Date post: | 03-Feb-2016 |
Category: |
Documents |
Upload: | chandru-blueeyes |
View: | 245 times |
Download: | 2 times |
DATACOM SYSTEMS INC
VS-2024-F CLI User Manual
Datacom Systems Inc
Revision Number: 2.2
DATACOM SYSTEMS INC
Copyright © 2012 Datacom Systems Inc . All Rights Reserved. No part of this document may be reproduced, stored in a retrieval system or transmitted, in any form, or by any means, electronic or otherwise, including photocopying, reprinting, or recording, for any purpose, without the express written permission of Datacom Systems Inc.
Printed in ________
TRADEMARKS Datacom Systems Inc LOGO are trademarks of Datacom Systems Inc . inthe U.S. and other countries. The use of any of these trademarks without Datacom Systems Inc. prior written consent is strictly prohibited. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Datacom Systems Inc. disclaims any proprietary interest in the trademarks and trade names other than its own.
DISCLAIMER The information in this book is provided “as is”, with no warranties whatsoever, including any warranty of merchantability, fitness for any particular purpose or any warranty otherwise arising out of any proposal, specification or sample. This document is provided for informational purposes only and should not be construed as a commitment on the part of Datacom Systems Inc. Information in this document is subject to change without notice.
REQUESTS For information or obtaining permission for use of material of this work, please submit a
written request to: Corporate Marketing and Legal, Datacom Systems Inc on wwwdatacomsystems.com
DOCUMENT No.: Datacom Systems Inc v 2.2
DATACOM SYSTEMS INC
CLI USER MANUAL 1 DATACOM SYSTEMS CONFIDENTIAL
Contents
CHAPTER 1: 1. INTRODUCTION _____________________________________________ 111.1 PURPOSE ................................................................................................... 11 1.2 SCOPE ....................................................................................................... 11 1.3 DOCUMENT CONVENTIONS .......................................................................... 11 1.4 KEY CONVENTIONS ..................................................................................... 12 1.4.1 Keyboard shortcuts ................................................................................ 12 1.4.2 Others .................................................................................................... 12
CHAPTER 2: 2. COMMAND LINE INTERFACE __________________________________ 132.1 CLI COMMAND MODES ............................................................................... 14 2.2 USER EXEC MODE .................................................................................... 15 2.3 PRIVILEGED EXEC MODE ........................................................................... 15 2.4 GLOBAL CONFIGURATION MODE .................................................................. 15 2.5 INTERFACE CONFIGURATION MODE ............................................................. 15 2.5.1 Physical Interface Mode ........................................................................ 15 2.5.2 Port Channel Interface Mode ................................................................. 16 2.5.3 VLAN Interface Mode ............................................................................ 16 2.5.4 Tunnel Interface Mode ........................................................................... 16 2.5.5 Out of Band Interface Mode .................................................................. 16 2.6 CONFIG-VLAN MODE ................................................................................. 16 2.7 LINE CONFIGURATION MODE ....................................................................... 16 2.8 BOOT CONFIGURATION ............................................................................... 16 2.9 REDUNDANCY CONFIGURATION ................................................................... 16 2.10 PROTOCOL SPECIFIC MODES ...................................................................... 16 2.10.1 DiffSrv ClassMap Configuration mode .................................................. 16 2.10.2 DiffSrv Policy-Map Configuration Mode ................................................. 17 2.10.3 DiffSrv Policy-Map Class Configuration Mode ....................................... 17 2.10.4 DHCP Pool Configuration Mode ............................................................ 17 2.10.5 ACL Standard Access List Configuration Mode .................................... 17 2.10.6 ACL Extended Access List Configuration Mode .................................... 17 2.10.7 ACL MAC Configuration Mode .............................................................. 18
CHAPTER 3: 3. DIFFSERV (DIFFERENTIATED SERVICES)________________________ 213.1 SET QOS ..................................................................................................... 23 3.2 CLASS-MAP ................................................................................................. 24 3.3 POLICY-MAP ............................................................................................... 25 3.4 MATCH ....................................................................................................... 26 3.5 CLASS ........................................................................................................ 27 3.6 SET COS ..................................................................................................... 28 3.7 SHUTDOWN QOS ......................................................................................... 29 3.8 COSQ SCHEDULING ALGORITHM ................................................................... 30 3.9 TRAFFIC CLASS ........................................................................................... 31 3.10 SHOW POLICY-MAP ...................................................................................... 32 3.11 SHOW CLASS-MAP ....................................................................................... 34 3.12 SHOW COSQ ALGORITHM ............................................................................. 35 3.13 SHOW COSQ WEIGHTS-BW ........................................................................... 36
CHAPTER 4: 4. ACL (ACCESS CONTROL LISTS) _______________________________ 374.1 IP ACCESS-LIST ........................................................................................... 39 4.2 MAC ACCESS-LIST EXTENDED....................................................................... 41 4.3 USER-DEFINED ACCESS-LIST ........................................................................ 42 4.4 USERDEFINED-LIST ..................................................................................... 43
VS-2024-F DATACOM SYSTEMS INC
2 CLI USER MANUAL CONFIDENTIAL
4.5 PERMIT USR-DEFINED-PACKET-TYPE ........................................................... 45 4.6 DENY USR-DEFINED-PACKET-TYPE .............................................................. 48 4.7 PERMIT - STANDARD MODE .......................................................................... 50 4.8 DENY - STANDARD MODE ............................................................................. 52 4.9 PERMIT- IP/OSPF/PIM/PROTOCOL TYPE ......................................................... 53 4.10 PERMIT IPV6 ............................................................................................... 56 4.11 DENY IPV6 .................................................................................................. 58 4.12 DENY - IP/OSPF/PIM/PROTOCOL TYPE ........................................................... 59 4.13 PERMIT TCP ................................................................................................ 61 4.14 DENY TCP ................................................................................................... 64 4.15 PERMIT UDP ................................................................................................ 66 4.16 DENY UDP ................................................................................................... 69 4.17 PERMIT ICMP ............................................................................................... 71 4.18 DENY ICMP ................................................................................................. 75 4.19 IP ACCESS-GROUP ...................................................................................... 78 4.20 MAC ACCESS-GROUP ................................................................................... 79 4.21 USER-DEFINED ACCESS-GROUP ................................................................... 80 4.22 PERMIT ....................................................................................................... 81 4.23 DENY .......................................................................................................... 85 4.24 SHOW ACCESS-LISTS ................................................................................... 88
CHAPTER 5: 5. QOS (QUALITY OF SERVICE) __________________________________ 935.1 SHUTDOWN QOS ......................................................................................... 95 5.2 QOS ........................................................................................................... 96 5.3 PRIORITY-MAP ............................................................................................ 97 5.4 CLASS-MAP ................................................................................................. 98 5.5 METER ....................................................................................................... 99 5.6 POLICY-MAP ............................................................................................. 100 5.7 QUEUE-TYPE ............................................................................................ 101 5.8 SHAPE-TEMPLATE ..................................................................................... 102 5.9 SCHEDULER .............................................................................................. 103 5.10 QUEUE ..................................................................................................... 105 5.11 QUEUE-MAP .............................................................................................. 107 5.12 SCHED-HIERARCHY ................................................................................... 108 5.13 QOS INTERFACE ........................................................................................ 109 5.14 MAP ......................................................................................................... 110 5.15 MATCH ACCESS-GROUP ............................................................................. 112 5.16 SET CLASS ................................................................................................ 113 5.17 METER-TYPE ............................................................................................. 114 5.18 SET POLICY............................................................................................... 116 5.19 SET METER ............................................................................................... 117 5.20 SET ALGO-TYPE ........................................................................................ 120 5.21 RANDOM-DETECT DP ................................................................................. 121 5.22 SHOW QOS GLOBAL INFO ........................................................................... 122 5.23 SHOW PRIORITY-MAP ................................................................................. 123 5.24 SHOW CLASS-MAP ..................................................................................... 124 5.25 SHOW CLASS-TO-PRIORITY-MAP ................................................................. 125 5.26 SHOW METER ............................................................................................ 126 5.27 SHOW POLICY-MAP .................................................................................... 127 5.28 SHOW QUEUE-TEMPLATE ........................................................................... 128 5.29 SHOW SHAPE-TEMPLATE ........................................................................... 129 5.30 SHOW SCHEDULER .................................................................................... 130 5.31 SHOW QUEUE ........................................................................................... 131 5.32 SHOW QUEUE-MAP .................................................................................... 132 5.33 SHOW SCHED-HIERARCHY ......................................................................... 133 5.34 SHOW QOS DEF-USER-PRIORITY ................................................................. 134 5.35 SHOW QOS METER-STATS .......................................................................... 136
DATACOM SYSTEMS INC CONTENTS
CLI USER MANUAL 3 DATACOM SYSTEMS CONFIDENTIAL
5.36 SHOW QOS QUEUE-STATS .......................................................................... 137 CHAPTER 6: 6. TACACS ___________________________________________________ 138
6.1 TACACS-SERVER HOST .............................................................................. 139 6.2 TACACS USE-SERVER ADDRESS ................................................................. 141 6.3 TACACS-SERVER RETRANSMIT ................................................................... 142 6.4 DEBUG TACACS ......................................................................................... 143 6.5 SHOW TACACS .......................................................................................... 144
CHAPTER 7: 7. LA ________________________________________________________ 1467.1 SET PORT-CHANNEL .................................................................................. 148 7.2 CHANNEL-PROTOCOL ................................................................................ 149 7.3 LACP SYSTEM-PRIORITY ............................................................................ 150 7.4 LACP SYSTEM-IDENTIFIER .......................................................................... 151 7.5 PORT-CHANNEL LOAD-BALANCE ................................................................. 152 7.6 LACP PORT-PRIORITY ................................................................................ 154 7.7 LACP PORT-IDENTIFIER .............................................................................. 155 7.8 CHANNEL-GROUP ...................................................................................... 156 7.9 LACP WAIT-TIME ........................................................................................ 157 7.10 LACP TIMEOUT .......................................................................................... 158 7.11 LACP RATE ............................................................................................... 159 7.12 LACP ........................................................................................................ 160 7.13 DEFAULT PORT.......................................................................................... 161 7.14 PORT-CHANNEL MAX-PORTS ...................................................................... 162 7.15 SHUTDOWN PORT-CHANNEL ....................................................................... 163 7.16 DEBUG LACP ............................................................................................. 164 7.17 DEBUG ETHERCHANNEL ............................................................................. 165 7.18 SHOW ETHERCHANNEL .............................................................................. 166 7.19 SHOW ETHERCHANNEL - REDUNDANCY ...................................................... 172 7.20 SHOW INTERFACES ................................................................................... 174 7.21 SHOW LACP .............................................................................................. 177
CHAPTER 8: 8. SYSLOG ___________________________________________________ 1808.1 LOGGING .................................................................................................. 182 8.2 LOGGING SYNCHRONOUS .......................................................................... 184 8.3 MAILSERVER ............................................................................................. 186 8.4 SENDER MAIL-ID ........................................................................................ 187 8.5 RECEIVER MAIL-ID ..................................................................................... 188 8.6 CMDBUFFS ............................................................................................... 189 8.7 SERVICE TIMESTAMPS ............................................................................... 190 8.8 CLEAR LOGS ............................................................................................. 191 8.9 SYSLOG MAIL ............................................................................................ 192 8.10 SYSLOG LOCAL STORAGE .......................................................................... 193 8.11 SYSLOG FILENAME-ONE ............................................................................. 194 8.12 SYSLOG FILENAME-TWO ............................................................................ 195 8.13 SYSLOG FILENAME-THREE ......................................................................... 196 8.14 SYSLOG RELAY - PORT .............................................................................. 197 8.15 SYSLOG PROFILE ...................................................................................... 198 8.16 LOGGING-FILE ........................................................................................... 199 8.17 LOGGING SERVER ..................................................................................... 200 8.18 MAIL SERVER TABLE .................................................................................. 201 8.19 SYSLOG RELAY ......................................................................................... 202 8.20 SYSLOG RELAY TRANSPORT TYPE .............................................................. 203 8.21 SHOW LOGGING ........................................................................................ 204 8.22 SHOW EMAIL ALERTS ................................................................................. 205 8.23 SHOW SYSLOG ROLE ................................................................................. 206 8.24 SHOW SYSLOG MAIL .................................................................................. 208
VS-2024-F DATACOM SYSTEMS INC
4 CLI USER MANUAL CONFIDENTIAL
8.25 SHOW SYSLOG LOCAL STORAGE ................................................................. 209 8.26 SHOW LOGGING FILE ................................................................................. 210 8.27 SHOW LOGGING SERVER............................................................................ 211 8.28 SHOW MAIL SERVER .................................................................................. 212 8.29 SHOW SYSLOG RELAY - PORT ..................................................................... 213 8.30 SHOW SYSLOG PROFILE ............................................................................. 214 8.31 SHOW SYSLOG RELAY TRANSPORT TYPE .................................................... 215 8.32 SHOW SYSLOG FILE-NAME ......................................................................... 216 8.33 SHOW SYSLOG INFORMATION ..................................................................... 217
CHAPTER 9: 9. VLAN _____________________________________________________ 2199.1 SET VLAN .................................................................................................. 223 9.2 VLAN ........................................................................................................ 224 9.3 SET MAC-LEARNING ................................................................................... 225 9.4 SET UNICAST-MAC-LEARNING ..................................................................... 226 9.5 INTERFACE RANGE .................................................................................... 227 9.6 BASE BRIDGE-MODE .................................................................................. 228 9.7 MAC-VLAN ................................................................................................ 229 9.8 SUBNET-VLAN ........................................................................................... 230 9.9 PROTOCOL-VLAN ....................................................................................... 231 9.10 MAP PROTOCOL ........................................................................................ 232 9.11 SET GVRP ................................................................................................. 233 9.12 SET PORT GVRP ........................................................................................ 234 9.13 SET PORT GVRP - ENABLE | DISABLE ........................................................... 235 9.14 SET GMRP ................................................................................................ 236 9.15 SET PORT GMRP ........................................................................................ 237 9.16 VLAN LEARNING MODE ............................................................................... 238 9.17 FID - VLAN RANGE ..................................................................................... 239 9.18 SET VLAN TRAFFIC-CLASSES ...................................................................... 240 9.19 MAC-MAP .................................................................................................. 241 9.20 MAP SUBNET ............................................................................................. 242 9.21 SWITCHPORT FILTERING-UTILITY-CRITERIA ................................................. 243 9.22 MAC-ADDRESS-TABLE STATIC UNICAST ....................................................... 244 9.23 MAC-ADDRESS-TABLE STATIC UNICAST – TRANSPARENT BRIDGING MODE .... 247 9.24 MAC-ADDRESS-TABLE STATIC MULTICAST ................................................... 249 9.25 MAC ADDRESS-TABLE STATIC MCAST .......................................................... 251 9.26 MAC-ADDRESS-TABLE STATIC MULTICAST – TRANSPARENT BRIDGING MODE 252 9.27 MAC-ADDRESS-TABLE AGING-TIME ............................................................. 254 9.28 BRIDGE-MODE- METRO ............................................................................. 255 9.29 L2PROTOCOL-TUNNEL COS ........................................................................ 257 9.30 CLEAR L2PROTOCOL-TUNNEL COUNTERS ................................................... 258 9.31 CLEAR VLAN STATISTICS ............................................................................ 259 9.32 VLAN DEFAULT HYBRID TYPE ...................................................................... 260 9.33 WILDCARD ................................................................................................ 261 9.34 SET UNICAST-MAC LEARNING ..................................................................... 262 9.35 VLAN UNICAST-MAC LEARNING LIMIT ........................................................... 263 9.36 UNICAST-MAC LEARNING LIMIT ................................................................... 264 9.37 PORTS ...................................................................................................... 265 9.38 VLAN ACTIVE ............................................................................................. 267 9.39 FORWARD-ALL .......................................................................................... 268 9.40 FORWARD-UNREGISTERED ........................................................................ 271 9.41 SWITCHPORT PVID ..................................................................................... 272 9.42 SWITCHPORT ACCESS VLAN ....................................................................... 273 9.43 SWITCHPORT ACCEPTABLE-FRAME-TYPE .................................................... 274 9.44 SWITCHPORT INGRESS-FILTER ................................................................... 275 9.45 PORT MAC-VLAN........................................................................................ 276 9.46 PORT SUBNET – VLAN ................................................................................ 277
DATACOM SYSTEMS INC CONTENTS
CLI USER MANUAL 5 DATACOM SYSTEMS CONFIDENTIAL
9.47 PORT PROTOCOL-VLAN .............................................................................. 278 9.48 SWITCHPORT MAP PROTOCOLS-GROUP ...................................................... 279 9.49 SWITCHPORT PRIORITY DEFAULT ................................................................ 280 9.50 SWITCHPORT MODE ................................................................................... 281 9.51 SWITCHPORT MODE DOT1Q-TUNNEL ........................................................... 282 9.52 SET GARP TIMER ....................................................................................... 283 9.53 VLAN RESTRICTED ..................................................................................... 284 9.54 GROUP RESTRICTED .................................................................................. 285 9.55 VLAN MAX-TRAFFIC-CLASS ......................................................................... 286 9.56 VLAN MAP-PRIORITY .................................................................................. 287 9.57 SHUTDOWN GARP ..................................................................................... 288 9.58 SHUTDOWN VLAN ...................................................................................... 289 9.59 DEBUG VLAN ............................................................................................. 290 9.60 DEBUG GARP ............................................................................................ 292 9.61 SHOW VLAN .............................................................................................. 295 9.62 SHOW VLAN DEVICE INFO ........................................................................... 297 9.63 SHOW VLAN DEVICE CAPABILITIES .............................................................. 300 9.64 SHOW FID - DETAIL .................................................................................... 301 9.65 SHOW FORWARD-ALL ................................................................................ 303 9.66 SHOW FORWARD-UNREGISTERED ............................................................... 306 9.67 SHOW VLAN TRAFFIC-CLASSES ................................................................... 308 9.68 SHOW GARP TIMER .................................................................................... 311 9.69 SHOW VLAN PORT CONFIG ......................................................................... 313 9.70 SHOW VLAN PROTOCOLS-GROUP ............................................................... 317 9.71 SHOW PROTOCOL-VLAN ............................................................................. 318 9.72 SHOW MAC-VLAN ....................................................................................... 319 9.73 SHOW SUBNET VLAN MAPPING ................................................................... 320 9.74 SHOW VLAN COUNTERS ............................................................................. 322 9.75 SHOW VLAN STATISTICS ............................................................................. 324 9.76 SHOW MAC-ADDRESS-TABLE ...................................................................... 325 9.77 SHOW DOT1D MAC-ADDRESS-TABLE ........................................................... 327 9.78 SHOW DOT1D MAC-ADDRESS-TABLE STATIC UNICAST .................................. 328 9.79 SHOW DOT1D MAC-ADDRESS-TABLE STATIC MULTICAST .............................. 329 9.80 SHOW MAC-ADDRESS-TABLE COUNT ........................................................... 330 9.81 SHOW MAC-ADDRESS-TABLE STATIC UNICAST ............................................. 332 9.82 SHOW MAC-ADDRESS-TABLE STATIC MULTICAST ......................................... 334 9.83 SHOW MAC-ADDRESS-TABLE DYNAMIC UNICAST .......................................... 336 9.84 SHOW MAC-ADDRESS-TABLE DYNAMIC MULTICAST ...................................... 338 9.85 SHOW MAC-ADDRESS-TABLE AGING-TIME ................................................... 340 9.86 SHOW WILDCARD ...................................................................................... 341
CHAPTER 10: 10. SNMPV3 __________________________________________________ 343 10.1 ENABLE SNMPSUBAGENT ........................................................................... 346 10.2 DISABLE SNMPSUBAGENT .......................................................................... 347 10.3 SHOW SNMP AGENTX INFORMATION ............................................................ 348 10.4 SHOW SNMP AGENTX STATISTICS ............................................................... 349 10.5 ENABLE SNMPAGENT ................................................................................. 350 10.6 DISABLE SNMPAGENT ................................................................................ 351 10.7 SNMP COMMUNITY INDEX ........................................................................... 352 10.8 SNMP GROUP ............................................................................................ 354 10.9 SNMP ACCESS .......................................................................................... 355 10.10 SNMP ENGINEID ........................................................................................ 357 10.11 SNMP PROXY NAME ................................................................................... 358 10.12 SNMP MIBPROXY NAME .............................................................................. 360 10.13 SNMP VIEW ............................................................................................... 362 10.14 SNMP TARGETADDR .................................................................................. 364 10.15 SNMP TARGETPARAMS .............................................................................. 366
VS-2024-F DATACOM SYSTEMS INC
6 CLI USER MANUAL CONFIDENTIAL
10.16 SNMP USER .............................................................................................. 368 10.17 SNMP NOTIFY ............................................................................................ 370 10.18 SNMP FILTERPROFILE ................................................................................ 372 10.19 SNMP-SERVER ENABLE TRAPS SNMP AUTHENTICATION ................................ 373 10.20 SNMP-SERVER TRAP UDP-PORT ................................................................. 374 10.21 SNMP-SERVER TRAP PROXY-UDP-PORT ...................................................... 375 10.22 SNMP AGENT PORT .................................................................................... 376 10.23 SNMP TCP ENABLE .................................................................................... 377 10.24 SNMP TRAP TCP ENABLE ............................................................................ 378 10.25 SNMP-SERVER TCP-PORT .......................................................................... 379 10.26 SNMP-SERVER TRAP TCP-PORT .................................................................. 380 10.27 SNMP-SERVER ENABLE TRAPS ................................................................... 381 10.28 SHOW SNMP ............................................................................................. 382 10.29 SHOW SNMP COMMUNITY ........................................................................... 383 10.30 SHOW SNMP GROUP .................................................................................. 384 10.31 SHOW SNMP GROUP ACCESS ..................................................................... 386 10.32 SHOW SNMP ENGINEID .............................................................................. 387 10.33 SHOW SNMP PROXY .................................................................................. 388 10.34 SHOW SNMP MIBPROXY ............................................................................. 389 10.35 SHOW SNMP VIEWTREE ............................................................................. 391 10.36 SHOW SNMP TARGETADDR ......................................................................... 392 10.37 SHOW SNMP TARGETPARAM....................................................................... 393 10.38 SHOW SNMP USER ..................................................................................... 394 10.39 SHOW SNMP NOTIF .................................................................................... 395 10.40 SHOW SNMP INFORM STATISTICS ................................................................ 397 10.41 SHOW SNMP-SERVER TRAPS ...................................................................... 398 10.42 SHOW SNMP-SERVER PROXY-UDP-PORT ..................................................... 399 10.43 SHOW SNMP TCP ....................................................................................... 400 10.44 SHOW SNMP FILTER TABLE ......................................................................... 401
CHAPTER 11: 11. SNTP ____________________________________________________ 402 11.1 SNTP ........................................................................................................ 404 11.2 SET SNTP CLIENT ...................................................................................... 405 11.3 SET SNTP CLIENT VERSION ........................................................................ 406 11.4 SET SNTP CLIENT ADDRESSING MODE ......................................................... 407 11.5 SET SNTP CLIENT PORT ............................................................................. 408 11.6 SET SNTP CLIENT CLOCK-FORMAT .............................................................. 409 11.7 SET SNTP TIME ZONE ................................................................................. 410 11.8 SET SNTP CLIENT CLOCK-SUMMER-TIME ..................................................... 411 11.9 SET SNTP CLIENT AUTHENTICATION-KEY ..................................................... 412 11.10 SET SNTP UNICAST-SERVER AUTO-DISCOVERY ............................................ 413 11.11 SET SNTP UNICAST-POLL-INTERVAL ............................................................ 414 11.12 SET SNTP UNICAST-MAX-POLL-TIMEOUT ...................................................... 415 11.13 SET SNTP UNICAST-MAX-POLL-RETRY ......................................................... 416 11.14 SET SNTP UNICAST-SERVER ....................................................................... 417 11.15 SET SNTP BROADCAST-MODE SEND-REQUEST ............................................. 418 11.16 SET SNTP BROADCAST-POLL-TIMEOUT ........................................................ 419 11.17 SET SNTP BROADCAST-DELAY-TIME ............................................................ 420 11.18 SET SNTP MULTICAST-MODE SEND-REQUEST .............................................. 421 11.19 SET SNTP MULTICAST-POLL-TIMEOUT ......................................................... 422 11.20 SET SNTP MULTICAST-DELAY-TIME ............................................................. 423 11.21 SET SNTP MULTICAST-GROUP-ADDRESS ..................................................... 424 11.22 SET SNTP ANYCAST-POLL-INTERVAL ........................................................... 425 11.23 SET SNTP ANYCAST-POLL-TIMEOUT ............................................................ 426 11.24 SET SNTP ANYCAST-POLL-RETRY-COUNT .................................................... 427 11.25 SET SNTP ANYCAST-SERVER ...................................................................... 428 11.26 SHOW SNTP CLOCK ................................................................................... 429
DATACOM SYSTEMS INC CONTENTS
CLI USER MANUAL 7 DATACOM SYSTEMS CONFIDENTIAL
11.27 SHOW SNTP STATUS .................................................................................. 430 11.28 SHOW SNTP UNICAST–MODE STATUS .......................................................... 431 11.29 SHOW SNTP BROADCAST–MODE STATUS .................................................... 432 11.30 SHOW SNTP MULTICAST–MODE STATUS ...................................................... 433 11.31 SHOW SNTP ANYCAST–MODE STATUS ......................................................... 434 11.32 DEBUG SNTP ............................................................................................. 435
CHAPTER 12: 12. RMON ____________________________________________________ 437 12.1 SET RMON ................................................................................................ 438 12.2 RMON COLLECTION HISTORY ...................................................................... 439 12.3 RMON COLLECTION STATS ......................................................................... 440 12.4 RMON EVENT ............................................................................................ 441 12.5 RMON ALARM ............................................................................................ 442 12.6 SHOW RMON ............................................................................................. 444
DATACOM SYSTEMS INC
CLI USER MANUAL 9 DATACOM SYSTEMS CONFIDENTIAL
Figures
Figure 2-1: Command Modes Access Path ................................................................................................. 19
.
CLI USER MANUAL 11 DATACOM SYSTEMS CONFIDENTIAL
Chapter
1 1.Introduction
1.1 Purpose Datacom Systems Inc is a pre-integrated OEM ready software for managed Layer2/Layer 3 switches, which performs switching between Ethernet ports at wire speed. Datacom Systems Inc provides the basic bridging functionality and also offers advanced features such as link aggregation, GVRP/GMRP, IGMP Snooping and Network Access Control.
This document describes in detail the CLI commands that are specific to xCAT target. It is intended to be a reference manual for users and system administrators who will configure Datacom Systems Inc through the CLI interface.
1.2 Scope The scope of this document is limited to Datacom Systems Inc release 5.0.0.0. This document details all the Marvell xCAT based CLI commands provided by the Datacom Systems Inc software.
1.3 Document Conventions The syntax of the CLI command is given in Courier New 10 bold.
Elements in (< >) indicate the field required as input along with a CLI command, for example, <integer (100-1000)>.
Elements in square brackets ([]) indicate optional fields for a command.
Text in {} refers to ‘either-or group’ for the tokens given inside separated by a | symbol.
The CLI command usage is given in Courier New 10 regular.
Outputs and messages for CLI commands are given in Courier New 10 regular.
VS-2024-F DATACOM SYSTEMS INC
12 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
The no form of the command resets a particular configuration to its default value or revokes the effect. This is explicitly explained in the description of the commands for which it is applicable.
Any action that can change the switch configuration, any conditionals and requirements for a command and any information associated with significant details and functionality of command is
listed using the symbol.
Datacom Systems Inc is available in three different packages, namely, Workgroup, Enterprise and Metro1. The parameters specific for a particular package are indicated along with the description of the parameter itself.
1.4 Key Conventions
1.4.1 Keyboard shortcuts
Up Arrow /
Down Arrow
Displays the previously executed command
Ctrl + C Exits from the ISS prompt
Backspace
/ Ctrl + H
Removes a single character
TAB Completes a command without typing the full word
Left Arrow /
Right Arrow
Traverses the current line
1.4.2 Others ? - helps to list the available commands
'q' - exits the output display if display is more than one page and returns to the ISS prompt
"show history" - displays the command history list
1 Refer ISS Product Specification Document for a detailed description of the package.
CLI USER MANUAL 13 DATACOM SYSTEMS CONFIDENTIAL
Chapter
2 2.Command Line Interface
This section describes the configuration of Datacom Systems Inc using the Command Line Interface.
The Command Line Interface (CLI) can be used to configure the Intelligent Switch Solution from a console attached to the serial port of the switch or from a remote terminal using TELNET.
The Datacom Systems Inc CLI supports a simple login authentication mechanism. The authentication is based on a user name and password provided by the user during login. The user "root" is created by default with password "admin123".
When Datacom Systems Inc is started, the user name and password has to be given at the login prompt to access the CLI shell:
Datacom Systems Inc. Intelligent Switch Solution
ISS Login: guest
Password: ********
iss#
The "user-exec" mode is now available to the user. CLI Command Modes provide a detailed description of the various modes available for ISS.
When Datacom Systems Inc. ISS-Chassis is started, the user name and password has to be given at the login prompt to access the CLI shell:
IDatacom Systems Inc. Intelligent Switch Solution
ISS Login: chassisuser
Password: ********
iss-boot>
VS-2024-F DATACOM SYSTEMS INC
14 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
The Boot Configuration mode is now available to the user.
The command prompt always displays the current mode.
CLI commands need not be fully typed. The abbreviated forms of CLI commands are alsoaccepted by the Datacom Systems Inc CLI. For example, commands like " show ip global config" can be typed as "sh ip gl co".
CLI commands are case insensitive.
CLI commands will be successful only if the dependencies are satisfied for a particularcommand that is issued. Appropriate error messages will be displayed, if the dependencies are not satisfied
Note: The ethernet type of an interface is determined during System Startup. While configuring interface-specific parameters, its ethernet type needs to be specified correctly. A fast ethernet interface cannot be configured as a gigabit-ethernet interface and vice-versa.
2.1 CLI Command Modes Command Mode Access Method Prompt Exit method
User EXEC This is the initial mode to start a session.
iss> The logout method is used.
Privileged EXEC The User EXEC mode command enable, is used to enter the Privileged EXEC mode.
iss# To return from the Privileged EXEC mode to User EXEC mode the disable command is used.
Global Configuration The Privileged EXEC mode command configure terminal, is used to enter the Global Configuration mode
iss(config)# To exit to the Global Configuration mode the exit command is used and to exit to the Privileged EXEC mode the end command is used.
Interface Configuration The Global Configuration mode command interface <interface-type><interface-id> is used to enter the Interface configuration mode.
iss(config-if)#
To exit to the Global Configuration mode the exit command is used and to exit to the Privileged EXEC mode the end command is used.
Config-VLAN The globalconfiguration mode command vlan vlan-id, is used to enter the Config-VLAN mode.
iss(config-vlan)#
To exit to the Global Configuration mode the exit command is used and to exit to the Privileged EXEC mode the end
DATACOM SYSTEMS INC CHAPTER 2: COMMAND LINE INTERFACE
CLI USER MANUAL 15 DATACOM SYSTEMS CONFIDENTIAL
Command Mode Access Method Prompt Exit method
command is used.
Line Configuration The global configuration mode command line, is used to enter the Line Configuration mode.
iss(config-line)#
To exit to the Global Configuration mode the exit command is used and to exit to the Privileged EXEC mode the end command is used.
Redundancy Configuration
The global configuration mode command redundancy, is used to enter the Redundancy Configuration mode.
iss(config-r)#
To exit to the Global Configuration mode the exit command is used.
Boot Configuration This is the initial mode to start an ISS-Chassis session.
iss-boot> The reload command is used to restart the switch.
