Edge-Core ECS4100-28T User manual

CLI Reference Guide

www.edge-core.com

ECS4100 Series

Software Release v1.2.60.191

CLI Reference Guide

ECS4100-12T Gigabit Ethernet Switch

L2+/L3 Lite Gigabit Ethernet Switch

with 8 10/100/1000BASE-T ports, 2 Combos

and 2 SFP ports

ECS4100-12PH Gigabit Ethernet Switch

L2+/L3 Lite UPOE Gigabit Ethernet Switch

with 8 10/100/1000BASE-T PoE+ Ports , 2 Combos

and 2 SFP ports

ECS4100-26TX Gigabit Ethernet Switch

L2+ Gigabit Ethernet Switch

with 24 10/100/1000BASE-T ports

and 2 10 SFP+ ports

ECS4100-26TX-ME Gigabit Ethernet Switch

L2+ Gigabit Ethernet Switch

with 24 10/100/1000BASE-T ports

and 2 10 SFP+ ports

ECS4100-28T Gigabit Ethernet Switch

L2+/L3 Lite Gigabit Ethernet Switch

with 24 10/100/1000BASE-T ports

and 4 SFP ports

ECS4100-28TC Gigabit Ethernet Switch

L2+/L3 Lite Gigabit Ethernet Switch

with 24 10/100/1000BASE-T ports

and 4 SFP ports

ECS4100-28P Gigabit Ethernet Switch

L2+/L3 Lite PoE Gigabit Ethernet Switch

with 24 10/100/1000BASE-T PoE+ Ports

and 4 SFP ports

ECS4100-52T Gigabit Ethernet Switch

L2+ Gigabit Ethernet Switch

with 48 10/100/1000BASE-T ports

and 4 SFP ports

ECS4100-52P Gigabit Ethernet Switch

L2+/L3 Lite PoE Gigabit Ethernet Switch

with 48 10/100/1000 BASE-T PoE+ Ports

and 4 SFP ports

E072020-CS-R06

– 3 –

How to Use This Guide

This guide includes detailed information on the switch software, including how to

operate and use the management functions of the switch. To deploy this switch

effectively and ensure trouble-free operation, you should first read the relevant

sections in this guide so that you are familiar with all of its software features.

Who Should Read This

Guide?

This guide is for network administrators who are responsible for operating and

maintaining network equipment. The guide assumes a basic working knowledge of

LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network

Management Protocol (SNMP).

How This Guide is

Organized

This guide describes the switch’s command line interface (CLI). For more detailed

information on the switch’s key features or information about the web browser

management interface refer to the Web Management Guide.

The guide includes these sections:

◆ Section I “Getting Started” — Includes information on initial configuration.

◆ Section II “Command Line Interface” — Includes all management options

available through the CLI.

◆ Section III “Appendices” — Includes information on troubleshooting switch

management access.

This guide focuses on switch software configuration through the CLI.

For information on how to manage the switch through the Web management

interface, see the following guide:

Web Management Guide

For information on how to install the switch, see the following guide:

Quick Start Guide

For all safety information and regulatory statements, see the following documents:

Quick Start Guide

Safety and Regulatory Information

How to Use This Guide

– 4 –

Conventions The following conventions are used throughout this guide to show information:

Note:

Emphasizes important information or calls your attention to related features

or instructions.

Caution:

Alerts you to a potential hazard that could cause loss of data, or damage

the system or equipment.

Documentation

Notice

This documentation is provided for general information purposes only. If any

product feature details in this documentation conflict with the product datasheet,

refer to the datasheet for the latest information.

Revision History This section summarizes the changes in each revision of this guide.

