Edge-Core ECS4120-28Fv2, ECS4120-28Fv2-I, ECS4120-28T, ECS4120-52T User manual

  • Hello! I am an AI chatbot trained to assist you with the Edge-Core ECS4120-28Fv2 User manual. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
CLI Reference Guide
www.edge-core.com
ECS4120-28Fv2
ECS4120-28Fv2-I
28-Port Layer 2+
Gigabit Ethernet Switch
Software Release v1.2.2.24
CLI Reference Guide
ECS4120-28Fv2 Gigabit Ethernet Switch
L2+ Gigabit Ethernet Switch
with 20 100/1000 SFP Ports,
4 10/100/1000 BASE-T (RJ-45) / 100/1000 SFP Combo Ports,
4 10 Gigabit SFP+ Ports , and DC Power Supply
(Operating Temperature: 0°C – 50°C)
ECS4120-28Fv2-I Gigabit Ethernet Switch
L2+ Gigabit Ethernet Switch
with 20 100/1000 SFP Ports,
4 10/100/1000 BASE-T (RJ-45) / 100/1000 SFP Combo Ports,
4 10 Gigabit SFP+ Ports, and DC Power Supply
(Operating Temperature: -10°C – 65°C)
E102019-CS-R04
– 3 –
How to Use This Guide
This guide includes detailed information on the switch software, including how to
operate and use the management functions of the switch. To deploy this switch
effectively and ensure trouble-free operation, you should first read the relevant
sections in this guide so that you are familiar with all of its software features.
Who Should Read This
Guide?
This guide is for network administrators who are responsible for operating and
maintaining network equipment. The guide assumes a basic working knowledge of
LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network
Management Protocol (SNMP).
How This Guide is
Organized
This guide describes the switchs command line interface (CLI). For more detailed
information on the switchs key features refer to the Administrators Guide.
The guide includes these sections:
Section I “Getting Started” — Includes information on connecting to the switch
and basic configuration procedures.
Section II “Command Line Interface” — Includes all management options
available through the CLI.
Section III “Appendices — Includes information on troubleshooting switch
management access.
Related
Documentation
This guide focuses on switch software configuration through the CLI.
For information on how to manage the switch through the Web management
interface, see the following guide:
Web Management Guide
Note:
For a general description of switch features, refer to “Introduction” in the
Web Management Guide.
For information on how to install the switch, see the following guide:
Quick Start Guide
How to Use This Guide
– 4 –
For all safety information and regulatory statements, see the following documents:
Quick Start Guide
Safety and Regulatory Information
Conventions The following conventions are used throughout this guide to show information:
Note:
Emphasizes important information or calls your attention to related features
or instructions.
Caution:
Alerts you to a potential hazard that could cause loss of data, or damage
the system or equipment.
Documentation
Notice
This documentation is provided for general information purposes only. If any
product feature details in this documentation conflict with the product datasheet,
refer to the datasheet for the latest information.
Revision History This section summarizes the changes in each revision of this guide.
Revision Date Change Description
v1.2.2.24 10/2019 Updated"negotiation" on page 414
v1.2.2.24 04/2019 Added:
Documentationnotice
"ipv6 hop-limit" on page 926
"ipv6 neighbor" on page 926
Updated:
"DHCPv4 Snooping" on page 324
"IPv6 Source Guard" on page 358
v1.2.2.14 02/2019 Added:
"DHCP Server" on page 875
"TWAMP Commands" on page 513
"port security mac-address sticky" on page 302
Updated:
"ERPS Commands" on page 545
"tacacs-server host" on page 242
"server" on page 252
"Secure Shell" on page 265
How to Use This Guide
– 5 –
v1.2.2.2 09/2018 Added:
"aaa accounting commands" on page 249
"accounting commands" on page 254
"show authorization" on page 257
"Smart Pair Commands" on page 507‐new
commandgrouptoaddsmartredundantportpairs
"inclusion-vlan" on page 569
"exclusion-vlan" on page 552
"lldp basic-tlv management-ipv6-address" on
page 780
"ipv6 dhcp dynamic -provision" on page 891
"show ipv6 dhcp dynamic-provision" on page 892
"ipv6 address dhcp" on page 910
Updated:
"Configuring NTP" on page 73
"ntp server" on page 168
"show ntp" on page 169
"switchport packet-rate" on page 471
"show erps statistics" on page 575
Figure 395 on page 603
"ip igmp max-groups" on page 697
"ipv6 mld max-groups" on page 721
"ipv6 address autoconfig" on page 908
MultipleinaccuraciesfixedperInternalaudit.