2.2 User EXEC Mode After logging into the device, the user is automatically in the User EXEC mode. In general, the User EXEC commands are used to temporarily change terminal settings, perform basic tests and list system information.
2.3 Privileged EXEC Mode Since many of the privileged commands set operating parameters, privileged access is password protected to prevent unauthorized use. The password is not displayed on the screen and is case sensitive. The Privileged EXEC mode prompt is the device name followed by the pound (#) sign.
2.4 Global Configuration Mode Global Configuration commands apply to features that affect the system as a whole, to any specific interface.
2.5 Interface Configuration Mode The following are the different modes present under the Interface Configuration mode.
2.5.1 Physical Interface Mode The Physical Interface mode is used to perform interface specific operations. To return to the global configuration mode the exit command is used.
VS-2024-F DATACOM SYSTEMS INC
16 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
2.5.2 Port Channel Interface Mode The Port Channel Interface mode is used to perform port-channel specific operations.
To return to the global configuration mode the exit command is used.
2.5.3 VLAN Interface Mode The VLAN Interface mode is used to perform L3-IPVLAN specific operations. To return to the global configuration mode the exit command is used.
2.5.4 Tunnel Interface Mode The Tunnel Interface mode is used to perform Tunnel specific operations. To return to the global configuration mode the exit command is used.
2.5.5 Out of Band Interface Mode The Out of Band Interface mode is used to perform OOB interface specific operations. To return to the global configuration mode the exit command is used.
2.6 Config-VLAN Mode This mode is used to perform VLAN specific operations. To return to the global configuration mode the exit command is used.
2.7 Line Configuration Mode Line configuration commands modify the operations of a terminal line.
2.8 Boot Configuration This mode is used to generate the Slot information (module type). The reload command is used to restart the switch.
2.9 Redundancy Configuration This mode is used to modify the redundancy parameters. To return to the global configuration mode the exit command is used.
2.10 Protocol Specific Modes The following are the different Protocol specific modes.
2.10.1 DiffSrv ClassMap Configuration mode The class-map global configuration command creates a class map to be used for matching the packets to the class whose index is specified and to enter the class-map configuration mode The Global
DATACOM SYSTEMS INC CHAPTER 2: COMMAND LINE INTERFACE
CLI USER MANUAL 17 DATACOM SYSTEMS CONFIDENTIAL
configuration mode command class-map <short(1-65535)> is used to enter the DiffSrv ClassMap Configuration mode and. the prompt seen at this mode is iss(config-cmap)#.
To return to the global configuration mode the exit command is used.
2.10.2 DiffSrv Policy-Map Configuration Mode In the Policy-Map Configuration mode the user can create or modify a policy map.
The Global configuration mode command policy-map <short(1-65535)> is used to enter the DiffSrv PolicyMap Configuration mode and the prompt seen at this mode is iss(config-pmap)#.
To return to the global configuration mode the exit command is used.
2.10.3 DiffSrv Policy-Map Class Configuration Mode The Policy-Map Class Configuration command defines a traffic classification for the policy to act on. The class-map-num that is specified in the policy map ties the characteristics for that class and its match criteria as configured by using the class-map global configuration command to the class map. Once the class command is entered, the switch enters policy-map class configuration mode.
The DiffSrv Policy mode command policy-map <short(1-65535)> is used to enter the DiffSrv Policy-Map Class Configuration mode and. the prompt seen at this mode is iss(config-pmap-c)#.
To return to the global configuration mode the exit command is used.
2.10.4 DHCP Pool Configuration Mode This mode is used to configure the network pool / host configurations of a subnet pool.
The Global configuration mode command ip dhcp pool <integer(1-2147483647)> creates a DHCP server address pool and places the user in DHCP pool configuration mode. The prompt seen at this mode is iss(dhcp-config)#.
To return to the global configuration mode the exit command is used.
2.10.5 ACL Standard Access List Configuration Mode Standard access lists create filters based on IP address and network mask only (L3 filters only).
The Global configuration mode command ip access-list standard <(1-1000) creates IP ACLs and is used to enter the ACL Standard Access List Configuration mode. The prompt seen at this mode is iss(config-std-nacl)#.
To return to the global configuration mode the exit command is used.
2.10.6 ACL Extended Access List Configuration Mode The Extended Access lists enables to specify filters based on the type of protocol, range of TCP/UDP ports as well as IP address and network mask (Layer 4 filters).
The Global configuration mode command ip access-list extended <(1001-65535)> is used to enter the ACL Extended Access List Configuration mode and the prompt seen at this mode is iss(config-ext-nacl)#.
To return to the global configuration mode the exit command is used.
VS-2024-F DATACOM SYSTEMS INC
18 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
2.10.7 ACL MAC Configuration Mode The MAC access-list global configuration command creates Layer 2 MAC ACLs, and returns the MAC-Access list configuration mode to the user.
The Global configuration mode command mac access-list extended <(1-65535)> is used to enter the ACL MAC Configuration mode and the prompt seen at this mode is iss(config-ext-macl)#.
To return to the global configuration mode the exit command is used.
DATACOM SYSTEMS INC CHAPTER 2: COMMAND LINE INTERFACE
CLI USER MANUAL 19 DATACOM SYSTEMS CONFIDENTIAL
Figure 2-1: Command Modes Access Path
Password
General Configuration Modes Protocol Specific Modes
User EXEC Mode
Prompt: iss> enable
Privileged Mode
Prompt: iss#
Global Configuration Mode
Prompt: iss(config)#
Line Configuration
Prompt:: iss (config-line)#
DiffSrv Policy-Map Configuration
Prompt: iss(config-pmap)#
DiffSrv Policy-Map Class Configuration Mode
Prompt: iss(config-pmap-c)#
DiffSrv ClassMap Configuration
Prompt: iss(config-cmap)#
DHCP Pool Configuration
Prompt: iss(dhcp-config)#
ACL Standard Access List Configuration
Prompt: iss(config-std-nacl)#
ACL Extended Access List Configuration
Prompt: iss(config-ext-nacl)#
ACL MAC Configuration Prompt: iss(config-ext-macl)#
Interface Configuration Mode
Prompt: iss (config-if)#
Config-VLAN
Prompt: iss(config-vlan)#
Redundancy Configuration
Prompt: iss(config-r)#
CLI USER MANUAL 21 DATACOM SYSTEMS CONFIDENTIAL
Chapter
3 3.DiffServ (Differentiated Services)
DiffServ (Differentiated Services) is an architecture for providing different types or levels of service for network traffic. One key characteristic of Diffserv is that flows are aggregated in the network, so that core routers only need to distinguish a comparably small number of aggregated flows, even if those flows contain thousands or millions of individual flows.
Differentiated services are intended to provide a framework and building blocks to enable deployment of scalable service discrimination in the Internet. The differentiated services approach aims to speed deployment by separating the architecture into two major components, one of which is fairly well-understood and the other of which is just beginning to be understood. In this, we are guided by the original design of the Internet where the decision was made to separate the forwarding and routing components. Packet forwarding is the relatively simple task that needs to be performed on a per-packet basis as quickly as possible. Forwarding uses the packet header to find an entry in a routing table that determines the packet's output interface. Routing sets the entries in that table and may need to reflect a range of transit and other policies as well as to keep track of route failures. Routing tables are maintained as a background process to the forwarding task.
The list of CLI commands for the configuration of DiffServ is as follows:
set qos
class-map
policy-map
match
class
set cos
shutdown qos
cosq scheduling algorithm
traffic class
VS-2024-F DATACOM SYSTEMS INC
22 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show policy-map
show class-map
show cosq algorithm
show cosq weights-bw
DATACOM SYSTEMS INC CHAPTER 3: DIFFSERV (DIFFERENTIATED SERVICES)
CLI USER MANUAL 23 DATACOM SYSTEMS CONFIDENTIAL
3.1 set qos This command enables differentiated services on the device. The disable option is used to disable the QoS feature on the device.
set qos { enable | disable }
Syntax Description
enable
- Enables differentiated services
disable
- Disables differentiated services
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults disable
Example iss(config)# set qos enable
QoS must be globally enabled prior to the execution of the class-map and policy-map mode commands.
When set as 'enabled', DiffServ Module programs the hardware and starts Protocol Operation.
When set as 'disabled', it stops protocol operation by deleting the hardware configuration.
Related Commands
show policy-map - Displays the quality of service (QoS) policy maps
show class-map - Displays quality of service (QoS) class maps
VS-2024-F DATACOM SYSTEMS INC
24 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
3.2 class-map This command creates a class map that is meant to be used for matching the packets to the class whose index is specified. This command is also used to enter the class-map configuration mode. The no form of this command is used to delete an existing class map and to return to global configuration mode.
class-map <class-map-number(1-65535)>
no class-map <class-map-number(1-65535)>
Syntax Description
class-map-number - QoS class map number
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# class-map 5
Differentiated services must have been enabled in the device.
The class-map command and its subcommands are used to define packetclassification, marking, and aggregate policing as part of a globally namedservice policy applied on a per-interface basis.
The match command is available from the class-map configuration mode.
Related Command
show class-map - Displays quality of service (QoS) class maps
DATACOM SYSTEMS INC CHAPTER 3: DIFFSERV (DIFFERENTIATED SERVICES)
CLI USER MANUAL 25 DATACOM SYSTEMS CONFIDENTIAL
3.3 policy-map This command is used to enter the policy-map configuration mode. In the policy-map configuration mode the user can create or modify a policy map. The no form of this command deletes an existing policy map and returns to the global configuration mode.
policy-map <policy-map-number(1-65535)>
no policy-map <policy-map-number(1-65535)>
Syntax Description
policy-map-number - QoS Policy map number
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# policy-map 6
Differentiated services must have been enabled in the device.
The following two commands are available from the policy-map configuration mode:
- class
- exit - Exits from the policy map configuration mode and returns to the global configuration mode.
Related Command
show policy-map - Displays quality of service (QoS) policy maps
VS-2024-F DATACOM SYSTEMS INC
26 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
3.4 match This command specifies the fields in the incoming packets that are to be examined for the classification of the packets. The IP access group / MAC access group can be used as match criteria.
match access-group { mac-access-list | ip-access-list } <acl-index-num (1-65535) >
Syntax Description
mac-access-list
- Access list created based on MAC addresses for non-IP traffic
ip-access-list
- Access list created based on IP addresses. The IP-access list can either be defined as a standard IP-access list or an extended IP-access list.
acl-index-num
- Specifies the ACL index range. The ACL index range for an IP standard ACL is 1 to 1000 and IP extended ACL is 1001 to 65535.
The ACL index range for a MAC extended ACL is 1 to 65535.
Mode Class Map Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss (config-cmap)# match access-group mac-access-list 5
Differentiated services must have been enabled in the device.
MAC access list and IP access list must have been configured.
Related Commands
class-map - Creates a class map to be used for matching the packets with the class whose name/index is specified
show class-map - Displays QoS Class maps
DATACOM SYSTEMS INC CHAPTER 3: DIFFSERV (DIFFERENTIATED SERVICES)
CLI USER MANUAL 27 DATACOM SYSTEMS CONFIDENTIAL
3.5 class This command defines a traffic classification for the policy to act. The class-map-number that is specified in the policy map ties the characteristics for that class to the class map and its match criteria, as configured by using the class-map global configuration command. On execution of the class command, the switch enters the policy-map class configuration mode.
The no form of this command un-maps the class-map from the current policy-map configuration.
class <class-map-number(1-65535)>
no class <class-map-number(1-65535)>
Syntax Description
class-map-number
- Class Map Number
Mode Policy-Map Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss (config-pmap)# class 5
Differentiated services must have been enabled in the device.
The policy-map global configuration command must be executed prior to using the class command. After a policy map is specified, the user can either configure a policy for new classes or modify a policy for any existing classes in that policy map.
The following configuration commands are available from the policy map class configuration mode:
- set cos
Related Commands
policy-map - Enters the policy map configuration mode
show policy-map - Displays the QoS policy maps
VS-2024-F DATACOM SYSTEMS INC
28 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
3.6 set cos This command defines the in-profile action by setting a class of service (CoS), Differentiated Services Code Point (DSCP), or IP-precedence value in the packet.
The no form of the command deletes the configured values.
set {cos <new-cos(0-7)> | ip dscp <new-dscp(0-63)> | ip precedence <new-precedence(0-7)>}
no set {cos <new-cos(0-7)> | ip { dscp <new-dscp(0-63)> | precedence <new-precedence(0-7)>}}
Syntax Description
cos - New COS value assigned to the classified traffic
ip dscp - New DSCP value assigned to the classified traffic
ip precedence - New IP-precedence value assigned to the classified traffic
Mode Policy-Map Class Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss (config-pmap-c)# set cos 5
To attach policy maps that contain the following elements to an ingress interface
- set policy-map class configuration commands must be used. Moreover, the police policy-map class configuration command can be used to mark down (reduce) the DSCP value at the ingress interface.
- Access control list (ACL) classification.
- Per-port per-VLAN classification.
Related Commands
class- Defines a traffic classification for the policy set
policy-map - Used to enter the policy map configuration mode
class-map - Creates a class map
show policy-map - Displays the QoS policy map configuration
DATACOM SYSTEMS INC CHAPTER 3: DIFFSERV (DIFFERENTIATED SERVICES)
CLI USER MANUAL 29 DATACOM SYSTEMS CONFIDENTIAL
3.7 shutdown qos This command shuts down the Quality-of-Service operation. The no form of the command starts and enables the Quality-of-Service operation.
shutdown qos
no shutdown qos
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults QoS is started and enabled by default
Example iss(config)# shutdown qos
When shutdown, all the pools used by DiffServ module will be released to the system.
When started, the resources required by DiffServ module are allocated and the module starts running.
Related Commands
show policy-map - Displays the quality of service (QoS) policy maps
show class-map - Displays quality of service (QoS) class maps
VS-2024-F DATACOM SYSTEMS INC
30 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
3.8 cosq scheduling algorithm This command sets cosq scheduling algorithm.
cosq scheduling algorithm { strict | rr | wrr | wfq | strict-rr | strict-wrr | strict-wfq | deficit }
Syntax Description
strict - strict
rr - round robin
wrr - weighted round robin
wfq - weighted fair queing
strict-rr - strict - round robin
strict-wrr - strict - weighted round robin
strict-wfq - strict - weighted fair queing
deficit - deficit
Mode Interface Configuration mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# cosq scheduling algorithm strict
Related Commands
show cosq algorithm - Displays the CoSq algorithm used for the interface.
show cosq weights-bw - Displays the CoSq weights and the bandwidth for the interface.
DATACOM SYSTEMS INC CHAPTER 3: DIFFSERV (DIFFERENTIATED SERVICES)
CLI USER MANUAL 31 DATACOM SYSTEMS CONFIDENTIAL
3.9 traffic class This command sets weight and bandwidth for traffic classes.
traffic-class <integer(0-7)> weight <integer(0-15)> [ minbandwidth <integer(1-262143)>]
Syntax Description
traffic-class - Configures cosq numbers
weight - Configures cosq weights
minbandwidth - Configures minimum bandwidth
Mode Interface Configuration mode
Package Workgroup, Enterprise and Metro
Defaults weight - 1
Example iss(config-if)# traffic-class 1 weight 7 minbandwidth 1234
Related Commands
show cosq algorithm - Displays the CoSq algorithm used for the interface.
show cosq weights-bw - Ddisplays the CoSq weights and the bandwidth for the interface.
VS-2024-F DATACOM SYSTEMS INC
32 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
3.10 show policy-map This command displays the quality of service (QoS) policy maps, which defines the classification criteria for the incoming traffic. Policy maps can include policers that specify the bandwidth limitations and the action to take if the limits are exceeded.
show policy-map [<policy-map-num(1-65535)> [class <class-map-num(1-65535)>]]
Syntax Description
policy-map-num
- Policy map number
class
- Class map number
Mode Privileged/User EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show policy-map 24
DiffServ Configurations:
------------------------
Quality of Service has been enabled
Policy Map 24 is not active
Class Map: 20
----------------
Protocol : 255
In Profile Entry
----------------
In profile action : policed-precedence 5
Out Profile Entry
-----------------
Metering on
burst bytes/token size : 6
Refresh count : 1000
Out profile action : drop
No Match Entry
--------------
No match action : policed-precedence 5
Related Commands
policy-map - Used to enter the policy map configuration mode
DATACOM SYSTEMS INC CHAPTER 3: DIFFSERV (DIFFERENTIATED SERVICES)
CLI USER MANUAL 33 DATACOM SYSTEMS CONFIDENTIAL
class - Defines a traffic classification for the policy to act
set cos - Defines the in-profile action by setting a CoS, DSCP or IP-precedence value in the packet
VS-2024-F DATACOM SYSTEMS INC
34 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
3.11 show class-map This command displays quality of service (QoS) class maps, which defines the match criteria to classify traffic.
show class-map [<class-map-num(1-65535)>]
Syntax Description
class-map-num
- Displays the configured class map number
Mode Privileged/User EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show class-map DiffServ Configurations:
------------------------
Class map 20
--------------
Filter-ID : 3
Filter-Type : IP-Filter
Related Commands
class-map - Creates a class map that is meant to be used for matching the packets to the class whose index is specified
match - Specifies the fields in the incoming packets that are to be examined for the classification of the packets
DATACOM SYSTEMS INC CHAPTER 3: DIFFSERV (DIFFERENTIATED SERVICES)
CLI USER MANUAL 35 DATACOM SYSTEMS CONFIDENTIAL
3.12 show cosq algorithm This command displays the CoSq algorithm used for the interface.
show cosq algorithm [ interface <interface-type> <interface-id> ]
Syntax Description
interface-type - Interface Type
interface-id - Interface ID
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# show cosq algorithm interface gigabitethernet 0/1
CoSq Algorithm
------------------------
Interface Algorithm
----------- ---------------
Gi0/1 StrictPriority
....... .......................
--------------------------
VS-2024-F DATACOM SYSTEMS INC
36 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
3.13 show cosq weights-bw This command displays the CoSq weights and the bandwidth for the interface.
show cosq weights-bw [ interface <interface-type> <interface-id> ]
Syntax Description
interface-type
- Interface Type
interface-id - Interface ID
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# show cosq weights-bw interface gigabitethernet 0/1 CoSq Weights and Bandwidths
----------------------------------------------
Interface CoSqId CoSqWeight MinBw MaxBw Flag
--------- ------ --------- ------ ---- -----
Gi0/1 0 1 0 0 2
Gi0/1 1 1 0 0 2
Gi0/1 2 1 0 0 2
Gi0/1 3 1 0 0 2
Gi0/1 4 1 0 0 2
Gi0/1 5 1 0 0 2
Gi0/1 6 1 0 0 2
Gi0/1 7 1 0 0 2
..... ... .. ... ... ...
---------------------------------------------------
CLI USER MANUAL 37 DATACOM SYSTEMS CONFIDENTIAL
Chapter
4 4.ACL (Access Control Lists)
ACLs (Access Control Lists) filter network traffic by controlling whether routed packets are forwarded or blocked at the router's interfaces. ACLs are used to block IP packets from being forwarded by a router. The router examines each packet to determine whether to forward or drop the packet, based on the criteria specified within the access lists.
Access list criteria can be the source address of the traffic, the destination address of the traffic, the upper-layer protocol or other information.
There are many reasons to configure access lists - access lists can be used to restrict contents of routing updates or to provide traffic flow control. But one of the most important reasons to configure access lists is to provide security for the network.
Access lists must be used to provide a basic level of security for accessing the network. If access lists has not been configured on the router, all packets passing through the router can be allowed onto all parts of the network.
For example, access lists can allow one host to access a part of the network and prevent another host from accessing the same area.
The list of CLI commands for the configuration of ACL is as follows:
ip access-list
mac access-list extended
user-defined access-list
userdefined-list
permit usr-defined-packet-type
deny usr-defined-packet-type
permit - standard mode
deny - standard mode
VS-2024-F DATACOM SYSTEMS INC
38 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
permit- ip/ospf/pim/protocol type
permit ipv6
deny ipv6
deny - ip/ospf/pim/protocol type
permit tcp
deny tcp
permit udp
deny udp
permit icmp
deny icmp
ip access-group
mac access-group
user-defined access-group
permit
deny
show access-lists
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 39 DATACOM SYSTEMS CONFIDENTIAL
4.1 ip access-list This command creates IP ACLs and enters the IP Access-list configuration mode. Standard access lists create filters based on IP address and network mask only (L3 filters only ). Extended access lists enables specification of filters based on the type of protocol, range of TCP/UDP ports as well as the IP address and network mask (Layer 4 filters).
Depending on the standard or extended option chosen by the user, this command returns a corresponding IP Access list configuration mode.
The no form of the command deletes the IP access-list.
ip access-list {standard <access-list-number (1-1000)> | extended <access-list-number (1001-65535)> }
no ip access-list {standard <access-list-number (1-1000)> | extended <access-list-number (1001-65535)> }
Syntax Description
standard
- Standard access-list number
extended
- Extended access-list number
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# ip access-list standard 1
ACLs on the system perform both access control and Layer 3 field classification. To define Layer 3 fields’ access-lists the ip access-list command must be used.
Related Commands
permit - standard mode - Specifies the packets to be forwarded depending upon the associated parameters
deny - standard mode - Denies traffic if the conditions defined in the deny statement are matched
permit- ip/ospf/pim/protocol type - Allows traffic for a particular protocol packet if the conditions defined in the permit statement are matched
deny - ip/ospf/pim/protocol type- Denies traffic for a particular protocol packet if the conditions defined in the deny statement are matched
permit tcp - Specifies the TCP packets to be forwarded based on the associated parameters
deny tcp - Specifies the TCP packets to be rejected based on the associated parameters
permit udp - Specifies the UDP packets to be forwarded based on the associated parameters
deny udp - Specifies the UDP packets to be rejected based on the associated parameters
VS-2024-F DATACOM SYSTEMS INC
40 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
permit icmp - Specifies the ICMP packets to be forwarded based on the IP address and the associated parameters
deny icmp - Specifies the ICMP packets to be rejected based on the IP address and associated parameters
ip access-group - Enables access control for the packets on the interface
show access-lists - Displays the access list configuration
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 41 DATACOM SYSTEMS CONFIDENTIAL
4.2 mac access-list extended This command creates Layer 2 MAC ACLs, that is, this command creates a MAC access-list and returns the MAC-Access list configuration mode to the user. The no form of the command deletes the MAC access-list.
mac access-list extended <access-list-number (1-65535)>
no mac access-list extended <short (1-65535)>
Syntax Description
access-list-number
- Access list number
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# mac access-list extended 5
ACLs on the system perform both access control and layer 2 field classification. To define Layer 2 access lists, the mac access-list command must be used.
Related Commands
show access-lists - Displays the access list configuration
permit - Specifies the packets to be forwarded based on the MAC address and the associated parameters
deny - Specifies the packets to be rejected based on the MAC address and the associated parameters
mac access-group - Applies a MAC access control list (ACL) to a Layer 2 interface.
VS-2024-F DATACOM SYSTEMS INC
42 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
4.3 user-defined access-list This command creates a user defined access-list. The no form of the command deletes the user defined access-list. The value ranges between 1 to 65535.
user-defined access-list <access-list-number (1-65535)>
no user-defined access-list <short (1-65535)>
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# user-defined access-list 5
ACLs on the system perform both access control and layer 2 field classification based on user defined bytes in the packets.
Related Commands
permit usr-defined-packet-type - Permits Packet Based on User Defined Packet type
permit - Specifies the packets to be forwarded based on the MAC address and the associated parameters
deny - Specifies the packets to be rejected based on the MAC address and the associated parameters
show access-lists - Displays the access list configuration
userdefined-list- Creates a user defined access list by applying AND, OR, NOT operation ( regular expressions) on existing ACL rules or specifying match on user-defined packet offsets.
user-defined access-group - Applies a user defined access list (ACL) to an interface.
Usage of Regular Expressions AND, OR , NOT
AND - Apply AND operation on base filter rules identified uniquely as ACL1, ACL2. This operation merges the match qualifiers of two ACL rules ACL1, ACL2 to derive a new ACL Rule ACL3
OR - Apply OR operation on base filter rules identified uniquely as ACL1 and ACL2. This operation results in applying the filter action { permit/deny/redirect } corresponding to ACL Rule 1 on ACL Rule2.
NOT – Apply NOT operation on base filter rule ( ACL 1) and derive new ACL Rule. If the action corresponding to ACL 1 is permit, then after applying NOT operation, new rule will have filter action deny. The filter actions on which NOT operation can be applied are – permit, deny. This operation is not applicable for other filter actions.
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 43 DATACOM SYSTEMS CONFIDENTIAL
4.4 userdefined-list This command creates a user defined access list after application of regular expressions AND, OR, NOT on existing ACL rules
userdefined-list {{ ip-acl1-and-ip-acl2| ip-acl1-or-ip-acl2 | mac-acl1-and-mac-acl2 | mac-acl1-and-ip-acl2 | mac-acl1-or-mac-acl2 | ip-acl1-or-mac-acl2 } <short(1-65535)> <short(1-65535)> | { not-ip-acl1 | not-mac-acl1 } <short(1-65535)>}
Syntax Description
ip-acl1-and-ip-acl2 - Performs AND operation on two Layer 3 ACL Rules ( acl1 , acl2). And create a new layer 3 ACL rule that is represented by this user defined access-list..The filter action corresponding to the new ACL rule is identical to the base rules.
ip-acl1-or-ip-acl2 - Performs OR operation on two layer 3 ACL Rules. This operation results in applying the action of ACL Rule 1 on ACL Rule 2
mac-acl1-and-mac-acl2 - Performs AND operation on two layer 2 ACL Rules and create a new layer 2 ACL rule that is represented by this user defined access-list. The filter action corresponding to the new ACL rule is identical to the base rules.
mac-acl1-and-ip-acl2 - Performs AND operation on two ACL rules - acl1 ( layer 2 ACL Rule) and acl2 ( Layer 3 ACL rule) and create an new ACL Rule represented by this user defined access-list. The filter action corresponding to the new ACL rule is identical to the base rules.
mac-acl1-or-mac-acl2 - Performs OR operation on two Layer 2 ACL Rules and results in application of filter-action of ACL1 on ACL2
ip-acl1-or-mac-acl2 - Performs OR operation on Layer 3 ACL Rule (ACL1) using Layer 2 ACL rule ( ACL2) and results in application of filter-action of ACL1 on ACL2.
not-ip-acl1 - Performs NOT operation on ACL Rule 1 and derive new Rule. The filter action for the derived ACL Rule is “deny” if base Rule is configured for filter action “permit” and vice-versa. Other actions are not applicable for this operation
not-mac-acl1 - Performs NOT operation on ACL Rule 1 and derive new Rule. The filter action for the derived ACL Rule is “deny” if base Rule is configured for filter action “permit” and vice-versa. Other actions are not applicable for this operation
Mode User defined Configuration Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
44 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Example iss(config-userdef-acl)# userdefined-list ip-acl1-and-ip-acl215 123
Related Commands
show access-lists - Displays the access list configuration
user-defined access-list - Creates user defined access-list.
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 45 DATACOM SYSTEMS CONFIDENTIAL
4.5 permit usr-defined-packet-type This command permits packets matching a particular User Defined Byte and by specifying the packet type – namely user-defined, tcp-ipv4, udp, mpls, ipv4, ipv6, frag-ip.
permit usr-defined-packet-type { user-def | tcp-ipv4 | udp-ipv4 | mpls | ipv4 |ipv6 | frag-ip }offset-base {l2 | l3 | l4 | ipv6-ext-hdr | ether-type | <short(0-127)>} offset1 <short(0-127)> <short(0-255)>[offset2 <short(0-127)> <short(0-255)>][offset3 <short(0-127)> <short(0-255)>][offset4 <short(0-127)> <short(0-255)>][offset5 <short(0-127)> <short(0-255)>][offset6 <short(0-127)> <short(0-255)>][redirect {interface <ifXtype> <ifnum> | <ifXtype><iface_list> [<ifXtype><iface_list>]load-balance {src-ip | dst-ip | src-mac | dst-mac | vlanid | src-tcpport| dst-tcpport | src-udpport | dst-udpport | udb <short(0-127)>}}][vlan-action {none | modify-vlan<short (1-4094)> | nested-vlan <short (1 -4094)>}]
Syntax Description
user-def - Specifies the packet type as user defined.
tcp-ipv4 - Specifies the packet type as tcp in the ipV4 packet.
udp-ipv4 - Specifies the packet type as udp in the ipV4 packet.
mpls - Specifies the packet type as mpls.
ipv4 - Specifies the packet type as ipv4.
ipv6 - Specifies the packet type as ipv6.
frag-ip - Specifies the packet type as fragmented ip.
offset-base - Specifies the start of the packet from which the user defined byte should be considered. l2 – Start of the packet is considered as layer 2 l3 – Start of the packet is considered as layer 3 l4 – Start of the packet is considered as layer 4 ipv6-ext-hdr - Start of the packet is considered as ipv6 extended header. ether-type – Start of the packet is considered as ether type.
offset1 - Specifies the offset position and offset value that needs to be considered as the match for offset1. The two input value ranges 0 to 127 and 0 to 255.
VS-2024-F DATACOM SYSTEMS INC
46 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
offset2 - Specifies the offset position and offset value value that needs to be considered as the match for offset 2. The two input value ranges 0 to 127 and 0 to 255.
Offset3 - Specifies the offset position and offset value that needs to be considered as the match for offset 3. The two input value ranges 0 to 127 and 0 to 255.
Offset4 - Specifies the offset position and offset value that needs to be considered as the match for offset 4. The two input value ranges 0 to 127 and 0 to 255.
Offset5 - Specifies the offset position and offset value that needs to be considered as the match for offset 5. The two input value ranges 0 to 127 and 0 to 255.
Offset6 - Specifies the offset position and value that needs to be considered as the match for offset 6. The two input value ranges 0 to 127 and 0 to 255.
Redirect - Redirects the packet to the destination interface or set of interfaces.
- ifXtype – Specifies the interfae type
- ifnum – Specifies the interface number
- iface_list – Specifies the list of interfaces
load-balance - Specifies the parameters based on which the traffic distribution needs to be done. Options are:
src-ip
dst-ip
src-mac
dst-mac
vlanid
src-tcpport
dst-tcpport
src-udpport
dst-udpport
udb
Options in the Layer 3 header are classified as IPv4 or IPv6 based on packet type
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 47 DATACOM SYSTEMS CONFIDENTIAL
vlan-action - Specifies the VLAN specific sub action to be performed on the packet -
- none – Actions relating to the VLAN ID will not be considered.
- modify-vlan – Modifies the VLAN ID to which the packet gets classified. The packet could be an untagged or VLAN tagged packet.
- nested-vlan – Adds an outer VLAN tag to the packet with the VLAN ID as configured.
Mode User defined Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-userdef-acl)# permit usr-defined-packet-type user-def offset-base l2 offset1 5 10 load-balance src-ip
Related Commands:
show access-lists - Displays the access list configuration
user-defined access-list – Creates the user defined access-list.
VS-2024-F DATACOM SYSTEMS INC
48 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
4.6 deny usr-defined-packet-type This command denies packets matching a particular User Defined Byte and by specifying the packet type – namely user-defined, tcp-ipv4, udp, mpls, ipv4, ipv6, frag-ip.
deny usr-defined-packet-type { user-def | tcp-ipv4 | udp-ipv4 | mpls | ipv4 |ipv6 | frag-ip }offset-base {l2 | l3 | l4 | ipv6-ext-hdr | ether-type | <short(0-127)>} offset1 <short(0-127)> <short(0-255)> [offset2 <short(0-127)> <short(0-255)>][offset3 <short(0-127)> <short(0-255)>] [offset4 <short(0-127)> <short(0-255)>][offset5 <short(0-127)> <short(0-255)>] [offset6 <short(0-127)> <short(0-255)>]
Syntax Description
usr-defined-packet-type - - user-def – Specifies the packet type as user defined
- tcp-ipv4 – Specifies the packet type as tcp in the ipV4 packet.
