Edge-Core ECS2100-10P Reference guide

CLI Reference Guide

www.edge-core.com

ECS2100-10T/PE/P

ECS2100-28T/P/PP

10/28-Port Web-smart Pro

Gigabit Ethernet Switch

Software Release v1.2.2.0

CLI Reference Guide

ECS2100-10T Gigabit Ethernet Switch

Web-smart Pro Gigabit Ethernet Switch

with 8 10/100/1000BASE-T (RJ-45) Ports

and 2 Gigabit SFP Ports

ECS2100-10PE Gigabit Ethernet Switch

Web-smart Pro Gigabit Ethernet Switch

with 8 10/100/1000BASE-T (RJ-45) 802.3 af/at PoE Ports

with 2 Gigabit SFP Ports (PoE Power Budget: 65W)

ECS2100-10P Gigabit Ethernet Switch

Web-smart Pro Gigabit Ethernet Switch

with 8 10/100/1000BASE-T (RJ-45) 802.3 af/at PoE Ports

and 2 Gigabit SFP Ports

(PoE Power Budget: 125 W)

ECS2100-28T Gigabit Ethernet Switch

Web-smart Pro Gigabit Ethernet Switch

with 24 10/100/1000BASE-T (RJ-45) Ports

and 4 Gigabit SFP Ports

ECS2100-28P Gigabit Ethernet Switch

Web-smart Pro Gigabit Ethernet Switch

with 24 10/100/1000BASE-T (RJ-45) 802.3 af/at PoE Ports

and 4 Gigabit SFP Ports

(PoE Power Budget: 200 W)

ECS2100-28PP Gigabit Ethernet Switch

Web-smart Pro Gigabit Ethernet Switch

with 24 10/100/1000BASE-T (RJ-45) 802.3 af/at PoE Ports

and 4 Gigabit SFP Ports

(PoE Power Budget: 370 W, can extend to 740 W)

E012017/ST-R02

– 3 –

How to Use This Guide

This guide includes detailed information on the switch software, including how to

operate and use the management functions of the switch. To deploy this switch

effectively and ensure trouble-free operation, you should first read the relevant

sections in this guide so that you are familiar with all of its software features.

Who Should Read This

Guide?

This guide is for network administrators who are responsible for operating and

maintaining network equipment. The guide assumes a basic working knowledge of

LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network

Management Protocol (SNMP).

How This Guide is

Organized

This guide describes the switch’s command line interface (CLI). For more detailed

information on the switch’s key features or information about the web browser

management interface refer to the Web Management Guide.

The guide includes these sections:

◆

Section I “Getting Started” — Includes information on initial configuration.

◆

Section II “Command Line Interface” — Includes all management options

available through the CLI.

◆

Section III “Appendices” — Includes information on troubleshooting switch

management access.

This guide focuses on switch software configuration through the CLI.

For information on how to manage the switch through the Web management

interface, see the following guide:

Web Management Guide

For information on how to install the switch, see the following guide:

Installation Guide

For all safety information and regulatory statements, see the following documents:

Quick Start Guide

Safety and Regulatory Information

How to Use This Guide

– 4 –

Conventions

The following conventions are used throughout this guide to show information:

Note:

Emphasizes important information or calls your attention to related features

or instructions.

Caution:

Alerts you to a potential hazard that could cause loss of data, or damage

the system or equipment.

Revision History

This section summarizes the changes in each revision of this guide.

Revision Date Change Description

v1.2.2.0 01/2017 New:

•"Switch Clustering" on page 152

•"Flow Sampling Commands" on page 193

•"mac-authentication reauth-time" on page 267

•"network-access max-mac-count" on page 270

•"network-access mode mac-authentication" on

page 271

•"network-access port-mac-filter" on page 272

•"mac-authentication intrusion-action" on page 273

•"mac-authentication max-mac-count" on page 273

•"Web Authentication" on page 276

•"ip dhcp snooping information option remote-id" on

page 288

•"ip dhcp snooping information option circuit-id" on

page 292

•"dos-protection echo-chargen" on page 314

•"dos-protection tcp-flooding" on page 315

•"dos-protection udp-flooding" on page 317

•"dos-protection win-nuke" on page 318

•"switchport dot1q-tunnel priority map" on page 471

•"ERPS Commands" on page 489

•"Loopback Detection Commands" on page 417

•"qos map cos-queue" on page 526

•"qos map dscp-queue" on page 528

•"show qos map cos-queue" on page 530

•"show qos map dscp-queue" on page 531

•"IP Routing Commands" on page 689

•"show ip igmp snooping statistics" on page 566

•"File Management" on page 100 – SFTP

•"Denial of Service Protection" on page 314

•"dir" on page 107

How to Use This Guide

– 5 –

Updated:

