Enterasys Networks XSR CLI User manual

X-Pedition

™

Security Router

XSR CLI Reference Guide

Version 7.6

P/N 9033842-07

-i

Notice

Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and

its Web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such

changes have been made.

The hardware, firmware, or software described in this document is subject to change without notice.

IN NO EVENT SHALL ENTERASYS NETWORKS BE LIABLE FOR ANY INCIDENTAL, INDIRECT, SPECIAL, OR

CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED TO LOST PROFITS) ARISING OUT OF

OR RELATED TO THIS DOCUMENT, WEB SITE, OR THE INFORMATION CONTAINED IN THEM, EVEN IF ENTERASYS

NETWORKS HAS BEEN ADVISED OF, KNEW OF, OR SHOULD HAVE KNOWN OF, THE POSSIBILITY OF SUCH

DAMAGES.

Enterasys Networks, Inc.

50 Minuteman Road

Andover, MA 01810

Part Number: 9033842-07 September 2005

ENTERASYS NETWORKS, ENTERASYS XSR and any logos associated therewith, are trademarks or registered trademarks of

Enterasys Networks, Inc. in the United States and other countries. All other product names mentioned in this manual may be

trademarks or registered trademarks of their respective owners.

Documentation URL: http://www.enterasys.com/support/manuals

Documentacion URL: http://www.enterasys.com/support/manuals

Dokumentation http://www.enterasys.com/support/manuals

0

Enterasys Networks, Inc.

FIRMWARE LICENSE AGREEMENT

BEFOREOPENINGORUTILIZINGTHEENCLOSEDPRODUCT,

CAREFULLYREADTHISLICENSEAGREEMENT.

Thisdocumentisanagreement(“Agreement”)betweentheenduser(“You”)andEnterasysNetworks,Inc.onbehalfofitself

anditsAffiliates(ashereinafterdefined)(“Enterasys”)thatsetsforthYourrightsandobligationswithrespecttotheEnterasys

softwareprogram/firmware

installedontheEnterasysproduct(includinganyaccompanyingdocumentation,hardwareor

media)(“Program”)inthepackageandprevailsoveranyadditional,conflictingorinconsistenttermsandconditions

appearingonanypurchaseorderorotherdocumentsubmittedbyYou.“Affiliate”meansanyperson,partnership,corporation,

limitedliabilitycompany,orotherform

ofenterprisethatdirectlyorindirectlythroughoneormoreintermediaries,controls,or

iscontrolledby,orisundercommoncontrolwiththepartyspecified.ThisAgreementconstitutestheentireunderstanding

betweentheparties,andsupersedesallpriordiscussions,representations,understandingsoragreements,whetheroralorin

writing,betweentheparties

withrespecttothesubjectmatterofthisAgreement.TheProgrammaybecontainedinfirmware,

chipsorothermedia.

BYINSTALLINGOROTHERWISEUSINGTHEPROGRAM,YOUREPRESENTTHATYOUAREAUTHORIZEDTO

ACCEPTTHESETERMSONBEHALFOFTHEENDUSER(IFTHEENDUSERISANENTITYON

WHOSEBEHALFYOU

AREAUTHORIZEDTOACT,“YOU”AND“YOUR”SHALLBEDEEMEDTOREFERTOSUCHENTITY)ANDTHATYOU

AGREETHATYOUAREBOUNDBYTHETERMSOFTHISAGREEMENT,WHICHINCLUDES,AMONGOTHER

PROVISIONS,THELICENSE,THEDISCLAIMEROFWARRANTYANDTHELIMITATIONOFLIABILITY.IFYOU

DO

NOTAGREETOTHETERMSOFTHISAGREEMENTORARENOTAUTHORIZEDTOENTERINTOTHISAGREEMENT,

ENTERASYSISUNWILLINGTOLICENSETHEPROGRAMTOYOUANDYOUAGREETORETURNTHEUNOPENED

PRODUCTTOENTERASYSORYOURDEALER,IFANY,WITHINTEN(10)DAYSFOLLOWINGTHEDATEOFRECEIPT



FORAFULLREFUND.

IFYOUHAVEANYQUESTIONSABOUTTHISAGREEMENT,CONTACTENTERASYSNETWORKS,LEGAL

DEPARTMENTAT(978)684‐1000.

YouandEnterasysagreeasfollows:

1) LICENSE. Youhavethenon‐exclusiveandnon‐transferablerighttouseonlytheone(1)copyoftheProgram

providedinthispackagesubject

tothetermsandconditionsofthisAgreement.

