4-52upgrading 3-22, 4-53, B-1GGARP VLAN Registration Protocol See GVRPgateway, default 3-154, 4-218GVR

INDEXIndex-3routing table 3-219, 4-288multicast servicesconfiguring 3-143, 4-197displaying 3-142, 4-200multicast, static router port 3-140, 4-286OOSPF

INDEXIndex-4Sserial portconfiguring 4-13XModem downloads B-1Simple Network Management Protocol See SNMPSNMP 3-50community string 3-50, 4-90enabling t

INDEXIndex-5WWeb interfaceaccess requirements 3-1configuration buttons 3-4home page 3-3menu list 3-5panel display 3-4XXModem downloads B-1

INDEXIndex-6

38 TeslaIrvine, CA 92618Phone: (949) 679-8000FOR TECHNICAL SUPPORT, CALL:From U.S.A. and Canada (24 hours a day, 7 days a week)(800) SMC-4-YOU; Phn: (

CONFIGURING THE SWITCH3-14Displaying Switch Hardware/Software Versions Use the Switch Information page to display hardware/firmware version numbers fo

BASIC CONFIGURATION3-15Web – Click System, Switch Information.CLI – Use the following command to display version information.Console#show version 4-52

CONFIGURING THE SWITCH3-16Displaying Bridge Extension CapabilitiesThe Bridge MIB includes extensions for managed devices that support Multicast Filter

BASIC CONFIGURATION3-17Web – Click System, Bridge Extension.CLI – Enter the following command. Setting the Switch’s IP Address This section describes

CONFIGURING THE SWITCH3-18You can manually configure a specific IP address, or direct the device to obtain an address from a BOOTP or DHCP server. Val

BASIC CONFIGURATION3-19• Subnet Mask – This mask identifies the host address bits used for routing to specific subnets. (Default: 255.0.0.0)• Default

CONFIGURING THE SWITCH3-20CLI – Specify the management interface, IP address and default gateway.Using DHCP/BOOTP If your network provides DHCP/BOOTP

BASIC CONFIGURATION3-21CLI – Specify the management interface, and set the IP Address Mode to DHCP or BOOTP, and then enter the “ip dhcp restart clien

viiCONTENTS1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-1Key Features . . . . . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-22Managing FirmwareYou can upload/download firmware to or from a TFTP server. By saving runtime code to a file on a TFTP serve

BASIC CONFIGURATION3-23 If you download to a new destination file, then select the file from the drop-down box for the operation code used at startup,

CONFIGURING THE SWITCH3-2431 characters for files on the switch. (Valid characters: A-Z, a-z, 0-9, “.”, “-”, “_”)Note: The maximum number of user-def

BASIC CONFIGURATION3-25CLI – Enter the IP address of the TFTP server, specify the source file on the server, set the startup file name on the switch,

CONFIGURING THE SWITCH3-26Configuring SNTPYou can configure the switch to send time synchronization requests to specific time servers (i.e., client mo

BASIC CONFIGURATION3-27CLI – This example configures the switch to operate as an SNTP broadcast client.Setting the Time ZoneSNTP uses Coordinated Univ

CONFIGURING THE SWITCH3-28Resetting the SystemWeb – Click System, Reset. Click the Reset button to restart the switch.CLI – Use the reload command to

USER AUTHENTICATION3-29The default guest name is “guest” with the password “guest.” The default administrator name is “admin” with the password “admin

CONFIGURING THE SWITCH3-30Configuring Local/Remote Logon AuthenticationUse the Authentication Settings menu to restrict management access based on spe

USER AUTHENTICATION3-31(1) RADIUS and (2) Local, the user name and password on the RADIUS server is verified first. If the RADIUS server is not availa

CONTENTSviiiUsing DHCP/BOOTP . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20Managing Firmware . . . . . . . . . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-32Web – Click System, Radius. To configure local or remote authentication preferences, specify the authentication sequence (i.

USER AUTHENTICATION3-33ports in a network can be centrally controlled from a server, which means that authorized users can use the same credentials fo

CONFIGURING THE SWITCH3-34• Each switch port that will be used must be set to dot1x “Auto” mode.• Each client that needs to be authenticated must have

USER AUTHENTICATION3-35• Server timeout – The time the switch waits for a response from the authentication server (RADIUS) to an authentication reques

CONFIGURING THE SWITCH3-36Configuring 802.1x Global SettingsThe dot1x protocol includes global parameters that control the client authentication proce

USER AUTHENTICATION3-37• Timeout for Quiet Period – Sets the time that a switch port waits after the dot1X Max Request Count has been exceeded before

CONFIGURING THE SWITCH3-38Configuring Port Authorization ModeWhen dot1x is enabled, you need to specify the dot1x authentication mode configured for e

USER AUTHENTICATION3-39CLI – This example sets the authentication mode to enable dot1x on port 2. Displaying 802.1x StatisticsThis switch can display

CONFIGURING THE SWITCH3-40Web – Select dot1X, dot1X Statistics. Select the required port and then click Query. Click Refresh to update the statistics.

ACCESS CONTROL LISTS3-41Access Control ListsAccess Control Lists (ACL) provide packet filtering for IP frames (based on address, protocol, TCP/UDP por

CONTENTSixConfiguring Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-70Showing Port Statistics . . . . . . . . . . . . . .

CONFIGURING THE SWITCH3-42The order in which active ACLs are checked is as follows:1. User-defined rules in the MAC ACL.2. User-defined rules in the I

ACCESS CONTROL LISTS3-43Web – Click ACL, ACL Configuration. Enter an ACL name in the Name field, select the list type (IP Standard, IP Extended, or MA

CONFIGURING THE SWITCH3-44Web – Specify the action (i.e., Permit or Deny). Select the address type (Any, Host, or IP). If you select “Host,” enter a s

ACCESS CONTROL LISTS3-45• Src/Dst SubMask – Subnet mask for source or destination address. (See SubMask in the preceding section.)• Protocol – Specifi

CONFIGURING THE SWITCH3-46Web – Specify the action (i.e., Permit or Deny). Specify the source and/or destination addresses. Select the address type (A

ACCESS CONTROL LISTS3-473. Permit all TCP packets from class C addresses 192.168.1.0 with the TCP control code set to “SYN.”Configuring a MAC ACLComma

CONFIGURING THE SWITCH3-48Web – Specify the action (i.e., Permit or Deny). Specify the source and/or destination addresses. Enter a specific address (

ACCESS CONTROL LISTS3-49Binding a Port to an Access Control ListAfter configuring Access Control Lists (ACL), you can bind the ports that need to filt

CONFIGURING THE SWITCH3-50Simple Network Management Protocol Simple Network Management Protocol (SNMP) is a communication protocol designed specifical

SIMPLE NETWORK MANAGEMENT PROTOCOL3-51• Access Mode - Read-Only – Specifies read-only access. Authorized management stations are only able to retrieve