•"dir" on page 107

•"File Management" on page 100 – SFTP

•"Denial of Service Protection" on page 314

•"switchport packet-rate" on page 415

Removed:

•“vlan-trunking”

•“qos map cos-dscp”

•“qos map dscp-mutation”

•"set phb"

•“set ip dhcp”

• “show qos map cos-dscp”

•“show qos map dscp-mutation”

v1.1.2.0 1/2016 Initial release

Revision Date Change Description

How to Use This Guide

– 6 –

– 7 –

Contents

How to Use This Guide 3

Contents 7

Tables 33

Section I Getting Started 39

1 Initial Switch Configuration 41

Connecting to the Switch 41

Configuration Options 41

Connecting to the Console Port 42

Logging Onto the Command Line Interface 43

Setting Passwords 43

Remote Connections 44

Configuring the Switch for Remote Management 45

Using the Network Interface 45

Setting an IP Address 45

Enabling SNMP Management Access 51

Managing System Files 53

Upgrading the Operation Code 54

Saving or Restoring Configuration Settings 54

Automatic Installation of Operation Code and Configuration Settings 56

Downloading Operation Code from a File Server 56

Specifying a DHCP Client Identifier 59

Downloading a Configuration File and Other Parameters from a DHCP Server 60

Setting the System Clock 62

Setting the Time Manually 62

Configuring SNTP 63

Configuring NTP 63

Contents

– 8 –

Section II Command Line Interface 65

2 Using the Command Line Interface 67

Accessing the CLI 67

Console Connection 67

Telnet Connection 68

Entering Commands 69

Keywords and Arguments 69

Minimum Abbreviation 69

Command Completion 69

Getting Help on Commands 70

Partial Keyword Lookup 71

Negating the Effect of Commands 72

Using Command History 72

Understanding Command Modes 72

Exec Commands 72

Configuration Commands 73

Command Line Processing 75

Showing Status Information 75

CLI Command Groups 76

3 General Commands 79

prompt 79

reload (Global Configuration) 80

enable 81

quit 82

show history 82

configure 83

disable 84

reload (Privileged Exec) 84

show reload 85

end 85

exit 85

Contents

– 9 –

4 System Management Commands 87

Device Designation 87

hostname 88

System Status 88

show access-list tcam-utilization 89

show memory 90

show process cpu 91

show process cpu guard 91

show process cpu task 92

show running-config 94

show startup-config 95

show system 96

show tech-support 97

show users 98

show version 98

show watchdog 99

Frame Size 99

jumbo frame 100

File Management 100

General Commands 102

boot system 102

copy 102

delete 106

dir 107

whichboot 108

Automatic Code Upgrade Commands 109

upgrade opcode auto 109

upgrade opcode path 110

upgrade opcode reload 111

show upgrade 112

TFTP Configuration Commands 112

ip tftp retry 112

ip tftp timeout 113

show ip tftp 113

Contents

– 10 –

Line 114

line 115

databits 115

exec-timeout 116

login 117

parity 118

password 118

password-thresh 119

silent-time 120

speed 121

stopbits 121

timeout login response 122

disconnect 122

terminal 123

show line 124

Event Logging 125

logging command 125

logging facility 126

logging history 126

logging host 127

logging on 128

logging trap 129

clear log 129

show log 130

show logging 131

SMTP Alerts 132

logging sendmail 133

logging sendmail destination-email 133

logging sendmail host 134

logging sendmail level 134

logging sendmail source-email 135

show logging sendmail 136

Time 136

SNTP Commands 137

sntp client 137

Contents

– 11 –

sntp poll 138

sntp server 138

show sntp 139

NTP Commands 140

ntp authenticate 140

ntp authentication-key 140

ntp client 141

ntp server 142

show ntp 143

Manual Configuration Commands 143

clock summer-time (date) 143

clock summer-time (predefined) 145

clock summer-time (recurring) 146

clock timezone 147

calendar set 148

show calendar 149

Time Range 149

time-range 149

absolute 150

periodic 151

show time-range 152

Switch Clustering 152

cluster 153

cluster commander 154

cluster ip-pool 155

cluster member 156

rcommand 156

show cluster 157

show cluster members 157

show cluster candidates 158

5SNMP Commands 159

General SNMP Commands 161

snmp-server 161

snmp-server community 161

Contents

– 12 –

snmp-server contact 162

snmp-server location 163

show snmp 163

SNMP Target Host Commands 164

snmp-server enable traps 164