- udp-ipv4 - Specifies the packet type as udp in the ipV4 packet.
- mpls - Specifies the packet type as mpls.
- ipv4 - Specifies the packet type as ipv4.
- ipv6 - Specifies the packet type as ipv6.
- frag-ip - Specifies the packet type as fragmented ip.
offset-base Specifies the start of the packet from which the user defined byte should be comsidered
- l2 – Start of the packet is considered as layer 2
- l3 – Start of the packet is considered as layer 3
- l4 – Start of the packet is considered as layer 4
- ipv6-ext-hdr – Start of the packet is considered as ipv6 extended header.
- ether-type – Start of the packet is considered as ether type.
offset1 Specifies the offset position and offset value that needs to be considered as the match for offset1. The two input value ranges 0 to 127 and 0 to 255.
offset2 Specifies the offset position and offset value that needs to be considered as the match for offset2. The two input value ranges 0 to 127 and 0 to 255
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 49 DATACOM SYSTEMS CONFIDENTIAL
Offset3 Specifies the offset position and offset value that needs to be considered as the match for offset3. The two input value ranges 0 to 127 and 0 to 255
Offset4 - Specifies the offset position and offset value that needs to be considered as the match for offset4. The two input value ranges 0 to 127 and 0 to 255.
Offset5 Specifies the offset position and offset value that needs to be considered as the match for offset5. The two input value ranges 0 to 127 and 0 to 255
Offset6 Specifies the offset position and offset value that needs to be considered as the match for offset6. The two input value ranges 0 to 127 and 0 to 255
Mode User defined Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-userdef-acl)# deny usr-defined-packet-type user-def offset-base l2 offset1 112 25
Related Commands:
show access-lists - Displays the access list configuration
VS-2024-F DATACOM SYSTEMS INC
50 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
4.7 permit - standard mode This command specifies the packets to be forwarded depending upon the associated parameters. Standard IP access lists use source addresses for matching operations.
permit { any | host <src-ip-address> | <network-src-ip> <mask> } [{ any | host <dest-ip-address> | <network-dest-ip> <mask>}]redirect {interface <ifXtype> <ifnum> | <ifXtype><iface_list> [<ifXtype><iface_list>] load-balance {src-ip | dst-ip | src-mac | dst-mac | vlanid | src-tcpport | dst-tcpport | src-udpport | dst-udpport}}] [vlan-action {none | modify-vlan<short (1-4094)> | nested-vlan <short (1 -4094)>}]
Syntax Description
any|host
<src-ip-address>| <network-src-ip-><mask>
- Source IP address can be - 'any' or
- the dotted decimal address
- the IP address of the host that the packet is from and the network mask to use with the source IP address
any|host <dest-ip-address>|< network-dest-ip><mask>
- Destination IP address can be - 'any' or
- the dotted decimal address or
- the IP address of the host that the packet is destined for and the network mask to use with the destination IP address
redirect Redirects the action to the destination interface or set of interfaces.
- ifXtype – Specifies the interfae type
- ifnum – Specifies the interface number
- iface_list – Specifies the list of interfaces
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 51 DATACOM SYSTEMS CONFIDENTIAL
load-balance Specifies the parameters based on which the traffic distribution needs to be done. Options are:
src-ip
src-mac
dst-ip
dst-mac
vlanid
src-tcpport
dst-tcpport
src-udpport
dst-udpport
Options in the Layer 3 header are classified as IPv4 or IPv6 based on packet type
vlan-action Specifies the VLAN specific sub action to be performed on the packet -
none – Actions relating to the VLAN ID will not be considered.
modify-vlan – Modifies the VLAN ID to which the packet gets classified. The packet could be an untagged or VLAN tagged packet.
nested-vlan – Adds an outer VLAN tag to the packet with the VLAN ID as configured.
Mode IP ACL Configuration (standard)
Package Workgroup, Enterprise and Metro
Example iss(config-std-nacl)# permit host 100.0.0.10
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
deny - standard mode - Denies traffic if the conditions defined in the deny statement are matched
show access-lists- Displays the access list configuration
VS-2024-F DATACOM SYSTEMS INC
52 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
4.8 deny - standard mode This command denies traffic if the conditions defined in the deny statement are matched.
deny{ any | host <src-ip-address> | <src-ip-address> <mask> } [ { any | host <dest-ip-address> | <dest-ip-address> <mask> } ]
Syntax Description
any|host
src-ip-address|
<src-ip-address> <mask>
- Source IP address can be - 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is from and the network mask to use with the source IP address
any|host
dest-ip-address| <dest-ip-address><mask>
- Destination IP address can be - 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is destined for and the network mask to use with the destination IP address
Mode IP ACL Configuration (standard)
Package Workgroup, Enterprise and Metro
Example iss(config-std-nacl)# deny host 100.0.0.10 any
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
permit - standard mode - Specifies the packets to be forwarded depending upon the associated parameters
show access-lists-Displays the access list configuration
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 53 DATACOM SYSTEMS CONFIDENTIAL
4.9 permit- ip/ospf/pim/protocol type
This command allows traffic for a particular protocol packet if the conditions defined in the permit statement are matched.
permit { ip | ospf | pim | <protocol-type (1-255)>}{ any | host <src-ip-address> | <src-ip-address> <mask> }{ any | host <dest-ip-addresq> | <dest-ip-address> <mask> }[ {tos{max-reliability | max-throughput | min-delay | normal |<value (0-7)>} | dscp <value (0-63)>} ][priority <value (1-255)>][redirect {interface <ifXtype> <ifnum> | <ifXtype><iface_list> [<ifXtype><iface_list>] load-balance {src-ip | dst-ip | src-mac | dst-mac | vlanid | src-tcpport | dst-tcpport | src-udpport | dst-udpport}}][vlan-action {none | modify-vlan<short (1-4094)> | nested-vlan <short (1 -4094)>}]
Syntax Description
ip| ospf|pim|
<protocol-type (1-255)>
- Type of protocol for the packet. It can also be a protocol number.
any| host
<src-ip-address>|
<src-ip-address> <mask>
- Source IP address can be - ‘any’ or
- the dotted decimal address or
- the IP Address of the network or the host that the packet is from and the network mask to use with the source address.
any|host
<dest-ip-address>|
<dest-ip-address> <mask>
- Destination IP address can be - ‘any’ or
- the dotted decimal address or
- the IP Address of the network or the host that the packet is destined for and the network mask to use with the destination address
tos
- Type of service. Can be max-reliability, max throughput, min-delay, normal or a range of values from 0 to 7, Differentiated Services Code Point (DSCP) values to match against incoming packets.
priority
- The priority of the L3 filter is used to decide which filter rule is applicable when the packet matches with more than one filter rules. Lower value of ‘filter priority’ implies a higher priority.
VS-2024-F DATACOM SYSTEMS INC
54 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
redirect Redirects the action to the destination interface or set of interfaces.
- ifXtype – Specifies the interfae type
- ifnum – Specifies the interface number
- iface_list – Specifies the list of interfaces
load-balance Specifies the parameters based on which the traffic distribution needs to be done. Options are:
src-ip
dst-ip
src-mac
dst-mac
vlanid
src-tcpport
dst-tcpport
src-udpport
dst-udpport
vlan-action Specifies the VLAN specific sub action to be performed on the packet -
none – Actions relating to the VLAN ID will not be considered.
modify-vlan – Modifies the VLAN ID to which the packet gets classified. The packet could be an untagged or VLAN tagged packet.
nested-vlan – Adds an outer VLAN tag to the packet with the VLAN ID as configured.
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults protocol-type
- 255
priority
- 1
Example iss(config-ext-nacl)# permit 200 host 100.0.0.10 any tos 6 load balance src-ip
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 55 DATACOM SYSTEMS CONFIDENTIAL
Protocol type with the value 255 indicates that protocol can be anything and it will not be checked against the action to be performed.
Service VLAN, Service VLAN Priority, Customer VLAN and Customer VLAN Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
show access-lists - Displays the access list configuration
deny - ip/ospf/pim/protocol type- Denies traffic for a particular protocol packet if the conditions defined in the deny statement are matched
VS-2024-F DATACOM SYSTEMS INC
56 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
4.10 permit ipv6 This command specifies IP packets to be forwarded based on protocol and associated parameters.
permit ipv6 { flow-label <integer(1-65535)> | {any | host <ip6_addr> <integer(0-128)> } { any | host <ip6_addr> <integer(0-128)> }} [redirect {interface <ifXtype> <ifnum> | <ifXtype><iface_list> [<ifXtype><iface_list>]load-balance {src-ip | dst-ip | src-mac | dst-mac | vlanid | src-tcpport| dst-tcpport | src-udpport | dst-udpport}}][vlan-action {none | modify-vlan<short (1-4094)> | nested-vlan <short (1 -4094)>}]
Syntax Description
flow-label - Flow identifier in IPv6 header.
any | host <ip6_addr> <integer(0-128)>
- Source address of the host / any host.
any | host <ip6_addr> <integer(0-128)>
- Destination address of the host / any host.
redirect Redirects the action to the destination interface or set of interfaces.
- ifXtype – Specifies the interfae type
- ifnum – Specifies the interface number
- iface_list – Specifies the list of interfaces
load-balance Specifies the parameters based on which the traffic
distribution needs to be done. Options are:
src-ip
dst-ip
src-mac
dst-mac
vlanid
src-tcpport
dst-tcpport
src-udpport
dst-udpport vlan-action
Specifies the VLAN specific sub action to be performed on the packet -
- none – Actions relating to the VLAN ID will not be considered.
- modify-vlan – Modifies the VLAN ID to which the packet gets classified. The packet could be an untagged or VLAN tagged packet.
- nested-vlan – Adds an outer VLAN tag to the packet with the VLAN ID as configured.
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 57 DATACOM SYSTEMS CONFIDENTIAL
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-ext-nacl)# permit ipv6 host c004::04 28 any load-balance src-ip
Flow label cannot be configured along with either source/destination IP address.
Related Commands
show access-lists - Displays the access lists configuration.
VS-2024-F DATACOM SYSTEMS INC
58 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
4.11 deny ipv6 This command specifies IPv6 packets to be rejected based on protocol and associated parameters.
deny ipv6 { flow-label <integer(1-65535)> | {any | host <ip6_addr> <integer(0-128)> } { any | host <ip6_addr> <integer(0-128)> }}
Syntax Description
flow-label - Flow identifier in IPv6 header.
any | host <ip6_addr> <integer(0-128)>
- Source address of the host / any host.
any | host <ip6_addr> <integer(0-128)>
- Destination address of the host / any host.
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-ext-nacl)# deny ipv6 host c004::04 28 any iss(config-ext-nacl)# deny ipv6 flow-label 40
Flow label cannot be configured along with either source/destination IP address.
Related Commands
show access-lists - Displays the access lists configuration.
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 59 DATACOM SYSTEMS CONFIDENTIAL
4.12 deny - ip/ospf/pim/protocol type This command denies traffic for a particular protocol packet if the conditions defined in the deny statement are matched.
deny { ip | ospf | pim | <protocol-type (1-255)>} { any | host <src-ip-address> | <src-ip-address> <mask> } { any | host <dest-ip-address> | <dest-ip-address> <mask> }[ {tos{max-reliability | max-throughput | min-delay | normal |<value (0-7)>} | dscp <value (0-63)>} ] [ priority <value (1-255)>]
Syntax Description
ip| ospf|pim|
<protocol-type
(1-255)>
- Type of protocol for the packet. It can also be a protocol number.
any| host
<src-ip-address>|
<src-ip-address> <mask>
- Source IP address can be
- ‘any’ or
- the word ‘host’ and the dotted decimal address or
- number of the network or the host that the packet is from and the network mask to use with the source address
any|host
<dest-ip-address>|
<dest-ip-address> <mask>
- Destination IP address can be
- ‘any’ or
- the word ‘host’ and the dotted decimal address or
- number of the network or the host that the packet is destined for and the network mask to use with the destination address
tos
- Type of service. Can be max-reliability, max throughput, min-delay, normal or a range of values from 0 to 7, Differentiated Services Code Point (DSCP) values to match against incoming packets.
priority
- The priority of the L3 filter is used to decide which filter rule is applicable when the packet matches with more than one filter rules. Lower value of ‘filter priority’ implies a higher priority.
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
60 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Defaults protocol type
- 255
priority
- 1
Example iss(config-ext-nacl)# deny ospf any host 10.0.0.1 tos max-throughput
Protocol type with the value 255 indicates that protocol can be anything and it will not be checked against the action to be performed.
Service Vlan, Service Vlan Priority, Customer Vlan and Customer Vlan Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
permit- ip/ospf/pim/protocol type - Allows traffic for a particular protocol packet if the conditions defined in the permit statement are matched
show access-lists -Displays the access list configuration
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 61 DATACOM SYSTEMS CONFIDENTIAL
4.13 permit tcp This command specifies the TCP packets to be forwarded based on the associated parameters.
permit tcp {any | host <src-ip-address> | <src-ip-address> <src-mask> }[{gt <port-number (1-65535)> | lt <port-number (1-65535)>|eq <port-number (1-65535)> |range <port-number (1-65535)> <port-number (1-65535)>}]{ any | host <dest-ip-address> | <dest-ip-address> <dest-mask> }[{gt <port-number (1-65535)> | lt <port-number (1-65535)> | eq <port-number (1-65535)> |range <port-number (1-65535)> <port-number (1-65535)>}][{ ack | rst }][{tos{max-reliability|max-throughput|min-delay|normal|<tos-value(0-7)>}|dscp <value (0-63)>}][ priority <short(1-255)>][redirect {interface <ifXtype> <ifnum> | <ifXtype><iface_list> [<ifXtype><iface_list>]load-balance {src-ip | dst-ip | src-mac | dst-mac | vlanid | src-tcpport| dst-tcpport | src-udpport | dst-udpport}}] [vlan-action {none | modify-vlan<short (1-4094)> | nested-vlan <short (1 -4094)>}]
Syntax Description
tcp
- Transport Control Protocol
any| host
<src-ip-address>|
<src-ip-address> < src-mask >
- Source IP address can be
- ‘any’ or
- the dotted decimal address OR
- the IP address of the network or the host that the packet is from and the network mask to use with the source address
port-number
- Port Number. The input for the source and the destination port-number is prefixed with one of the following operators.
- eq=equal
- lt=less than
- gt=greater than
- range=a range of ports; two different port numbers must be specified
VS-2024-F DATACOM SYSTEMS INC
62 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
any|host
<dest-ip-address> |<dest-ip-address> < dest-mask >
- Destination IP address can be
- ‘any’ or
- the dotted decimal address or
- the IP Address of the network or the host that the packet is destined for and the network mask to use with the destination address
ack
- TCP ACK bit to be checked against the packet. It can be establish (1), non-establish (2) or any (3).
rst
- TCP RST bit to be checked against the packet. It can be set (1), notset (2) or any (3).
tos - Type of service. Can be max-reliability, max throughput, min-delay, normal or a range of values from 0 to 7, Differentiated Services Code Point (DSCP) values to match against incoming packets.
priority
- The priority of the filter is used to decide which filter rule is applicable when the packet matches with more than one filter rules. Lower value of ‘filter priority’ implies a higher priority.
redirect Redirects the action to the destination interface or set of interfaces.
- ifXtype – Specifies the interfae type
- ifnum – Specifies the interface number
- iface_list – Specifies the list of interfaces
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 63 DATACOM SYSTEMS CONFIDENTIAL
Load-balance Specifies the parameters based on which the traffic distribution needs to be done. Options are:
src-ip
dst-ip
src-mac
dst-mac
vlanid
src-tcpport
dst-tcpport
src-udpport
dst-udpport
vlan-action Specifies the VLAN specific sub action to be performed on the packet -
- none – Actions relating to the VLAN ID will not be considered.
- modify-vlan – Modifies the VLAN ID to which the packet gets classified. The packet could be an untagged or VLAN tagged packet.
- nested-vlan – Adds an outer VLAN tag to the packet with the VLAN ID as configured.
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults tos-value
- 0
ack - ‘any’ (3) [indicates that the TCP ACK bit will not be checked to decide the action]
rst - any’ (3) [indicates that the TCP RST bit will not be
checked to decide the action]
Example iss(config-ext-nacl)# permit tcp any 10.0.0.1 load-balance scr-ip
Service Vlan, Service Vlan Priority, Customer Vlan and Customer Vlan Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
VS-2024-F DATACOM SYSTEMS INC
64 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show access-lists - Displays the access list configuration
-deny tcp Specifies the TCP packets to be rejected based on the associated parameters
4.14 deny tcp This command specifies the TCP packets to be rejected based on the associated parameters.
deny tcp {any | host <src-ip-address> | <src-ip-address> <src-mask> }[{gt <port-number (1-65535)> | lt <port-number (1-65535)> |eq <port-number (1-65535)> | range <port-number (1-65535)> <port-number (1-65535)>}]{ any | host <dest-ip-address> | <dest-ip-address> <dest-mask> }[{gt <port-number (1-65535)> | lt <port-number (1-65535)> | eq <port-number (1-65535)> |range <port-number (1-65535)> <port-number (1-65535)>}][{ ack | rst }][{tos{max-reliability|max-throughput|min-delay|normal|<tos-value(0-7)>} | dscp <value (0-63)>}] [ priority <short (1-255)>]
Syntax Description
tcp
- Transmission control protocol
any| host
<src-ip-address>|
<src-ip-address> <src-mask>
- Source IP address can be
- ‘any’ or
- the word ‘host’ and the dotted decimal address or
- number of the network or the host that the packet is from and the network mask to use with the source address
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 65 DATACOM SYSTEMS CONFIDENTIAL
port-number
- Port Number. The input for the source and the destination port-number is prefixed with one of the following operators.
- eq=equal
- lt=less than
- gt=greater than
- range=a range of ports; two different port numbers must be specified
any|host
<dest-ip-address>|
<dest-ip-address>
<dest-mask>
- Destination IP address can be
- ‘any’ or
- the word ‘host’ and the dotted decimal address or
- number of the network or the host that the packet is destined for and the network mask to use with the destination address
ack
- TCP ACK bit to be checked against the packet. It can be establish (1), non-establish (2) or any (3)
rst
- TCP RST bit to be checked against the packet. It can be set (1), notset (2) or any (3)
tos
- Type of service. Can be max-reliability, max throughput, min-delay, normal or a range of values from 0 to 7, Differentiated Services Code Point (DSCP) values to match against incoming packets.
priority
- The priority of the filter is used to decide which filter rule is applicable when the packet matches with more than one filter rules. Lower value of ‘filter priority’ implies a higher priority.
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults tos-value
- 0
VS-2024-F DATACOM SYSTEMS INC
66 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
ack
- ‘any’ (3) [indicates that TCP ACK bit will not be checked to decide the action]
rst
- any’ (3) [indicates that TCP RST bit will not be checked to decide the action]
Example iss(config-ext-nacl)# deny tcp 100.0.0.10 255.255.255.0 eq 20
any
Service Vlan, Service Vlan Priority, Customer Vlan and Customer Vlan Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
show access-lists - Displays the access list configuration
permit tcp - Specifies the TCP packets to be forwarded based on the associated parameters
4.15 permit udp This command specifies the UDP packets to be forwarded based on the associated parameters.
permit udp { any | host <src-ip-address> | <src-ip-address> <src-mask>}[{gt <port-number (1-65535)> | lt <port-number (1-65535)>| eq <port-number (1-65535)> | range <port-number (1-65535)> <port-number (1-65535)>}]{ any | host <dest-ip-address> | <dest-ip-address> <dest-mask> }[{ gt <port-number (1-65535)> | lt <port-number (1-65535)>| eq <port-number (1-65535)>| range <port-number (1-65535)> <port-number (1-65535)>}][{tos{max-reliability|max-throughput|min-delay|normal|<tos-value(0-7)>} | dscp <value (0-63)>}] [ priority <(1-255)>][redirect {interface <ifXtype> <ifnum> | <ifXtype><iface_list> [<ifXtype><iface_list>] load-balance {src-ip | dst-ip | src-mac | dst-mac | vlanid | src-tcpport| dst-tcpport | src-udpport | dst-udpport}}] [vlan-action {none | modify-vlan<short (1-4094)> | nested-vlan <short (1 -4094)>}]
Syntax Description
udp
- User Datagram Protocol
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 67 DATACOM SYSTEMS CONFIDENTIAL
any| host
<src-ip-address>|
<src-ip-address>
<src-mask>
- Source IP address can be
- 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is from and the network mask to use with the source address
port-number
- Port Number. The input for the source and the destination port-number is prefixed with one of the following operators.
- eq=equal
- lt=less than
- gt=greater than
- range=a range of ports; two different port numbers must be specified
any|host
<dest-ip-address>|
<dest-ip-address>
<dest-mask>
- Destination IP address can be
- 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is destined for and the network mask to use with the destination address
tos
{max-reliability |max-throughput | min-delay | normal| <value (0-7)> | dscp <value(0-63)>}
- Type of service. Can be max-reliability, max throughput, min-delay, normal or a range of values from 0 to 7, Differentiated Services Code Point (DSCP) values to match against incoming packets.
priority
- The priority of the filter is used to decide which filter rule is applicable when the packet matches with more than one filter rules. Lower value of 'filter priority' implies a higher priority.
VS-2024-F DATACOM SYSTEMS INC
68 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
redirect
Redirects the action to the destination interface or set of interfaces.
- ifXtype – Specifies the interfae type
- ifnum – Specifies the interface number
- iface_list – Specifies the list of interfaces
load-balance
Specifies the parameters based on which the traffic distribution needs to be done. Options are:
src-ip
dst-ip
src-mac
dst-mac
vlanid
src-tcpport
dst-tcpport
src-udpport
dst-udpport
vlan-action Specifies the VLAN specific sub action to be performed on the packet -
none – Actions relating to the VLAN ID will not be considered.
modify-vlan – Modifies the VLAN ID to which the packet gets classified. The packet could be an untagged or VLAN tagged packet.
nested-vlan – Adds an outer VLAN tag to the packet with the VLAN ID as configured.
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-ext-nacl)# permit udp any 100.0.0.10 load-balance src-ip
Service Vlan, Service Vlan Priority, Customer Vlan and Customer Vlan Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 69 DATACOM SYSTEMS CONFIDENTIAL
show access-lists - Displays the access list configuration
deny udp - Specifies the UDP packets to be rejected based on the associated parameters
4.16 deny udp This command specifies the UDP packets to be rejected based on the associated parameters.
deny udp { any | host <src-ip-address> | <src-ip-address> <src-mask>}[{gt <port-number (1-65535)> | lt <port-number (1-65535)>| eq <port-number (1-65535)> | range <port-number (1-65535)> <port-number (1-65535)>}]{ any | host <dest-ip-address> | <dest-ip-address> <dest-mask> }[{ gt <port-number (1-65535)> | lt <port-number (1-65535)>| eq <port-number (1-65535)>| range <port-number (1-65535)> <port-number (1-65535)>}][{tos{max-reliability|max-throughput|min-delay|normal|<tos-value(0-7)>} | dscp <value (0-63)>}] [ priority <(1-255)>]
Syntax Description
udp
- User Datagram Protocol
VS-2024-F DATACOM SYSTEMS INC
70 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
any| host
<src-ip-address>|
<src-ip-address>
<src-mask>
- Source IP address can be
- 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is from and the network mask to use with the source address
port-number
- Port Number. The input for the source and the destination port-number is prefixed with one of the following operators.
- eq=equal
- lt=less than
- gt=greater than
- range=a range of ports; two different port numbers must be specified
any|host
<dest-ip-address>
|<dest-ip-address>
<dest-mask>
- Destination IP address can be
- 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is destined for and the network mask to use with the destination address
tos
- Type of service. Can be max-reliability, max throughput, min-delay, normal or a range of values from 0 to 7, Differentiated Services Code Point (DSCP) values to match against incoming packets.
priority
- The priority of the filter used to decide which filter rule is applicable when the packet matches with more than one filter rules. Lower value of 'filter priority' implies a higher priority.
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-ext-nacl)# deny udp host 10.0.0.1 any eq 20
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 71 DATACOM SYSTEMS CONFIDENTIAL
Service Vlan, Service Vlan Priority, Customer Vlan and Customer Vlan Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
show access-lists - Displays the access list configuration
permit udp - Specifies the UDP packets to be forwarded based on the associated parameters
4.17 permit icmp This command specifies the ICMP packets to be forwarded based on the IP address and the associated parameters.
permit icmp {any |host <src-ip-address>|<src-ip-address> <mask>}{any | host <dest-ip-address> | <dest-ip-address> <mask> }[<message-type (0-255)>] [<message-code (0-255)>] [ priority <(1-255)>] [redirect {interface <ifXtype> <ifnum> | <ifXtype><iface_list>[<ifXtype><iface_list>] Load-balance {src-ip | dst-ip | src-mac | dst-mac | vlanid | src-tcpport | dst-tcpport | src-udpport | dst-udpport}}] [vlan-action {none | modify-vlan<short (1-4094)> | nested-vlan <short (1 -4094)>}]
Syntax Description
icmp
- Internet Control Message Protocol
VS-2024-F DATACOM SYSTEMS INC
72 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
any| host
<src-ip-address>
|<src-ip-address> <mask>
- Source IP address can be
- 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is from and the network mask to use with the source address
any|host
<dest-ip-address>|
<dest-ip-address>
<mask>
- Destination IP address can be
- 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is destined for and the network mask to use with the destination address
message-type
- Message type
message-code
- ICMP Message code
priority - The priority of the filter used to decide which filter rule is applicable when the packet matches with more than one filter rules. Lower value of 'filter priority' implies a higher priority.
Redirect Redirects the action to the destination interface or set of interfaces.
- ifXtype – Specifies the interfae type
- ifnum – Specifies the interface number
- iface_list – Specifies the list of interfaces
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 73 DATACOM SYSTEMS CONFIDENTIAL
Load-balance Specifies the parameters based on which the traffic distribution needs to be done. Options are:
src-ip
dst-ip
src-mac
dst-mac
vlanid
src-tcpport
dst-tcpport
src-udpport
dst-udpport
Vlan-action Specifies the VLAN specific sub action to be performed on the packet -
- none – Actions relating to the VLAN ID will not be considered.
- modify-vlan – Modifies the VLAN ID to which the packet gets classified. The packet could be an untagged or VLAN tagged packet.
- nested-vlan – Adds an outer VLAN tag to the packet with the VLAN ID as configured.
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults message-type/message code
- 255
Example iss(config-ext-nacl)# permit icmp any 10.0.0.1 load balance src-ip
The ICMP message type can be one of the following:
Value ICMP type
0 Echo reply
3 Destination unreachable
4 Source quench
5 Redirect
8 Echo request
VS-2024-F DATACOM SYSTEMS INC
74 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11 Time exceeded
12 Parameter problem
13 Timestamp request
14 Timestamp reply
15 Information request
16 Information reply
17 Address mask request
18 Address mask reply
155 No ICMP type
The ICMP code can be any of the following:
- Value ICMP code
- 0 Network unreachable
- 1 Host unreachable
- 2 Protocol unreachable
- 3 Port unreachable
- 4 Fragment need
- 5 Source route fail
- 6 Destination network unknown
- 7 Destination host unknown
- 8 Source host isolated
- 9 Destination network administratively prohibited
- 10 Destination host administratively prohibited
- 11 Network unreachable TOS
- 12 Host unreachable TOS
- 255 No ICMP code
- Service Vlan, Service Vlan Priority, Customer Vlan and Customer Vlan Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
ip access-list - Created IP ACLs and enters the IP Access-list configuration mode
show access-lists - Displays the access list configuration
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 75 DATACOM SYSTEMS CONFIDENTIAL
deny icmp - Specifies the ICMP packets to be rejected based on the IP address and associated parameters
4.18 deny icmp This command specifies the ICMP packets to be rejected based on the IP address and associated parameters.
deny icmp {any |host <src-ip-address>|<src-ip-address> <mask>}{any | host <dest-ip-address> | <dest-ip-address> <mask> }[<message-type (0-255)>] [<message-code (0-255)>] [ priority <(1-255)>]
VS-2024-F DATACOM SYSTEMS INC
76 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Syntax Description
icmp
- Internet Control Message Protocol
any| host
<src-ip-address>|
<src-ip-address>
<mask>
- Source IP address can be
- 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is from and the network mask to use with the source address
any|host
<dest-ip-address>|
<dest-ip-address>
<mask>
- Destination IP address can be
- 'any' or
- the word 'host' and the dotted decimal address or
- number of the network or the host that the packet is destined for and the network mask to use with the destination address
message-type
- Message type
message-code
- ICMP Message code
priority - The priority of the filter used to decide which filter rule is applicable when the packet matches with more than one filter rules. Lower value of 'filter priority' implies a higher priority.
Mode ACL Extended Access List Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults message-type/ message code
- 255
Example iss(config-ext-nacl)# deny icmp host 100.0.0.10 10.0.0.1 255.255.255.255
The ICMP message type can be one of the following:
Value ICMP type
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 77 DATACOM SYSTEMS CONFIDENTIAL
0 Echo reply
3 Destination unreachable
4 Source quench
5 Redirect
8 Echo request
11 Time exceeded
12 Parameter problem
13 Timestamp request
14 Timestamp reply
15 Information request
16 Information reply
17 Address mask request
18 Address mask reply
155 No ICMP type
The ICMP code can be any of the following:
Value ICMP code
0 Network unreachable
1 Host unreachable
2 Protocol unreachable
3 Port unreachable
4 Fragment need
5 Source route fail
6 Destination network unknown
7 Destination host unknown
8 Source host isolated
9 Destination network administratively prohibited
10 Destination host administratively prohibited
11 Network unreachable TOS
12 Host unreachable TOS
255 No ICMP code
- Service Vlan, Service Vlan Priority, Customer Vlan and Customer Vlan Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
VS-2024-F DATACOM SYSTEMS INC
78 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
show access-lists - Displays the access list configuration
permit icmp - Specifies the ICMP packets to be forwarded based on the IP address and the associated parameters
4.19 ip access-group
This command enables access control for the packets on the interface. It controls access to a Layer 2 or Layer 3 interface. The no form of this command removes all access groups or the specified access group from the interface. The direction of filtering is specified using the token in or out.
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 79 DATACOM SYSTEMS CONFIDENTIAL
ip access-group <access-list-number (1-65535)> {in | out}
no ip access-group [<access-list-number (1-65535)>] {in | out}
Syntax Description
access-list-number
- IP access control list number
in
- Inbound packets
out
- Outbound packets
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# ip access-group 1 in
IP access list must have been created.
Following are the limitations for this command to be applicable to Layer 2 interfaces.
- The out keyword is not supported by Layer 2 interfaces.
- An IP ACL applied to a Layer 2 interface filters only the IP packets. MAC access-group interface configuration command with MAC extended ACLs must be used to filter non-IP packets.
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
show access-lists - Displays the access list configuration
4.20 mac access-group This command applies a MAC access control list (ACL) to a Layer 2 interface. The no form of this command can be used to remove the MAC ACLs from the interface.
mac access-group <access-list-number (1-65535)> {in | out}
no mac access-group [<access-list-number (1-65535)>] {in | out}
VS-2024-F DATACOM SYSTEMS INC
80 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Syntax Description
access-list-number
- Access List Number
in
- Inbound packets
out - Outbound packets
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# mac access-group 5 in
MAC access list must have been created.
Related Commands
mac access-list extended - Creates Layer 2 MAC ACLs, and returns the MAC-Access list configuration mode to the user
show access-lists - Displays the access list statistics
permit - Specifies the packets to be forwarded based on the MAC address and the associated parameters
deny - Specifies the packets to be rejected based on the MAC address and the associated parameters.
4.21 user-defined access-group
This command applies a user defined access list (ACL) to an interface. The no form of this command removes the User defined ACLs from the interface.