2) RESTRICTIONS. ExceptasotherwiseauthorizedinwritingbyEnterasys,Youmaynot,normayYoupermitany

thirdpartyto:

(i) Reverseengineer,decompile,disassembleormodifytheProgram,inwholeorinpart,includingforreasonsof

errorcorrectionorinteroperability,exceptto

theextentexpresslypermittedbyapplicablelawandtotheextentthepartiesshall

notbepermittedbythatapplicablelaw,suchrightsareexpresslyexcluded.Informationnecessarytoachieveinteroperability

orcorrecterrorsisavailablefromEnterasysuponrequestanduponpaymentofEnterasys’applicablefee.

(ii) IncorporatetheProgram,inwholeorinpart,inanyotherproductorcreatederivativeworksbasedonthe

Program,inwholeorinpart.

(iii) Publish,disclose,copy,reproduceortransmittheProgram,inwholeorinpart.

(iv) Assign,sell,license,sublicense,rent,lease,encumberbywayofsecurityinterest,pledgeorotherwisetransferthe

Program,

inwholeorinpart.

(v) Removeanycopyright,trademark,proprietaryrights,disclaimerorwarningnoticeincludedonorembeddedin

anypartoftheProgram.

3) APPLICABLELAW.ThisAgreementshallbeinterpretedandgovernedunderthelawsandinthestateandfederal

courtsoftheCommonwealthofMassachusettswithout

regardtoitsconflictsoflawsprovisions.Youacceptthepersonal

jurisdictionandvenueoftheCommonwealthofMassachusettscourts.Noneofthe1980UnitedNationsConventionon

ContractsfortheInternationalSaleofGoods,theUnitedNationsConventionontheLimitationPeriodintheInternationalSale

ofGoods,andthe

UniformComputerInformationTransactionsActshallapplytothisAgreement.

i

4) EXPORTRESTRICTIONS. YouunderstandthatEnterasysanditsAffiliatesaresubjecttoregulationbyagenciesof

theU.S.Government,includingtheU.S.DepartmentofCommerce,whichprohibitexportordiversionofcertaintechnical

productstocertaincountries,unlessalicensetoexporttheProgramisobtainedfromtheU.S.Governmentor

anexceptionfrom

obtainingsuchlicensemayberelieduponbytheexportingparty.

IftheProgramisexportedfromtheUnitedStatespursuanttotheLicenseExceptionCIVundertheU.S.ExportAdministration

Regulations,YouagreethatYouareacivilenduseroftheProgramandagreethatYou

willusetheProgramforcivilenduses

onlyandnotformilitarypurposes.

IftheProgramisexportedfromtheUnitedStatespursuanttotheLicenseExceptionTSRundertheU.S.ExportAdministration

Regulations,inadditiontotherestrictionontransfersetforthinSections1or2ofthis

Agreement,Youagreenotto(i)reexport

orreleasetheProgram,thesourcecodefortheProgramortechnologytoanationalofacountryinCountryGroupsD:1orE:2

(Albania,Armenia,Azerbaijan,Belarus,Bulgaria,Cambodia,Cuba,Estonia,Georgia,Iraq,Kazakhstan,Kyrgyzstan,Laos,

Latvia,Libya,Lithuania,Moldova,NorthKorea,

thePeople’sRepublicofChina,Romania,Russia,Rwanda,Tajikistan,

Turkmenistan,Ukraine,Uzbekistan,Vietnam,orsuchothercountriesasmaybedesignatedbytheUnitedStatesGovernment),

(ii)exporttoCountryGroupsD:1orE:2(asdefinedherein)thedirectproductoftheProgramorthetechnology,ifsuchforeign

produceddirect

productissubjecttonationalsecuritycontrolsasidentifiedontheU.S.CommerceControlList,or(iii)ifthe

directproductofthetechnologyisacompleteplantoranymajorcomponentofaplant,exporttoCountryGroupsD:1orE:2

thedirectproductoftheplantoramajorcomponentthereof,ifsuchforeignproduceddirectproductissubjecttonational

securitycontrolsasidentifiedontheU.S.CommerceControlListorissubjecttoStateDepartmentcontrolsundertheU.S.

MunitionsList.

5) UNITEDSTATESGOVERNMENTRESTRICTEDRIGHTS. TheenclosedProgram(i)wasdevelopedsolelyat

privateexpense;

(ii)contains“restrictedcomputersoftware”submittedwithrestrictedrightsinaccordancewithsection52.227‐

19(a)through(d)oftheCommercialComputerSoftware‐RestrictedRightsClauseanditssuccessors,and(iii)inallrespectsis

proprietarydatabelongingtoEnterasysand/oritssuppliers.ForDepartmentofDefenseunits,theProgramis

considered

commercialcomputersoftwareinaccordancewithDFARSsection227.7202‐3anditssuccessors,anduse,duplication,or

disclosurebytheGovernmentissubjecttorestrictionssetforthherein.