snmp-server host 165

snmp-server enable port-traps link-up-down 167

snmp-server enable port-traps mac-notification 168

show snmp-server enable port-traps 168

SNMPv3 Commands 169

snmp-server engine-id 169

snmp-server group 170

snmp-server user 171

snmp-server view 173

show snmp engine-id 174

show snmp group 175

show snmp user 176

show snmp view 177

Notification Log Commands 177

nlm 177

snmp-server notify-filter 178

show nlm oper-status 180

show snmp notify-filter 180

Additional Trap Commands 180

memory 180

process cpu 181

process cpu guard 182

6 Remote Monitoring Commands 185

rmon alarm 186

rmon event 187

rmon collection history 188

rmon collection rmon1 189

show rmon alarms 190

show rmon events 190

Contents

– 13 –

show rmon history 191

show rmon statistics 191

7Flow Sampling Commands 193

sflow owner 193

sflow polling instance 195

sflow sampling instance 196

show sflow 197

8 Authentication Commands 199

User Accounts and Privilege Levels 200

enable password 200

username 201

privilege 203

show privilege 203

Authentication Sequence 204

authentication enable 204

authentication login 205

RADIUS Client 206

radius-server acct-port 206

radius-server auth-port 207

radius-server host 207

radius-server key 208

radius-server retransmit 209

radius-server timeout 209

show radius-server 210

TACACS+ Client 210

tacacs-server host 211

tacacs-server key 211

tacacs-server port 212

tacacs-server retransmit 212

tacacs-server timeout 213

show tacacs-server 213

AAA 214

aaa accounting commands 215

aaa accounting dot1x 216

Contents

– 14 –

aaa accounting exec 217

aaa accounting update 218

aaa authorization commands 218

aaa authorization exec 219

aaa group server 220

server 221

accounting dot1x 221

accounting commands 222

accounting exec 222

authorization commands 223

authorization exec 224

show accounting 224

show authorization 225

Web Server 226

ip http authentication 227

ip http port 227

ip http server 228

ip http secure-port 228

ip http secure-server 229

Telnet Server 230

ip telnet max-sessions 231

ip telnet port 231

ip telnet server 232

telnet (client) 232

show ip telnet 233

Secure Shell 233

ip ssh authentication-retries 236

ip ssh server 236

ip ssh server-key size 237

ip ssh timeout 238

delete public-key 238

ip ssh crypto host-key generate 239

ip ssh crypto zeroize 240

ip ssh save host-key 240

show ip ssh 241

Contents

– 15 –

show public-key 241

show ssh 242

802.1X Port Authentication 243

General Commands 244

dot1x default 244

dot1x system-auth-control 244

Authenticator Commands 245

dot1x intrusion-action 245

dot1x max-reauth-req 246

dot1x max-req 246

dot1x operation-mode 247

dot1x port-control 248

dot1x re-authentication 248

dot1x timeout quiet-period 249

dot1x timeout re-authperiod 249

dot1x timeout supp-timeout 250

dot1x timeout tx-period 250

dot1x re-authenticate 251

Supplicant Commands 252

dot1x timeout auth-period 252

dot1x timeout held-period 252

Information Display Commands 253

show dot1x 253

Management IP Filter 255

management 255

show management 256

9 General Security Measures 259

Port Security 260

mac-learning 260

port security 261

show port security 263

Network Access (MAC Address Authentication) 265

network-access aging 265

network-access mac-filter 266

Contents

– 16 –

mac-authentication reauth-time 267

network-access dynamic-qos 268

network-access dynamic-vlan 269

network-access guest-vlan 270

network-access max-mac-count 270

network-access mode mac-authentication 271

network-access port-mac-filter 272

mac-authentication intrusion-action 273

mac-authentication max-mac-count 273

clear network-access 274

show network-access 274

show network-access mac-address-table 275

show network-access mac-filter 276

Web Authentication 276

web-auth login-attempts 277

web-auth quiet-period 278

web-auth session-timeout 278

web-auth system-auth-control 279

web-auth 279

web-auth re-authenticate (Port) 280

web-auth re-authenticate (IP) 280

show web-auth 281

show web-auth interface 281

show web-auth summary 282

DHCPv4 Snooping 282

ip dhcp snooping 283

ip dhcp snooping information option 285

ip dhcp snooping information option encode no-subtype 286

ip dhcp snooping information option remote-id 288