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 81 DATACOM SYSTEMS CONFIDENTIAL
user-defined access-group <access-list-number (1-65535)> {in| out}
no user-defined access-group [<access-list-number (1-65535)>] {in| out}
Syntax Description
access-list-number
- IP access control list number
in
- Inbound packets
out
- Outbound packets
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# user-defined access-group 5 in
User defined access list should be created already, before executing this command.
Related Commands
show access-lists - Displays the access list statistics
user-defined access-list – Creates the user defined access-list.
4.22 permit This command specifies the packets to be forwarded based on the MAC address and the associated parameters, that is, this command allows non-IP traffic to be forwarded if the conditions are matched.
VS-2024-F DATACOM SYSTEMS INC
82 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
permit { any | host <src-mac-address>}{ any | host <dest-mac-address> }[aarp | amber | dec-spanning | decnet-iv | diagnostic | dsm | etype-6000|etype-8042 | lat | lavc-sca | mop-console | mop-dump | msdos | mumps | netbios | vines-echo | vines-ip | xns-id | <protocol (0-65535)>][ encaptype <value (1-65535)>][ Vlan <vlan-id (1-4094)>][priority <value (1-255)>][redirect {interface <ifXtype> <ifnum> | <ifXtype><iface_list> [<ifXtype><iface_list>] load-balance {src-ip | dst-ip | src-mac | dst-mac | vlanid | src-tcpport | dst-tcpport | src-udpport | dst-udpport}}][vlan-action {none | modify-vlan<short (1-4094)> | nested-vlan <short (1 -4094)>}]
Syntax Description
any | host <src-mac-address >
- Source MAC address to be matched with the packet
any | host <dest-mac-address >
- Destination MAC address to be matched with the packet
aarp
Ethertype AppleTalk Address Resolution Protocol that maps a data-link address to a network address
amber
EtherType DEC-Amber
dec-spanning
EtherType Digital Equipment Corporation (DEC) spanning tree
decnet-iv
EtherType DECnet Phase IV protocol
diagnostic
EtherType DEC-Diagnostic
dsm
EtherType DEC-DSM/DDP
etype-6000
EtherType 0x6000
etype-8042
EtherType 0x8042
lat
EtherType DEC-LAT
lavc-sca
EtherType DEC-LAVC-SCA
mop-console
EtherType DEC-MOP Remote Console
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 83 DATACOM SYSTEMS CONFIDENTIAL
mop-dump EtherType DEC-MOP Dump
msdos
EtherType DEC-MSDOS
mumps
EtherType DEC-MUMPS
netbios
EtherType DEC- Network Basic Input/Output System (NETBIOS)
vines-echo
EtherType Virtual Integrated Network Service (VINES) Echo from Banyan Systems
vines-ip
EtherType VINES IP
xns-id EtherType Xerox Network Systems (XNS) protocol suite
encaptype Encapsulation Type
redirect Redirects the action to the destination interface or set of interfaces.
- ifXtype – Specifies the interfae type
- ifnum – Specifies the interface number
- iface_list – Specifies the list of interfaces
load-balance Specifies the parameters based on which the traffic distribution needs to be done. Options are:
src-ip
dst-ip
src-mac
dst-mac
vlanid
src-tcpport
dst-tcpport
src-udpport dst-udpport
VS-2024-F DATACOM SYSTEMS INC
84 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
vlan-action Specifies the VLAN specific sub action to be performed on the packet -
- none – Actions relating to the VLAN ID will not be considered.
- modify-vlan – Modifies the VLAN ID to which the packet gets classified. The packet could be an untagged or VLAN tagged packet.
- nested-vlan – Adds an outer VLAN tag to the packet with the VLAN ID as configured.
Mode ACL MAC Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults vlan-id
- 0
priority
- 1
Example iss(config-ext-macl)# permit host 00:11:22:33:44:55 any load-balance src-ip vlan-action modify lan 526
MAC access list must have been created.
OuterEtherType, Service Vlan, Service Vlan Priority and Customer Vlan Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
mac access-list extended - Creates Layer 2 MAC ACLs, and returns the MAC-Access list configuration mode to the user
mac access-group - Applies a MAC access control list (ACL) to a Layer 2 interface
deny - Specifies the packets to be rejected based on the MAC address and the associated parameters
show access-lists - Displays the access list statistics
user-defined access-list - Creates user defined access-list
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 85 DATACOM SYSTEMS CONFIDENTIAL
4.23 deny This command specifies the packets to be rejected based on the MAC address and the associated parameters.
deny { any | host <src-mac-address>}{ any | host <dest-mac-address> } [aarp | amber | dec-spanning | decnet-iv | diagnostic | dsm | etype-6000 |etype-8042 | lat | lavc-sca | mop-console | mop-dump | msdos | mumps | netbios | vines-echo | vines-ip | xns-id | <protocol (0-65535)>] [ encaptype <value (1-65535)>][ Vlan <vlan-id (1-4094)>] [priority <value (1-255)>]
Syntax Description
any | host <src-mac-address >
- Source MAC address to be matched with the packet
VS-2024-F DATACOM SYSTEMS INC
86 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
any | host <dest-mac-address >
- Destination MAC address to be matched with the packet
aarp
- Ethertype AppleTalk Address Resolution Protocol that maps a data-link address to a network address
amber
- EtherType DEC-Amber
dec-spanning
- EtherType Digital Equipment Corporation (DEC) spanning tree
decent-iv
- EtherType DECnet Phase IV protocol
diagnostic
- EtherType DEC-Diagnostic
dsm
- EtherType DEC-DSM/DDP
etype-6000
- EtherType 0x6000
etype-8042
- EtherType 0x8042
lat
- EtherType DEC-LAT
lavc-sca
- EtherType DEC-LAVC-SCA
mop-console
- EtherType DEC-MOP Remote Console
mop-dump
- EtherType DEC-MOP Dump
msdos
- EtherType DEC-MSDOS
mumps
- EtherType DEC-MUMPS
netbios
- EtherType DEC- Network Basic Input/Output System (NETBIOS)
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 87 DATACOM SYSTEMS CONFIDENTIAL
vines-echo
- EtherType Virtual Integrated Network Service (VINES) Echo from Banyan Systems
vines-ip
- EtherType VINES IP
xns-id
- EtherType Xerox Network Systems (XNS) protocol suite
encaptype
- Encapsulation Type
vlan
- VLAN ID to be filtered
priority
- The priority of the L2 filter is used to decide which filter rule is applicable when the packet matches with more than one filter rules. Lower value of 'filter priority' implies a higher priority.
Mode ACL MAC Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults vlan-id
- 0
priority
- 1
Example iss(config-ext-macl)# deny any host 00:11:22:33:44:55 priority 200
MAC access list must have been created.
OuterEtherType, Service Vlan, Service Vlan Priority and Customer Vlan Priority options are applicable only for Metro Solution, when the bridge mode is “Provider Bridge”.
Related Commands
mac access-list extended - Creates Layer 2 MAC ACLs, and returns the MAC-Access list configuration mode to the user
mac access-group - Applies a MAC access control list (ACL) to a Layer 2 interface
permit - Specifies the packets to be forwarded based on the MAC address and the associated parameters
show access-lists - Displays the access list statistics
user-defined access-list - Creates user defined access-list.
VS-2024-F DATACOM SYSTEMS INC
88 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
4.24 show access-lists
This command displays the access lists configuration.
show access-lists [[{ip | mac | user-defined }] < access-list-number (1-65535)> ]
Syntax Description
ip - IP Access List
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 89 DATACOM SYSTEMS CONFIDENTIAL
mac - MAC Access List
user-defined - user defined access list
Mode Privileged/User EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show access-lists EIP ACCESS LISTS
-----------------
Standard IP Access List 34
----------------------------
IP address Type : IPV4
Source IP address : 172.30.3.134
Source IP address mask : 255.255.255.255
Source IP Prefix Length : 32
Destination IP address : 0.0.0.0
Destination IP address mask : 0.0.0.0
Destination IP Prefix Length : 0
Flow Identifier : 0
In Port List : NIL
Out Port List : NIL
Filter Action : Deny
Status : InActive
Extended IP Access List 1002
-----------------------------
Filter Priority : 1
Filter Protocol Type : ANY
IP address Type : IPV4
Source IP address : 0.0.0.0
Source IP address mask : 0.0.0.0
Source IP Prefix Length : 0
Destination IP address : 0.0.0.0
Destination IP address mask : 0.0.0.0
VS-2024-F DATACOM SYSTEMS INC
90 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Destination IP Prefix Length : 0
Flow Identifier : 0
In Port List : NIL
Out Port List : NIL
Filter TOS : Invalid combination
Filter DSCP : NIL
Filter Action : Permit
Status : InActive
Extended IP Access List 10022
-----------------------------
Filter Priority : 1
Filter Protocol Type : ANY
IP address Type : IPV4
Source IP address : 0.0.0.0
Source IP address mask : 0.0.0.0
Source IP Prefix Length : 0
Destination IP address : 0.0.0.0
Destination IP address mask : 0.0.0.0
Destination IP Prefix Length : 0
Flow Identifier : 0
In Port List : NIL
Out Port List : NIL
Filter TOS : Invalid combination
Filter DSCP : NIL
Filter Action : Permit
Status : InActive
MAC ACCESS LISTS
-----------------
No MAC Access Lists have been configured
DATACOM SYSTEMS INC CHAPTER 4: ACL (ACCESS CONTROL LISTS)
CLI USER MANUAL 91 DATACOM SYSTEMS CONFIDENTIAL
OuterEtherType, Service Vlan, Service Vlan Priority, innerEtherType, Customer Vlan and Customer Vlan Priority options are applicable only with Metro Ethernet Feature and bridge mode is provider.
Related Commands
ip access-list - Creates IP ACLs and enters the IP Access-list configuration mode
mac access-list extended - Creates Layer 2 MAC ACLs, and returns the MAC-Access list configuration mode to the user
permit usr-defined-packet-type - Permits Packet Based on User Defined Packet Byte
deny usr-defined-packet-type - This command denies packet based on user defined byte.
permit - standard mode - Specifies the packets to be forwarded depending upon the associated parameters
deny - standard mode - Denies traffic if the conditions defined in the deny statement are matched
permit- ip/ospf/pim/protocol type - Allows traffic for a particular protocol packet if the conditions defined in the permit statement are matched
deny - ip/ospf/pim/protocol type Denies traffic for a particular protocol packet if the conditions defined in the deny statement are matched
permit tcp- Specifies the TCP packets to be forwarded based on the associated parameters
deny tcp- Specifies the TCP packets to be rejected based on the associated parameters
permit udp- Specifies the UDP packets to be forwarded based on the associated parameters
deny udp- Specifies the UDP packets to be rejected based on the associated parameters
permit icmp- Specifies the ICMP packets to be forwarded based on the IP address and the associated parameters
deny icmp - Specifies the ICMP packets to be rejected based on the IP address and associated parameters
ip access-group- Enables access control for the packets on the interface
mac access-group - Applies a MAC access control list (ACL) to a Layer 2 interface
permit - Specifies the packets to be forwarded based on the MAC address and the associated parameters
deny- specifies the packets to be rejected based on the MAC address and the associated parameters
user-defined access-list - Creates user defined access-list.
userdefined-list - Creates a user defined access list by applying AND, OR, NOT operation on existing ACL rules
permit ipv6 - Specifies IP packets to be forwarded based on protocol and associated parameters.
deny ipv6 - Specifies IPv6 packets to be rejected based on protocol and associated parameters.
user-defined access-group - Applies a user defined access list (ACL) to an interface
CLI USER MANUAL 93 DATACOM SYSTEMS CONFIDENTIAL
Chapter
5 5.QoS (Quality of Service)
QoS defines the ability to provide different priority to different applications, users or data flows or the ability to guarantee a certain level of performance to a data flow. QoS refers to resource reservation control mechanisms rather than the achieved service quality and specifies a guaranteed throughput level.
Datacom Systems Inc. QoS provides a complete Quality of Service solution and helps in implementing service provisioning policies for application or customers, who desire to have an enhanced performance for their traffic on the Internet.
The list of CLI commands for the configuration of QoS is as follows:
shutdown qos
qos
priority-map
class-map
meter
policy-map
queue-type
shape-template
scheduler
queue
queue-map
sched-hierarchy
qos interface
map
match access-group
VS-2024-F DATACOM SYSTEMS INC
94 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
set class
meter-type
set policy
set meter
set
random-detect dp
show priority-map
show class-map
show class-to-priority-map
show meter
show policy-map
show queue-template
show shape-template
show scheduler
show queue
show queue-map
show sched-hierarchy
show qos def-user-priority
show qos meter-stats
show qos queue-stats
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 95 DATACOM SYSTEMS CONFIDENTIAL
5.1 shutdown qos This command shuts down the QoS subsystem. The no form of the command starts the QoS subsystem.
shutdown qos
no shutdown qos
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults QoS subsystem is started and enabled by default.
Example iss(config)# shutdown qos
Resources required by QoS subsystem are allocated and QoS subsystem starts running, when started.
All the MemPools used by the QoS subsystem will be released, when shutdown.
Related Commands
show qos global info - Displays QoS related global configurations.
VS-2024-F DATACOM SYSTEMS INC
96 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.2 qos This command enables or disables the QoS subsystem.
qos {enable | disable}
Syntax Description
enable - Enables QoS subsystem
disable - Disables Qos subsystem
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Enabled
Example iss(config)# qos enable
QoS module programs the hardware and starts protocol operation, when set as enable.
QoS module stops protocol operation by deleting the hardware configuration, when set as disable.
Related Commands
show qos global info - Displays QoS related global configurations.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 97 DATACOM SYSTEMS CONFIDENTIAL
5.3 priority-map This command adds a Priority Map entry. The no form of the command deletes a Priority Map entry.
priority-map <priority-map-Id(1-65535)>
no priority-map <priority-map-Id(1-65535)>
Syntax Description
Priority-map-Id - Priority map index for the incoming packet received over ingress Port/VLAN with specified incoming priority. This value ranges between 1 and 65535.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# priority-map 1
QoS subsystem should have been started.
Related Commands
show priority-map – Displays the Priority Map entry.
VS-2024-F DATACOM SYSTEMS INC
98 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.4 class-map This command adds a Class Map entry. The no form of the command deletes a Class Map entry.
class-map <class-map-id(1-65535)>
no class-map <class-map-id(1-65535)>
Syntax Description
class-map-id - Index that enumerates the MultiField Classifier table entries. This value ranges between 1 and 65535.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# class-map 1
QoS subsystem should have been started.
Related Commands
show class-map – Displays the Class Map entry.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 99 DATACOM SYSTEMS CONFIDENTIAL
5.5 meter This command creates a Meter. The no form of the command deletes a Meter.
meter <meter-id(1-65535)>
no meter <meter-id(1-65535)>
Syntax Description
meter-id - Index that enumerates the Meter entries. This value ranges between 1 and 65535.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# meter 1
QoS subsystem should have been started.
Related Commands
show meter – Displays the Meter entry.
VS-2024-F DATACOM SYSTEMS INC
100 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.6 policy-map This command creates a policy map. The no form of the command deletes a policy map.
policy-map <policy-map-id(1-65535)>
no policy-map <policy-map-id(1-65535)>
Syntax Description
policy-map-id - Index that enumerates the policy-map table entries. This value ranges between 1 and 65535.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# policy-map 1
QoS subsystem should have been started.
Related Commands
show policy-map – Displays the Policy Map entry.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 101 DATACOM SYSTEMS CONFIDENTIAL
5.7 queue-type This command creates a Queue Template Type. The no form of the command deletes a Queue Template Type.
queue-type <Q-Template-Id(1-65535)>
no queue-type <Q-Template-Id(1-65535)>
Syntax Description
Q-Template-Id - Queue Template Table index. This value ranges between 1 and 65535.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# queue-type 1
Related Commands
show queue-template – Displays the Q Template and Random Detect configurations.
VS-2024-F DATACOM SYSTEMS INC
102 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.8 shape-template This command creates a Shape Template. The no form of the command deletes a Shape Template.
shape-template <integer(1-65535)> [cir <integer(1-65535)>] [cbs <integer(0-65535)>] [eir <integer(0-65535)>] [ebs <integer(0-65535)>]
no shape-template <Shape-Template-Id(1-65535)>
Syntax Description
Shape-Template-Id - Shape Template Table index.
cir - Committed information rate for packets through the queue.
cbs - Committed burst size for packets through the queue.
eir - Excess information rate for packets through the hierarchy.
ebs - Excess burst size for packets through the hierarchy.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# shape-template 1 cir 20 cbs 40 eir 50 ebs 40
Related Commands
show shape-template – Displays the Shape Template configurations.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 103 DATACOM SYSTEMS CONFIDENTIAL
5.9 scheduler This command creates a Scheduler and configures the Scheduler parameters. The no form of the command deletes a scheduler.
scheduler <integer(1-65535)> interface <iftype> <ifnum> [sched-algo {strict-priority | rr | wrr | wfq | strict-rr | strict-wrr | strict-wfq | deficit-rr}] [shaper <integer(0-65535)>] [hierarchy-level <integer(0-10)>]
no scheduler <Scheduler-Id(1-65535)> interface <iftype> <ifnum>
Syntax Description
Scheduler-Id - Scheduler identifier that uniquely identifies the scheduler in the system/egress interface.
iftype - Interface type.
ifnum - Interface number.
sched-algo - Packet scheduling algorithm for the port. The algorithms are:
strict-priority – strictPriority.
rr – roundRobin.
wrr – weightedRoundRobin.
wfg – weightedFairQueing.
strict-rr – strictRoundRobin.
strict-wrr – strictWeightedRoundRobin.
strict-wfg – strictWeightedFairQueing.
deficit-rr – deficitRoundRobin.
shaper - Shaper identifier that specifies the bandwidth requirements for the scheduler.
hierarchy-level - Depth of the queue/scheduler hierarchy.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults sched-algo - strict-priority
VS-2024-F DATACOM SYSTEMS INC
104 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
hierarchy-level - 0
Example iss(config)# scheduler 1 interface giga 0/1 sched-algo rr shaper 1 hierarchy-level 1
Shaper identifier is not mandatory for the creation of the conceptual row.
Related Commands
show scheduler – Displays the configured Scheduler.
sched-hierarchy – Creates a Scheduler Hierarchy.
show sched-hierarchy – Displays the configured hierarchy scheduler.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 105 DATACOM SYSTEMS CONFIDENTIAL
5.10 queue This command creates a Queue and configures the Queue parameters. The no form of the command deletes a Queue.
queue <integer(1-65535)> interface <iftype> <ifnum> [qtype <integer(1-65535)>] [scheduler <integer(1-65535)>] [weight <integer(0-1000)>] [priority <integer(0-15)>] [shaper <integer(0-65535)>]
no queue <integer(1-65535)> interface <iftype> <ifnum>
Syntax Description
queue - Queue identifier that uniquely identifies the queue in the system/port.
iftype - Interface type.
ifnum - Interface number.
qtype - Queue Type identifier.
scheduler - Scheduler identifier that manages the specified queue.
weight - User assigned weight to the CoS queue.
priority User assigned priority for the CoS queue.
shaper Shaper identifier that specifies the bandwidth requirements for the queue.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults weight - 0
priority - 0
Example iss(config)# queue 1 interface giga 0/1 qtype 2 scheduler 1 weight 20 priority 10 shaper 1.
VS-2024-F DATACOM SYSTEMS INC
106 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Scheduler identifier is unique relative to an egress interface.
User assigned weights are used only when scheduling algorithm is a weighted scheduling algorithm.
User assigned priority is used only when the scheduler uses a priority based scheduling algorithm.
Shaper identifier is not mandatory for the creation of the row.
Related Commands
queue-type – Creates a Queue Template Type.
scheduler – Creates a Scheduler and configures the Scheduler parameters.
shape-template – Creates a Shape Template.
show queue – Displays the configured Queues.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 107 DATACOM SYSTEMS CONFIDENTIAL
5.11 queue-map This command creates a Map for a Queue with Class or regenerated priority. The no form of the command deletes a Queue map entry.
queue-map { CLASS <integer(1-65535)> | regn-priority { vlanPri | ipTos | ipDscp | mplsExp | vlanDEI } <integer(0-63)> } [interface <iftype> <ifnum>] queue-id <integer(1-65535)>
no queue-map { CLASS <integer(1-65535)> | regn-priority { vlanPri | ipTos | ipDscp | mplsExp | vlanDEI } <integer(0-63)> } [interface <iftype> <ifnum>]
Syntax Description
CLASS - Input CLASS that needs to be mapped to an outbound queue.
regn-priority - Regenerated-priority type and regenerated-priority that needs to be mapped to an outbound queue. The types are
vlanPri – VLAN Priority.
ipTos – IP Type of Service.
ipDscp – IP Differentiated Services Code Point.
mplsExp – MPLS Experimental
vlanDEI – VLAN Drop Eligibility Indicator. iftype - Interface type.
ifnum - Interface number.
queue-id - Queue identifier that uniquely identifies a queue relative to an interface.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# queue-map CLASS 1 interface giga 0/1 queue-id 1
CLASS should be zero while configuring RegenPriority specific Q.
Regenerated-priority should be zero while configuring CLASS specific Queue.
Related Commands
show queue-map – Displays the configured Queue map.
VS-2024-F DATACOM SYSTEMS INC
108 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.12 sched-hierarchy This command creates a Scheduler Hierarchy. The no form of the command deletes a Scheduler Hierarchy.
sched-hierarchy interface <iftype> <ifnum> hierarchy-level <integer(1-10)> sched-id <integer(1-65535)> {next-level-queue <integer(0-65535)> | next-level-scheduler <integer(0-65535)>} [priority <integer(0-15)>] [weight <integer(0-1000)>]
no sched-hierarchy interface <iftype> <ifnum> hierarchy-level <integer(1-10)> sched-id <integer(1-65535)>
Syntax Description
iftype - Interface type.
ifnum - Interface number.
hierarchy-level - Depth of the queue/scheduler hierarchy.
sched-id - Scheduler identifier.
next-level-queue – Next-level queue to which the scheduler output needs to be sent.
next-level-scheduler – Next-level scheduler to which the scheduler output needs to be sent.
priority - Scheduler priority.
weight - Scheduler weight.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults priority - 0
Example iss(config)# sched-hierarchy interface giga 0/1 hierarchy-level 3 sched-id 1 next-level-queue 2 priority 5 weight 50
The priority is specified when the scheduler is connecting to any of the priorities ( EF, AF, BE) of the next level strict-priority scheduler.
The weight is specified if the scheduler is connecting to a WeightedFairQueing of another scheduler.
Related Commands
show sched-hierarchy– Displays the configured hierarchy scheduler.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 109 DATACOM SYSTEMS CONFIDENTIAL
5.13 qos interface This command sets the default ingress user priority for the port.
qos interface <iftype> <ifnum> def-user-priority <integer(0-7)>
Syntax Description
iftype - Interface type
ifnum - Interface number
def-user-priority - Default ingress user priority for the port
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# qos interface giga 0/1 def-user-priority 3
The default ingress user priority will be used to set priority for untagged packets.
Related Commands
show qos def-user-priority – Displays the configured default ingress user priority for a port.
VS-2024-F DATACOM SYSTEMS INC
110 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.14 map This command adds a Priority Map Entry for mapping an incoming priority to a regenerated priority. The no form of the command sets default value to the Interface, VLAN, regenerated inner priority.
map [interface <iftype> <ifnum>] [vlan <integer(1-4094)>] in-priority-type { vlanPri | ipTos | ipDscp | mplsExp | vlanDEI } [in-priority <integer(0-63)>] regen-priority <integer(0-63)> [regen-inner-priority <integer(0-7)>]
no map { interface | vlan | regen-inner-priority }
Syntax Description
iftype - Interface type
ifnum - Interface number
vlan - VLAN identifier. This value ranges between 1 and 4094.
in-priority-type - Type of the incoming priority. The types are:
vlanPri – VLAN Priority.
ipTos – IP Type of Service.
ipDscp – IP Differentiated Services Code Point.
mplsExp – MPLS Experimental
vlanDEI – VLAN Drop Eligibility Indicator.
in-priority - Incoming priority value determined for the received
frame. This value ranges between 0 and 63.
regen-priority - Regenerated priority value determined for the received frame. This value ranges between 0 and 63.
regen-inner-priority
- Regenerated inner-VLAN (CVLAN) priority value determined for the received frame. This value ranges between zero and seven.
Mode Priority Map Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults vlan - 0
in-priority-type - vlanPri
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 111 DATACOM SYSTEMS CONFIDENTIAL
in-priority - -1
regen-priority - 0
Example iss(config-pri-map)# map interface gig 0/1 vlan 4094 in-priority-type vlanPri in-priority 0 regen-priority 7 regen-inner-priority 1
Priority Map entry should have been created.
Related Commands
priority-map – Adds a Priority Map entry
show priority-map – Displays the Priority Map entry.
VS-2024-F DATACOM SYSTEMS INC
112 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.15 match access-group This command sets Class Map parameters using L2and/or L3 ACL or Priority Map ID.
match access-group { [mac-access-list <integer(0-65535)>] [ ip-access-list <integer(0-65535)>] | priority-map <integer(0-65535)> }
Syntax Description
mac-access-list - Identifier of the MAC filter. This value ranges between 0 and 65535.
ip-access-list - Identifier of the IP filter. This value ranges between 0 and 65535.
priority-map - Priority Map identifier for mapping incoming priority against received packet. This value ranges between 0 and 65535.
Mode Class Map Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults mac-access-list - 0
ip-access-list - 0
priority-map - 0
Example iss(config-cls-map)# match access-group priority-map 1
Priority map ID should have been created.
L2 and/or L3 ACL should have been created.
Related Commands
priority-map – Adds a Priority Map entry.
show class-map – Displays the Class Map entry.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 113 DATACOM SYSTEMS CONFIDENTIAL
5.16 set class This command sets CLASS for L2and/or L3 filters or Priority Map ID and adds a CLASS to Priority Map entry with regenerated priority. The no form of the command deletes a CLASS to Priority Map Table entry.
set class <class integer(1-65535)> [pre-color { green | yellow | red | none }] [ regen-priority <integer(0-7)> group-name <string(31)> ]
no set class <class integer(1-65535)>
Syntax Description
class - Traffic CLASS to which an incoming frame pattern is classified.
pre-color - Color of the packet prior to metering. This can be any one of the following:
None – Traffic is not pre-colored.
green – Traffic conforms to SLAs (Service Level Agreements.
yellow – Traffic exceeds the SLAs.
red – Traffic violates the SLAs. regen-priority - Regenerated priority value determined for the input
CLASS. This value ranges between zero and seven.
group-name - Unique identification of the group to which an input CLASS belongs.
Mode Class Map Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults class - 0
Example iss(config-cls-map)# set class 1000 pre-color none regen-priority 1 group-name CLASS
Class map should have created.
The default value zero provided for the class is not configurable.
Related Commands
show class-to-priority-map – Displays the class group Entry.
VS-2024-F DATACOM SYSTEMS INC
114 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.17 meter-type This command sets Meter parameters CIR, CBS, EIR, EBS, Interval, meter type and color awareness.
meter-type { simpleTokenBucket | avgRate| srTCM | trTCM | tswTCM | mefCoupled | mefDeCoupled } [ color-mode { aware | blind } ] [interval <short(1-10000)>] [cir <integer(0-65535)>] [cbs <integer(0-65535)>] [eir <integer(0-65535)>] [ebs <integer(0-65535)>] [next-meter <integer(0-65535)>]
Syntax Description
simpleTokenBucket - Two Parameter Token Bucket Meter.
avgRate - Average Rate Meter.
srTCM - Single Rate Three Color Marker Metering as defined by RFC 2697.
trTCM - Two Rate Three Color Marker Metering as defined by RFC 2698
tswTCM - Time Sliding Window Three Color Marker Metering as defined by RFC 2859.
mefCoupled - Dual bucket meter as defined by RFC 4115.
mefDeCoupled - Dual bucket meter as defined by RFC 2697 and MEF coupling Flag.
color-mode - Indicates the color mode of the Meter. The color modes are:
aware – The Meter considers the pre-color of the packet.
blind – The Meter ignores the pre-color of the packet.
interval - Time interval used with the token bucket. This value ranges between 1 and 10000.
cir - Committed information rate. This value ranges between 0 and 65535.
cbs - Committed burst size. This value ranges between 0 and 65535.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 115 DATACOM SYSTEMS CONFIDENTIAL
eir - Excess information rate. This value ranges between 0 and 65535.
ebs - Excess burst size. This value ranges between 0 and 65535.
next-meter - Meter entry identifier used for applying the second/next level of conformance on the incoming packet. This value ranges between 0 and 65535.
Mode Meter Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults color-mode - blind
interval - 0
next-meter - 0
Example iss(config-meter)# meter-type simpleTokenBucket color-mode aware interval 10 cir 1000
Meter should have been created.
Related Commands
meter – Creates a Meter.
show meter – Displays the Meter entry.
VS-2024-F DATACOM SYSTEMS INC
116 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.18 set policy This command sets CLASS for policy. The no form of the command sets the default value for interface in this policy.
set policy [class <number(0-65535)>] [interface <iftype> <ifnum>] default-priority-type { none | { vlanPri | ipTos | ipDscp | mplsExp } <integer(0-63)> }
no set policy interface
Syntax Description
class - Traffic CLASS for which the policy-map needs to be applied.
iftype - Interface type
ifnum - Interface number
default-priority-type
- Per-Hop Behvior (PHB) type to be used for filling the default PHB for the policy-map entry. The types are:
none – No specific PHB type is set.
vlanPri – VLAN priority.
ipTos – IP Type of Service.
ipDscp – IP Differentiated Services Code Point.
mplsExp – MPLS Experimental Mode Policy Map Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults class - 0
Example iss(config-ply-map)# set policy class 1 interface giga 0/1 default-priority-type none
CLASS should have been created.
Related Commands
class-map – Adds a Class Map Entry.
policy-map – Creates a policy map.
show policy-map – Displays the Policy Map Entry.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 117 DATACOM SYSTEMS CONFIDENTIAL
5.19 set meter This command sets Policy parameters such as Meter and Meter Actions. The no form of the command removes the Meter from the Policy and the Meter Actions.
set meter <integer(1-65535)> [ conform-action { none | set-cos-transmit <short(0-7)> set-de-transmit <short(0-1)> | set-port <iftype> <ifnum> | set-inner-vlan-pri <short(0-7)> |set-mpls-exp-transmit <short(0-7)> | set-ip-prec-transmit <short(0-7)> | set-ip-dscp-transmit <short(0-63)> }] [ exceed-action {drop | set-cos-transmit <short(0-7)> set-de-transmit <short(0-1)> | set-inner-vlan-pri <short(0-7)> | set-mpls-exp-transmit <short(0-7)> | set-ip-prec-transmit <short(0-7)> | set-ip-dscp-transmit <short(0-63)> }] [ violate-action {drop | set-cos-transmit <short(0-7)> set-de-transmit <short(0-1)> | set-inner-vlan-pri <short(0-7)> | set-mpls-exp-transmit <short(0-7)> | set-ip-prec-transmit <short(0-7)> | set-ip-dscp-transmit <short(0-63)> }] [ set-conform-newclass <integer(0-65535)> ] [ set-exceed-newclass <integer(0-65535)> ] [ set-violate-newclass <integer(0-65535)> ]
no set meter
Syntax Description
meter - Meter table identifier which is the index for the Meter table.
conform-action - Action to be performed on the packet, when the packets are found to be In profile (conform). Options are:
none – No action is configured.
set-cos-transmit – Sets the VLAN priority of the outgoing packet.
set-de-transmit – Sets the VLAN Drop Eligible indicator of the outgoing packet.
set-port – Sets the new port value.
set-inner-vlan-pri – Sets the inner VLAN priority of the outgoing packet.
set-mpls-exp-transmit – Sets the MPLS Experimental bits of the outgoing packet.
set-ip-prec-transmit – Sets the new IP TOS value.
set-ip-dscp-transmit – Sets the new DSCP value.
exceed-action - Action to be performed on the packet, when the packets
are found to be In profile (exceed). Options are:
drop – Drops the packet.
set-cos-transmit – Sets the VLAN priority of the outgoing packet.
set-de-transmit – Sets the VLAN Drop Eligible indicator of the outgoing packet.
set-inner-vlan-pri – Sets the inner VLAN priority of the outgoing packet.
set-mpls-exp-transmit – Sets the MPLS Experimental bits of the outgoing packet.