Revision Date Change Description

v1.2.60.191 07/2020 Updated support for port license, See "Installing a Port

License File" on page 66.

v1.2.36.191 11/2019 Added:

◆

"Smart Pair Commands" on page 507

◆

"TWAMP Commands" on page 513

◆

"lldp basic-tlv management-ipv6-address" on

page 772

◆

"port security mac-address sticky" on page 294

◆

"ip dhcp relay port-enable" on page 869

◆

"ip dhcp relay information option vlan" on

page 869

Updated:

◆

"sflow owner" on page 217

◆

"ERPS Commands" on page 595

◆

"NTP Commands" on page 163

◆

"tacacs-server host" on page 235

◆

"Secure Shell" on page 257

◆

"aaa authorization commands" on page 242

◆

"server" on page 244

Removed:

◆

Support for the ECS4100-12Tv2 model

v1.2.24.182 02/2019 Added documentation notice

v1.2.24.182 10/2018 Added:

◆

ECS4100-12T v2 to models supported

◆

"led-port-mode" on page 447 allows PoE port link

activity LEDs to show PoE status.

How to Use This Guide

– 5 –

v1.2.24.182 09/2018 Added:

◆

"dot1x eapol-pass-through" on page 266

◆

"Automatic Traffic Control Commands" on

page 464 commands to set broadcast and

multicast storm detection limits and control

actions to be taken.

◆

"MAC-Thrashing Commands" on page 485 new

commands to configure detection of identical

MAC addresses on different ports and the action to

take.

◆

"mac-address-table hash-algorithm" on page 500

◆

"show mac-address-table hash-algorithm" on

page 503

◆

"vlan-trunking" on page 559

◆

"lldp med-tlv ext-poe" on page 781

Updated:

◆

"show system" on page 119

◆

Multiple inaccuracies fixed per Internal audit

v1.2.9.173 11/2017 Added:

◆

Support for ECS4100-28P and ECS4100-52P

◆

"loopback-detection action" on page 480 - new

action options bcast-discard and port-disable.

◆

"lacp actor/partner mode (Ethernet Interface)" on

page 432

◆

"Global DHCP Relay settings" on page 864- new

commands to configure the DHCP Relay as either

L2 or L3 and set the relay information options.

◆

"L2 DHCP Relay option settings" on page 867

◆

"DHCP Server" on page 874 - multiple new

commands to configure DHCP server service.

◆

"Routing Information Protocol (RIP)" on page 942

Revision Date Change Description

How to Use This Guide

– 6 –

v1.2.2.172 06/2017 Added:

◆

Support for ECS4100-12T and ECS4100-12PH

◆

"Banner Information" on page 102

◆

"pppoe intermediate-agent port-format-type

remote-id-delimiter" on page 284

◆

"port security mac-address-as-permanent" on

page 293

◆

"network-access link-detection" on page 302

◆

"network-access link-detection link-down" on

page 303

◆

"network-access link-detection link-up" on

page 303

◆

"network-access link-detection link-up-down" on

page 304

◆

"show discard" on page 405

◆

"DHCP Relay" on page 864

◆

"ipv6 nd raguard" on page 923

◆

"show ipv6 nd raguard" on page 924

◆

"show ip route database" on page 940

◆

"show ip route summary" on page 941

◆

"show ip traffic" on page 941

Updated:

◆

"spanning-tree loopback-detection action" on

page 532

◆

Table 6, Command Group Index," on page 89

◆

Table 29, SNMP Commands," on page 183

◆

"snmp-server enable traps" on page 188

◆

"pppoe intermediate-agent format-type" on

page 281

◆

"pppoe intermediate-agent port-format-type" on

page 282

◆

"ip access-group" on page 376

Revision Date Change Description

How to Use This Guide

– 7 –

v1.2.2.172 06/2017 Updated (continued):

◆

"ipv6 access-group" on page 382

◆

"permit, deny (MAC ACL)" on page 385"mac

access-group" on page 388

◆

"clear access-list hardware counters" on page 393

◆

"media-type" on page 401

◆

"negotiation" on page 402

◆

"show interfaces switchport" on page 413

◆

"service-policy" on page 649

◆

"show policy-map interface" on page 651

◆

"ip igmp snooping version-exclusive" on page 663

◆

"show mvr statistics" on page 735

◆

"mvr6 immediate-leave" on page 748

◆

Table 159, LLDP MED Location CA Types," on

page 780

◆

"ethernet cfm loopback" on page 825

Deleted:

◆

"spanning-tree transmission-limit" on page 521

◆

"mvr6 priority" on page 725

◆

"show ip default-gateway" on page 869

v1.11.08.164 01/2017 Initial release

Revision Date Change Description

How to Use This Guide

– 8 –

– 9 –

Contents

How to Use This Guide 3

Contents 9

Tables 43

Section I Getting Started 49

1 Initial Switch Configuration 51

Connecting to the Switch 51

Configuration Options 51

Connecting to the Console Port 52

Logging Onto the Command Line Interface 53

Setting Passwords 53

Remote Connections 54

Configuring the Switch for Remote Management 55

Using the Network Interface 55

Setting an IP Address 55

Enabling SNMP Management Access 61

Managing System Files 63

Upgrading the Operation Code 64

Saving or Restoring Configuration Settings 64

Installing a Port License File 66

Automatic Installation of Operation Code and Configuration Settings 67

Downloading Operation Code from a File Server 67

Specifying a DHCP Client Identifier 71

Downloading a Configuration File and Other Parameters from a DHCP Server 72

Setting the System Clock 74

Setting the Time Manually 74

Configuring SNTP 75

Contents

– 10 –

Configuring NTP 75

Section II Command Line Interface 77

2 Using the Command Line Interface 79

Accessing the CLI 79

Console Connection 79

Telnet Connection 80

Entering Commands 81

Keywords and Arguments 81

Minimum Abbreviation 81

Command Completion 81

Getting Help on Commands 82

Partial Keyword Lookup 84

Negating the Effect of Commands 84

Using Command History 84

Understanding Command Modes 84

Exec Commands 85

Configuration Commands 86

Command Line Processing 87

Showing Status Information 88

CLI Command Groups 89

3 General Commands 93

prompt 93

reload (Global Configuration) 94

enable 95

quit 96

show history 96

configure 97

disable 98

reload (Privileged Exec) 98

show reload 99

end 99

exit 99

Contents

– 11 –

4 System Management Commands 101

Device Designation 101

hostname 102

Banner Information 102

banner configure 103

banner configure company 104

banner configure dc-power-info 105

banner configure department 106

banner configure equipment-info 106

banner configure equipment-location 107

banner configure ip-lan 108

banner configure lp-number 108

banner configure manager-info 109

banner configure mux 110

banner configure note 110

show banner 111

System Status 111

show access-list tcam-utilization 112

show memory 113

show process cpu 114

show process cpu guard 114

show process cpu task 115

show running-config 117

show startup-config 118

show system 119

show tech-support 120

show users 121

show version 122

show watchdog 122

watchdog software 123

Frame Size 123

jumbo frame 123

File Management 124

General Commands 125

boot system 125

Contents

– 12 –

copy 126

delete 130

dir 131

whichboot 132

Automatic Code Upgrade Commands 132

upgrade opcode auto 132

upgrade opcode path 134

upgrade opcode reload 135

show upgrade 135

TFTP Configuration Commands 135

ip tftp retry 135

ip tftp timeout 136

show ip tftp 136

Line 137

line 138

databits 139

exec-timeout 139

login 140

parity 141

password 142

password-thresh 142

silent-time 143

speed 144

stopbits 144

timeout login response 145

disconnect 146

terminal 146

show line 147

Event Logging 148

logging command 148

logging facility 149

logging history 149

logging host 150

logging on 151

logging trap 152

Contents

– 13 –

clear log 152

show log 153

show logging 154

SMTP Alerts 155

logging sendmail 156

logging sendmail destination-email 156

logging sendmail host 157

logging sendmail level 157

logging sendmail source-email 158

show logging sendmail 159

Time 159

SNTP Commands 160

sntp client 160

sntp poll 161

sntp server 161

show sntp 162

NTP Commands 163