6) DISCLAIMEROFWARRANTY. EXCEPTFORTHOSEWARRANTIESEXPRESSLYPROVIDEDTOYOUIN

WRITINGBYENTERASYS,ENTERASYSDISCLAIMSALLWARRANTIES,EITHEREXPRESSOR

IMPLIED,INCLUDING

BUTNOTLIMITEDTOIMPLIEDWARRANTIESOFMERCHANTABILITY,SATISFACTORYQUALITY,FITNESSFORA

PARTICULARPURPOSE,TITLEANDNON‐INFRINGEMENTWITHRESPECTTOTHEPROGRAM.IFIMPLIED

WARRANTIESMAYNOTBEDISCLAIMEDBYAPPLICABLELAW,THENANYIMPLIEDWARRANTIESARELIMITED

INDURATIONTOTHIRTY(30)DAYSAFTERDELIVERY

OFTHEPROGRAMTOYOU.

7) LIMITATIONOFLIABILITY. INNOEVENTSHALLENTERASYSORITSSUPPLIERSBELIABLEFORANY

DAMAGESWHATSOEVER(INCLUDING,WITHOUTLIMITATION,DAMAGESFORLOSSOFBUSINESS,PROFITS,

BUSINESSINTERRUPTION,LOSSOFBUSINESSINFORMATION,SPECIAL,INCIDENTAL,CONSEQUENTIAL,OR

RELIANCEDAMAGES,OROTHERLOSS)ARISINGOUTOFTHEUSE

ORINABILITYTOUSETHEPROGRAM,EVENIF

ENTERASYSHASBEENADVISEDOFTHEPOSSIBILITYOFSUCHDAMAGES.THISFOREGOINGLIMITATIONSHALL

APPLYREGARDLESSOFTHECAUSEOFACTIONUNDERWHICHDAMAGESARESOUGHT.

THECUMULATIVELIABILITYOFENTERASYSTOYOUFORALLCLAIMSRELATINGTOTHEPROGRAM,IN

CONTRACT,TORT

OROTHERWISE,SHALLNOTEXCEEDTHETOTALAMOUNTOFFEESPAIDTOENTERASYSBY

YOUFORTHERIGHTSGRANTEDHEREIN.

8) AUDITRIGHTS. You herebyacknowledgethattheintellectualpropertyrightsassociatedwiththeProgramareof

criticalvaluetoEnterasysand,accordingly,Youherebyagreetomaintaincompletebooks,recordsandaccounts

showing(i)

licensefeesdueandpaid,and(ii)theuse,copyinganddeploymentoftheProgram.YoualsogranttoEnterasysandits

authorizedrepresentatives,uponreasonablenotice,therighttoauditandexamineduringYournormalbusinesshours,Your

books,records,accountsandhardwaredevicesuponwhichtheProgram

maybedeployedtoverifycompliancewiththis

Agreement,includingtheverificationofthelicensefeesdueandpaidEnterasysandtheuse,copyinganddeploymentofthe

Program.Enterasysʹrightofexaminationshallbeexercisedreasonably,ingoodfaithandinamannercalculatedtonot

unreasonablyinterferewith

Yourbusiness.Intheeventsuchauditdiscoversnon‐compliancewiththisAgreement,including

copiesoftheProgrammade,usedordeploy edinbreachofthisAgreement,YoushallpromptlypaytoEnterasysthe

appropriatelicensefees.Enterasys reservestheright,tobeexercisedinitssolediscretionandwithoutpriornotice,

toterminate

thislicense,effectiveimmediately,forfailuretocomplywiththisAgreement.Uponanysuchtermination,Youshall

immediatelyceasealluseoftheProgramandshallreturntoEnterasystheProgramandallcopiesoftheProgram.

ii

9) OWNERSHIP. Thisisalicenseagreementandnotanagreementforsale.Youacknowledgeandagreethatthe

Programconstitutestradesecretsand/orcopyrightedmaterialofEnterasysand/oritssuppliers.Youagreetoimplement

reasonablesecuritymeasurestoprotectsuchtradesecretsandcopyrightedmaterial.Allright,titleandinterestin

andtothe

ProgramshallremainwithEnterasysand/oritssuppliers.AllrightsnotspecificallygrantedtoYoushallbereservedto

Enterasys.