VS-2024-F DATACOM SYSTEMS INC
118 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
set-ip-prec-transmit – Sets the new IP TOS value.
set-ip-dscp-transmit – Sets the new DSCP value.
violate-action - Action to be performed on the packet, when the packets
are found to be out of profile. Options are:
drop – Drops the packet.
set-cos-transmit – Sets the VLAN priority of the outgoing packet.
set-de-transmit – Sets the VLAN Drop Eligible indicator of the outgoing packet.
set-inner-vlan-pri – Sets the inner VLAN priority of the outgoing packet.
set-mpls-exp-transmit – Sets the MPLS Experimental bits of the outgoing packet.
set-ip-prec-transmit – Sets the new IP TOS value.
set-ip-dscp-transmit – Sets the new DSCP value.
set-conform-newclass
- Represents the Traffic CLASS to which an incoming frame pattern is classified after metering.
set-exceed-newclass
- Represents the Traffic CLASS to which an incoming frame pattern is classified after metering.
set-violate-newclass
- Represents the Traffic CLASS to which an incoming frame pattern is classified after metering.
Mode Policy Map Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults set-cos-transmit - 0
set-de-transmit - 0
set-mpls-exp-transmit - 0
set-inner-vlan-pri - 0
Example iss(config-ply-map)# set meter 1 exceed-action drop violate-action drop
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 119 DATACOM SYSTEMS CONFIDENTIAL
VLAN priority can be set to a non-zero value only when MPLS Experimental bits is set to zero.
Related Commands
show meter – Displays the Meter entry.
VS-2024-F DATACOM SYSTEMS INC
120 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.20 set algo-type This command sets Q Template entry parameters.
set algo-type { tailDrop | headDrop | red | wred } [queue-limit <integer(1-65535)>] [queue-drop-algo {enable | disable }]
Syntax Description
algo-type - Type of drop algorithm used by the queue template. Options are:
tailDrop – Beyond the maximum depth of the queue, all newly arriving packets will be dropped.
headDrop – Packets currently at the head of the queue are dropped to make room for the new packet to be enqueued at the tail of the queue, when the current depth of the queue is at the maximum depth of the queue.
red – On packet arrival, an Active Queue Management algorithm is executed which may randomly drop a packet.
wred – On packet arrival, an Active Queue Management algorithm is executed which may randomly drop a packet.
queue-limit - Queue size. This value ranges between 1 and 65535.
queue-drop-algo - Enable/disable Drop Algorithm for Congestion Management. Options are:
enable – Enables Drop Algorithm.
disable – Disables Drop Algorithm. Mode Queue Template Configuration mode
Package Workgroup, Enterprise and Metro
Defaults queue-drop-algo - enable
Example iss(config-qtype)# set algo-type red queue-limit 18 queue-drop-algo enable
Queue size must be greater than or equal to the minimum average threshold and less than or equal to the maximum average threshold.
Drop algorithm for Congestion Management can be enabled only when the Random Detect Table entry is created for the Queue.
Related Commands
random-detect dp – Sets Random Detect Table entry parameters.
show queue-template – Displays the Q Template and Random Detect configurations.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 121 DATACOM SYSTEMS CONFIDENTIAL
5.21 random-detect dp This command sets Random Detect Table entry parameters. The no form of the command deletes Random Detect Table entry.
random-detect dp <short(0-2)> [min-threshold <short(1-65535)>] [max-threshold <short(1-65535)>] [max-pkt-size <short(1-65535)>] [mark-probability-denominator <short(1-100)>] [exponential-weight <integer(0-31)>]
no random-detect dp <short(0-2)>
Syntax Description
dp - Drop Precedence. Options are:
0 – low drop precedence.
1 – medium drop precedence.
2 – high drop precedence. min-threshold - Minimum average threshold for the random detect
algorithm. This value ranges between 1 and 65535.
max-threshold - Maximum average threshold for the random detect algorithm. This value ranges between 1 and 65535.
max-pkt-size - Maximum allowed packet size. This value ranges between 1 and 65535.
mark-probability-denominator
- Maximum probability of discarding a packet in units of percentage. This value ranges between 1 and 100.
exponential-weight
- Exponential weight for determining the average queue size. This value ranges between 0 and 31.
Mode Queue Template Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults mark-probability-denominator
- 100
exponential-weight - 0
Example iss(config-qtype)# random-detect dp 1 min-threshold 1200 max-threshold 13000 max-pkt-size 100 mark-probability-denominator 50 exponential-weight 30
VS-2024-F DATACOM SYSTEMS INC
122 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.22 show qos global info This command displays QoS related global configurations.
show qos global info
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show qos global info
QoS Global Information
----------------------
System Control : Start
System Control : Enable
Rate Unit : kbps
Rate Granularity : 64
Trace Flag : 0
Related Commands
shutdown qos – Shutsdown the QoS subsystem.
qos – Enables or disables the QoS subsystem.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 123 DATACOM SYSTEMS CONFIDENTIAL
5.23 show priority-map This command displays the Priority Map entry.
show priority-map [<priority-map-id(1-65535)>]
Syntax Description
priority-map-id - Output priority map index for the incoming packet received over ingress Port/VLAN with specified incoming priority.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show priority-map QoS Priority Map Entries
========================
PriorityMapId : 1
IfIndex : 1
VlanId : 4094
InPriorityType : VlanPriority
InPriority : 0
RegenPriority : 7
InnerRegenPriority : 1
iss# show priority-map 9 QoS Priority Map Entries
------------------------
PriorityMapId : 9
IfIndex : gi 0/5
VlanId : 2
InPriorityType : IP Protocol
InPriority : -1
RegenPriority : 5
InnerRegenPriority : 7
If executed without the optional parameters, this command displays all the available Priority Map information.
Related Commands
priority-map – Adds a Priority Map entry
map - Adds a Priority Map entry for mapping an incoming priority to a regenerated priority
VS-2024-F DATACOM SYSTEMS INC
124 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.24 show class-map This command displays the Class Map entry.
show class-map [<class-map-id(1-65535)>]
Syntax Description
class-map-id - Index that enumerates the MultiField Classifier table entries.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show class-map QoS Class Map Entries
=====================
ClassMapId : 1
L2FilterId : None
L3FilterId : None
PriorityMapId : 1
CLASS : 1000
PolicyMapId : 1
PreColor : None
Status : Active
If executed without the optional parameters, this command displays all the available Class Map information
Related Commands
class-map – Adds a Class Map entry.
priority-map – Adds a Priority Map entry
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 125 DATACOM SYSTEMS CONFIDENTIAL
5.25 show class-to-priority-map This command displays the class group entry.
show class-to-priority-map <group-name(31)>
Syntax Description
Group-name - Unique identification of the group to which an input CLASS belongs.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show class-to-priority-map CLASS1
QoS Class To Priority Map Entries
---------------------------------
GroupName : CLASS1
Class LocalPriority
----------------------------------
2 2
Related Commands
show class-map – Displays the Class Map entry.
set class – Sets CLASS for L2and/or L3 filters or Priority Map ID and adds a CLASS to Priority Map Entry with regenerated priority.
VS-2024-F DATACOM SYSTEMS INC
126 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.26 show meter This command displays the Meter entry.
show meter [<meter-id(1-65535)>]
Syntax Description
meter-id - Index that enumerates the Meter entries.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show meter QoS Meter Entries
=================
MeterId : 1
Type : Simple Token Bucket
Color Mode : Color Aware
Interval : 10
CIR : 1000
CBS : None
EIR : None
EBS : None
NextMeter : None
Status : Active
If executed without the optional parameters, this command displays all the available Meter information.
Related Commands
set meter – Sets Policy parameters such as Meter and Meter Actions.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 127 DATACOM SYSTEMS CONFIDENTIAL
5.27 show policy-map This command displays the Policy Map entry.
show policy-map [<meter-id(1-65535)>]
Syntax Description
meter-id - Index that enumerates the Meter entries.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show policy-map QoS Policy Map Entries
======================
PolicyMapId : 1
IfIndex : 0
Class : 0
DefaultPHB : None.
MeterId : 1
ConNClass : 0
ExcNClass : 0
VioNClass : 0
ConfAct : Port 1
ExcAct : Drop.
VioAct : Drop.
If executed without the optional parameter, this command displays all the available Policy Map. information
Related Commands set policy – Sets CLASS for policy.
VS-2024-F DATACOM SYSTEMS INC
128 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.28 show queue-template This command displays the Q Template and Random Detect configurations.
show queue-template [<queue-template-Id(1-65535)>]
Syntax Description
queue-template-Id - Queue Template Table index.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show queue-template Queue Template Entries
----------------------
Q Template Id : 1
Q Limit : 10000
Drop Type : Tail Drop
Drop Algo Status : Disable
If executed without the optional parameter, this command displays all the available Queue Template information.
Related Commands
queue-type – Creates a Queue Template Type.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 129 DATACOM SYSTEMS CONFIDENTIAL
5.29 show shape-template This command displays the Shape Template configurations.
show shape-template [<shape-template-Id(1-65535)>]
Syntax Description
shape-template-Id - Shape Template Table index.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show shape-template QoS Shape Template Entries
--------------------------
ShapeTemplate Id CIR CBS EIR EBS
---------------- --- --- --- ---
1 1 1 1 1
If executed without the optional parameter, this command displays all the available Shape Template information
Related Commands
shape-template – Creates a Shape Template.
VS-2024-F DATACOM SYSTEMS INC
130 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.30 show scheduler This command displays the configured Scheduler.
show scheduler [interface <iftype> <ifnum>]
Syntax Description
iftype - Interface type.
ifnum - Interface number.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show scheduler QoS Scheduler Entries
---------------------
IfIndex Scheduler Index Scheduler Algo Shape Index Scheduler HL GlobalId
------- --------------- -------------- ----------- ------------ --------
Gi0/1 1 strictPriority 0 0 1
If executed without the optional parameter, this command displays all the available scheduler entries.
Related Commands
scheduler – Creates a Scheduler and configures the Scheduler parameters.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 131 DATACOM SYSTEMS CONFIDENTIAL
5.31 show queue This command displays the configured Queues.
show queue [interface <iftype> <ifnum>]
Syntax Description
iftype - Interface type.
ifnum - Interface number.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show queue QoS Queue Entries
-----------------
IfIndex Queue Idx Queue Type Scheduler Idx Weight Priority Shape Idx Global Id
------- --------- ---------- ------------- ------ -------- ------------------
Gi0/1 1 1 1 1 1 1 1
If executed without the optional parameter, this command displays all the available queue entries
Related Commands
queue – Creates a Queue and configures the Queue parameters.
queue-type – Creates a Queue Template Type.
show queue-template – Displays the Q Template and Random Detect configurations.
VS-2024-F DATACOM SYSTEMS INC
132 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.32 show queue-map This command displays the configured Queue map.
show queue-map [interface <iftype> <ifnum>]
Syntax Description
iftype - Interface type.
ifnum - Interface number.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show queue-map QoS Queue Map Entries
---------------------
IfIndex CLASS PriorityType Priority Value Mapped Queue
------- ----- ------------ -------------- ------------
Gi0/1 1 none 0 1
If executed without the optional parameter, this command displays all the available queue map entries.
Related Commands
queue-map – Creates a Map for a Queue with Class or regenerated priority.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 133 DATACOM SYSTEMS CONFIDENTIAL
5.33 show sched-hierarchy This command displays the configured hierarchy scheduler.
show sched-hierarchy [interface <iftype> <ifnum>]
Syntax Description
iftype - Interface type.
ifnum - Interface number.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show sched-hierarchy QoS Hierarchy Scheduler Entries
-------------------------------
IfIndex Hierarchy Level Sched Index NextQueue Id NextSched Id Weight Priority
------- --------------- ----------- ------------ ------------ --------------
Gi0/1 1 1 0 2 1 1
If executed without the optional parameter, this command displays all the available hierarchy scheduler entries
Related Commands
scheduler – Creates a Scheduler and configures the Scheduler parameters.
sched-hierarchy – Creates a Scheduler Hierarchy.
VS-2024-F DATACOM SYSTEMS INC
134 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.34 show qos def-user-priority This command displays the configured default ingress user priority for a port.
show qos def-user-priority [interface <iftype> <ifnum>]
Syntax Description
iftype - Interface type.
ifnum - Interface number.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show qos def-user-priority QoS Default User Priority Entries
---------------------------------
IfIndex Default User Priority
-------- ---------------------
Gi0/1 0
Gi0/2 0
Gi0/3 0
Gi0/4 0
Gi0/5 0
Gi0/6 0
Gi0/7 0
Gi0/8 0
Gi0/9 0
Gi0/10 0
Gi0/11 0
Gi0/12 0
Gi0/13 0
Gi0/14 0
Gi0/15 0
Gi0/16 0
Gi0/17 0
Gi0/18 0
Gi0/19 0
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 135 DATACOM SYSTEMS CONFIDENTIAL
Gi0/20 0
Gi0/21 0
Gi0/22 0
Gi0/23 0
Gi0/24 0
If executed without the optional parameter, this command displays the available default ingress user priority entries for all the interface.
Related Commands
qos interface – Sets the default ingress user priority for the port.
VS-2024-F DATACOM SYSTEMS INC
136 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
5.35 show qos meter-stats This command displays the Meters statistics for conform, exceed, violate packets and octets count.
show qos meter-stats [<Meter-Id(1-65535)>]
Syntax Description
Meter-Id - Index that enumerates the Meter entries.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show qos meter-stats QoS Meter (Policer) Stats
-------------------------
Meter Index : 1
Conform Packets : 00
Conform Octects : 00
Exceed Packets : 00
Exceed Octects : 00
Violate Packets : 00
Violate Octects : 0
If executed without the optional parameter, this command displays the Meter statistics for all the available Meters.
Related Commands
show meter – Displays the Meter entry.
set meter – Sets Policy parameters such as Meter and Meter Actions.
DATACOM SYSTEMS INC CHAPTER 5: QOS (QUALITY OF SERVICE)
CLI USER MANUAL 137 DATACOM SYSTEMS CONFIDENTIAL
5.36 show qos queue-stats This command displays Queue statistics for EnQ, DeQ, discarded packets and octets Count, Management Algo Drop and Q occupancy.
show qos queue-stats [interface <iftype> <ifnum>]
Syntax Description
iftype - Interface Type.
ifnum - Interface Number.
Mode Privileged EXEC Mode.
Package Workgroup, Enterprise and Metro
Example iss# show qos queue-stats QoS Queue Stats
-------------------
Interface Index : Gi 0/1
Queue Index : 2
EnQ Packets : 00
EnQ Octects : 00
DeQ Packets : 00
DeQ Octects : 00
Discard Packets : 00
Discard Octects : 00
Occupancy Octects : 00
CongMgntAlgoDrop Octects : 00
If executed without the optional parameter, this command displays the Queue statistics for all the available Interfaces.
Related Commands
show queue – Displays the configured Queues.
VS-2024-F DATACOM SYSTEMS INC
138 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Chapter
6 6.TACACS
TACACS (Terminal Access Controller Access Control System), widely used in network environments, is a client/server protocol that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. It is commonly used for providing NAS (Network Access Security). NAS ensures secure access from remotely connected users. TACACS implements the TACACS Client and provides the AAA (Authentication, Authorization and Accounting) functionalities.
TACACS is used for several reasons:
Facilitates centralized user administration.
Uses TCP for transport to ensure reliable delivery.
Supports inbound authentication, outbound authentication and change password request for the Authentication service.
Provides some level of protection against an active attacker.
The list of CLI commands for the configuration of TACACS is as follows:
tacacs-server host
tacacs use-server address
tacacs-server retransmit
debug tacacs
show tacacs
DATACOM SYSTEMS INC CHAPTER 6: TACACS
CLI USER MANUAL 139 DATACOM SYSTEMS CONFIDENTIAL
6.1 tacacs-server host
This command configures the TACACS server with the parameters (host, timeout, key). The no form of the command deletes server entry from the TACACS server table.
tacacs-server host {<ipv4-address> | <ipv6-address> | <host-name>} [single-connection] [port <tcp port (1-65535 )>] [timeout <time out in seconds(1-255)>] {key <secret key>}
no tacacs-server host { <ipv4-address> | <ipv6-address>}
Syntax Description
ipv4-address
- IPv4 address of the host
ipv6-address
- IPv6 address of the host
host-name - Name of the host
single-connection
- Establishes Single TCP connection to communicate with TACACS Server
port - TCP Port number. This value ranges between 1 and 65535.
timeout - The time period in seconds for which a client will wait for a response from the server before closing the connection. This value ranges between 1 and 255 seconds.
key - Per-server encryption key. Specifies the authentication and encryption key for all TACACS communications between the authenticator and the TACACS server. The string length is 64.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults port
- 40
timeout
- 5 seconds
Example iss(config)# tacacs-server host 12.0.0.100 TACACS+ server configured with default secret key !
VS-2024-F DATACOM SYSTEMS INC
140 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
iss(config)# tacacs-server host 2005::33 TACACS+ server configured with default secret key !
Related Commands
show tacacs - Displays the statistical log information and server for TACACS client
DATACOM SYSTEMS INC CHAPTER 6: TACACS
CLI USER MANUAL 141 DATACOM SYSTEMS CONFIDENTIAL
6.2 tacacs use-server address
This command selects a server from the list of servers maintained in the TACACS client and makes the TACACS client to use the specified server. The no form of the command disables the configured TACACS active server.
tacacs use-server address { <ipv4-address> | <ipv6-address>}
no tacacs use-server
Syntax Description
ipv4-address
- IPv4 address of the host
ipv6-address
- IPv6 address of the host
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# tacacs use-server address 10.0.0.100
Related Commands show tacacs - Displays the statistical log information and server for TACACS client
VS-2024-F DATACOM SYSTEMS INC
142 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
6.3 tacacs-server retransmit
This command specifies the number of times the client searches the active server from the list of servers maintained in the TACACS client, when active server is not configured. The no form of the command sets the default retries.
tacacs-server retransmit <retries>
no tacacs-server retransmit
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# tacacs-server retransmit 3
DATACOM SYSTEMS INC CHAPTER 6: TACACS
CLI USER MANUAL 143 DATACOM SYSTEMS CONFIDENTIAL
6.4 debug tacacs
This command sets the debug trace level for TACACS client module. The no form of the command disables the debug trace level for TACACS client module.
debug tacacs { all | info | errors | dumptx | dumprx }
no debug tacacs
Syntax Description
all - All TACACS debug messages
info - TACACS Server information messages
errors - Error code debug messages
dumptx
- Transmitted packet dump messages
dumprx - Received packet dump messages
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Defaults Debugging is Disabled
Example iss# debug tacacs all
VS-2024-F DATACOM SYSTEMS INC
144 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
6.5 show tacacs
This command displays the statistical log information and server for TACACS+ client.
show tacacs
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# sh tacacs Server : 1
Server address : 12.0.0.100
Address Type : IPV4
Single Connection : no
TCP port : 49
Timeout
Secret Key
: 5
: Datacom Systems
Server : 2
Server address : 2005::33
Address Type : IPV6
Single Connection : no
TCP port : 4949
Timeout : 5
Secret Key
Authen. Starts sent
: Datacom Systems
: 0
Authen. Continues sent : 0
Authen. Enables sent : 0
Authen. Aborts sent : 0
Authen. Pass rvcd. : 0
Authen. Fails rcvd. : 0
Authen. Get User rcvd. : 0
Authen. Get Pass rcvd. : 0
DATACOM SYSTEMS INC CHAPTER 6: TACACS
CLI USER MANUAL 145 DATACOM SYSTEMS CONFIDENTIAL
Authen. Get Data rcvd. : 0
Authen. Errors rcvd. : 0
Authen. Follows rcvd. : 0
Authen. Restart rcvd. : 0
Authen. Sess. timeouts : 0
Author. Requests sent : 0
Author. Pass Add rcvd. : 0
Author. Pass Repl rcvd : 0
Author. Fails rcvd. : 0
Author. Errors rcvd. : 0
Author Follows rcvd. : 0
Author. Sess. timeouts : 0
Acct. start reqs. sent : 0
Acct. WD reqs. sent : 0
Acct. Stop reqs. sent : 0
Acct. Success rcvd. : 0
Acct. Errors rcvd. : 0
Acct. Follows rcvd. : 0
Acct. Sess. timeouts : 0
Malformed Pkts. rcvd. : 0
Socket failures : 0
Connection failures : 0
Related Commands
tacacs-server host - Configures the TACACS server with the parameters
tacacs use-server address - Selects a server from the list of servers maintained in the TACACS client and makes the TACACS client to use the specified server
VS-2024-F DATACOM SYSTEMS INC
146 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Chapter
7 7.LA
LA (Link Aggregation) is a method of combining physical network links into a single logical link for increased bandwidth. LA increases the capacity and availability of the communications channel between devices (both switches and end stations) using existing Fast Ethernet and Gigabit Ethernet technology. LA also provides load balancing where the processing and communication activity is distributed across several links in a trunk, so that no single link is overwhelmed. By taking multiple LAN connections and treating them as a unified, aggregated link, practical benefits in many applications can be achieved. LA provides the following important benefits:
Higher link availability
Increased link capacity
Improvements are obtained using existing hardware (no upgrading to higher-capacity link technology is necessary)
The list of CLI commands for the configuration of LA is as follows:
set port-channel/channel-protocol
lacp system-priority
lacp system-identifier
port-channel load-balance
lacp port-priority
lacp port-identifier
channel-group
lacp wait-time
lacp timeout/lacp rate
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 147 DATACOM SYSTEMS CONFIDENTIAL
lacp
default port
port-channel max-ports
shutdown port-channel
debug lacp/debug etherchannel
show etherchannel
show etherchannel - Redundancy
show interfaces
show lacp
VS-2024-F DATACOM SYSTEMS INC
148 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
7.1 set port-channel
This command enables/disables link aggregation in the switch.
set port-channel { enable | disable }
Syntax Description
enable
- Enables link aggregation in the switch
disable
- Disables link aggregation in the switch
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults disable
Example iss(config)# set port-channel enable
Related Command
show etherchannel - Displays Etherchannel information
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 149 DATACOM SYSTEMS CONFIDENTIAL
7.2 channel-protocol
This command enables link aggregation in the switch and the no form of the command disables link aggregation in the switch.
This command operates similar to that of the command set port-channel.
channel-protocol { lacp | pagp }
no channel-protocol
Syntax Description
lacp
- Specifies LACP (Link Aggregation Control Protocol) to manage channeling.
pagp
- Specifies PAgP (Port aggregation protocol) to manage channeling.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Link aggregation is disabled
Example iss(config)# channel-protocol lacp
Related Command
show etherchannel - Displays Etherchannel information
VS-2024-F DATACOM SYSTEMS INC
150 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
7.3 lacp system-priority
This command sets the LACP priority for the system and the no form of the command sets the LACP priority for the system to the default value. System Priority represents a 2-octet value indicating the priority value associated with the system involved in link aggregation.
lacp system-priority <0-65535>
no lacp system-priority
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 0x8000 or 32768
Example iss(config)# lacp system-priority 5
The switch with the lowest system priority value decides the standby and active links in the aggregation.
Although this is a global configuration command, the priority only takes effect on EtherChannels that have physical interfaces with LACP enabled.
Related Command
show etherchannel - Displays lacp system-priority value
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 151 DATACOM SYSTEMS CONFIDENTIAL
7.4 lacp system-identifier
This command sets the global LACP System ID. The no form of the command sets the global LACP System ID to the default value.
lacp system-identifier <aa:aa:aa:aa:aa:aa>
no lacp system-identifier
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)#lacp system-identifier 00:01:02:03:04:05
The MAC address configured must not be a Null MAC address or a Multicast MAC address.
Related Commands
show etherchannel - Displays lacp system-priority value
Error! Reference source not found. - Displays the current operating configuration in the system
VS-2024-F DATACOM SYSTEMS INC
152 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
7.5 port-channel load-balance
This command sets the load balancing policy for aggregated ports on each of the previously created port channels. The no form of the command sets the load balancing policy to the default value.
port-channel load-balance {src-mac | dest-mac | src-dest-mac| src-ip | dest-ip | src-dest-ip | vlan-id | service-instance | mac-src-vid | mac-dest-vid | mac-src-dest-vid | mpls-vc-label | mpls-tunnel-label | mpls-vc-tunnel-label} [ <port-channel-index(1-65535)>]
no port-channel load-balance [ <port-channel-index(1-65535)> ]
Syntax Description
src-mac
- Load distribution is based on the source MAC address. Packets from different hosts use different ports in the channel, but packets from the same host use the same port
dest-mac - Load distribution is based on the destination host MAC
address. Packets to the same destination are sent on the same port, but packets to different destinations are sent on different ports in the channel
src-dest-mac
- Load distribution is based on the source and destination MAC address
src-ip
- Load distribution is based on the source IP address
dest-ip
- Load distribution is based on the destination IP address
src-dest-ip
- Load distribution is based on the source and destination IP address
mac-src-vid2
- Link selection policy is based on the combination of source MAC address and VLAN identifier.
mac-dest-vid2
- Link selection policy is based on the combination of destination MAC address and VLAN identifier.
2 This option is available only when MPLS is enabled.
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 153 DATACOM SYSTEMS CONFIDENTIAL
mac-src-dest-vid2
- Link selection policy is based on the combination of source, destination MAC address and VLAN identifier.
mpls-vc-label2
- Link selection policy is based on MPLS VC label.
mpls-tunnel-label2
- Link selection policy is based on MPLS tunnel label.
mpls-vc-tunnel-label2
- Link selection policy is based on the combination of MPLS VC and tunnel label.
vlan-id - Load distribution is based on VLAN Identifier
service-instance
- Load distribution is based on service-instance. Packets with the same service-instance use the same port. Packets with different service-instance use different ports such that the load is balanced among ports. Same port can have packets with different service-instances also.
port-channel-index
- Port channel number
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults source and destination MAC address based
Example iss(config)# port-channel load-balance service-instance 20 iss(config)# port-channel load balance dest-mac 28
If the port-channel index is not mentioned in this command, the load-balancing must apply for all port-channels configured in the system.
Initially, the port channel interface must have been configured for this command.
Related Command
show etherchannel - Displays Etherchannel load balance information
VS-2024-F DATACOM SYSTEMS INC
154 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
7.6 lacp port-priority
This command sets the LACP port priority and the no form of the command sets the LACP port priority to the default value. Port priority determines whether the link is an active link or a standby link, when the number of ports in the aggregation exceeds the maximum number supported by the hardware
lacp port-priority <0-65535>
no lacp port-priority
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults port-priority
- 128
Example iss(config-if)# lacp port-priority 1
This command takes effect only on EtherChannel interfaces that are already configured for LACP.
If the number of links in an aggregation exceeds the maximum supported by the hardware, then the links with lower priority become active links.
Related Commands
lacp system-priority - Globally sets the LACP priority
show etherchannel - Displays Etherchannel detailed / port information
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 155 DATACOM SYSTEMS CONFIDENTIAL
7.7 lacp port-identifier
This command sets the LACP actor admin port to be filled in the LACP PDUs.
lacp port-identifier <1-65535>
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# lacp port-identifier 2
Related Commands
show etherchannel - Displays Etherchannel detailed / port information
show interfaces – Displays interface specific port-channel information
VS-2024-F DATACOM SYSTEMS INC
156 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
7.8 channel-group
This command configures an Etherchannel and the no form of the command removes an interface from the Etherchannel.
channel-group <channel-group-number(1-65535)> mode {auto [non-silent] | desirable [non-silent] | on | active | passive}
no channel-group
Syntax Description
mode - Mode represents any one of the following:
active - LACP negotiation is started un-conditionally
passive - LACP negotiation is started only when LACP packet is received from peer
on - Force the interface to channel without LACP. This is equivalent to manual aggregation
auto - Places a port into a passive negotiating state in which the port responds to received PAgP packets, but does not initiate PAgP packet negotiation.
desirable - Places a port into an active negotiating state in which the port initiates negotiations with other ports by sending PAgP packets.
[non-silent] - Used with the auto or desirable keyword when traffic is expected from the other device.
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# channel-group 1 mode active
If the port-channel is not present, then the port channel must be created.
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 157 DATACOM SYSTEMS CONFIDENTIAL
Related Command
show etherchannel - Displays Etherchannel detailed / port information
7.9 lacp wait-time
This command sets the LACP wait-time and the no form of the command sets the LACP wait-time to the default value.
lacp wait-time <0-10>
no lacp wait-time
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 2
Example iss(config-if)# lacp wait-time 1
Configuring the wait-time value as 0 ensures that links get aggregated immediately.
Related Command
show etherchannel - Displays Etherchannel detailed / port information
VS-2024-F DATACOM SYSTEMS INC
158 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
7.10 lacp timeout
This command sets the LACP timeout period and the no form of the command sets the LACP timeout period to the default value.
lacp timeout {long | short }
no lacp timeout
Syntax Description
long
- Long timeout value
short
- Short timeout value
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults long
Example iss(config-if)# lacp timeout short
The long timeout value means that LACP PDU will be sent every 30 seconds and LACP timeout value (no packet is received from peer ) is 90 seconds.
The short timeout value means that LACP PDU will be sent every 1 second and timeout value is 3 seconds.
Related Command
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 159 DATACOM SYSTEMS CONFIDENTIAL
show etherchannel - Displays Etherchannel detailed / port information
7.11 lacp rate
This command sets the LACP timeout period and the no form of the command sets the LACP timeout period to the default value
This command operates similar to that of the command lacp timeout.
lacp rate {normal | fast }
no lacp rate
Syntax Description
normal
- LACP control packets are ingressed at the normal rate.That is, LACP PDU will be sent every 30 seconds and the timeout value will be set as 90 seconds.
fast
- LACP control packets are ingressed at the fast rate. That is, LACP PDU will be sent every 1 second and the timeout value will be set as 3 seconds.
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults normal
Example iss(config-if)# lacp rate fast
The normal timeout value means that LACP PDU will be sent every 30 seconds and LACP timeout value (no packet is received from peer) is 90 seconds.
The fast timeout value means that LACP PDU will be sent every 1 second and timeout value is 3 seconds.
VS-2024-F DATACOM SYSTEMS INC
160 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Related Command
show etherchannel - Displays Etherchannel detailed / port information
7.12 lacp
This command sets the LACP Actor Admin key and/or LACP mode for the port.
lacp [admin-key <(Admin Key)1-65535>] [mode {active | passive}]
Syntax Description
admin-key
- LACP Actor Admin key
mode
- LACP mode
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults mode - active
Example iss(config-if)# lacp admin-key 1 mode active
This command can be configured only after configuring the default port.
Related Command
default port - Configures the default physical interface for the port channel.
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 161 DATACOM SYSTEMS CONFIDENTIAL
7.13 default port
This command configures the default physical interface for the port channel and the no form of the command removes default port for a port channel.
default port <interface-type> <interface-id>
no default port
Syntax Description
interface-type
- Interface Type
interface-id
- Interface Identifier
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# default port gigabitethernet 0/1
Related Commands
lacp - Sets the LACP Actor Admin key and/or LACP mode for the port.
