Edge-Core ECS4100-28T User manual

CLI Reference Guide

www.edge-core.com

ECS4100 Series

Software Release

v1.2.24.182

CLI Reference Guide

ECS4100 Series Models

ECS4100-12T and ECS4100-12T v2 Gigabit Ethernet Switch

L2+/L3 Lite Gigabit Ethernet Switch

with 8 10/100/1000BASE-T ports, 2 Combos

and 2 SFP ports

ECS4100-12PH Gigabit Ethernet Switch

L2+/L3 Lite UPOE Gigabit Ethernet Switch

with 8 10/100/1000BASE-T PoE+ Ports , 2 Combos

and 2 SFP ports

ECS4100-26TX Gigabit Ethernet Switch

L2+ Gigabit Ethernet Switch

with 24 10/100/1000BASE-T ports

and 2 10 SFP+ ports

ECS4100-26TX-ME Gigabit Ethernet Switch

L2+ Gigabit Ethernet Switch

with 24 10/100/1000BASE-T ports

and 2 10 SFP+ ports

ECS4100-28T Gigabit Ethernet Switch

L2+/L3 Lite Gigabit Ethernet Switch

with 24 10/100/1000BASE-T ports

and 4 SFP ports

ECS4100-28TC Gigabit Ethernet Switch

L2+/L3 Lite Gigabit Ethernet Switch

with 24 10/100/1000BASE-T ports

and 4 SFP ports

ECS4100-28P Gigabit Ethernet Switch

L2+/L3 Lite PoE Gigabit Ethernet Switch

with 24 10/100/1000BASE-T PoE+ Ports

and 4 SFP ports

ECS4100-52T Gigabit Ethernet Switch

L2+ Gigabit Ethernet Switch

with 48 10/100/1000BASE-T ports

and 4 SFP ports

ECS4100-52P Gigabit Ethernet Switch

L2+/L3 Lite PoE Gigabit Ethernet Switch

with 48 10/100/1000 BASE-T PoE+ Ports

and 4 SFP ports

E022019-CS-R04

– 3 –

How to Use This Guide

This guide includes detailed information on the switch software, including how to

operate and use the management functions of the switch. To deploy this switch

effectively and ensure trouble-free operation, you should first read the relevant

sections in this guide so that you are familiar with all of its software features.

Who Should Read This

Guide?

This guide is for network administrators who are responsible for operating and

maintaining network equipment. The guide assumes a basic working knowledge of

LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network

Management Protocol (SNMP).

How This Guide is

Organized

This guide describes the switch’s command line interface (CLI). For more detailed

information on the switch’s key features or information about the web browser

management interface refer to the Web Management Guide.

The guide includes these sections:

◆ Section I “Getting Started” — Includes information on initial configuration.

◆ Section II “Command Line Interface” — Includes all management options

available through the CLI.

◆ Section III “Appendices” — Includes information on troubleshooting switch

management access.

This guide focuses on switch software configuration through the CLI.

For information on how to manage the switch through the Web management

interface, see the following guide:

Web Management Guide

For information on how to install the switch, see the following guide:

Quick Start Guide

For all safety information and regulatory statements, see the following documents:

Quick Start Guide

Safety and Regulatory Information

How to Use This Guide

– 4 –

Conventions The following conventions are used throughout this guide to show information:

Note:

Emphasizes important information or calls your attention to related features

or instructions.

Caution:

Alerts you to a potential hazard that could cause loss of data, or damage

the system or equipment.

Documentation

Notice

This documentation is provided for general information purposes only. If any

product feature details in this documentation conflict with the product datasheet,

refer to the datasheet for the latest information.

Revision History This section summarizes the changes in each revision of this guide.

Revision Date ChangeDescription

v1.2.24.182 02/2019 Addeddocumentationnotice

v1.2.24.182 10/2018 Added:

◆

ECS4100‐12Tv2tomodelssupported

◆

"led-port-mode" on page 441allowsPoEportlink

activityLEDstoshowPoEstatus.

v1.2.24.182 09/2018 Added:

◆

"dot1x eapol-pass-through" on page 263

◆

"Automatic Traffic Control Commands" on

page 458commandstosetbroadcastandmulticast

stormdetectionlimitsandcontrolactionstobe

taken.