10) ENFORCEMENT. YouacknowledgeandagreethatanybreachofSections2,4,or9ofthisAgreementbyYoumay

causeEnterasysirreparabledamageforwhichrecoveryof

moneydamageswouldbeinadequate,andthatEnterasysmaybe

entitledtoseektimelyinjunctiverelieftoprotectEnterasys’rightsunderthisAgreementinadditiontoanyandallremedies

availableatlaw.

11) ASSIGNMENT.Youmaynotassign,transferorsublicensethisAgreementoranyofYourrightsorobligations

under

thisAgreement,exceptthatYoumayassignthisAgreementtoanypersonorentitywhichacquiressubstantiallyallofYour

stockorassets.EnterasysmayassignthisAgreementinitssolediscretion.ThisAgreementshallbebindinguponandinureto

thebenefitoftheparties,theirlegalrepresentatives,

permittedtransferees,successorsandassignsaspermittedbythis

Agreement.Anyattemptedassignment,transferorsublicenseinviolationofthetermsofthisAgreementshallbevoidanda

breachofthisAgreement.

12) WAIVER. AwaiverbyEnterasysofabreachofanyofthetermsandconditionsofthisAgreement

mustbeinwriting

andwillnotbeconstruedasawaiverofanysubsequentbreachofsuchtermorcondition.Enterasys’failuretoenforceaterm

uponYourbreachofsuchtermshallnotbeconstruedasawaiverofYourbreachorpreventenforcementonanyotheroccasion.

13) SEVERABILITY.

IntheeventanyprovisionofthisAgreementisfoundtobeinvalid,illegalorunenforceable,the

validity,legalityandenforceabilityofanyoftheremainingprovisionsshallnotinanywaybeaffectedorimpairedthereby,

andthatprovisionshallbereformed,construedandenforcedtothemaximumextentpermissible.

Anysuchinvalidity,

illegalityorunenforceabilityinanyjurisdictionshallnotinvalidateorrenderillegalorunenforceablesuchprovisioninany

otherjurisdiction.

14) TERMINATION. EnterasysmayterminatethisAgreementimmediatelyuponYourbreachofanyofthetermsand

conditionsofthisAgreement.Uponanysuchtermination,Youshallimmediatelycease

alluseoftheProgramandshallreturn

toEnterasystheProgramandallcopiesoftheProgram.

v

Contents

Preface

Chapter 1: Network Management

Observing Syntax and Conventions ...............................................................................................................1-1

Network Management Commands .................................................................................................................1-1

General Network Management Commands ...................................................................................................1-2

General Show Commands ...........................................................................................................................1-14

snmp-server Commands ..............................................................................................................................1-16

SNMP Show Commands .............................................................................................................................. 1-34

SLA Agent Commands .................................................................................................................................1-37

RTR-mode Commands .................................................................................................................................1-43

RTR Show Commands ................................................................................................................................. 1-45

Chapter 2: Configuring T1/E1 and T3/E3 Subsystems

Observing Syntax and Conventions .............................................................................................................2-55

T1/E1 & T3/E3 Commands ...........................................................................................................................2-55

T1/E1 and T3/E3 Clear and Show Commands ............................................................................................2-74

Drop and Insert Commands .........................................................................................................................2-80

Chapter 3: Configuring the XSR Platform

Observing Syntax and Conventions .............................................................................................................3-83

Platform Commands .....................................................................................................................................3-83

Clock Commands ......................................................................................................................................... 3-84

Crypto Key Commands ................................................................................................................................3-85

Other Platform Commands ...........................................................................................................................3-86

SNTP Commands .........................................................................................................................................3-91

Platform Clear and Show Commands ..........................................................................................................3-94

File System Commands ............................................................................................................................. 3-107

Bootrom Monitor Mode Commands ............................................................................................................3-121

Chapter 4: Configuring Hardware Controllers

Observing Syntax and Conventions .............................................................................................................4-83

Hardware Controller Commands ..................................................................................................................4-83

Hardware Controller Clear and Show Commands .......................................................................................4-92

Chapter 5: Configuring the Internet Protocol

Observing Syntax and Conventions .............................................................................................................5-83

IP Commands ...............................................................................................................................................5-83

OSPF Commands ........................................................................................................................................5-84

OSPF Debug and Show Commands ..........................................................................................................5-104

RIP Commands .......................................................................................................................................... 5-123

RIP Show Commands ................................................................................................................................5-136

RTP Header Compression Commands ......................................................................................................5-137

Triggered on Demand RIP Commands ......................................................................................................5-142

Policy-Based Routing Commands ..............................................................................................................5-145

PBR Clear and Show Commands ..............................................................................................................5-148

vi

ARP Commands .........................................................................................................................................5-149