VS-2024-F DATACOM SYSTEMS INC
162 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
7.14 port-channel max-ports
This command configures the maximum number of ports for a port channel.
port-channel max-ports <integer (2-8)>
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 8
Example iss(config-if)# port-channel max-ports 5
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 163 DATACOM SYSTEMS CONFIDENTIAL
7.15 shutdown port-channel
This command shuts down Link Aggregation in the switch and the no form of the command starts and enables Link Aggregation in the switch.
shutdown port-channel
no shutdown port-channel
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# shutdown port-channel
When shutdown, all resources used by the Link Aggregation Module are released to the system.
Related Commands
show etherchannel - Displays Etherchannel information
VS-2024-F DATACOM SYSTEMS INC
164 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show interfaces - Displays interface specific port-channel information
7.16 debug lacp
This command enables trace messages for link aggregation and the no form of the command disables trace messages for link aggregation.
debug lacp [ { init-shutdown | mgmt | data | events | packet | os | failall | buffer | all } ]
no debug lacp [ { init-shutdown | mgmt | data | events | packet | os | failall | buffer | all } ]
Syntax Description
init-shutdown
- Initialization and shutdown traces
mgmt - Management traces
data - Data path traces
events - Event traces
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 165 DATACOM SYSTEMS CONFIDENTIAL
packet - Packet dump traces
os - Traces related to all resources except buffers
failall - All failure traces
buffer - Buffer traces
all - All traces
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Defaults init-shutdown
Example iss# debug lacp data
7.17 debug etherchannel
This command enables trace messages for link aggregation and the no form of the command disables trace messages for link aggregation.
This command operates similar to that of the command debug lacp.
debug etherchannel {[all] [detail] [error] [event] [idb]}
no debug etherchannel {[all] [detail] [error] [event] [idb]}
Syntax Description
all
- All traces
detail
- Detailed debug traces
error
- All failure traces
VS-2024-F DATACOM SYSTEMS INC
166 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
event
- Event traces
idb
- Interface descriptor block messages
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# debug etherchannel detail
7.18 show etherchannel
This command displays Etherchannel information.
show etherchannel [[channel-group-number] { detail | load-balance | port | port-channel | summary | protocol}]
Syntax Description
channel-group-number
- Number of the channel group. Valid numbers range from maximum number of ports in the system to maximum number of aggregations supported
detail
- Detailed EtherChannel information
load-balance
- Load-balance or frame-distribution scheme among ports in the port channel
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 167 DATACOM SYSTEMS CONFIDENTIAL
port
- EtherChannel port information
port-channel
- Port-channel information
summary
- Protocol that is being used in the EtherChannel
protocol
- One-line summary per channel-group
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show etherchannel Port-channel Module Admin Status is enabled
Port-channel Module Oper Status is enabled
Port-channel System Identifier is 00:01:02:03:04:01
Channel Group Listing
---------------------
Group : 1
----------
Protocol : LACP
iss# show etherchannel 1 detail
Port-channel Module Admin Status is enabled
Port-channel Module Oper Status is enabled
Port-channel System Identifier is 00:01:02:03:04:01
LACP System Priority: 32768
Channel Group Listing
---------------------
Group: 1
----------
Protocol :LACP
Ports in the Group
VS-2024-F DATACOM SYSTEMS INC
168 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
------------------
Port : Gi0/1
-------------
Port State = Up in Bundle
Channel Group : 1
Mode : Active
Pseudo port-channel = Po1
LACP port-priority = 128
LACP Wait-time = 2 secs
LACP Activity : Active
LACP Timeout : Long
Aggregation State : Aggregation, Sync, Collecting, Distributing, Defaulted
LACP Port Admin Oper Port Port
Port State Priority Key Key Number State
------------------------------------------------
Gi0/1 Bundle 128 1 1 0x1 0xbe
Port-channel : Po1
------------------
Number of Ports = 1
HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = LACP
Aggregator-MAC 00:01:02:03:04:19
Default Port = None
iss# show etherchannel 1 port
Channel Group Listing
---------------------
Group: 1
----------
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 169 DATACOM SYSTEMS CONFIDENTIAL
Protocol :LACP
Ports in the Group
------------------
Port : Gi0/1
-------------
Port State = Up in Bundle
Channel Group : 1
Mode : Active
port-channel = Po1
Pseudo port-channel = Po1
LACP port-priority = 128
LACP Wait-time = 2 secs
LACP Port Identifier = 2
LACP Activity : Active
LACP Timeout : Long
Aggregation State : Aggregation, Sync, Collecting, Distributing,
Port : Gi0/2
-------------
Port State = Up in Bundle
Channel Group : 1
Mode : Active
port-channel = Po1
Pseudo port-channel = Po1
LACP port-priority = 128
LACP Wait-time = 2 secs
LACP Activity : Active
LACP Timeout : Long
Aggregation State : Aggregation, Sync, Collecting, Distributing,
LACP Port Admin Oper Port Port
VS-2024-F DATACOM SYSTEMS INC
170 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Port State Priority Key Key Number State
------------------------------------------------
Gi0/1 Bundle 128 1 1 0x1 0xbc
Gi0/2 Bundle 128 1 1 0x2 0xbc
iss# show etherchannel 1 port-channel
Port-channel Module Admin Status is enabled
Port-channel Module Oper Status is enabled
Port-channel System Identifier is 00:01:02:03:04:01
Channel Group Listing
---------------------
Group : 1
----------
Port-channels in the group:
---------------------------
Port-channel : Po1
-------------------
Number of Ports = 1
HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = LACP
Aggregator-MAC 00:01:02:03:04:19
Default Port = None
iss# show etherchannel summary
Port-channel Module Admin Status is enabled
Port-channel Module Oper Status is enabled
Port-channel System Identifier is 00:01:02:03:04:01
Flags:
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 171 DATACOM SYSTEMS CONFIDENTIAL
D - down P - in port-channel
I - stand-alone H - Hot-standby (LACP only)
U - in-use
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
----------------------------------------------------------
1 Po1(U) LACP Gi0/1(P),Gi0/2(D)
iss# show etherchannel 1 protocol
Channel Group Listing
---------------------
Group : 1
----------
Protocol : LACP
iss# show etherchannel load-balance
Channel Group Listing
---------------------
Group : 1
----------
Source & Destination MAC Address
If the channel group number is not specified details on all channels are displayed.
Related Commands
channel-group - Assigns an Ethernet interface to an EtherChannel group
set port-channel / channel-protocol - Enables/disables link aggregation in the switch
lacp system-priority - Sets the LACP priority for the system
port-channel load-balance - Sets the load balancing policy
lacp port-priority - Sets the LACP port priority
lacp wait-time - Sets the LACP wait-time
VS-2024-F DATACOM SYSTEMS INC
172 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
lacp timeout / lacp rate - Sets the LACP timeout period
show interfaces - Displays interface specific port-channel information
7.19 show etherchannel - Redundancy
This command displays Etherchannel information.
show etherchannel [[channel-group-number] { detail | load-balance | port | port-channel | summary | protocol | redundancy}]
Syntax Description
channel-group-number
- Number of the channel group. Valid numbers range from maximum number of ports in the system to maximum number of aggregations supported
detail
- Detailed EtherChannel information
load-balance
- Load-balance or frame-distribution scheme among ports in the port channel
port
- EtherChannel port information
port-channel
- Port-channel information
summary
- Protocol that is being used in the EtherChannel
protocol
- One-line summary per channel-group
redundancy3 - Synced messages
Mode Privileged EXEC Mode
Package Metro
Example iss# show etherchannel redundancy Actor Information for Port : Gi0/1
3 This feature is not supported.
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 173 DATACOM SYSTEMS CONFIDENTIAL
----------------------------------
Channel Group : 1
Pseudo port-channel = Po1
CurrentWhile Split Interval Tmr Count = 1
Synced Partner Information for Port : Gi0/1
-----------------------------------
Partner System ID : 00:11:22:33:44:55
Flags : A
LACP Partner Port Priority : 128
LACP Partner Oper Key : 1
Port State Flags Decode
------------------------
Activity : Active
LACP Timeout : Long
Aggregation State : Aggregation, Sync, Collecting, Distributing,
Actor Information for Port : Gi0/2
-------------
Channel Group : 1
Pseudo port-channel = Po1
CurrentWhile Split Interval Tmr Count = 1
Synced Partner Information for Port : Gi0/2
-------------
Partner System ID : 00:11:22:33:44:55
Flags : A
LACP Partner Port Priority : 128
LACP Partner Oper Key : 1
Port State Flags Decode
------------------------
Activity : Active
LACP Timeout : Long
VS-2024-F DATACOM SYSTEMS INC
174 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Aggregation State : Aggregation, Sync, Collecting, Distributing,
----------------------------------------------------------------
If the channel group number is not specified details on all channels are displayed.
Related Commands channel-group - Assigns an Ethernet interface to an EtherChannel group
set port-channel / channel-protocol - Enables/disables link aggregation in the switch
lacp system-priority - Sets the LACP priority for the system
port-channel load-balance - Sets the load balancing policy
lacp port-priority - Sets the LACP port priority
lacp wait-time - Sets the LACP wait-time
lacp timeout / lacp rate - Sets the LACP timeout period
show interfaces - Displays interface specific port-channel information
7.20 show interfaces
This command displays interface specific port-channel information.
show interfaces [<interface-type> <interface-id> ] etherchannel
Syntax Description
etherchannel
- Interface EtherChannel information
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show interfaces gigabitethernet 0/1 etherchannel Port : Gi0/1
-------------
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 175 DATACOM SYSTEMS CONFIDENTIAL
Port State = Up in Bundle
Channel Group : 2
Mode : Active
Pseudo port-channel = Po2
LACP port-priority = 128
LACP Port Identifier = 2
LACP Wait-time = 2 secs
LACP Activity : Passive
LACP Timeout : Long
Aggregation State : Aggregation, Sync, Collecting, Distributing,
LACP Port Admin Oper Port Port
Port State Priority Key Key Number State
-------------------------------------------------------------
Gi0/1 Bundle 128 2 2 0x1 0x3c
iss# show interfaces etherchannel
Port : Gi0/1
-------------
Port State = Up in Bundle
Channel Group : 2
Mode : Active
Pseudo port-channel = Po2
LACP port-priority = 128
LACP Wait-time = 2 secs
LACP Activity : Passive
LACP Timeout : Long
Aggregation State : Aggregation, Sync, Collecting, Distributing,
Port : Gi0/2
VS-2024-F DATACOM SYSTEMS INC
176 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
-------------
Port State = Up in Bundle
Channel Group : 2
Mode : Active
Pseudo port-channel = Po2
LACP port-priority = 128
LACP Wait-time = 2 secs
LACP Activity : Passive
LACP Timeout : Long
Aggregation State : Aggregation, Sync, Collecting, Distributing,
LACP Port Admin Oper Port Port
Port State Priority Key Key Number State
-------------------------------------------------------------
Gi0/1 Bundle 128 2 2 0x1 0x3c
Gi0/2 Bundle 128 2 2 0x2 0x3c
Port-channel : Po2
-------------------
Number of Ports = 2
HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = LACP
Aggregator-MAC 00:01:02:03:04:23
Default Port = None
Expressions are case sensitive.
The port-channel range is 1 to 64.
Related Commands set port-channel - Enables/disables link aggregation in the switch
channel-group - Assigns an Ethernet interface to an EtherChannel group
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 177 DATACOM SYSTEMS CONFIDENTIAL
port-channel load-balance - Sets the load balancing policy
lacp port-priority - Sets the LACP port priority
lacp wait-time - Sets the LACP wait-time
lacp timeout - Sets the LACP timeout period
show etherchannel - Displays Etherchannel information
7.21 show lacp
This command displays port-channel traffic/neighbor information.
show lacp [<port-channel(1-65535)>] { counters | neighbor [detail] }
Syntax Description
port-channel
- Number of the channel group
counters
- Traffic information
neighbor
- Neighbor information
detail - Neighbor detail information
Mode Privileged EXEC Mode
Example iss# show lacp 1 counters LACPDUs Marker Marker Response LACPDUs
Port Sent Recv Sent Recv Sent Recv Pkts Err
------------------------------------------
Channel group: 1
------------------
Gi0/1 394 352 0 0 0 0 0 0
Gi0/2 318 297 0 0 0 0 0 0
iss# show lacp neighbor detail
VS-2024-F DATACOM SYSTEMS INC
178 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Flags:
A - Device is in Active mode
P - Device is in Passive mode
Channel group 1 neighbors
Port Gi0/1
----------
Partner System ID : 00:01:02:03:04:21
Flags : P
LACP Partner Port Priority : 128
LACP Partner Oper Key : 2
LACP Partner Port State : 0x3c
Port State Flags Decode
------------------------
Activity : Passive
LACP Timeout : Long
Aggregation State : Aggregation, Sync, Collecting, Distributing
Port Gi0/2
----------
Partner System ID : 00:01:02:03:04:21
Flags : P
LACP Partner Port Priority : 128
LACP Partner Oper Key : 2
LACP Partner Port State : 0x3c
Port State Flags Decode
------------------------
Activity : Passive
LACP Timeout : Long
Aggregation State : Aggregation, Sync, Collecting, Distributing
DATACOM SYSTEMS INC CHAPTER 7: LA
CLI USER MANUAL 179 DATACOM SYSTEMS CONFIDENTIAL
Expressions are case sensitive
Related Commands lacp wait-time - Sets the LACP wait-time
lacp timeout - Sets the LACP timeout period
channel-group - Assigns an Ethernet interface to an EtherChannel group
show interfaces - Displays interface specific port-channel information
show etherchannel - Displays Etherchannel detailed information
VS-2024-F DATACOM SYSTEMS INC
180 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Chapter
8 8.Syslog
Syslog is a protocol used for capturing log information for devices on a network. The syslog protocol provides a transport to allow a machine to send event notification messages across IP networks to event message collectors, also known as syslog servers. The protocol is simply designed to transport the event messages.
One of the fundamental tenets of the syslog protocol and process is its simplicity. The transmission of syslog messages may be started on a device without a receiver being configured, or even actually physically present. This simplicity has greatly aided the acceptance and deployment of syslog.
The list of CLI commands for the configuration of Syslog is as follows:
logging
logging synchronous
mailserver
sender mail-id
receiver mail-id
cmdbuffs
service timestamps
clear logs
syslog mail
syslog local storage
syslog filename-one
syslog filename-two
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 181 DATACOM SYSTEMS CONFIDENTIAL
syslog filename-three
syslog relay - port
syslog profile
logging-file
logging server
mail server
syslog relay
syslog relay transport type
show logging
show email alerts
show syslog role
show syslog mail
show syslog local storage
show logging file
show logging server
show mail server
show syslog relay - port
show syslog profile
show syslog relay transport type
show syslog file-name
show syslog information
VS-2024-F DATACOM SYSTEMS INC
182 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.1 logging
This command enables Syslog server and configures the Syslog Server IP address, the log-level and other Syslog related parameters. The no form of the command disables Syslog server and resets the configured Syslog server IP address, the log-level and other Syslog related parameters.
logging { <ip-address> | buffered [<size (1-200)>] | console | facility {local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7|}| severity [{ <level (0-7)> | alerts | critical | debugging | emergencies | errors | informational | notification | warnings }] | on }
no logging { <ip-address> | buffered | console | facility | severity | on }
Syntax Description
ip-address - Host IP address used as a Syslog server.
buffered - Limits Syslog messages displayed from an internal buffer. This size ranges between 1 and 200 entries.
The size feature is optional only in the code using the industrial standard command, otherwise this feature is mandatory.
console - Limits messages logged to the console.
facility - The facility that is indicated in the message. Can be one of the following values: local0, local1, local2, local3, local4, local5, local 6, local7.
severity - Message severity level. Messages with severity level equal to or high than the specified value are printed asynchronously. This can be configured using numerical value or using the available option. The options are:
0 | emergencies - System is unusable.
1 | alerts - Immediate action needed.
2 | critical - Critical conditions.
3 | errors - Error conditions.
4 | warnings - Warning conditions.
5 | notification - Normal but significant conditions.
6 | informational - Informational messages.
7 | debugging – Debugging messages.
alerts - Immediate action needed
critical - Critical conditions
debugging - Debugging messages
emergencies - System is unusable
errors - Error conditions
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 183 DATACOM SYSTEMS CONFIDENTIAL
informational - Information messages
notification - Normal but significant messages
warnings - Warning conditions
on - Syslog enabled
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults console - enabled
severity - informational, when no option is selected while configuration.
debugging, at system start-up.
buffered - 50
facility - local0
Example iss(config)# logging 12.0.0.2
The log file is stored in ASCII text format. The Privileged EXEC command is used to display its contents
The logging process controls the distribution of logging messages to the various destinations, such as the logging buffer, logging file, or Syslog server
The existing syslog buffers will not be cleared and none of the configured options will be changed, when the Syslog feature is disabled
Related Command
show logging - Displays Logging status and configuration information
VS-2024-F DATACOM SYSTEMS INC
184 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.2 logging synchronous
This command enables synchronous logging of messages.
This command operates similar to that of the command logging.
logging synchronous {severity [{<short (0-7)> | alerts | critical | debugging | emergencies | errors | informational | notification | warnings|all}] | limit <number-of-buffers(size(1-200))}
Syntax Description
severity - Message severity level. Messages with severity level equal to or high than the specified value are printed asynchronously. This can be configured using numerical value or using the available option. The options are:
0 | emergencies - System is unusable.
1 | alerts - Immediate action needed.
2 | critical - Critical conditions.
3 | errors - Error conditions.
4 | warnings - Warning conditions.
5 | notification - Normal but significant conditions.
6 | informational - Informational messages.
7 | debugging – Debugging messages.
all - All messages are printed asynchronously regardless of the severity level.
limit - Number of buffers to be queued for the terminal after which new messages are dropped. This value ranges between 1 and 200 entries.
Mode Line Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults severity - informational, when no option is selected while configuration.
debugging, at system start-up.
limit - 50
Example iss(config-line)# logging synchronous severity 4
The log file is stored in ASCII text format. The Privileged EXEC command is used to
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 185 DATACOM SYSTEMS CONFIDENTIAL
display its contents.
The logging process controls the distribution of logging messages to the various destinations, such as the logging buffer, logging file, or Syslog server.
The existing syslog buffers will not be cleared and none of the configured options will be changed, when the Syslog feature is disabled.
Related Command
show logging - Displays Logging status and configuration information
VS-2024-F DATACOM SYSTEMS INC
186 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.3 mailserver
This command sets the mail server IP address to be used for sending email alert messages and the no form of the command re-sets the mail server IP address used for sending email alert messages.
mailserver <ip-address>
no mailserver
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# mailserver 23.78.67.89
Initially, the mailserver has to be configured, for the show email alerts command.
Related Commands logging - Enables Syslog Server and configures the Syslog Server IP address, the log-level and
other Syslog related parameter
show email alerts - Displays email alerts related configuration
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 187 DATACOM SYSTEMS CONFIDENTIAL
8.4 sender mail-id
This command sets the sender mail id and the no form of the command deletes the configured sender mail id.
sender mail-id <mail-id (100)>
no sender mail-id
Mode Global Configuration Mode
Package
Defaults
Workgroup, Enterprise and Metro
syslog@Datacom Systems.com
Example iss(config)# sender mail-id [email protected]
Primarily, the mailserver must have been configured for this command
The sender and receiver email-ids are mandatory for email alert messages to besent.
Related Commands
mailserver - Sets the mail server IP address to be used for sending email alert messages
logging - Enables Syslog Server and configures the Syslog Server IP address, the log-level andother Syslog related parameter
show logging - Displays Logging status and configuration information
show email alerts - Displays email alerts related configuration
receiver mail-id - Sets the receiver mail id
VS-2024-F DATACOM SYSTEMS INC
188 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.5 receiver mail-id
This command sets the receiver mail id and the no form of the command deletes the configured receiver mail id.
receiver mail-id <mail-id (100)>
no receiver mail-id
Mode Global Configuration Mode
Package
Defaults
Workgroup, Enterprise and Metro
Example iss(config)#receiver mail-id plabinik@IDatacom Systems.com
Primarily, the mailserver must have been configured for this command
The sender and receiver email-ids are mandatory for email alert messages to besent
Related Commands
mailserver - Sets the mail server IP address to be used for sending email alert messages
logging - Enables Syslog Server and configures the Syslog Server IP address, the log-level andother Syslog related parameter
show logging - Displays Logging status and configuration information
show email alerts - Displays email alerts related configuration
sender mail-id - Sets the sender mail id
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 189 DATACOM SYSTEMS CONFIDENTIAL
8.6 cmdbuffs
This command configures the number of syslog buffers for a particular user.
cmdbuffs <user name> <no.of buffers (1-200)>
Syntax Description
user name - User Name
no.of buffers
- Number of log buffers to be allocated in the system
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 50
Example iss(config)#cmdbuffs Datacom Systems Inc. 50
CLI related events like commands given by the user, login/logout etc can be logged on to the Syslog Server.
Related Commands
logging - Enables Syslog Server and configures the Syslog Server IP address, the log-level andother Syslog related parameter
show logging - Displays Logging status and configuration information
VS-2024-F DATACOM SYSTEMS INC
190 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.7 service timestamps
This command enables timestamp option for logged messages and the no form of the command disables timestamp option for logged messages.
service timestamps
no service timestamps
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Enabled
Example iss(config)#service timestamps
When enabled, the messages (log and email alert messages) will hold the time stamp information
When disabled, the time stamp information will not be carried with the messages sent to the log and mail servers
Related Commands logging - Enables Syslog Server and configures the Syslog Server IP address, the log-level and
other Syslog related parameter
show logging - Displays Logging status and configuration information
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 191 DATACOM SYSTEMS CONFIDENTIAL
8.8 clear logs
This command clears the system syslog buffers.
clear logs
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# clear logs
Related Commands
cmdbuffs - Configures the number of Syslog buffers for a particular user
logging - Enables Syslog Server and configures the Syslog Server IP address, the log-level and other Syslog related parameter
show logging - Displays Logging status and configuration information
VS-2024-F DATACOM SYSTEMS INC
192 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.9 syslog mail
This command enables the mail option in syslog. The no form of command disables the mail option in syslog.
syslog mail
no syslog mail
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# syslog mail
Related Commands show syslog mail - Displays the mail option in syslog
mail server table - Adds an entry to mail-server table
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 193 DATACOM SYSTEMS CONFIDENTIAL
8.10 syslog local storage
This command enables the syslog local storage. The no form of command disables the syslog local storage.
syslog localstorage
no syslog localstorage
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss (config)# syslog localstorage
Related Commands
show syslog local storage - Displays the syslog local storage.
syslog filename-one - Configures the file name to store the syslog messages.
syslog filename-two - Configures the file name to store the syslog messages.
syslog filename-three - Configures the file name to store the syslog messages
logging-file - Adds an entry in to file table
VS-2024-F DATACOM SYSTEMS INC
194 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.11 syslog filename-one
This command configures the file name to store the syslog messages. The maximum size of the file name is 32.
syslog filename-one <string(32)>
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss (config)# syslog filename-one iss1
Syslog local storage must be enabled.
Related Commands syslog local storage - Enables the syslog local storage
show syslog file-name - Displays the Syslog local storage file name
logging-file - Adds an entry in to file table
show syslog local storage - Displays the syslog local storage.
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 195 DATACOM SYSTEMS CONFIDENTIAL
8.12 syslog filename-two
This command configures the file name to store the syslog messages. The maximum size of the file name is 32.
syslog filename-two <string(32)>
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# syslog filename-two iss2
Syslog local storage must be enabled.
Related Commands syslog local storage - Enables the syslog local storage
show syslog file-name - Displays the Syslog local storage file name
logging-file - Adds an entry in to file table
show syslog local storage - Displays the syslog local storage.
VS-2024-F DATACOM SYSTEMS INC
196 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.13 syslog filename-three
This command configures the file name to store the syslog messages. The maximum size of the file name is 32.
syslog filename-three <string(32)>
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# syslog filename-three iss3
Syslog local storage must be enabled.
Related Commands syslog local storage - Enables the syslog local storage
show syslog file-name - Displays the Syslog local storage file name
logging-file - Adds an entry in to file table
show syslog local storage - Displays the syslog local storage.
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 197 DATACOM SYSTEMS CONFIDENTIAL
8.14 syslog relay - port
This command sets the syslog port through which it receives the syslog messages. The no form of command sets the syslog port to default port 514.
syslog relay-port <integer(0-65535)>
no syslog relay-port
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# syslog relay-port 500
Syslog relay must be enabled
Related Commands syslog relay - Changes the syslog role from device to relay
syslog relay transport type - Sets the Syslog relay transport type either as udp or tcp
show syslog relay - port - Displays the Syslog relay port
VS-2024-F DATACOM SYSTEMS INC
198 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.15 syslog profile
This command sets the profile for reliable syslog. The no form of command sets the profile to default (raw ) for Reliable Syslog.
syslog profile {raw | cooked4}
no syslog profile
Syntax Description
raw - Profile with minimum parameters in the BEEP
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# syslog profile raw
Related Commands
show syslog profile - Displays the Syslog profile.
4 This feature is not supported. It may be implemented in the future.
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 199 DATACOM SYSTEMS CONFIDENTIAL
8.16 logging-file
This command adds an entry in to file table. The no form of command deletes an entry from the file table.
logging-file <short(0-191)> <string(32)>
no logging-file <short(0-191)> <string(32)>
Syntax Description
short - Priority of syslog messages. 0-lowest priority, 191-highest priority
string - File-name
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss (config)# logging-file 134 iss1
Syslog local storage must be enabled
Related Commands
VS-2024-F DATACOM SYSTEMS INC
200 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show logging file - Displays the Syslog file table
syslog local storage - Enables the syslog local storage
8.17 logging server
This command adds an entry in to logging-server table. The no form of command deletes an entry from forward table.
logging-server <short(0-191)> {ipv4 <ucast_addr> | ipv6 <ip6_addr>} [ port <integer(0-65535)>] [{udp | tcp | beep}]
no logging-server <short(0-191)> {ipv4 <ucast_addr> |ipv6 <ip6_addr>}
Syntax Description
short - Priority of syslog messages. 0-lowest priority, 191-highest priority
ipv4,ipv6 - Version 4 and Version 6 IP address
port - Port number
udp, tcp,beep
Sets the transport type as either udp, tcp, beep
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 201 DATACOM SYSTEMS CONFIDENTIAL
Example iss (config)# logging-server 134 ipv4 12.0.0.3
Related Commands
show logging server - Displays the Syslog logging server table
8.18 mail server table
This command adds an entry to mail-server table. The no form of command deletes an entry from mail table.
mail-server <short(0-191)> {ipv4 <ucast_addr> |ipv6 <ip6_addr>} <string(50)>
no mail-server <short(0-191)> {ipv4 <ucast_addr> |ipv6 <ip6_addr>}
Syntax Description
short - Priority of syslog messages. 0-lowest priority, 191-highest priority
ipv4, ipv6
- Version 4 and Version 6 IP address
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
202 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Example iss (config)# mail-server 134 ipv4 12.0.0.100 root@localhost
Related Commands
show mail server - Displays the Syslog mail server table
syslog mail - Enables the mail option in syslog
8.19 syslog relay
This command changes the syslog role from device to relay. The no form of command changes the syslog role from relay to device.
syslog relay
no syslog relay
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# syslog relay
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 203 DATACOM SYSTEMS CONFIDENTIAL
Related Commands
show syslog role - Displays the syslog role.
syslog relay transport type - Sets the Syslog relay transport type either as udp or tcp
syslog relay - port - Sets the syslog port through which it receives the syslog messages
8.20 syslog relay transport type
This command sets the Syslog relay transport type either as udp or tcp.
syslog relay transport type {udp | tcp}
Syntax Description
udp - Sets the relay transport type as udp
tcp - Sets the relay transport type as tcp
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# syslog relay transport type udp
VS-2024-F DATACOM SYSTEMS INC
204 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Syslog relay must be enabled
Related Commands
syslog relay - Changes the syslog role from device to relay
show syslog role - Displays the syslog role.
show syslog relay transport type - Displays the Syslog relay transport type
show syslog relay - port - Displays the Syslog relay port.
8.21 show logging
This command displays logging status and configuration information.
show logging
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 205 DATACOM SYSTEMS CONFIDENTIAL
Example iss# show logging System Log Information
----------------------
Syslog logging : enabled(Number of messages 0)
Console logging : enabled(Number of messages 0)
TimeStamp option : enabled
Severity logging : Debugging
Log server IP : 10.0.0.1
Facility : Default (local0)
Buffered size : 100
LogBuffer(0 Entries, 0 bytes)
Related Commands
logging - Enables Syslog Server and configures the Syslog Server IP address, the log-level and other Syslog related parameter
service timestamps - Enables timestamp option for logged messages
8.22 show email alerts
This command displays configurations related to email alerts.
VS-2024-F DATACOM SYSTEMS INC
206 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show email alerts
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show email alerts
Sender email-id : [email protected]
Receiver email-id : [email protected]
Mail server IP : 12.0.0.3
Related Commands
mailserver - Sets the mail server IP address to be used for sending email alert messages
receiver mail-id - Sets the receiver mail id
sender mail-id - Sets the sender mail id
8.23 show syslog role
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 207 DATACOM SYSTEMS CONFIDENTIAL
This command displays the syslog role.
show syslog role
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show syslog role Syslog Role : Relay
Related Commands syslog relay - Changes the syslog role from device to relay
VS-2024-F DATACOM SYSTEMS INC
208 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.24 show syslog mail
This command displays the mail option in syslog.
show syslog mail
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show syslog mail Syslog Mail Option : Enabled
Related Commands
syslog mail – Enables the mail option in syslog
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 209 DATACOM SYSTEMS CONFIDENTIAL
8.25 show syslog local storage
This command displays the syslog local storage.
show syslog localstorage
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show syslog localstorage Syslog Localstorage : Enabled
Related Commands syslog local storage - Enables the syslog local storage
VS-2024-F DATACOM SYSTEMS INC
210 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.26 show logging file
This command displays the Syslog file table.
show logging-file
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show logging-file Syslog File Table Information
----------------------------
Priority File-Name
-------- ----------
134 iss1
134 iss2
134 iss3
Related Commands syslog filename-one/syslog filename-two/syslog filename-three - Gets the users
desired file name to store syslog message
logging-file - Adds an entry in to file table
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 211 DATACOM SYSTEMS CONFIDENTIAL
8.27 show logging server
This command displays the Syslog logging server table.
show logging-server
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show logging-server Syslog Forward Table Information
--------------------------------
Priority Address-Type IpAddress Port Trans-Type
-------- ------------ --------- ---- ----------
129 ipv4 12.0.0.2 514 udp
134 ipv4 12.0.0.1 514 udp
Related Commands logging server - Adds an entry in to logging-server table
VS-2024-F DATACOM SYSTEMS INC
212 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.28 show mail server
This command displays the Syslog mail server table.
show mail-server
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show mail-server Syslog Mail Table Information
----------------------------
Priority Address-Type IpAddress Receiver Mail-Id
-------- ------------ --------- ----------------
134 ipv4 12.0.0.100 root@localhost
Related Commands
mail server - Adds an entry to mail-server table
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 213 DATACOM SYSTEMS CONFIDENTIAL
8.29 show syslog relay - port
This command displays the Syslog relay port.
show syslog relay-port
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show syslog relay-port Syslog Port : 251
Related Commands
syslog relay - port - Sets the syslog port through which it receives the syslog messages
syslog relay - Changes the syslog role from device to relay
VS-2024-F DATACOM SYSTEMS INC
214 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.30 show syslog profile
This command displays the Syslog profile.
show syslog profile
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show syslog profile Syslog Profile : raw
Related Commands
syslog profile - Sets the profile for reliable syslog
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 215 DATACOM SYSTEMS CONFIDENTIAL
8.31 show syslog relay transport type
This command displays the Syslog relay transport type.
show syslog relay transport type
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show syslog relay transport type Syslog Relay Transport type udp
Related Commands syslog relay transport type - Sets the Syslog relay transport type either as udp or tcp
syslog relay - port - Sets the syslog port through which it receives the syslog messages
syslog relay - Changes the syslog role from device to relay
VS-2024-F DATACOM SYSTEMS INC
216 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
8.32 show syslog file-name
This command displays the Syslog local storage file name.
show syslog file-name
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
DATACOM SYSTEMS INC CHAPTER 8: SYSLOG
CLI USER MANUAL 217 DATACOM SYSTEMS CONFIDENTIAL
Example iss# show syslog file-name Syslog File Name
----------------------
Syslog File-One :iss1
Syslog File-Two :iss2
Syslog File-Three :iss3
Related Commands
syslog local storage - Enables the syslog local storage
show syslog local storage - Displays the syslog local storage.
syslog filename-one - Configures the file name to store the syslog messages.
syslog filename-two - Configures the file name to store the syslog messages.
syslog filename-three - Configures the file name to store the syslog messages
8.33 show syslog information
This command displays the Syslog information.
show syslog information
VS-2024-F DATACOM SYSTEMS INC
218 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show syslog information System Log Information
----------------------
Syslog Localstorage : Enabled
Syslog Mail Option : Enabled
Syslog Port : 251
Syslog Role : Relay
Related Commands syslog local storage - Enables the syslog local storage
syslog mail – Enables the mail option in syslog
syslog relay - Changes the syslog role from device to relay
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 219 DATACOM SYSTEMS CONFIDENTIAL
Chapter
9 9.VLAN
VLANs (Virtual LANs) can be viewed as a group of devices on different physical LAN segments which can communicate with each other as if they were all on the same physical LAN segment, that is, a network of computers that behave as if they are connected to the same wire even though they may actually be physically located on different segments of a LAN. VLANs are configured through software rather than hardware, which makes them extremely flexible.