v1.0.2.33 10/2017 Initial release
Revision Date Change Description
How to Use This Guide
– 6 –
– 7 –
Contents
How to Use This Guide 3
Contents 7
Figures 41
Tables 43
Section I Getting Started 49
1 Initial Switch Configuration 51
Connecting to the Switch 51
Configuration Options 51
Connecting to the Console Port 52
Logging Onto the Command Line Interface 53
Setting Passwords 53
Remote Connections (Network Interface) 54
Configuring the Switch for Remote Management 54
Setting an IP Address 55
Enabling SNMP Management Access 61
Managing System Files 63
Upgrading the Operation Code 64
Saving or Restoring Configuration Settings 65
Automatic Installation of Operation Code and Configuration Settings 66
Downloading Operation Code from a File Server 66
Specifying a DHCP Client Identifier 68
Downloading a Configuration File Referenced by a DHCP Server 69
Setting the System Clock 71
Setting the Time Manually 72
Configuring SNTP 72
Configuring NTP 73
Contents
– 8 –
Section II Command Line Interface 75
2 Using the Command Line Interface 77
Accessing the CLI 77
Console Connection 77
Telnet Connection 77
Entering Commands 79
Keywords and Arguments 79
Minimum Abbreviation 79
Command Completion 79
Getting Help on Commands 80
Partial Keyword Lookup 82
Negating the Effect of Commands 82
Using Command History 82
Understanding Command Modes 82
Exec Commands 83
Configuration Commands 84
Command Line Processing 86
CLI Command Groups 87
3 General Commands 91
prompt 91
reload (Global Configuration) 92
enable 93
quit 94
show history 95
configure 96
disable 96
reload (Privileged Exec) 97
show reload 97
end 98
exit 98
4 System Management Commands 101
Device Designation 101
Contents
– 9 –
hostname 102
Banner Information 102
banner configure 103
banner configure company 104
banner configure dc-power-info 105
banner configure department 106
banner configure equipment-info 106
banner configure equipment-location 107
banner configure ip-lan 108
banner configure lp-number 108
banner configure manager-info 109
banner configure mux 110
banner configure note 110
show banner 111
System Status 112
show access-list tcam-utilization 112
show memory 113
show process cpu 114
show process cpu guard 114
show process cpu task 115
show running-config 117
show startup-config 118
show system 119
show tech-support 120
show users 121
show version 122
show watchdog 123
watchdog software 123
Fan Control 124
fan-speed force-full 124
Frame Size 124
jumbo frame 124
File Management 125
General Commands 127
boot system 127
Contents
– 10 –
copy 128
delete 131
dir 132
whichboot 133
Automatic Code Upgrade Commands 134
upgrade opcode auto 134
upgrade opcode path 135
upgrade opcode reload 136
show upgrade 137
TFTP Configuration Commands 137
ip tftp retry 137
ip tftp timeout 138
show ip tftp 138
Line 139
line 140
databits 140
exec-timeout 141
login 142
parity 143
password 143
password-thresh 144
silent-time 145
speed 146
stopbits 146
timeout login response 147
disconnect 148
terminal 148
show line 149
Event Logging 150
logging facility 151
logging history 152
logging host 153
logging level 153
logging on 154
logging trap 154
Contents
– 11 –
clear log 155
show log 156
show logging 157
SMTP Alerts 158
logging sendmail 159
logging sendmail host 159
logging sendmail level 160
logging sendmail destination-email 160
logging sendmail source-email 161
show logging sendmail 161
Time 162
SNTP Commands 163
sntp client 163
sntp poll 164
sntp server 164
show sntp 165
NTP Commands 165
ntp authenticate 165
ntp authentication-key 166
ntp client 167
ntp server 168
show ntp 169
Manual Configuration Commands 169
clock summer-time (date) 169
clock summer-time (predefined) 171
clock summer-time (recurring) 172
clock timezone 173
clock timezone-predefined 174
calendar set 176
show calendar 177
Time Range 177
time-range 178
absolute 178
periodic 180
show time-range 182
Contents
– 12 –
Switch Clustering 182
cluster 183
cluster commander 184
cluster ip-pool 185
cluster member 185
rcommand 186
show cluster 186
show cluster members 187
show cluster candidates 187
5 SNMP Commands 189
General SNMP Commands 191
snmp-server 191