ntp authenticate 163

ntp authentication-key 163

ntp client 164

ntp server 165

show ntp 166

show ntp status 166

show ntp statistics peer 167

show ntp peer-status 167

Manual Configuration Commands 168

clock summer-time (date) 168

clock summer-time (predefined) 169

clock summer-time (recurring) 170

clock timezone 172

calendar set 173

show calendar 173

Time Range 174

time-range 174

absolute 175

Contents

– 14 –

periodic 176

show time-range 177

Switch Clustering 177

cluster 178

cluster commander 179

cluster ip-pool 180

cluster member 180

rcommand 181

show cluster 182

show cluster members 182

show cluster candidates 182

5 SNMP Commands 183

General SNMP Commands 185

snmp-server 185

snmp-server community 186

snmp-server contact 186

snmp-server location 187

show snmp 187

SNMP Target Host Commands 188

snmp-server enable traps 188

snmp-server host 190

snmp-server enable port-traps link-up-down 192

snmp-server enable port-traps mac-notification 192

show snmp-server enable port-traps 193

SNMPv3 Commands 194

snmp-server engine-id 194

snmp-server group 195

snmp-server user 196

snmp-server view 198

show snmp engine-id 199

show snmp group 199

show snmp user 200

show snmp view 201

Contents

– 15 –

Notification Log Commands 202

nlm 202

snmp-server notify-filter 203

show nlm oper-status 204

show snmp notify-filter 204

Additional Trap Commands 205

memory 205

process cpu 205

process cpu guard 206

6 Remote Monitoring Commands 209

rmon alarm 210

rmon event 211

rmon collection history 212

rmon collection rmon1 213

show rmon alarms 214

show rmon events 214

show rmon history 215

show rmon statistics 215

7 Flow Sampling Commands 217

sflow owner 217

sflow polling instance 219

sflow sampling instance 220

show sflow 221

8 Authentication Commands 223

User Accounts and Privilege Levels 224

enable password 224

username 225

privilege 227

show privilege 227

Authentication Sequence 228

authentication enable 228

authentication login 229

RADIUS Client 230

Contents

– 16 –

radius-server acct-port 230

radius-server auth-port 231

radius-server host 231

radius-server key 232

radius-server retransmit 233

radius-server timeout 233

show radius-server 234

TACACS+ Client 234

tacacs-server host 235

tacacs-server key 235

tacacs-server port 236

tacacs-server retransmit 236

tacacs-server timeout 237

show tacacs-server 237

AAA 238

aaa accounting commands 239

aaa accounting dot1x 240

aaa accounting exec 241

aaa accounting update 242

aaa authorization commands 242

aaa authorization exec 243

aaa group server 244

server 244

accounting dot1x 245

accounting commands 246

accounting exec 246

authorization commands 247

authorization exec 247

show accounting 248

show authorization 249

Web Server 250

ip http authentication 250

ip http port 251

ip http server 251

ip http secure-port 252

Contents

– 17 –

ip http secure-server 252

Telnet Server 254

ip telnet max-sessions 254

ip telnet port 255

ip telnet server 255

telnet (client) 256

show ip telnet 256

Secure Shell 257

ip ssh authentication-retries 259

ip ssh server 260

ip ssh timeout 260

delete public-key 261

ip ssh crypto host-key generate 261

ip ssh crypto zeroize 262

ip ssh save host-key 263

show ip ssh 263

show public-key 264

show ssh 264

802.1X Port Authentication 265

General Commands 266

dot1x default 266

dot1x eapol-pass-through 266

dot1x system-auth-control 267

Authenticator Commands 268

dot1x intrusion-action 268

dot1x max-reauth-req 268

dot1x max-req 269

dot1x operation-mode 270

dot1x port-control 271

dot1x re-authentication 271

dot1x timeout quiet-period 272

dot1x timeout re-authperiod 272

dot1x timeout supp-timeout 273

dot1x timeout tx-period 273

dot1x re-authenticate 274

Contents