◆

"MAC-Thrashing Commands" on page 479new

commandstoconfiguredetectionofidenticalMAC

addressesondifferentportsandtheactiontotake.

◆

"mac-address-table hash-algorithm" on page 494

◆

"show mac-address-table hash-algorithm" on

page 497

◆

"vlan-trunking" on page 545

◆

"lldp med-tlv ext-poe" on page 762

Updated:

◆

"show system" on page 115

◆

MultipleinaccuraciesfixedperInternalaudit

How to Use This Guide

– 5 –

v1.2.9.173 11/2017 Added:

◆

SupportforECS4100‐28PandECS4100‐52P

◆

"loopback-detection action" on page 474‐new

actionoptionsbcast‐discardandport‐disable.

◆

"lacp actor/partner mode (Ethernet Interface)" on

page 426

◆

"Global DHCP Relay settings" on page 846- new

commands to configure the DHCP Relay as either

L2 or L3 and set the relay information options.

◆

"L2 DHCP Relay option settings" on page 848

◆

"DHCP Server" on page 854 - multiple new

commands to configure DHCP server service.

◆

"Routing Information Protocol (RIP)" on page 922

v1.2.2.172 06/2017 Added:

◆

SupportforECS4100‐12TandECS4100‐12PH

◆

"Banner Information" on page 98

◆

"pppoe intermediate-agent port-format-type

remote-id-delimiter" on page 280

◆

"port security mac-address-as-permanent" on

page 289

◆

"network-access link-detection" on page 297

◆

"network-access link-detection link-down" on

page 298

◆

"network-access link-detection link-up" on

page 298

◆

"network-access link-detection link-up-down" on

page 299

◆

"show discard" on page 399

◆

"DHCP Relay" on page 846

◆

"ipv6 nd raguard" on page 896

◆

"show ipv6 nd raguard" on page 904

◆

"show ip route database" on page 920

◆

"show ip route summary" on page 921

◆

"show ip traffic" on page 921

Updated:

◆

"spanning-tree loopback-detection action" on

page 518

◆

Table 6, Command Group Index," on page 85

◆

Table 29, SNMP Commands," on page 179

◆

"snmp-server enable traps" on page 184

◆

"pppoe intermediate-agent format-type" on

page 277

◆

"pppoe intermediate-agent port-format-type" on

page 279

◆

"ip access-group" on page 370

Revision Date ChangeDescription

How to Use This Guide

– 6 –

v1.2.2.172 06/2017 Updated(continued):

◆

"ipv6 access-group" on page 376

◆

"permit, deny (MAC ACL)" on page 379"mac

access-group" on page 381

◆

"clear access-list hardware counters" on page 386

◆

"media-type" on page 395

◆

"negotiation" on page 396

◆

"show interfaces switchport" on page 407

◆

"service-policy" on page 633

◆

"show policy-map interface" on page 635

◆

"ip igmp snooping version-exclusive" on page 647

◆

"show mvr statistics" on page 719

◆

"mvr6 immediate-leave" on page 732

◆

Table 158, LLDP MED Location CA Types," on

page 763

◆

"ethernet cfm loopback" on page 807

Deleted:

◆

"spanning-tree transmission-limit" on page 509

◆

"mvr6 priority" on page 725

◆

"show ip default-gateway" on page 869

v1.11.08.164 01/2017 Initialrelease

Revision Date ChangeDescription

– 7 –

Contents

How to Use This Guide 3

Contents 7

Tables 41

Section I Getting Started 47

1 Initial Switch Configuration 49

Connecting to the Switch 49

Configuration Options 49

Connecting to the Console Port 50

Logging Onto the Command Line Interface 51

Setting Passwords 51

Remote Connections 52

Configuring the Switch for Remote Management 53

Using the Network Interface 53

Setting an IP Address 53

Enabling SNMP Management Access 59

Managing System Files 61

Upgrading the Operation Code 62

Saving or Restoring Configuration Settings 62

Automatic Installation of Operation Code and Configuration Settings 64

Downloading Operation Code from a File Server 64

Specifying a DHCP Client Identifier 67

Downloading a Configuration File and Other Parameters from a DHCP Server 68

Setting the System Clock 70

Setting the Time Manually 70

Configuring SNTP 71

Configuring NTP 71

Contents

– 8 –

Section II Command Line Interface 73

2 Using the Command Line Interface 75

Accessing the CLI 75

Console Connection 75

Telnet Connection 76

Entering Commands 77

Keywords and Arguments 77

Minimum Abbreviation 77

Command Completion 77

Getting Help on Commands 78

Partial Keyword Lookup 80

Negating the Effect of Commands 80

Using Command History 80

Understanding Command Modes 80

Exec Commands 81

Configuration Commands 82

Command Line Processing 83

Showing Status Information 84

CLI Command Groups 85

3 General Commands 89

prompt 89

reload (Global Configuration) 90

enable 91

quit 92

show history 92

configure 93

disable 94

reload (Privileged Exec) 94

show reload 95

end 95

exit 95

4 System Management Commands 97

Contents

– 9 –

Device Designation 97

hostname 98

Banner Information 98

banner configure 99

banner configure company 100

banner configure dc-power-info 101

banner configure department 102

banner configure equipment-info 102

banner configure equipment-location 103

banner configure ip-lan 104

banner configure lp-number 104

banner configure manager-info 105

banner configure mux 106

banner configure note 106

show banner 107

System Status 107

show access-list tcam-utilization 108

show memory 109

show process cpu 110

show process cpu guard 110

show process cpu task 111

show running-config 113

show startup-config 114

show system 115

show tech-support 116

show users 117

show version 118

show watchdog 118

watchdog software 119

Frame Size 119

jumbo frame 119

File Management 120

General Commands 121

boot system 121

copy 122

Contents

– 10 –

delete 126

dir 127

whichboot 128

Automatic Code Upgrade Commands 128

upgrade opcode auto 128

upgrade opcode path 130

upgrade opcode reload 131

show upgrade 131

TFTP Configuration Commands 131

ip tftp retry 131

ip tftp timeout 132

show ip tftp 132

Line 133

line 134

databits 135

exec-timeout 135

login 136

parity 137

password 138

password-thresh 138

silent-time 139

speed 140

stopbits 140

timeout login response 141

disconnect 142

terminal 142

show line 143

Event Logging 144

logging command 144

logging facility 145

logging history 145

logging host 146

logging on 147

logging trap 148

clear log 148

Contents

– 11 –

show log 149

show logging 150

SMTP Alerts 151

logging sendmail 152

logging sendmail destination-email 152

logging sendmail host 153

logging sendmail level 153

logging sendmail source-email 154

show logging sendmail 155

Time 155

SNTP Commands 156

sntp client 156

sntp poll 157

sntp server 157

show sntp 158

NTP Commands 159

ntp authenticate 159

ntp authentication-key 159

ntp client 160

ntp server 161

show ntp 162

Manual Configuration Commands 162

clock summer-time (date) 162

clock summer-time (predefined) 164

clock summer-time (recurring) 165

clock timezone 166

calendar set 167

show calendar 168

Time Range 168

time-range 168

absolute 169

periodic 170

show time-range 171

Switch Clustering 171

cluster 172

Contents

– 12 –

cluster commander 173

cluster ip-pool 174

cluster member 175

rcommand 175

show cluster 176

show cluster members 176

show cluster candidates 177

5 SNMP Commands 179

General SNMP Commands 181

snmp-server 181

snmp-server community 182

snmp-server contact 182