Other IP Commands ...................................................................................................................................5-151

IP Clear and Show Commands ..................................................................................................................5-168

Network Address Translation Commands ..................................................................................................5-182

Virtual Router Redundancy Protocol Commands .......................................................................................5-191

VRRP Clear and Show Commands ............................................................................................................5-197

Chapter 6: Configuring the Border Gateway Protocol

Observing Syntax and Conventions .............................................................................................................6-83

BGP Configuration Commands .................................................................................................................... 6-83

Route Map Commands ...............................................................................................................................6-110

BGP Set Commands ..................................................................................................................................6-114

BGP Clear and Show Commands ..............................................................................................................6-122

BGP Debug Commands ............................................................................................................................. 6-132

Chapter 7: Configuring IP Multicast

Observing Syntax and Conventions .............................................................................................................7-83

PIM Commands ............................................................................................................................................7-89

IGMP Clear and Show Commands ..............................................................................................................7-95

Chapter 8: Configuring the Point-to-Point Protocol

Observing Syntax and Conventions .............................................................................................................8-83

PPP Commands ...........................................................................................................................................8-83

PPP Debug, Clear and Show Commands ....................................................................................................8-97

Multilink PPP Commands ...........................................................................................................................8-108

Multilink Show Commands .........................................................................................................................8-122

Chapter 9: Configuring Frame Relay

Observing Syntax and Conventions .............................................................................................................9-83

Frame Relay Commands ..............................................................................................................................9-83

Frame Relay Map Class Commands ............................................................................................................ 9-95

Frame Relay Clear and Show Commands .................................................................................................9-102

Chapter 10: Configuring the Dialer Interface

Observing Syntax and Conventions ...........................................................................................................10-83

Dialer Interface Commands ........................................................................................................................ 10-83

Dialer Interface Clear and Show Commands .............................................................................................10-90

Dial Backup Commands ............................................................................................................................. 10-93

DOD/BOD Commands ...............................................................................................................................10-96

Dialer Watch Commands ..........................................................................................................................10-103

Chapter 11: ISDN BRI and PRI Commands

Observing Syntax and Conventions ...........................................................................................................11-83

ISDN Commands ........................................................................................................................................11-83

ISDN Debug and Show Commands ........................................................................................................... 11-92

Chapter 12: Configuring Quality of Service

Observing Syntax and Conventions ...........................................................................................................12-83

QoS Commands ......................................................................................................................................... 12-83

Policy-Map Commands .............................................................................................................................. 12-84

Class-map Commands .............................................................................................................................12-101

vii

QoS Show Commands ............................................................................................................................. 12-105

Chapter 13: Configuring ADSL

Observing Syntax and Conventions ...........................................................................................................13-83

ADSL Configuration Commands ................................................................................................................ 13-83

CMV Commands ........................................................................................................................................13-83

Other ADSL Commands .............................................................................................................................13-87

PPP Configuration Commands ................................................................................................................... 13-99

ATM Clear and Show Commands ............................................................................................................13-103

Chapter 14: Configuring the VPN

Observing Syntax and Conventions ...........................................................................................................14-83

VPN Commands .........................................................................................................................................14-83

PKI commands ........................................................................................................................................... 14-84

CA Identity Mode Commands ..................................................................................................................... 14-84

Other Certificate Commands ......................................................................................................................14-90

IKE Security Protocol Commands ..............................................................................................................14-94

ISAKMP Protocol Policy Mode Commands ................................................................................................ 14-95

Remote Peer ISAKMP Protocol Policy Mode Commands ..........................................................................14-99

Remote Peer Show Commands ...............................................................................................................14-104

IPSec Commands .....................................................................................................................................14-106

IPSec Clear and Show Commands ..........................................................................................................14-108

Crypto Map Mode Commands .................................................................................................................. 14-110

Crypto Transform Mode Commands ........................................................................................................14-115

Crypto Show Commands .......................................................................................................................... 14-118

Interface CLI Commands ..........................................................................................................................14-121

Interface VPN Commands ........................................................................................................................14-122

Tunnel Commands ...................................................................................................................................14-127

Tunnel Clear and Show Commands .........................................................................................................14-132

Additional Tunnel Termination Commands ..............................................................................................14-134

DF Bit Commands .................................................................................................................................... 14-137

Chapter 15: Configuring DHCP

Observing Syntax and Conventions ...........................................................................................................15-83

DHCP Commands ...................................................................................................................................... 15-83

ip address dhcp ....................................................................................................................................15-92

DHCP Clear and Show Commands .........................................................................................................15-111

Chapter 16: Configuring Security

Observing Syntax and Conventions ...........................................................................................................16-83