VLAN provides the following benefits for switched LANs:
Improved administration efficiency
Optimized Broadcast/Multicast Activity
Enhanced network security
The list of CLI commands for the configuration of VLAN are common to both Single Instance and Multiple Instance except for a difference in the prompt that appears for the Switch with Multiple Instance support.
The prompt for the Global Configuration Mode is,
iss(config)# set vlan enable
The prompt for the VLAN Configuration Mode is,
iss(config-vlan)# ports gigabitethernet 0/1 untagged gigabitethernet 0/1 forbidden gigabitethernet 0/2 name vl1
The parameters specific to Multiple Instance are stated so, against the respective parameter descriptions in this document.
The output of the Show commands differ for Single Instance and Multiple Instance. Hence both the output are documented while depicting the show command examples.
VS-2024-F DATACOM SYSTEMS INC
220 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
The list of commands for the configuration of VLAN is as follows::
set vlan
vlan
interface range
base bridge-mode
mac-vlan
subnet-vlan
protocol-vlan
map protocol
set gvrp
set port gvrp/set port gvrp - enable | disable
set gmrp
set port gmrp
vlan learning mode
fid - vlan range
set vlan traffic-classes
mac-map
map subnet
switchport filtering-utility-criteria
mac-address-table static unicast
mac-address-table static unicast – Transparent Bridging Mode
mac-address-table static multicast/mac address-table static mcast
mac-address-table static multicast – Transparent Bridging mode
mac-address-table aging-time
bridge-mode- Metro
l2protocol-tunnel cos
clear l2protocol-tunnel counters
clear vlan statistics
vlan default hybrid type
wildcard
set unicast-mac learning
vlan unicast-mac learning limit
unicast-mac learning limit
ports
vlan active
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 221 DATACOM SYSTEMS CONFIDENTIAL
forward-all
forward-unregistered
switchport pvid/switchport access vlan
switchport acceptable-frame-type
switchport ingress-filter
port mac-vlan
port subnet – vlan
port protocol-vlan
switchport map protocols-group
switchport priority default
switchport mode
switchport mode dot1q-tunnel
set garp timer
vlan restricted
group restricted
vlan max-traffic-class
vlan map-priority
shutdown garp
shutdown vlan
debug vlan
show vlan
show vlan device info
show vlan device capabilities
show fid - detail
show forward-all
show forward-unregistered
show vlan traffic-classes
show garp timer
show vlan port config
show vlan protocols-group
show protocol-vlan
show mac-vlan
show subnet vlan mapping
show vlan statistics
show mac-address-table
show dot1d mac-address-table
VS-2024-F DATACOM SYSTEMS INC
222 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show dot1d mac-address-table static unicast
show dot1d mac-address-table static multicast
show mac-address-table count
show mac-address-table static unicast
show mac-address-table static multicast
show mac-address-table dynamic unicast
show mac-address-table dynamic multicast
show mac-address-table aging-time
show wildcard
The following commands can be executed only in a Linux environment and cannot be executed on the target.
shutdown vlan
set vlan
show vlan counters
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 223 DATACOM SYSTEMS CONFIDENTIAL
9.1 set vlan
This command enables/disables VLAN in the switch. The value enable indicates that VLAN will be enabled in the device on all ports. The value disable indicates that VLAN will be disabled in the device on all ports.
set vlan { enable | disable }
Syntax Description
enable
- Enables VLAN in the switch
disable
- Disables VLAN in the switch
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults enable
Example iss(config)# set vlan enable
The configuration can be set to disabled if and only if, GVRP and GMRP are disabled.
Related Commands
show vlan - Displays VLAN information in the database
show vlan device info - Displays the VLAN global status variables
VS-2024-F DATACOM SYSTEMS INC
224 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.2 vlan
This command configures a VLAN in the switch and is also used to enter into the config-VLAN mode. The no form of the command deletes a VLAN from the switch.
vlan <vlan-id(1-4094)>
no vlan <vlan-id(1-4094)>
Mode Global Configuration Mode
In Metro package, this command will be executed only in Switch configuration mode.
Package Workgroup, Enterprise and Metro
Defaults vlan-id
- 1
Example iss(config)# vlan 4
Leading zeros must not be entered for VLAN ID.
The VLAN 1 interface cannot be deleted.
This command is used in PBB bridge mode to create customer, service and backbone VLANs.
Related Command
show vlan - Displays VLAN information in the database
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 225 DATACOM SYSTEMS CONFIDENTIAL
9.3 set mac-learning
This command configures the global mac learning status.
set mac-learning { enable | disable }
Syntax Description
enable
- Enables the global mac learning status
disable
- Disables the global mac learning status
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults enable
Example iss(config)# set mac-learning enable
VS-2024-F DATACOM SYSTEMS INC
226 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.4 set unicast-mac-learning
This command configures unicast-mac learning for the vlan
set unicast-mac learning { enable | disable | default}
Syntax Description
enable
- Enables the unicast-mac learning for the vlan
disable
- Disables the unicast-mac learning for the vlan
default - Sets the unicast-mac learning for the vlan as default
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Default Enable
Example iss(config)# set unicast mac-learning enable
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 227 DATACOM SYSTEMS CONFIDENTIAL
9.5 interface range
This command selects the range of physical interfaces and VLAN interfaces to be configured and the no form of the command selects the range of VLAN interfaces to be removed.
interface range ( { <interface-type> <slot/port-port>} {vlan <vlan-id(1-4094)> - <vlan-id(2-4094)>})
no interface range vlan <vlan-id(1-4094)> - <vlan-id(2-4094)>
Syntax Description
interface-type
- Interface type.
slot/port-port
- Member Ports ID.
vlan - VLAN identifier.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# interface range gigabitethernet 0/1-23 vlan 1 - 2 iss(config-if-range)# iss(config)# interface range vlan 1 gigabitethernet 0/1 iss(config-if-range)# iss(config)# interface range vlan 1 - 4 gigabitethernet 0/1-3 iss(config-if-range)# iss(config)# interface range vlan 1 - 4 gigabitethernet 0/1 iss(config-if-range)# iss(config)# interface range gigabitethernet 0/1-23 vlan 1 - 128 iss(config-if-range)#
For specifying the interface VLAN range, space should be provided before and after the dash. That is, the command interface range vlan 1 – 4 is valid, whereas the command interface range vlan 1– 4 is not valid.
For port channel range, the specified range must be configured using the interface command.
Related Commands
Error! Reference source not found. – Enters into the interface mode
VS-2024-F DATACOM SYSTEMS INC
228 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Error! Reference source not found. description - Displays the interface status and configuration
9.6 base bridge-mode This command specifies whether the bridge mode is Transparent or VLAN aware bridge.
base bridge-mode { dot1d-bridge | dot1q-vlan }
Syntax Description
dot1d-bridge
- Specifies that the bridge mode is transparent
dot1q-vlan
- Specifies that the bridge mode is VLAN aware bridge
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults dot1q-vlan
Example iss(config)# base bridge-mode dot1d-bridge
To configure as dot1d-bridge:
PNAC/ LA/ GARP/Snooping/LLDP needs to be shutdown.
Spanning Tree mode should be RSTP
All non-physical interfaces (ivr, loopback and so on) should be deleted
Related Commands
show vlan device info: Displays the VLAN related global status variables.
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 229 DATACOM SYSTEMS CONFIDENTIAL
9.7 mac-vlan
This command enables MAC-based VLAN for all the available interfaces of the VLAN. The no form of the command disables MAC-based VLAN on the device.
mac-vlan
no mac-vlan
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Disabled
Example iss(config)# mac-vlan
Related Commands
show vlan device info - Displays the VLAN global status variables
show mac-vlan - Displays the entries in the MAC-VLAN database
VS-2024-F DATACOM SYSTEMS INC
230 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.8 subnet-vlan This command enables the Subnet-VLAN based classification on all ports. The no form of the command disables Subnet-VLAN based classification on all the ports.
subnet-vlan
no subnet-vlan
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults disabled
Example iss(config)# subnet-vlan
Related Commands
show vlan device info - Displays the VLAN related global status variables
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 231 DATACOM SYSTEMS CONFIDENTIAL
9.9 protocol-vlan
This command enables Protocol-VLAN based classification on all the ports. The no form of the command disables Protocol-VLAN based classification on all ports.
protocol-vlan
no protocol-vlan
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Enabled
Example iss(config)# protocol-vlan
Related Commands
show vlan device info - Displays the VLAN related global status variables
show protocol-vlan - Displays the entries in the protocol-VLAN database
VS-2024-F DATACOM SYSTEMS INC
232 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.10 map protocol
This command configures the group ID for a specific encapsulation and protocol value combination. This command adds a protocol to a protocol group for protocol based VLAN learning. The no form of the command removes the protocol from the entire group.
map protocol {ip | novell | netbios | appletalk | other <aa:aa or aa:aa:aa:aa:aa>} {enet-v2 | snap | llcOther | snap8021H | snapOther} protocols-group <Group id integer(0-2147483647)>
no map protocol {ip | novell | netbios | appletalk | other <aa:aa or aa:aa:aa:aa:aa>} {enet-v2 | snap | llcOther | snap8021H | snapOther}
Syntax Description
ip | novell | netbios | appletalk |
- Protocol types
other
- MAC address of any other protocol type not included in the list
enet-v2 | snap | llcOther | snap8021H | snapOther
- Encapsulation Frame Types
protocols-group
- Group ID.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# map protocol ip enet-v2 protocols-group 1
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 233 DATACOM SYSTEMS CONFIDENTIAL
Related Command
show vlan protocols-group - Displays the protocol group database
9.11 set gvrp
This command enables or disables GVRP on a global basis.
set gvrp { enable | disable }
Syntax Description
enable
- Enables GVRP in the switch
disable
- Disables GVRP in the switch
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults enable
Example iss(config)# set gvrp disable
GVRP needs to be explicitly enabled even after GARP is enabled.
Related Commands
show vlan - Displays VLAN information in the database
show vlan device info - Displays the VLAN related global status variables
VS-2024-F DATACOM SYSTEMS INC
234 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.12 set port gvrp
This command enables or disables GVRP on the interface.
set port gvrp <interface-type> <interface-id> { enable | disable }
Syntax Description
interface-type
- Interface type
interface-id
- Interface Id
enable
- Enables GVRP on the interface
disable
- Disables GVRP on the interface
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults enable
Example iss(config)# set port gvrp gigabitethernet 0/1 disable
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 235 DATACOM SYSTEMS CONFIDENTIAL
The value enable indicates that GVRP is enabled on the current port, as long as global GVRP status is also enabled for the device
If port GVRP state is disabled, but global GVRP status is still enabled, then GVRP is disabled on current port. Any GVRP packet received will be discarded and no GVRP registrations will be propagated from other ports
Related Command
show vlan port config - Displays the vlan related parameters specific for ports
9.13 set port gvrp - enable | disable
This command enables or disables GVRP (GARP VLAN Registration Protocol) on the interface.
This command operates similar to that of the command set port gvrp.
set port gvrp { enable | disable } <interface-id>
Syntax Description
enable
- Enables GVRP on the interface
disable
- Disables GVRP on the interface
interface-id
- Interface identifier
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults enable
Example iss(config)# set port gvrp disable 0/1
VS-2024-F DATACOM SYSTEMS INC
236 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
The value enable indicates that GVRP is enabled on the current port, as long as global GVRP status is also enabled for the device
If port GVRP state is disabled, but global GVRP status is still enabled, then GVRP is disabled on current port. Any received GVRP packets will be discarded and no GVRP registrations will be propagated from other ports
Related Command
show vlan port config - Displays the vlan related parameters specific for ports
9.14 set gmrp
This command enables or disables GMRP globally on the device.
set gmrp { enable | disable }
Syntax Description
enable
- Enables GMRP on the device
disable
- Disables GMRP on the device
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults enable
Example iss(config)# set gmrp disable
GMRP needs to be explicitly enabled even after GARP is enabled.
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 237 DATACOM SYSTEMS CONFIDENTIAL
Related Commands
show vlan - Displays VLAN information in the database
show vlan device info - Displays the VLAN related global status variables
9.15 set port gmrp
This command enables or disables GMRP on the port.
set port gmrp <interface-type> <interface-id> { enable | disable }
Syntax Description
interface-type
- Interface type
interface-id
- Interface ID
enable
- Enables GMRP on the interface
disable
- Disables GMRP on the interface
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
238 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Defaults enable
Example iss(config)# set port gmrp gigabitethernet 0/1 disable
The value enable indicates that GMRP is enabled on this port in all VLANs as long as GMRP Status is also enabled globally
The value disable indicates that GMRP is disabled on this port in all VLANs; any GMRP packet received will be silently discarded and no GMRP registrations will be propagated from other ports
Related Command
show vlan port config - Displays the vlan related parameters specific for ports
9.16 vlan learning mode
This command configures the VLAN learning mode for the switch.
vlan learning mode {ivl | svl | hybrid}
Syntax Description
ivl
- Independent VLAN learning
svl - Shared VLAN learning
hybrid
- Hybrid VLAN learning
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 239 DATACOM SYSTEMS CONFIDENTIAL
Defaults ivl
Example iss(config)# vlan learning mode ivl
A change in the configuration of the VLAN learning mode will be effective only after the next reboot of the system.
Related Commands
show vlan device info - Displays the VLAN related global status variables
Error! Reference source not found. - Displays the current information stored in the NVRAM
9.17 fid - vlan range
This command configures a VLAN or a list of VLANs to use a Filtering database identified by a filtering database identifier and the no form of the command configures the FIDs of all VLANs in the list to their default value.
fid <integer(1-4094)> vlan <vlan-range>
no fid vlan <vlan-range>
Syntax Description
vlan
- List of VLANs. The vlan-range can have any valid range between 1 and 4094.
Mode Global Configuration Mode
VS-2024-F DATACOM SYSTEMS INC
240 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Package Workgroup, Enterprise and Metro
Defaults By default, the FID of all VLANs is their VLAN ID.
Example iss(config)# fid 2 vlan 2-20
The MST instance of all VLANs in the list must be the same.
Any other VLAN with the same FID must have MST instance same as that of the VLANs in the list for this command to succeed.
This command is successful when the VLAN learning mode is hybrid.
Related Commands vlan learning mode - Configures the VLAN learning mode for the switch
vlan default hybrid type - Configures the default learning type for VLANs when the operational learning mode of the switch is hybrid
show fid - detail - Displays forwarding database identifier used by VLANs in the switch
9.18 set vlan traffic-classes
This command enables / disables traffic classes.
set vlan traffic-classes {enable | disable}
Syntax Description
enable
- Enables traffic classes
disable
- Disables traffic classes
Mode Global Configuration Mode
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 241 DATACOM SYSTEMS CONFIDENTIAL
Package Workgroup, Enterprise and Metro
Defaults enable
Example iss(config)# set vlan traffic-classes enable
This command has to be executed prior to executing the vlan max traffic class command.
Related Commands
show vlan device info - Displays the VLAN related global status variables
vlan max-traffic-class - Assigns traffic class value to a port
show vlan traffic-classes - Displays the traffic class information of all the available interfaces
9.19 mac-map
This command configures the VLAN-MAC address mapping. The no form of this command is used to delete the specific mac map entry.
mac-map <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> [mcast-bcast {discard | allow}]
no mac-map <aa:aa:aa:aa:aa:aa>
Syntax Description
aa:aa:aa:aa:aa:aa
- MAC address
VS-2024-F DATACOM SYSTEMS INC
242 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
vlan VLAN Identifier
mcast-bcast
- Specifies the way broadcast and multicast traffic will be handled for the packets received from the source address of this MAC classification entry
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# mac-map 00:11:22:33:44:55 vlan 2 mcast-bcast discard
This command is valid only if VLAN is configured as 'Mac-based'.
Related Commands
mac-vlan - Enables MAC-based VLAN for all the available interfaces of the VLAN
show mac-vlan - Displays the entries in the MAC-VLAN database
9.20 map subnet This command configures a VLAN subnet mapping entry. The no form of command deletes the vlan subnet mapping entry.
map subnet <ip-subnet-address> vlan <vlan-id(1-4094)> [arp {suppress | allow}]
no map subnet <ip-subnet-address>
Syntax Description
ip-subnet-address
Subnet address
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 243 DATACOM SYSTEMS CONFIDENTIAL
vlan-id VLAN identifier
arp - Configurable option for discarding/allowing ARP Untagged frames on the vlan.
Mode Interface Mode
This command can be executed in the Global configuration mode, in BCMX switches
Package Workgroup, Enterprise and Metro
Default allow
Example iss(config-if)# map subnet 14.0.0.0 vlan 1 arp allow
VLAN should be present.
Related Commands :
show subnet vlan mapping - Displays the entries in Subnet-VLAN database
9.21 switchport filtering-utility-criteria
This command changes filtering utility criteria to default or enhanced filtering criteria.
switchport filtering-utility-criteria {default | enhanced}
Mode Interface Configuration Mode
VS-2024-F DATACOM SYSTEMS INC
244 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Package Workgroup, Enterprise and Metro
Default default
Example iss(config-if)# switchport filtering-utility-criteria enhanced
9.22 mac-address-table static unicast
This command configures a static unicast MAC address in the forwarding database. The no form of the command deletes a configured static Unicast MAC address from the forwarding database.
mac-address-table static unicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> [{recv-port <ifXtype> <ifnum> }] interface ([<interface-type> <0/a-b, 0/c, ...>] [<interface-type> <0/a-b, 0/c, ...>] [port-channel
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 245 DATACOM SYSTEMS CONFIDENTIAL
<a,b,c-d>]) [connection-identifier <ucast_mac>] [status { permanent | deleteOnReset | deleteOnTimeout }]
no mac-address-table static unicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> [{recv-port <ifXtype> <ifnum>}]
PBB feature enabled in the switch
mac-address-table static unicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> [{recv-port <ifXtype> <ifnum> | service-instance <integer(256-16777214)>}] interface ([<interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>]) [connection-identifier <ucast_mac>][status { permanent | deleteOnReset | deleteOnTimeout }]
no mac-address-table static unicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> [{recv-port <ifXtype> <ifnum> | service-instance <integer(256-16777214)>}]
Syntax Description
aa:aa:aa:aa:aa:aa
- Destination MAC address
vlan - VLAN Identifier
recv-port
- Received port's Interface type and ID
service-instance - Service instance identifier. This value ranges between 256 and 16777214.
interface
- Member Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Member Ports Interface type and ID.
port-channel - Port-channel ID
connection-identifier
- Associates backbone MAC address of peer backbone edge bridge with customer MAC address that can be reached through the bridge.
VS-2024-F DATACOM SYSTEMS INC
246 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
status
- Status of the Static unicast entry. The options are:
permanent - Entry remains even after the next reset of the bridge
deleteOnReset - Entry remains until the next reset of the bridge
deleteOnTimeout - Entry remains until it is aged out
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults status
- permanent
Example iss(config)# mac-address-table static unicast 00:11:22:33:44:55 vlan 3 recv-port gigabitethernet 0/2 interface gigabitethernet 0/1 status deleteOnTimeout iss(config)# mac-address-table static unicast 00:11:22:33:44:55 vlan 3 service-instance 1005 interface gigabitethernet 0/1 status deleteOnTimeout
VLAN/Service-instance must have been configured and member ports must have been configured for the specified VLAN/Service-instance.
Related Commands
show mac-address-table static unicast - Displays the statically configured unicast address from the MAC address table.
mac-address-table static multicast - Configures a static multicast MAC address in the forwarding database.
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode.
service instance - Used to enter the service instance mode for performing ISID specific operations.
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 247 DATACOM SYSTEMS CONFIDENTIAL
9.23 mac-address-table static unicast – Transparent Bridging Mode
This command configures a static unicast MAC Address in the forwarding database in transparent bridging mode. The no form of the command deletes the configured Static Unicast address from the forwarding database.
mac-address-table static unicast <aa:aa:aa:aa:aa:aa> [recv-port <interface-type> <interface-id>] interface ([<interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>]) [status { permanent | deleteOnReset | deleteOnTimeout }]
no mac-address-table static unicast <aa:aa:aa:aa:aa:aa> [recv-port <interface-type> <interface-id>]
Syntax Description
aa:aa:aa:aa:aa:aa - Destination MAC address
recv-port - Received port's Interface type and ID
interface - Member Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Member Ports Interface type and ID.
port-channel - Port-channel ID
status - Status of the Static unicast entry. The options are:
permanent - Entry remains even after the next reset of the bridge
deleteOnReset - Entry remains until the next reset of the bridge
deleteOnTimeout - Entry remains until it is aged out
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults status
- permanent
Example iss(config)# mac-address-table static unicast 00:11:22:33:44:55 recv-port gigabitethernet 0/2 interface gigabitethernet 0/2 status deleteOnTimeout
Base bridge mode should be transparent bridging.
VS-2024-F DATACOM SYSTEMS INC
248 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Related Commands
show dot1d mac-address-table static unicast - Displays Static Unicast MAC Address table
mac-address-table static multicast - Configures a static multicast MAC address in the forwarding database.
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 249 DATACOM SYSTEMS CONFIDENTIAL
9.24 mac-address-table static multicast
This command configures a static multicast MAC address in the forwarding database.
mac-address-table static multicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> [{recv-port <ifXtype> <ifnum>>}] interface ([<interface-type> <0/a-b, 0/c, ...>] [<interface-type> <0/a-b, 0/c, ...>] [port-channel <a,b,c-d>]]) [forbidden-ports ([<interface-type> <0/a-b, 0/c, ...>] [<interface-type> <0/a-b, 0/c, ...>] [port-channel <a,b,c-d>]]) [status { permanent | deleteOnReset | deleteOnTimeout }]
no mac-address-table static multicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> [recv-port <ifXtype> <ifnum>}]
PBB feature enabled in the switch
mac-address-table static multicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> [{recv-port <ifXtype> <ifnum> | service-instance <integer(256-16777214)>}] interface ([<interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>]]) [forbidden-ports ([<interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>]]) [status { permanent | deleteOnReset | deleteOnTimeout }]
no mac-address-table static multicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> [{recv-port <ifXtype> <ifnum> | service-instance <integer(256-16777214)>}]
Syntax Description
aa:aa:aa:aa:aa:aa
- Multicast MAC address
vlan
- VLAN Identifier
recv-port
- Received port's Interface type and ID
service-instance - Service instance identifier. This value ranges between 256 and 16777214.
interface
- Member Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Member Ports Interface type and ID.
VS-2024-F DATACOM SYSTEMS INC
250 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
port-channel - Port channel ID
forbidden-ports
- Forbidden ports interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Forbidden ports interface type and ID.
port-channel
- Port-channel ID
status
- Status of the static multicast entry. The options are:
permanent - Entry remains even after the next reset of the bridge
deleteOnReset - Entry remains until the next reset of the bridge
deleteOnTimeout - Entry remains until it is aged out
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults status
- permanent
Example iss(config)# mac-address-table static multicast 01:02:03:04:05:06 vlan 2 interface gigabitethernet 0/1
VLAN/Service-instance must have been configured and member ports must have been configured for the specified VLAN/Service-instance.
Related Command
show mac-address-table static multicast - Displays the statically configured multicast entries.
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode.
service instance – Used to enter the service instance mode for performing ISID specific operations.
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 251 DATACOM SYSTEMS CONFIDENTIAL
9.25 mac address-table static mcast
This command configures a static multicast MAC (Media Access Control) address in the forwarding database and the no form of the command deletes a configured static multicast MAC address from the forwarding database.
This command operates similar to that of the command mac-address-table static multicast.
mac address-table static <mcast_mac> vlan <integer(1-4094)> ([interface <interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>][port-channel <a,b,c-d>])
no mac address-table static <mcast_mac> vlan <vlan-id(1-4094)> [interface <ifXtype> <ifnum>]
Syntax Description
mcast_mac
- Multicast MAC address.
vlan
- VLAN identifier. This value ranges between 1 and 4094.
interface
- Member Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Specifies interface type and ID of the member and forbidden ports.
port-channel
- Port-channel ID
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# mac address-table static 01:02:03:04:05:06 vlan 2 interface gigabitethernet 0/1
VLAN/Service-instance must have been configured and member ports must have been configured for the specified VLAN/Service-instance.
Related Command
VS-2024-F DATACOM SYSTEMS INC
252 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show mac-address-table static multicast - Displays the statically configured multicast entries.
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode.
service instance – Used to enter the service instance mode for performing ISID specific operations.
9.26 mac-address-table static multicast – Transparent Bridging mode
This command configures a static multicast MAC address in the forwarding database in transparent bridging. The no form of command deletes the configured Static Multicast address from the forwarding database.
mac-address-table static multicast <aa:aa:aa:aa:aa:aa> [recv-port <interface-type> <interface-id>] interface ([<interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>]]) [status { permanent | deleteOnReset | deleteOnTimeout }]
no mac-address-table static multicast <aa:aa:aa:aa:aa:aa> [recv-port <interface-type> <interface-id>]
Syntax Description
aa:aa:aa:aa:aa:aa
- Multicast MAC address
recv-port
- Received port's Interface type and ID
interface
- Member Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Member Ports Interface type and ID.
port-channel - Port channel ID
port-channel
- Port-channel ID
status
- Status of the static multicast entry. The options are:
permanent - Entry remains even after the next reset of the bridge
deleteOnReset - Entry remains until the next reset of the bridge
deleteOnTimeout - Entry remains until it is aged out
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 253 DATACOM SYSTEMS CONFIDENTIAL
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults status
- permanent
Example iss(config)# mac-address-table static multicast 01:00:5E:01:02:03interface gigabitethernet 0/2
Base bridge mode should be transparent bridging
Related Command
show dot1d mac-address-table static multicast - Displays Static Multicast MAC Address table.
mac-address-table static unicast - Configures a static unicast MAC address in the forwarding database.
VS-2024-F DATACOM SYSTEMS INC
254 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.27 mac-address-table aging-time
This command sets the maximum age of a dynamically learnt entry in the MAC address table. The no form of the command sets the maximum age of an entry in the MAC address table to its default value.
mac-address-table aging-time <10-1000000 seconds>
no mac-address-table aging-time
For DX260 target
mac-address-table aging-time <10-630 seconds>
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 300
Example iss(config)# mac-address-table aging-time 200
If traffic on an interface is not very frequent, then the aging time must be increased to record the dynamic entries for a longer time. Increasing the time can reduce the possibility of flooding.
Related Command show mac-address-table aging-time - Displays the MAC address-table with ageing time
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 255 DATACOM SYSTEMS CONFIDENTIAL
9.28 bridge-mode- Metro
This command configures the bridge mode of the Switch.
bridge-mode {customer | provider | provider-core | provider-edge | provider-backbone-icomp |provider-backbone-bcomp}
Syntax Description
customer
- Customer Bridge Mode
provider
- Provider Bridge Mode
provider-core
- Provider core Bridge Mode
provider-edge
- Provider edge Bridge Mode
provider-backbone-icomp
- Provider Backbone Bridge I component Mode
provider-backbone-bcomp
- Provider Backbone Bridge B component Mode
Mode Global Configuration Mode in SI mode/Switch Configuration Mode in MI mode
Package Workgroup, Enterprise and Metro
In the Workgroup and the Enterprise package, only the customer and provider are the valid parameters.
Defaults Based on the bridge mode value in issnvram.txt
Example iss(config)# bridge-mode provider-backbone-icomp
VS-2024-F DATACOM SYSTEMS INC
256 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Only one bridge mode can be set at a time. If multiple bridge modes are required, multiple instances of the bridge should be run.
To configure the bridge mode of the switch.
- Spanning tree must be shut down.
- GARP must be shut down.
- ECFM must be shutdown
Related Command
no Error! Reference source not found. - Starts MRP module in the switch
show vlan device info - Displays the VLAN related global status variables
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 257 DATACOM SYSTEMS CONFIDENTIAL
9.29 l2protocol-tunnel cos
This command configures the priority for the tunneled STP BPDUs. The no form of the command configures the default priority for the tunneled STP BPDUs.
l2protocol-tunnel cos <cos-value(0-7)>
no l2protocol-tunnel cos
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults cos - value - 7
Example iss(config)# l2protocol-tunnel cos 5
The configured priority value will be effective only when the L2 Protocol tunnel STP is enabled on an interface
Related Command
show l2protocol-tunnel - Displays the entries in VLAN tunnel protocol table containing the number of ingress or egress STP BPDUs tunneled
VS-2024-F DATACOM SYSTEMS INC
258 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.30 clear l2protocol-tunnel counters
This command clears the L2 protocol tunnel counters.
clear l2protocol-tunnel counters [<interface-type> <interface-id>]
Syntax Description
interface-type
- Type of interface
interface-id
- Interface ID
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# clear l2protocol-tunnel counters
If executed without the optional parameters this command clears the STP tunnel counters of all the available interfaces.
Related Command
show l2protocol-tunnel - Displays the entries in VLAN tunnel protocol table containing the number of ingress or egress STP BPDUs tunneled
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 259 DATACOM SYSTEMS CONFIDENTIAL
9.31 clear vlan statistics
This command clears the VLAN counters.
clear vlan statistics [vlan < vlan-id (1-4094)>]
Syntax Description
vlan - VLAN Identifier
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# clear vlan statistics vlan 1
If executed without the optional parameters this command clears all the VLAN counters.
Related Command
show vlan statistics - Displays the VLAN statistics
VS-2024-F DATACOM SYSTEMS INC
260 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.32 vlan default hybrid type
This command configures the default learning type for VLANs when the operational learning mode of the switch is hybrid.
vlan default hybrid type {ivl | svl}
Syntax Description
ivl
- Independent VLAN learning
svl
- Shared VLAN learning
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# vlan default hybrid type ivl
This command is successful when the VLAN learning mode is not hybrid.
This configuration is useful when the switch is restarted with VLAN learning mode changed to Hybrid.