snmp-server location 183

show snmp 183

SNMP Target Host Commands 184

snmp-server enable traps 184

snmp-server host 186

snmp-server enable port-traps link-up-down 188

snmp-server enable port-traps mac-notification 188

show snmp-server enable port-traps 189

SNMPv3 Commands 190

snmp-server engine-id 190

snmp-server group 191

snmp-server user 192

snmp-server view 194

show snmp engine-id 195

show snmp group 195

show snmp user 196

show snmp view 197

Notification Log Commands 198

nlm 198

snmp-server notify-filter 199

show nlm oper-status 200

show snmp notify-filter 200

Contents

– 13 –

Additional Trap Commands 201

memory 201

process cpu 201

process cpu guard 202

6 Remote Monitoring Commands 205

rmon alarm 206

rmon event 207

rmon collection history 208

rmon collection rmon1 209

show rmon alarms 210

show rmon events 210

show rmon history 211

show rmon statistics 211

7 Flow Sampling Commands 213

sflow owner 213

sflow polling instance 215

sflow sampling instance 216

show sflow 217

8 Authentication Commands 219

User Accounts and Privilege Levels 220

enable password 220

username 221

privilege 223

show privilege 223

Authentication Sequence 224

authentication enable 224

authentication login 225

RADIUS Client 226

radius-server acct-port 226

radius-server auth-port 227

radius-server host 227

radius-server key 228

radius-server retransmit 229

Contents

– 14 –

radius-server timeout 229

show radius-server 230

TACACS+ Client 230

tacacs-server host 231

tacacs-server key 231

tacacs-server port 232

tacacs-server retransmit 232

tacacs-server timeout 233

show tacacs-server 233

AAA 234

aaa accounting commands 235

aaa accounting dot1x 236

aaa accounting exec 237

aaa accounting update 238

aaa authorization commands 238

aaa authorization exec 239

aaa group server 240

server 240

accounting dot1x 241

accounting commands 241

accounting exec 242

authorization commands 243

authorization exec 243

show accounting 244

show authorization 245

Web Server 246

ip http authentication 246

ip http port 247

ip http server 247

ip http secure-port 248

ip http secure-server 248

Telnet Server 250

ip telnet max-sessions 250

ip telnet port 251

ip telnet server 251

Contents

– 15 –

telnet (client) 251

show ip telnet 252

Secure Shell 252

ip ssh authentication-retries 255

ip ssh server 256

ip ssh server-key size 256

ip ssh timeout 257

delete public-key 258

ip ssh crypto host-key generate 258

ip ssh crypto zeroize 259

ip ssh save host-key 259

show ip ssh 260

show public-key 260

show ssh 261

802.1X Port Authentication 262

General Commands 263

dot1x default 263

dot1x eapol-pass-through 263

dot1x system-auth-control 264

Authenticator Commands 264

dot1x intrusion-action 264

dot1x max-reauth-req 265

dot1x max-req 266

dot1x operation-mode 266

dot1x port-control 267

dot1x re-authentication 268

dot1x timeout quiet-period 268

dot1x timeout re-authperiod 269

dot1x timeout supp-timeout 269

dot1x timeout tx-period 270

dot1x re-authenticate 270

Information Display Commands 271

show dot1x 271

Management IP Filter 274

management 274

Contents

– 16 –

show management 275

PPPoE Intermediate Agent 276

pppoe intermediate-agent 276

pppoe intermediate-agent format-type 277

pppoe intermediate-agent port-enable 278

pppoe intermediate-agent port-format-type 279

pppoe intermediate-agent port-format-type remote-id-delimiter 280

pppoe intermediate-agent trust 281

pppoe intermediate-agent vendor-tag strip 281

clear pppoe intermediate-agent statistics 282

show pppoe intermediate-agent info 282

show pppoe intermediate-agent statistics 283

9 General Security Measures 285

Port Security 286

mac-learning 286

port security 287

port security mac-address-as-permanent 289

show port security 289

Network Access (MAC Address Authentication) 291

network-access aging 292

network-access mac-filter 293

mac-authentication reauth-time 294

network-access dynamic-qos 294

network-access dynamic-vlan 296

network-access guest-vlan 297

network-access link-detection 297

network-access link-detection link-down 298

network-access link-detection link-up 298

network-access link-detection link-up-down 299

network-access max-mac-count 300

network-access mode mac-authentication 300

network-access port-mac-filter 301

mac-authentication intrusion-action 302

mac-authentication max-mac-count 302

Contents

– 17 –