General Security Commands ..................................................................................................................... 16-84

Security Clear and Show Commands .........................................................................................................16-91

AAA Commands .........................................................................................................................................16-93

AAA Usergroup Commands ....................................................................................................................... 16-94

AAA User Commands ................................................................................................................................16-97

AAA Method Commands ..........................................................................................................................16-101

AAA Per-Interface Commands .................................................................................................................16-111

AAA Debug and Show Commands ..........................................................................................................16-112

Firewall Feature Set Commands ..............................................................................................................16-115

Firewall Interface Commands ...................................................................................................................16-129

Firewall Show Commands ........................................................................................................................ 16-133

viii

XSR User’s Guide ix

Preface

ThisguidedescribestheCommandLineInterface(CLI)commandsneededtomount,connect,

power‐up,andmaintainanXSRfromEnterasysNetworks.

ThisguideiswrittenforadministratorswhowanttoconfiguretheXSRorexperienceduserswho

areknowledgeableinbasicnetworkingprinciples.

Contents of the Guide

Informationinthisguideisarrangedasfollows:

• Chapter1,NetworkManagement,describesfundamentalnetworkcontrolcommands.

• Chapter2,ConfiguringtheT1/E1&T3/E3Subsystems,detailscommands forT1/E1andT3/E3

NIMcards.

• Chapter3,ConfiguringtheXSRPlatform,describesplatformsubsystemcommands.

• Chapter4,ConfiguringHardwareControllers,describes

commandstoconfigurethehardware

controllersoverseriallines.

• Chapter5,ConfiguringtheInternetProtocol,describesIPcommands.

• Chapter6,ConfiguringtheBorderGatewayProtocol,detailsBGPcommands.

• Chapter7ConfiguringIPMulticast,definesXSRcommandsforProtocolIndependentMulticast

‐SparseMode(PIM‐SM)andtheInternetGroupManagement

Protocol(IGMP).

• Chapter8,ConfiguringthePoint‐to‐PointProtocol,describesPPPsetup.

• Chapter9,ConfiguringFrameRelay,detailscommandstoconfigureFrameRelay.

• Chapter10,ConfiguringtheDialerInterface,describescommandstosetupnetworkconnections

overthePublicSwitchTelephoneNetwork,provideabackuplinkov era

dialline,and

configureBoD/DoD.

• Chapter11,ISDNBRIandPRICommands,detailscommandstosetupISDN.

• Chapter12,ConfiguringQualityofService,outlinesQoSsetupcommands.

• Chapter13,ConfiguringADSL,describesconfigurationcommandsforADSLincludingCMV,

ATMandassociatedPPPcommands.

• Chapter14,ConfiguringtheVPN,details

VirtualPrivateNetworksetup.

• Chapter15,ConfiguringDHCP,describeshowtosetupDynamicHostConfigurationProtocol.

• Chapter16,ConfiguringSecurity,describesconfiguringaccess lists,andothercommandsto

protectagainstvariousnetworkattacks.

x

Conventions Used in This Guide

Thefollowingconventionsareusedinthisguide:

Getting Help

ForadditionalsupportrelatedtotheXSR,contactEnterasysNetworksusingoneofthefollowing

methods:

Caution: Contains information essential to avoid damage to the equipment.

Cautela: Contiene información esencial para prevenir dañar el equipo.

Achtung: Verweißt auf wichtige Informationen zum Schutz gegen Beschädigungen.

Note: Calls the reader’s attention to any item of information that may be of special importance.

Bold/En negrilla Text in boldface indicates values you type using the keyboard or select using the

mouse (for example, a:\setup). Default settings may also appear in bold.

El texto en negrilla indica valores que usted introduce con el teclado o que

selecciona con el mouse (por ejemplo, a:\setup). Las configuraciones default

pueden también aparecer en en negrilla.

Italics/It áli ca Text in italics indicates a variable, important new term, or the title of a manual.

El texto en itálica indica un valor variable, un importante nuevo término, o el título

de un manual.

SMALL CAPS/ Small caps specify the keys to press on the keyboard; a plus sign (+) between

keys indicates that you must press the keys simultaneously (for example,

CTRL+ALT+DEL).

Las mayusculas indican las teclas a oprimir en el teclado; un signo de más (+)

entre las teclas indica que usted debe presionar las teclas simultáneamente (por

ejemplo, CTRL+ALT+DEL).

Courier font/Tipo de

letra Courier

Text in this font denotes a file name or directory.

El texto en este tipo de letra denota un nombre de archivo o de directorio.

+

Points to text describing CLI command.