– 18 –

Information Display Commands 275

show dot1x 275

Management IP Filter 277

management 277

show management 278

PPPoE Intermediate Agent 279

pppoe intermediate-agent 280

pppoe intermediate-agent format-type 281

pppoe intermediate-agent port-enable 282

pppoe intermediate-agent port-format-type 282

pppoe intermediate-agent port-format-type remote-id-delimiter 284

pppoe intermediate-agent trust 284

pppoe intermediate-agent vendor-tag strip 285

clear pppoe intermediate-agent statistics 285

show pppoe intermediate-agent info 286

show pppoe intermediate-agent statistics 287

9 General Security Measures 289

Port Security 290

mac-learning 290

port security 291

port security mac-address-as-permanent 293

port security mac-address sticky 294

show port security 294

Network Access (MAC Address Authentication) 296

network-access aging 297

network-access mac-filter 298

mac-authentication reauth-time 299

network-access dynamic-qos 299

network-access dynamic-vlan 301

network-access guest-vlan 302

network-access link-detection 302

network-access link-detection link-down 303

network-access link-detection link-up 303

network-access link-detection link-up-down 304

Contents

– 19 –

network-access max-mac-count 305

network-access mode mac-authentication 305

network-access port-mac-filter 306

mac-authentication intrusion-action 307

mac-authentication max-mac-count 307

clear network-access 308

show network-access 308

show network-access mac-address-table 309

show network-access mac-filter 310

Web Authentication 310

web-auth login-attempts 311

web-auth quiet-period 312

web-auth session-timeout 312

web-auth system-auth-control 313

web-auth 313

web-auth re-authenticate (Port) 314

web-auth re-authenticate (IP) 314

show web-auth 315

show web-auth interface 315

show web-auth summary 316

DHCPv4 Snooping 316

ip dhcp snooping 317

ip dhcp snooping information option 319

ip dhcp snooping information option encode no-subtype 320

ip dhcp snooping information option remote-id 321

ip dhcp snooping information option tr101 board-id 322

ip dhcp snooping information policy 323

ip dhcp snooping verify mac-address 324

ip dhcp snooping vlan 324

ip dhcp snooping information option carry-to-client 325

ip dhcp snooping information option circuit-id 326

ip dhcp snooping max-number 327

ip dhcp snooping trust 328

clear ip dhcp snooping binding 329

clear ip dhcp snooping database flash 329

Contents

– 20 –

ip dhcp snooping database flash 329

show ip dhcp snooping 330

show ip dhcp snooping binding 330

DHCPv6 Snooping 331

ipv6 dhcp snooping 331

ipv6 dhcp snooping option interface-id 334

ipv6 dhcp snooping option interface-id policy 334

ipv6 dhcp snooping option remote-id 335

ipv6 dhcp snooping option remote-id policy 336

ipv6 dhcp snooping vlan 337

ipv6 dhcp snooping max-binding 338

ipv6 dhcp snooping trust 339

clear ipv6 dhcp snooping binding 340

clear ipv6 dhcp snooping statistics 340

show ipv6 dhcp snooping 341

show ipv6 dhcp snooping binding 341

show ipv6 dhcp snooping statistics 342

IPv4 Source Guard 342

ip source-guard binding 343

ip source-guard 345

ip source-guard max-binding 346

ip source-guard mode 347

clear ip source-guard binding blocked 348

show ip source-guard 348

show ip source-guard binding 349

IPv6 Source Guard 350

ipv6 source-guard binding 350

ipv6 source-guard 352

ipv6 source-guard max-binding 353

show ipv6 source-guard 354

show ipv6 source-guard binding 355

ARP Inspection 355

ip arp inspection 356

ip arp inspection filter 357

ip arp inspection log-buffer logs 358

Page is loading ...

Edge-Core ECS4100-28T, ECS4100-12PH, ECS4100-12T , ECS4100-26TX, ECS4100-26TX-ME, ECS4100-28P, ECS4100-28TC, ECS4100-52P, ECS4100-52T User manual

Related papers

Other documents