clear network-access 303

show network-access 303

show network-access mac-address-table 304

show network-access mac-filter 305

Web Authentication 305

web-auth login-attempts 306

web-auth quiet-period 307

web-auth session-timeout 307

web-auth system-auth-control 308

web-auth 308

web-auth re-authenticate (Port) 309

web-auth re-authenticate (IP) 309

show web-auth 310

show web-auth interface 310

show web-auth summary 311

DHCPv4 Snooping 311

ip dhcp snooping 312

ip dhcp snooping information option 314

ip dhcp snooping information option encode no-subtype 315

ip dhcp snooping information option remote-id 316

ip dhcp snooping information option tr101 board-id 317

ip dhcp snooping information policy 318

ip dhcp snooping verify mac-address 319

ip dhcp snooping vlan 319

ip dhcp snooping information option carry-to-client 320

ip dhcp snooping information option circuit-id 321

ip dhcp snooping max-number 322

ip dhcp snooping trust 323

clear ip dhcp snooping binding 324

clear ip dhcp snooping database flash 324

ip dhcp snooping database flash 324

show ip dhcp snooping 325

show ip dhcp snooping binding 325

DHCPv6 Snooping 326

ipv6 dhcp snooping 326

Contents

– 18 –

ipv6 dhcp snooping option interface-id 329

ipv6 dhcp snooping option interface-id policy 329

ipv6 dhcp snooping option remote-id 330

ipv6 dhcp snooping option remote-id policy 331

ipv6 dhcp snooping vlan 332

ipv6 dhcp snooping max-binding 333

ipv6 dhcp snooping trust 334

clear ipv6 dhcp snooping binding 335

clear ipv6 dhcp snooping statistics 335

show ipv6 dhcp snooping 336

show ipv6 dhcp snooping binding 336

show ipv6 dhcp snooping statistics 337

IPv4 Source Guard 337

ip source-guard binding 338

ip source-guard 340

ip source-guard max-binding 341

ip source-guard mode 342

clear ip source-guard binding blocked 343

show ip source-guard 343

show ip source-guard binding 344

IPv6 Source Guard 345

ipv6 source-guard binding 345

ipv6 source-guard 347

ipv6 source-guard max-binding 348

show ipv6 source-guard 349

show ipv6 source-guard binding 350

ARP Inspection 350

ip arp inspection 351

ip arp inspection filter 352

ip arp inspection log-buffer logs 353

ip arp inspection validate 354

ip arp inspection vlan 355

ip arp inspection limit 356

ip arp inspection trust 356

show ip arp inspection configuration 357

Contents

– 19 –

show ip arp inspection interface 357

show ip arp inspection log 358

show ip arp inspection statistics 358

show ip arp inspection vlan 359

Port-based Traffic Segmentation 359

traffic-segmentation 360

traffic-segmentation session 361

traffic-segmentation uplink/downlink 362

traffic-segmentation uplink-to-uplink 363

show traffic-segmentation 363

10 Access Control Lists 365

IPv4 ACLs 365

access-list ip 366

permit, deny (Standard IP ACL) 366

permit, deny (Extended IPv4 ACL) 367

ip access-group 370

show ip access-group 371

show ip access-list 371

IPv6 ACLs 372

access-list ipv6 372

permit, deny (Standard IPv6 ACL) 373

permit, deny (Extended IPv6 ACL) 374

ipv6 access-group 376

show ipv6 access-group 377

show ipv6 access-list 377

MAC ACLs 378

access-list mac 378

permit, deny (MAC ACL) 379

mac access-group 381

show mac access-group 382

show mac access-list 383

ARP ACLs 383

access-list arp 383

permit, deny (ARP ACL) 384

Contents

– 20 –

show access-list arp 385

ACL Information 386

clear access-list hardware counters 386

show access-group 387

show access-list 387

11 Interface Commands 389

Interface Configuration 390

interface 390

capabilities 391

description 392

discard 393

flowcontrol 393

history 394

media-type 395

negotiation 396

shutdown 397

speed-duplex 397

clear counters 398

show discard 399

show interfaces brief 399

show interfaces counters 400

show interfaces history 404

show interfaces status 406

show interfaces switchport 407

Transceiver Threshold Configuration 409

transceiver-monitor 409

transceiver-threshold-auto 409

transceiver-threshold current 410

transceiver-threshold rx-power 411

transceiver-threshold temperature 412

transceiver-threshold tx-power 413

transceiver-threshold voltage 414

show interfaces transceiver 415

show interfaces transceiver-threshold 416

Page is loading ...

Edge-Core ECS4100-28T, ECS4100-12PH, ECS4100-12T , ECS4100-26TX, ECS4100-26TX-ME, ECS4100-28P, ECS4100-28TC, ECS4100-52P, ECS4100-52T User manual

Related papers

Other documents