ip dhcp snooping information option tr101 board-id 289

ip dhcp snooping information policy 289

ip dhcp snooping verify mac-address 290

ip dhcp snooping vlan 291

ip dhcp snooping information option circuit-id 292

ip dhcp snooping trust 293

Contents

– 17 –

ip dhcp snooping max-number 294

ip dhcp snooping trust 295

clear ip dhcp snooping binding 296

clear ip dhcp snooping database flash 296

ip dhcp snooping database flash 296

show ip dhcp snooping 297

show ip dhcp snooping binding 297

IPv4 Source Guard 298

ip source-guard binding 298

ip source-guard 300

ip source-guard max-binding 302

ip source-guard mode 303

clear ip source-guard binding blocked 303

show ip source-guard 304

show ip source-guard binding 304

ARP Inspection 305

ip arp inspection 306

ip arp inspection filter 307

ip arp inspection log-buffer logs 308

ip arp inspection validate 309

ip arp inspection vlan 310

ip arp inspection limit 311

ip arp inspection trust 311

show ip arp inspection configuration 312

show ip arp inspection interface 312

show ip arp inspection log 313

show ip arp inspection statistics 313

show ip arp inspection vlan 313

Denial of Service Protection 314

dos-protection echo-chargen 314

dos-protection smurf 315

dos-protection tcp-flooding 315

dos-protection tcp-null-scan 316

dos-protection tcp-syn-fin-scan 316

dos-protection tcp-xmas-scan 317

Contents

– 18 –

dos-protection udp-flooding 317

dos-protection win-nuke 318

show dos-protection 318

Port-based Traffic Segmentation 319

traffic-segmentation 319

traffic-segmentation session 320

traffic-segmentation uplink/downlink 321

traffic-segmentation uplink-to-uplink 322

show traffic-segmentation 323

10 Access Control Lists 325

IPv4 ACLs 325

access-list ip 326

permit, deny (Standard IP ACL) 326

permit, deny (Extended IPv4 ACL) 327

ip access-group 330

show ip access-group 331

show ip access-list 331

IPv6 ACLs 332

access-list ipv6 332

permit, deny (Standard IPv6 ACL) 333

permit, deny (Extended IPv6 ACL) 334

ipv6 access-group 337

show ipv6 access-group 337

show ipv6 access-list 338

MAC ACLs 338

access-list mac 339

permit, deny (MAC ACL) 339

mac access-group 342

show mac access-group 343

show mac access-list 343

ARP ACLs 344

access-list arp 344

permit, deny (ARP ACL) 345

show access-list arp 346

Contents

– 19 –

ACL Information 346

clear access-list hardware counters 347

show access-group 347

show access-list 348

11 Interface Commands 349

Interface Configuration 350

interface 350

capabilities 351

description 352

flowcontrol 353

history 354

media-type 354

negotiation 355

shutdown 356

speed-duplex 356

clear counters 357

show interfaces brief 358

show interfaces counters 359

show interfaces history 362

show interfaces status 364

show interfaces switchport 365

Transceiver Threshold Configuration 366

transceiver-monitor 366

transceiver-threshold-auto 367

transceiver-threshold current 367

transceiver-threshold rx-power 368

transceiver-threshold temperature 369

transceiver-threshold tx-power 370

transceiver-threshold voltage 371

show interfaces transceiver 372

show interfaces transceiver-threshold 373

Cable Diagnostics 374

test cable-diagnostics 374

show cable-diagnostics 375

Contents

– 20 –

Power Savings 376

power-save 376

show power-save 377

12 Link Aggregation Commands 379

Manual Configuration Commands 380

port channel load-balance 380

channel-group 382

Dynamic Configuration Commands 383

lacp 383

lacp admin-key (Ethernet Interface) 384

lacp port-priority 385

lacp system-priority 386

lacp admin-key (Port Channel) 387

lacp timeout 388

Trunk Status Display Commands 389

show lacp 389

show port-channel load-balance 392

13 Power over Ethernet Commands 393

power inline compatible 394

power inline maximum allocation 395

power mainpower maximum allocation 396

power inline 397

power inline maximum allocation 397

power inline priority 398

power inline time-range 399

show power inline status 400

show power inline time-range 401

show power mainpower 402

14 Port Mirroring Commands 403

Local Port Mirroring Commands 403

port monitor 403

show port monitor 404

Page is loading ...

Edge-Core ECS2100-10P, ECS2100-10T, ECS2100-28P Reference guide

Related papers

Other documents