snmp-server community 192
snmp-server contact 192
snmp-server location 193
show snmp 193
SNMP Target Host Commands 194
snmp-server enable traps 194
snmp-server host 196
snmp-server enable port-traps link-up-down 198
snmp-server enable port-traps mac-notification 198
show snmp-server enable port-traps 199
SNMPv3 Commands 200
snmp-server engine-id 200
snmp-server group 201
snmp-server user 202
snmp-server view 204
show snmp engine-id 205
show snmp group 205
show snmp user 207
show snmp view 207
Notification Log Commands 208
nlm 208
snmp-server notify-filter 209
Contents
– 13 –
show nlm oper-status 210
show snmp notify-filter 211
Additional Trap Commands 211
memory 211
process cpu 212
process cpu guard 213
6 Remote Monitoring Commands 215
rmon alarm 216
rmon event 217
rmon collection history 218
rmon collection rmon1 219
show rmon alarms 220
show rmon events 220
show rmon history 221
show rmon statistics 221
7 Flow Sampling Commands 223
sflow owner 224
sflow polling instance 225
sflow sampling instance 226
show sflow 227
8 User Authentication Commands 229
User Accounts and Privilege Levels 230
enable password 230
username 231
privilege 233
show privilege 233
Authentication Sequence 234
authentication enable 234
authentication login 235
RADIUS Client 236
radius-server acct-port 236
radius-server auth-port 237
radius-server host 237
Contents
– 14 –
radius-server key 239
radius-server encrypted-key 239
radius-server retransmit 240
radius-server timeout 240
show radius-server 241
TACACS+ Client 241
tacacs-server host 242
tacacs-server key 243
tacacs-server encrypted-key 243
tacacs-server port 244
tacacs-server retransmit 244
tacacs-server timeout 245
show tacacs-server 245
AAA 246
aaa accounting dot1x 246
aaa accounting exec 247
aaa accounting update 248
aaa accounting commands 249
aaa authorization exec 250
aaa authorization commands 251
aaa group server 252
server 252
accounting dot1x 253
accounting commands 253
accounting commands 254
authorization exec 255
authorization commands 256
show accounting 256
show authorization 257
Web Server 258
ip http authentication 258
ip http port 259
ip http server 259
ip http secure-port 260
ip http secure-server 260
Contents
– 15 –
Telnet Server 262
ip telnet max-sessions 262
ip telnet port 263
ip telnet server 263
telnet (client) 264
show ip telnet 265
Secure Shell 265
ip ssh authentication-retries 268
ip ssh server 268
ip ssh server-key size 269
ip ssh timeout 270
delete public-key 270
ip ssh crypto host-key generate 271
ip ssh crypto zeroize 271
ip ssh save host-key 272
show ip ssh 272
show public-key 273
show ssh 273
802.1X Port Authentication 274
General Commands 275
dot1x default 275
dot1x eapol-pass-through 275
dot1x system-auth-control 276
Authenticator Commands 277
dot1x intrusion-action 277
dot1x max-reauth-req 277
dot1x max-req 278
dot1x operation-mode 278
dot1x port-control 279
dot1x re-authentication 280
dot1x timeout quiet-period 281
dot1x timeout re-authperiod 281
dot1x timeout supp-timeout 282
dot1x timeout tx-period 282
dot1x re-authenticate 283
Contents
– 16 –
Information Display Commands 283
show dot1x 283
Management IP Filter 286
management 286
show management 287
PPPoE Intermediate Agent 288
pppoe intermediate-agent 289
pppoe intermediate-agent format-type 290
pppoe intermediate-agent port-enable 290
pppoe intermediate-agent port-format-type 291
pppoe intermediate-agent port-format-type remote-id-delimiter 292
pppoe intermediate-agent trust 293
pppoe intermediate-agent vendor-tag strip 293
clear pppoe intermediate-agent statistics 294
show pppoe intermediate-agent info 294
show pppoe intermediate-agent statistics 295
9 General Security Measures 297
Port Security 298
mac-learning 298
port security 299
port security mac-address-as-permanent 301
port security mac-address sticky 302
show port security 302
Network Access (MAC Address Authentication) 304
network-access aging 305
network-access mac-filter 306
mac-authentication reauth-time 307
network-access dynamic-qos 307
network-access dynamic-vlan 309
network-access guest-vlan 310
network-access link-detection 310
network-access link-detection link-down 311