Apunta al texto que describe un comando de CLI.

FastEthernet FastEthernet and GigabitEthernet references are generally interchangeable

throughout this guide.

Las referencias a los terminos FastEthernet y GigabitEthernet son generalmente

intercambiables en el contenido de esta guia.

World Wide Web http://www.enterasys.com

Phone (603) 332-9400

1-800-872-8440 (toll-free in U.S. and Canada)

For the Enterasys Networks Support toll-free number in your country:

http://www.enterasys.com/support/gtac-all.html

Internet mail [email protected]

To expedite your message, please type [xsr] in the subject line.

XSR User’s Guide xi

BeforecontactingEnterasysNetworksfortechnicalsupport,havethefollowinginformation

ready:

•YourEnterasysNetworksservicecontractnumber

•Adescriptionofthefailure

•Adescriptionofanyaction(s)alreadytakentoresolvetheproblem(e.g.,rebootingtheunit,

reconfiguringmodules,etc.)

•TheserialandrevisionnumbersofanyrelevantEnterasysNetworksproductsin

thenetwork

•Adescriptionofyournetworkenvironment(layout,cabletype,etc.)

•Networkloadandframesizeatthetimeoftheproblem

•TheXSR’shistory(i.e.,haveyoureturnedthedevicebefore,isthisarecurringproblem,etc.)

•AnypreviousReturnMaterialAuthorization(RMA)numbers.

FTP

Login

Password

ftp://ftp.enterasys.com

anonymous

your Email address

Acquire the latest image and

Release Notes

http://www.enterasys.com/download

Additional documentation http://www.enterasys.com/support/manuals

Forward comments or

suggestions

[email protected]

To expedite your message, type [techwriting] in the subject line, and

include the document Part Number in the Email.

xii

XSR CLI Reference Guide 1-1

1

Network Management

Observing Syntax and Conventions

TheCLISyntaxandconventionsusethenotationdescribedinthefollowingtable.

Network Management Commands

Thischapterincludesthefollowingsubsetsofnetworkmanagementcommands:

• “GeneralNetworkManagementCommands”onpage 1‐2

• “GeneralShowCommands”onpage 1 ‐14

• “snmp‐serverCommands”onpage 1‐16

• “SNMPShowCommands”onpage 1‐34

• “SLAAgentCommands”onpage 1‐37

• “RTR‐modeCommands”onpage 1‐43

• “RTRShowCommands”on

page 1‐45

Convention Description

xyz Keywordormandatoryparameters(bold)

[x][]Squarebracketsindicateanoptionalparameter(italic)

[x|y|z][|]Squarebracketswithverticalbarindicateachoiceofvalues

{x|y|z}{|}Braceswithverticalbarindicate

achoiceofarequiredvalue

[x{y|z}][{|}]Combinationofsquarebracketswithbracesandverticalbars

indicatesarequiredchoiceofanoptionalparameter

(config‐if<xx>) xxsignifiesinterfacetypeandnumber,e.g.:

F1,S2/1.0, D1, M57,

G3. F

indicatesaFastEthernet,andGaGigabitEthernetinterface.

NextModeentriesdisplaytheCLIpromptafteracommandisentered.

Sub‐commandheadingsaredisplayedinredtext.

soho.enterasys.com Italicized, non-syntactic text indicates either a user-specified entry or text with

special emphasis

General Network Management Commands

1-2 Network Management

General Network Management Commands

banner

ThiscommandcreatesaloginbannerattheXSR’sCLIprompt.Textisenteredonelineatti me and

shouldnotexceed80charactersperline.Eachsuccessiveentryaddsalinetothe banner,asshown

intheexample.

Syntax

banner login bannerLine

Syntax of the “no” Form

Usethenoformofthiscommandtoremoveallbanners:

XSR(config)#no banner login

Mode

Globalconfiguration:XSR(config)#

Example

Thefollowingexampleconfiguresaloginbanner:

XSR(config)#banner login “Welcome Larry”

XSR(config)#banner login “You’re in the office now”

XSR(config)#banner login “Start working!”

configure terminal

ThiscommandentersconfigurationmodefromPrivilegedEXECmode.

Syntax

configure terminal

Mode

PrivilegedEXEC:XSR#

Example

XSR#configure terminal

bannerLine

Texttobedisplayedatlogin.Amaximumof50linescanbewrittenper

banner.Textmustbeenclosedinquotes.

General Network Management Commands

XSR CLI Reference Guide 1-3

crypto key dsa

ThiscommandgeneratestheDigitalSignatureAlgorithm(DSA)typehostkeypair(privateand

public)aswellasdisplaysthepublickey.AuniquesetofhostkeysarecreatedeachtimetheXSR

rebootsbutwerecommendyougenerateanewpairofhostkeyswhenyoubelievesecuritymay



becompromised.

Themasterencryptionkeyisusedtoencryptthekeysbeforebeingsavedinthehostkey.datfilein

Flash.Accesstothisfileisrestrictedanditcannotbereadorcopied.AllSSHconnectionrequests

usethehostkeysstoredinthehostkey.datfileunlessnonehavebeen

generatedorthecontentof

thefileiscorrupted.Inthosecircumstances,defaultkeysareusedtosecuretheconnection.

Additionalhostkeybehaviorisdescribedasfollows:

•IfyouhavenotgeneratedamasterencryptionkeybeforeusingSSH,theXSRwillpromptyou

withthe

crypto key master generatecommand.

•Onetothreeminuteswillelapsewhilehostkeysaregeneratedby

crypto key dsa,

dependingonthedeviceloadatthetime.

•SSHacceptsnonewconnectionsduringhostkeygeneration.

•Thecommandisignoredifstoredinthestartup‐configfile.

•Ifthemasterkeyischanged,youarenotrequiredtogenerateanewDSAkeypair.

•Ifyouremovethemasterkey,the

DSAkeypairisremovedaswell(hostkey.datisdeleted).

Syntax

crypto key dsa {generate | remove | show}

Mode

Globalconfiguration:XSR(config)#

Example

Thefollowingexamplegeneratesanewpairofkeys:

XSR(config)#crypto key dsa generate

disable

ThiscommandexitsfromPrivilegedEXECtoEXECmode.

Syntax

disable

Mode

PrivilegedEXEC:XSR#

generate

Producenewkeypairs.

remove

Deleteoldkeypair.

show

Displaypublicportionofhostkeypairs.

General Network Management Commands

1-4 Network Management

Example

XSR#disable

enable

ThiscommandjumpstoPrivilegedEXECmode.

Syntax

enable

Mode

EXEC:XSR>

Example

XSR>enable

end

Thiscommandterminatesconfigurationmode.

Syntax

end

Mode

Anyconfiguration

Example

XSR(config)#end

exit

Thiscommandquitsthecurrentmodetoahigherlevel.IfyouareinEXECmode,itterminates the

Telnet,SSH,orConsole session.

Syntax

exit

Mode

All

Example

XSR(config)#exit

General Network Management Commands

XSR CLI Reference Guide 1-5

help

ThiscommandretrieveshelpatanyMode.

Syntax

help

Mode

All

Example

XSR#help

ip http port

ThiscommandchangestheHTTP(HyperTextTransferProtocol)portwhereincomingHTTP

(Web)sessionsareconnectingto.

Syntax

ip http port {port_number | default}

Mode

Globalconfiguration:XSR(config)#

Default

Portnumber:80

Example

XSR(config)#ip http port 1234

ip http server

Thiscommandenables/disablesHTTP(Web)servicetotherouter.Iftheoptionalparameterisnot

supplied,theHTTPserverwillbeenabled.SincetheHTTPserverisdisabledatboot‐up,youmust

eithermanuallyenableitusingtheCLIorenableitinthe

startup-configfile.

port_number

IncomingHTTPserverportnumberfrom1024to65535.

default

SetstheHTTPporttodefault.

Note: If you try to set the port-number but it is already in use (Telnet, e.g.) , it will be reset to the

default value automatically.

General Network Management Commands

1-6 Network Management

Syntax

ip http server [enable | disable]

Syntax of the “no” Form

ThenoformofthiscommanddisablestheHTTPserver:

no ip http server

Mode

Globalconfiguration:XSR(config)#

Default

Disable

Examples

XSR(config)#ip http server enable

XSR(config)#no ip http server

ip ssh server

Thiscommandenables/disablesSecureShell(SSH)servicetotheclient.BecausetheSSHserveris

enabledatboot‐up,youcaneithermanuallydisabletheSSHserverusingCLI,ordisabletheSSH

serverinthestartup‐configfile.Iftheoptionalparameterisnotsupplied,theSSHserverwillbe



enabled.

Syntax

ip ssh server [enable | disable]

Syntax of the “no” Form

ThenoformofthiscommanddisablestheSSHserver:

no ip ssh server

Mode

Globalconfiguration:XSR(config)#

Defaults

•Enabled

enable

EnablesHTTPserver.

disable

DisablesHTTPserver.

enable

EnablesSSHserver.

disable

DisablesSSHserver.

Enterasys Networks XSR CLI, X-Pedition XSR CLI User manual

Related papers

Other documents