network-access link-detection link-up 311
network-access link-detection link-up-down 312
Contents
– 17 –
network-access max-mac-count 313
network-access mode mac-authentication 313
network-access port-mac-filter 314
mac-authentication intrusion-action 315
mac-authentication max-mac-count 315
clear network-access 316
show network-access 316
show network-access mac-address-table 317
show network-access mac-filter 318
Web Authentication 318
web-auth login-attempts 319
web-auth quiet-period 320
web-auth session-timeout 320
web-auth system-auth-control 321
web-auth 321
web-auth re-authenticate (Port) 322
web-auth re-authenticate (IP) 322
show web-auth 323
show web-auth interface 323
show web-auth summary 324
DHCPv4 Snooping 324
ip dhcp snooping 325
ip dhcp snooping information option 327
ip dhcp snooping information option encode no-subtype 328
ip dhcp snooping information option remote-id 329
ip dhcp snooping information option tr101 board-id 330
information policy 331
ip dhcp snooping limit rate 332
ip dhcp snooping verify mac address 332
ip dhcp snooping vlan 333
ip dhcp snooping information option circuit-id 334
ip dhcp snooping max-number 336
ip dhcp snooping trust 336
ip dhcp snooping vlan-flooding 337
clear ip dhcp snooping binding 338
Contents
– 18 –
clear ip dhcp snooping database flash 338
ip dhcp snooping database flash 339
show ip dhcp snooping 339
show ip dhcp snooping binding 340
DHCPv6 Snooping 340
ipv6 dhcp snooping 341
ipv6 dhcp snooping option remote-id 343
ipv6 dhcp snooping option remote-id policy 344
ipv6 dhcp snooping vlan 345
ipv6 dhcp snooping max-binding 346
ipv6 dhcp snooping trust 346
clear ipv6 dhcp snooping binding 348
clear ipv6 dhcp snooping statistics 348
show ipv6 dhcp snooping 349
show ipv6 dhcp snooping binding 349
show ipv6 dhcp snooping statistics 350
IPv4 Source Guard 350
ip source-guard binding 351
ip source-guard 353
ip source-guard max-binding 354
ip source-guard mode 355
clear ip source-guard binding blocked 356
show ip source-guard 356
show ip source-guard binding 357
IPv6 Source Guard 358
ipv6 source-guard binding 358
ipv6 source-guard 360
ipv6 source-guard max-binding 362
show ipv6 source-guard 363
show ipv6 source-guard binding 363
ARP Inspection 364
ip arp inspection 365
ip arp inspection filter 365
ip arp inspection log-buffer logs 367
ip arp inspection validate 368
Contents
– 19 –
ip arp inspection vlan 368
ip arp inspection limit 369
ip arp inspection trust 370
show ip arp inspection configuration 371
show ip arp inspection interface 371
show ip arp inspection log 372
show ip arp inspection statistics 372
show ip arp inspection vlan 372
Denial of Service Protection 373
dos-protection land 373
dos-protection tcp-null-scan 374
dos-protection tcp-syn-fin-scan 374
dos-protection tcp-xmas-scan 375
show dos-protection 375
Port-based Traffic Segmentation 376
traffic-segmentation 376
traffic-segmentation session 377
traffic-segmentation uplink/downlink 378
traffic-segmentation uplink-to-uplink 379
show traffic-segmentation 380
10 Access Control Lists 381
IPv4 ACLs 381
access-list ip 382
permit, deny (Standard IP ACL) 383
permit, deny (Extended IPv4 ACL) 384
ip access-group 386
show ip access-group 387
show ip access-list 387
IPv6 ACLs 388
access-list ipv6 388
permit, deny (Standard IPv6 ACL) 389
permit, deny (Extended IPv6 ACL) 390
ipv6 access-group 392
show ipv6 access-list 393
Contents
– 20 –
show ipv6 access-group 393
MAC ACLs 394
access-list mac 394
permit, deny (MAC ACL) 395
mac access-group 397
show mac access-group 398
show mac access-list 398
ARP ACLs 399
access-list arp 399
permit, deny (ARP ACL) 400
show access-list arp 401
show arp access-list 401
ACL Information 402
clear access-list hardware counters 402
show access-group 403
show access-list 403
11 Interface Commands 407
Interface Configuration 409
interface 409
capabilities 409
description 411
discard 411
flowcontrol 412
history 413
media-type 414
negotiation 414
shutdown 415
speed-duplex 416
switchport block 417
switchport mtu 418
clear counters 419
show discard 420
show interfaces brief 420
show interfaces counters 421
/