A config save restore must be done for this configuration
Related Commands
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 261 DATACOM SYSTEMS CONFIDENTIAL
vlan learning mode - Configures the VLAN learning mode for the switch
show fid - detail - Displays forwarding database identifier used by VLANs in the switch
9.33 wildcard
This command configures the wildcard vlan entry for a given mac address and the no form of the command deletes the wildcard entry for the same.
wildcard {mac-adddress <mac_addr> | broadcast} interface ([<interface-type> <0/a-b, 0/c, ...>] [<interface-type> <0/a-b, 0/c, ...>] [port-channel <a,b,c-d>])
no wildcard {mac-adddress <mac_addr> | broadcast}
Syntax Description
mac-adddress / broadcast
- Unicast/Multicast/BroadCast Mac Address of Wildcard entry
Interface
- Interface type and ID
port-channel
- Port-channel ID
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
262 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Example iss(config)# wildcard mac-address 01:02:03:04:05:06 interface gigabitethernet 0/1
9.34 set unicast-mac learning
This command enables / disables unicast-mac learning for the VLAN.
set unicast-mac learning { enable | disable }
Syntax Description
enable - Enables unicast-mac learning for the VLAN
disable - Disables unicast-mac learning for the VLAN
Mode Config-VLAN Mode
Package Workgroup, Enterprise and Metro
Defaults enable
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 263 DATACOM SYSTEMS CONFIDENTIAL
Example iss(config-vlan)# set unicast-mac learning enable
This configuration will not take effect on VLANs with the number of member ports greater than or equal to 3.
Related Command
show vlan learning params - Displays unicast-MAC learning status and learning limit configured for the specified VLAN
9.35 vlan unicast-mac learning limit
This command sets the unicast-mac learning limit for the VLAN. The no form of the command resets the unicast-mac learning limit for the vlan to the default value.
vlan unicast-mac learning limit <size(0-4294967295)>
no vlan unicast-mac learning limit
Syntax Description
learning limit
- Specifies the MAC learning limit configured for the VLAN
Mode Config-VLAN Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
264 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Defaults A value calculated depending on the dynamic unicast size and the maximum number of VLANs supported in the system.
Example iss(config-vlan)# vlan unicast-mac learning limit 100
The maximum limit that can be configured for a VLAN is dependent on the total size available for dynamic unicast entries in the forwarding table and on the maximum number of VLANs that can be supported.
This configuration is allowed only in case of independent VLAN learning mode.
Related Command
show vlan learning params - Displays unicast-MAC learning status and learning limit configured for the specified VLAN
9.36 unicast-mac learning limit
This command sets unicast MAC learning limit for the switch. The no form of the command resets unicast MAC learning limit for the switch to the default value.
unicast-mac learning limit <limit value(0-4294967295)>
no unicast-mac learning limit
Syntax Description
limit value - Limiting value on the number of distinct unicast MAC addresses that can be learnt in the device. This value ranges between 0 and 4294967295
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 265 DATACOM SYSTEMS CONFIDENTIAL
Mode Global Configuration mode.
Package Workgroup, Enterprise and Metro
Example iss(config)# unicast-mac learning limit 5
The limiting value must not be less than any of the unicast MAC learning limits set for the VLANs.
The upper limiting value that can be set is determined by the underlying hardware.
Related Command
show vlan device info - Displays the VLAN related global status variables.
9.37 ports
This command configures a static VLAN entry with the required member ports, untagged ports and forbidden ports. The tagged and untagged member ports defined by this command are used for egress tagging for a VLAN at a port.
For ports in PBB bridge mode, this command is used to define member ports for a VLAN in a component.
For BVLAN in a B component, these member ports can be only PNP.
For SVLAN in an I component, these member ports can be only CNP-Stagged.
For CVLAN in an I component, these member ports can be only CNP-Ctagged. The no form of the command resets port list for the VLAN.
VS-2024-F DATACOM SYSTEMS INC
266 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
ports ([<interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>]) [untagged <interface-type> <0/a-b,0/c,...> [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>][all])] [forbidden <interface-type> <0/a-b,0/c,...> [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>]] [name <vlan-name>]
no ports [<interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>] [all] [untagged ([<interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>] [all])] [forbidden ([<interface-type> <0/a-b,0/c,...>] [<interface-type> <0/a-b,0/c,...>] [port-channel <a,b,c-d>] [all])] [name <vlan-name>]
Syntax Description
ports
- Member Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Member Ports Interface type and Id.
port-channel <a,b,c-d>
- Port-channel ID
untagged
- Untagged Ports Interface type and Id
<interface-type> <0/a-b, 0/c, ...>
- Untagged Ports Interface type and Id
forbidden
- Forbidden Ports Interface type and Id
<interface-type> <0/a-b, 0/c, ...>
- Forbidden Ports Interface type and Id
port-channel
- Port-channel ID
all - All Member Ports
name
- Administratively assigned string used to identify the VLAN
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 267 DATACOM SYSTEMS CONFIDENTIAL
Mode VLAN Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-switch-vlan)# ports gigabitethernet 0/1 untagged gigabitethernet 0/1 forbidden gigabitethernet 0/2 name vl1
Member-ports represent the set of ports permanently assigned to the egress list
Forbidden-ports represent the set of ports forbidden for the VLAN
Untagged ports represent the set of ports which transmits untagged frames
CBP should always be set as untagged member port of a BVLAN.
All the existing commands in VLAN configuration mode are also used for the configuration of a B-VLAN of a PBB.
Related Command
show vlan - Displays VLAN information in the database
9.38 vlan active
This command makes the particular VLAN active in the switch.
vlan active
VS-2024-F DATACOM SYSTEMS INC
268 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Mode Config-VLAN Mode
Package Workgroup, Enterprise and Metro
Example iss(config-vlan)# vlan active
9.39 forward-all
This command configures the forward-all information for a VLAN specifying the set of ports to which all multicasts must be forwarded.
The no form of the command sets the forward-all to default.
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 269 DATACOM SYSTEMS CONFIDENTIAL
forward-all ([static-ports ([<interface-type> <0/a-b, 0/c, ...>] [<interface-type> <0/a-b, 0/c, ...>] [port-channel <a,b,c-d>] [none])] [forbidden-ports <interface-type> <0/a-b, 0/c, ...> [<interface-type> <0/a-b, 0/c, ...>] [port-channel <a,b,c-d>]])
no forward-all
Syntax Description
static-ports
- Static Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Static Ports Interface type and ID.
port-channel
- Port-channel ID
none
- None
forbidden-ports
- Forbidden Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Forbidden Ports Interface type and ID.
port-channel
- Port-channel ID
Mode Config-VLAN Mode
Package Workgroup, Enterprise and Metro
Example iss(config-vlan)# forward-all static-ports gigabitethernet 0/1 forbidden-ports gigabitethernet 0/2
VS-2024-F DATACOM SYSTEMS INC
270 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
static-ports are the set of ports configured by the user in this VLAN to which the multicast group-addressed frames are to be forwarded
forbidden-ports are the set of ports configured by the user in this VLAN to which the multicast group-addressed frames are NOT to be forwarded
Related Command
show forward-all - Displays the GMRP forward-all table entries
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 271 DATACOM SYSTEMS CONFIDENTIAL
9.40 forward-unregistered
This command configures the forward unregistered information for a VLAN for which there is no specific forwarding information. The no form of the command sets the forward-unregistered information to default.
forward-unregistered ([static-ports ([<interface-type> <0/a-b, 0/c, ...>] [<interface-type> <0/a-b, 0/c, ...>] [port-channel <a,b,c-d>] [none])] [forbidden-ports <interface-type> <0/a-b, 0/c, ...> [<interface-type> <0/a-b, 0/c, ...>] [port-channel <a,b,c-d>]])
no forward-unregistered
Syntax Description
static-ports
- Static Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Static Ports Interface type and ID.
port-channel
- Port-channel ID
none - None
forbidden-ports
- Forbidden Ports Interface type and ID.
<interface-type> <0/a-b, 0/c, ...>
- Forbidden Ports Interface type and ID.
port-channel
- Port-channel ID
Mode Config-VLAN Mode
Package Workgroup, Enterprise and Metro
Example iss(config-vlan)# forward-unregistered static-ports gigabitethernet 0/2 forbidden-ports gigabitethernet 0/1
static-ports are the set of ports configured by the user in this VLAN to which the multicast group-addressed frames are to be forwarded
forbidden-ports are the set of ports configured by the user in this VLAN to which the multicast group-addressed frames are NOT to be forwarded
Related Command
show forward-unregistered - Displays the GMRP forward-unregistered table
VS-2024-F DATACOM SYSTEMS INC
272 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.41 switchport pvid
This command configures the PVID (VLAN Identifier) on a port. The no form of this command sets the PVID to the default value on the port.
switchport pvid <vlan-id(1-4094)>
no switchport pvid
Syntax Description
vlan-id - PVID value to be configured on the port.
Mode Interface Configuration Mode
Example iss(config-if)# switchport pvid 3
If the frame (untagged/priority tagged/customer VLAN tagged) is received on a "tunnel" port, then the default Port VLAN Id (PVID) associated with the port is used.
If the received frame cannot be classified as MAC-based or port-and-protocol-based, then the PVID associated with the port is used.
For ports in PBB bridge mode, PVID can be configured on CNP and CBP.
Usage is based on acceptable frame type of the port. Packets will be either dropped or accepted at ingress. Once a packet is accepted, if packet is having a tag, it will be processed against that tag. Otherwise, the packet will be processed against PVID.
Related Command
show vlan port config - Displays the VLAN related parameters specific for ports
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 273 DATACOM SYSTEMS CONFIDENTIAL
9.42 switchport access vlan
This command configures the PVID (Port VLAN Identifier) on a port. The no form of this command sets the PVID to the default value on the port.
This command operates similar to that of the command switchport pvid.
switchport access vlan <vlanid (1-4094)>
no switchport access vlan
Syntax Description
vlan-id - PVID value to be configured on the port.
Mode Interface Configuration Mode
Example iss(config-if)# switchport access vlan 3
If the frame (untagged/priority tagged/customer VLAN tagged) is received on a "tunnel" port, then the default PVID associated with the port is used.
If the received frame cannot be classified as MAC-based or port-and-protocol-based, then the PVID associated with the port is used.
For ports in PBB bridge mode, PVID can be configured on CNP (Customer Network Port) and CBP (Customer Backbone Port).
Usage is based on acceptable frame type of the port. Packets will be either dropped or accepted at ingress. Once a packet is accepted, if the packet is having a tag, it will be processed against that tag. Otherwise, the packet will be processed against PVID.
Related Command
show vlan port config - Displays the VLAN related parameters specific for ports
VS-2024-F DATACOM SYSTEMS INC
274 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.43 switchport acceptable-frame-type
This command configures the acceptable frame type for the port. The no form of this command sets the default value of acceptable frame type - all where all frames will be accepted.
switchport acceptable-frame-type {all | tagged | untaggedAndPrioritytagged }
no switchport acceptable-frame-type
Syntax Description
all
- All frames. Both tagged and untagged frames are allowed.
tagged
- Tagged frames. For ports in PBB bridge mode, the description of tagged frames is given in the below table:
Port Type What will be considered as TAG
CNP STagged S-Tag
CNP CTagged C-Tag
CNP Port Based S-Tag
PIP I-Tag
CBP I-Tag
PNP B-Tag or S Tag
untaggedAndPrioritytagged
- Untagged and priority tagged frames. For ports in PBB bridge mode, the description of untagged frames is given in the below table:
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults all
Example iss(config-if)# switchport acceptable-frame-type tagged
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 275 DATACOM SYSTEMS CONFIDENTIAL
When set to "tagged" the device will discard untagged and priority tagged frames received on the port and will process only the VLAN tagged frames
When set to "all" untagged frames or priority-tagged frames received on the port are also accepted
When set to “untaggedAndPrioritytagged”, untagged and priority tagged frames alone are accepted and tagged frames are dropped.
Related Command
show vlan port config - Displays the VLAN related parameters specific for ports.
9.44 switchport ingress-filter
This command enables ingress filtering on the port. The no form of this command disables ingress filtering on the port.
switchport ingress-filter
no switchport ingress-filter
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Disabled
Example iss(config-if)# switchport ingress-filter
When ingress-filtering is enabled, the device discards those incoming frames for VLANs which do not include this port in its member set
When the ingress filtering is disabled using the no form of the command, the device accepts all incoming frames
Related Command
show vlan port config - Displays the VLAN related parameters specific for ports
VS-2024-F DATACOM SYSTEMS INC
276 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.45 port mac-vlan
This command enables MAC-based VLAN learning on the port. The no form of the command disables MAC-based VLAN learning on the port.
port mac-vlan
no port mac-vlan
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Disabled
Example iss(config-if)# port mac-vlan
VLAN classification on the port will be MAC-based as long as MAC-based VLAN classification is enabled globally for the device.
Related Command
show vlan port config - Displays the VLAN related parameters specific for ports
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 277 DATACOM SYSTEMS CONFIDENTIAL
9.46 port subnet – vlan This command enables subnet based VLAN classification on the port. The no form of command disables the subnet based VLAN learning on the port.
port subnet-vlan
no port subnet-vlan
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Disabled
Example iss(config-if)# port subnet-vlan
Related Command
show subnet vlan mapping: Displays the entries in Subnet-VLAN database
VS-2024-F DATACOM SYSTEMS INC
278 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.47 port protocol-vlan
This command enables port protocol based VLANs. The no form of the command disables port Protocol based VLANs.
port protocol-vlan
no port protocol-vlan
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Enabled
Example iss(config-if)# port protocol-vlan
The value enable indicates that the VLAN classification on this port is port and protocol based as long as the port and protocol based classification is enabled globally for the device.
Related Command
show vlan port config - Displays the VLAN related parameters specific for ports
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 279 DATACOM SYSTEMS CONFIDENTIAL
9.48 switchport map protocols-group
This command maps the protocol group configured to a particular VLAN identifier for the specified interface. The no form of the command unmaps the VLAN identifier to group Id mapping.
switchport map protocols-group <Group id integer(0-2147483647)>vlan <vlan-id(1-4094)>
no switchport map protocols-group <Group id integer(0-2147483647)>>
Syntax Description
Group id
- Group ID
vlan
- VLAN ID
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# switchport map protocols-group 1 vlan 2
Protocol group must have been configured
Related Commands
map protocol - Adds a protocol to a protocol group for protocol based VLAN learning
VS-2024-F DATACOM SYSTEMS INC
280 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show protocol-vlan - Displays the entries in protocol-VLAN database
show vlan protocols-group - Displays the protocol group database
9.49 switchport priority default
This command sets the default user priority for the port. The no form of the command sets the default user priority for the port to the default value.
switchport priority default <priority value(0-7)>
no switchport priority default
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 0
Example iss(config-if)# switchport priority default 5
Related Command
show vlan port config - Displays the VLAN related parameters specific for ports
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 281 DATACOM SYSTEMS CONFIDENTIAL
9.50 switchport mode
This command configures the VLAN port mode. The no form of the command configures the default VLAN port mode.
switchport mode { access | trunk | hybrid | {dynamic {auto | desirable}} }
no switchport mode
Syntax Description
access
- Access port Mode
trunk
- Trunk port Mode
hybrid
- Hybrid VLAN port Mode
dynamic
- Dynamic Mode. This can be:
auto – Interface converts the link to a trunk link.
desirable – Interface actively attempts to convert the link to a trunk link.
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
282 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Defaults Hybrid Mode
Example iss(config-if)# switchport mode access
It is not possible to set the switchport mode status to Trunk/Hybrid if the tunnel is enabled.
It is not possible to configure the switchport mode status to trunk if the port is an untagged member of a VLAN.
It is not possible to configure the switchport mode status to access if the ports acceptable frame type is All/Tagged.
Related Commands switchport mode dot1q-tunnel - Enables dot1q-tunneling on the specified interface
show vlan port config - Displays the VLAN related parameters specific for ports
9.51 switchport mode dot1q-tunnel
This command enables dot1q-tunneling on the specified interface. The no form of the command disables dot1q-tunneling on the specified interface.
switchport mode dot1q-tunnel
no switchport mode dot1q-tunnel
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Disabled
Example iss(config-if)# switchport mode dot1q-tunnel
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 283 DATACOM SYSTEMS CONFIDENTIAL
Bridge Mode must be set to 'provider' for the dot1q-tunneling status to be enabled
It is not possible to set the dot1q-tunnel status on the port if the port mode is not 'access' type
PNAC port control must be force-authorized
If dot1q tunneling is enabled on the specified interface, then GMRP is disabled internally
Related Commands
bridge-mode- Metro - Configures the bridge mode of the Switch
switchport mode - Configures the VLAN port mode
show dot1q-tunnel - Displays the entries in the dot1q-tunnel table
show vlan device info - Displays the VLAN related global status variables
show vlan port config - Displays the VLAN port information
9.52 set garp timer
This command configures the GARP join time, leave time, and leaveall time in milli-seconds.
set garp timer {join | leave | leaveall} <time in milli seconds>
Syntax Description
join
- Join Time
leave
- Leave Time
leaveall
- Leaveall Time
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
284 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Defaults join
- 20
leave - 60
leaveall
- 1000
Example iss(config-if)# set garp timer join 500
Leave Timer must be greater than 2 times Join Timer and Leaveall Timer must be greater than Leave Timer
Timer values cannot be set to zero
The GARP timer configuration will be applied to the GARP applications (GMRP and GVRP) on the specified interface.
Related Command
show garp timer - Displays the GARP timer information of the available interfaces
9.53 vlan restricted
This command enables/disables restricted VLAN registration on the port.
vlan restricted {enable | disable}
Syntax Description
enable
- Enables restricted VLAN registration
disable
- Disables restricted VLAN registration
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 285 DATACOM SYSTEMS CONFIDENTIAL
Defaults disable
Example iss(config-if)# vlan restricted enable
If restricted VLAN registration rules are enabled, then a VLAN is learnt dynamically from the GVRP frame only if the specific VLAN is statically configured in the switch. If restricted VLAN registration rules are disabled, then GVRP packets are processed normally and the VLANs are learnt dynamically even if they are not statically configured in the switch.
Related Command
show vlan port config - Displays the VLAN related parameters specific for ports
9.54 group restricted
This command enables or disables restricted group registration on a port.
group restricted {enable | disable }
Syntax Description
enable
- Enables restricted group registration
disable
- Disables restricted group registration
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
286 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Defaults disable
Example iss(config-if)# group restricted enable
If restricted group registration rules are enabled, then a multicast group attribute/service requirement attribute is learnt dynamically from the GMRP frame only if the specific multicast group attribute/service requirement attribute is statically configured in the switch. If restricted group registration rules are disabled, then GMRP packets are processed normally and the multicast group attribute/service requirement attribute are learnt dynamically even if they are not statically configured in the switch.
Related Command
show vlan port config - Displays the VLAN related parameters specific for ports
9.55 vlan max-traffic-class
This command configures the maximum number of traffic classes supported on a port. The no form of the command assigns the default maximum traffic class value to a port.
vlan max-traffic-class <MAX Traffic class(1-8)>
no vlan max-traffic-class
Syntax Description
MAX Traffic class
- The number of traffic classes supported on the port
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 287 DATACOM SYSTEMS CONFIDENTIAL
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 8
Example iss(config-if)# vlan max-traffic-class 7
Related Command
show vlan traffic-classes - Displays the traffic classes information of all the available interfaces
9.56 vlan map-priority
This command maps a priority to a traffic class on the specified port. The frame received on the interface with the configured priority will be processed in the configured traffic class.
The no form of the command maps the default priority to traffic class value on the port.
vlan map-priority <priority value(0-7)> traffic-class <Traffic class value(0-7)>
no vlan map-priority <priority value (0-7)>
VS-2024-F DATACOM SYSTEMS INC
288 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Syntax Description
traffic-class
- Traffic class value
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-if)# vlan map-priority 2 traffic-class 2
The default traffic class value depends upon the configured priority value
Following is the list of default traffic class values for different priority values
Priority Default traffic class 0 2 1 0 2 1 3 3 4 4 5 5 6 6 7 7
Related Command
show vlan traffic-classes - Displays the traffic classes information of all the available interfaces
9.57 shutdown garp
This command shuts down the GARP Module. The no form of the command starts and enables the GARP Module.
shutdown garp
no shutdown garp
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 289 DATACOM SYSTEMS CONFIDENTIAL
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults GARP Module is Started and enabled by default
Example iss(config)# shutdown garp
GARP cannot be started, if VLAN is shutdown and MRP is not shutdown
GARP cannot be shutdown, if GVRP and/or GMRP are enabled
Related Command
set gvrp disable - Globally disables GVRP
set gmrp disable - Globally disables GMRP
Error! Reference source not found. - Shuts down MRP module in the switch
shutdown vlan – Shuts down VLAN switching
9.58 shutdown vlan
This command shuts down VLAN switching. The no form of the command starts and enables VLAN switching.
shutdown vlan
VS-2024-F DATACOM SYSTEMS INC
290 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
no shutdown vlan
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults VLAN Module is Started and enabled by default
Example iss(config)# shutdown vlan
VLAN module cannot be shutdown when the GARP Module is started
shutdown command releases the resources acquired by the VLAN Module, disabling VLAN on all the ports in the device
start acquires the resources required by the VLAN Module to function in the device
Related Commands set vlan - Enables/disables VLAN in the switch
shutdown garp – Shuts down the GARP Module
show vlan - Displays the VLAN information in the database
9.59 debug vlan
This command sets the debug level. The no form of the command sets the debug level to default value.
debug vlan { global | [{fwd | priority | | redundancy} [initshut] [mgmt] [data] [ctpl] [dump] [os] [failall] [buffer] [all]] switch <context_name> }
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 291 DATACOM SYSTEMS CONFIDENTIAL
no debug vlan { global | [{fwd | priority | | redundancy} [initshut] [mgmt] [data] [ctpl] [dump] [os] [failall] [buffer] [all]] switch <context_name> }
Syntax Description
global
- Global related debug messages
fwd - Forwarding Module
priority
- VLAN Priority Module
redundancy Redundancy related debug messages
initshut
- Init and Shutdown
mgmt
- Management
data
- Data path
ctpl
- Control Plane
dump
- Packet dump
os
- Traces related to all Resources except Buffer
failall
- All Failures
buffer
- Buffer
all - All Traces
switch
- Context/Switch Name. If the switch supports multiple instances, the name of the instance can be specified. Otherwise this parameter need not be given or the context name can be given as ‘default’.
Mode Privileged Exec Mode
VS-2024-F DATACOM SYSTEMS INC
292 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Package Workgroup, Enterprise and Metro
Defaults Disabled
Example iss # debug vlan fwd all
Related Command
Error! Reference source not found. - Displays state of each debugging option
9.60 debug garp
This command sets debug level. The no form of the command sets the debug level to default value.
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 293 DATACOM SYSTEMS CONFIDENTIAL
debug garp { global | [{protocol | gmrp | gvrp | redundancy} [initshut] [mgmt] [data] [ctpl] [dump] [os] [failall] [buffer] [all]] [switch <context_name>] }
no debug garp { global | [{protocol | gmrp | garp | redundancy} [initshut] [mgmt] [data] [ctpl] [dump] [os] [failall] [buffer] [all]] [switch <context_name>] }
Syntax Description
global
- Global related debug messages
protocol - Protocol related traces
gmrp - GMRP related traces
gvrp - GVRP related traces
redundancy Redundancy related debug messages
initshut
- Init and Shutdown
mgmt
- Management
data
- Data path
ctpl
- Control Plane
dump
- Packet dump
os
- Traces related to all Resources except Buffer
failall
- All Failures
buffer
- Buffer
all - All Traces
VS-2024-F DATACOM SYSTEMS INC
294 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
switch
- Context/Switch Name. If the switch supports multiple instances, the name of the instance can be specified. Otherwise this parameter need not be given or the context name can be given as ‘default’
Mode Privileged Exec Mode
Package Workgroup, Enterprise and Metro
Defaults Disabled
Example iss # debug garp fwd all
Related Command
Error! Reference source not found. - Displays state of each debugging option
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 295 DATACOM SYSTEMS CONFIDENTIAL
9.61 show vlan
This command displays the VLAN information in the database.
show vlan [brief | id <vlan-range> | summary] [ switch <context_name>]
Syntax Description
brief
- Information about all the VLANs in brief
id
- Information specific to the VLAN Id
summary - Summary of the VLAN
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show vlan brief Vlan database
-------------
Vlan ID : 1
Member Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4, Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10, Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15, Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21, Gi0/22, Gi0/23, Gi0/24
Untagged Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4, Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10, Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15, Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21, Gi0/22, Gi0/23, Gi0/24
Forbidden Ports : None
Name :
Status : Permanent
----------------------------------------------------
iss# show vlan summary
Number of vlans : 1
Multiple Instance:
VS-2024-F DATACOM SYSTEMS INC
296 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
iss# show vlan Switch - default
Vlan database
-------------
Vlan ID : 1
Member Ports : Gi0/49
Untagged Ports : Gi0/49
Forbidden Ports : None
Name :
Status : Permanent
----------------------------------------------------
Switch - cust1
Vlan database
-------------
Vlan ID : 1
Member Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4, Gi0/5, Gi0/6
Untagged Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4, Gi0/5, Gi0/6
Forbidden Ports : None
Name :
Status : Permanent
----------------------------------------------------
Vlan ID : 20
Member Ports : Gi0/1
Untagged Ports : Gi0/1
Forbidden Ports : None
Name :
Status : Permanent
----------------------------------------------------
Vlan ID : 30
Member Ports : Gi0/2
Untagged Ports : None
Forbidden Ports : None
Name :
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 297 DATACOM SYSTEMS CONFIDENTIAL
Status : Dynamic Gvrp
----------------------------------------------------
If the optional parameter is not specified then this command displays the VLAN information of all the available interfaces.
Related Commands
shutdown vlan – Shuts down VLAN switching. The no form of the command starts and enables VLAN switching
set vlan - Enables/disables VLAN in the switch
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
9.62 show vlan device info
This command displays the VLAN related global status variables.
show vlan device info [ switch <context_name>]
Syntax Description
switch
- Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show vlan device info
Vlan device configurations
--------------------------
VS-2024-F DATACOM SYSTEMS INC
298 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Vlan Status : Enabled
Vlan Oper status : Enabled
Gvrp status : Enabled
Gmrp status : Disabled
Gvrp Oper status : Enabled
Gmrp Oper status : Disabled
Mac-Vlan Status : Disabled
Subnet-Vlan Status : Enabled
Protocol-Vlan Status : Enabled
Bridge Mode : Customer Bridge
Base-Bridge Mode : Vlan Aware Bridge
Traffic Classes : Enabled
Vlan Operational Learning Mode : IVL
Version number : 1
Max Vlan id : 4094
Max supported vlans : 1024
Unicast mac learning limit : 150
Multiple Instance: iss# show vlan device info Switch default
Vlan device configurations
--------------------------
Vlan Status : Enabled
Vlan Oper status : Enabled
Gvrp status : Enabled
Gmrp status : Enabled
Gvrp Oper status : Enabled
Gmrp Oper status : Enabled
Mac-Vlan Status : Disabled
Protocol-Vlan Status : Enabled
Bridge Mode : Customer Bridge
Traffic Classes : Enabled
Vlan Operational Learning Mode : IVL
Version number : 1
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 299 DATACOM SYSTEMS CONFIDENTIAL
Max Vlan id : 4094
Max supported vlans : 1024
Unicast mac learning limit : 150
Related Commands shutdown vlan – Shuts down VLAN switching. The no form of the command starts and enables
VLAN switching
set vlan - Enables/disables VLAN in the switch
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode
- Enables MAC-based VLAN for all the available interfaces of the VLAN
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
set gvrp - Enables or disables GVRP on a global basis
set port gvrp - Enables or disables GVRP on the interface
set gmrp - Enables or disables GMRP on a global basis
set port gmrp - Enables or disables GMRP on the interface
set vlan traffic-classes - Enables or disables traffic classes
vlan max-traffic-class - Assigns traffic class value to a port
port protocol-vlan - Enables port protocol based VLANs
vlan learning mode - Configures the VLAN learning mode
show vlan traffic-classes - Displays the traffic classes information of all the available interfaces.
show protocol-vlan - Displays the entries in the protocol-VLAN database.
unicast-mac learning limit - Sets unicast MAC learning limit for the switch
VS-2024-F DATACOM SYSTEMS INC
300 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.63 show vlan device capabilities
This command displays VLAN capabilities of the device.
show vlan device capabilities [ switch <context_name>]
Syntax Description
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show vlan device capabilities Vlan device capabilities
--------------------------
Extended filtering services
Traffic classes
Static Entry Individual port
IVL capable
SVL capable
Hybrid capable
Configurable Pvid Tagging
Multiple Instance: iss# show vlan device capabilities Switch - default
Vlan device capabilities
--------------------------
Extended filtering services
Traffic classes
Static Entry Individual port
IVL capable
SVL capable
Hybrid capable
Configurable Pvid Tagging
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 301 DATACOM SYSTEMS CONFIDENTIAL
Switch - cust1
Vlan device capabilities
--------------------------
Extended filtering services
Traffic classes
Static Entry Individual port
IVL capable
SVL capable
Hybrid capable
Configurable Pvid Tagging
9.64 show fid - detail
This command displays forwarding database identifier used by VLANs in the switch.
show fid [<integer(1-4094)> | detail] [ switch <context_name>]
Syntax Description
switch
- Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show fid 2 Default Learning Type : IVL
Fid Vlan mapping information
----------------------------
Fid : 2
Vlan's : 2,
----------------------------
iss# show fid detail Default Learning Type : IVL
Fid Vlan mapping information
VS-2024-F DATACOM SYSTEMS INC
302 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
----------------------------
Fid : 1
Vlan's : 1,
----------------------------
Fid : 2
Vlan's : 2,
----------------------------
Fid : 3
Vlan's : 3,
----------------------------
Fid : 4
Vlan's : 4,
----------------------------
Fid : 5
Vlan's : 5,
----------------------------
Fid : 6
Vlan's : 6,
Multiple Instance:
iss# show fid 2 Switch - default
Default Learning Type : IVL
Fid Vlan mapping information
----------------------------
Fid : 2
Vlan's : 2,
----------------------------
Switch - cust1
Default Learning Type : IVL
Fid Vlan mapping information
----------------------------
Fid : 2
Vlan's : 2,
----------------------------
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 303 DATACOM SYSTEMS CONFIDENTIAL
Related Commands
fid - vlan range - Configures a VLAN or a list of VLANs to use a Filtering database identified by a filtering database identifier
vlan default hybrid type - Configures the default learning type for VLANs
9.65 show forward-all
This command displays the GMRP forward-all table entries.
show forward-all [ switch <context_name>]
VS-2024-F DATACOM SYSTEMS INC
304 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Syntax Description
switch
- Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show forward-all Vlan Forward All Table
------------------------
Vlan ID : 1
ForwardAll Ports : Gi0/2
ForwardAll Static Ports : Gi0/2
ForwardAll ForbiddenPorts : Gi0/1
----------------------------------------------------------
Vlan ID : 2
ForwardAll Ports : Gi0/1
ForwardAll Static Ports : Gi0/1
ForwardAll ForbiddenPorts : Gi0/2
----------------------------------------------------------
Multiple Instance: iss# show forward-all Switch – default
Vlan Forward All Table
------------------------
Vlan ID : 1
ForwardAll Ports : Gi0/2
ForwardAll Static Ports : Gi0/2
ForwardAll ForbiddenPorts : Gi0/1
----------------------------------------------------------
Vlan ID : 2
ForwardAll Ports : Gi0/1
ForwardAll Static Ports : Gi0/1
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 305 DATACOM SYSTEMS CONFIDENTIAL
ForwardAll ForbiddenPorts : Gi0/2
----------------------------------------------------------
Related Commands
vlan - Configures a VLAN in the switch and is used to enter into the VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
forward-all - Configures the forward-all information for a VLAN
VS-2024-F DATACOM SYSTEMS INC
306 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.66 show forward-unregistered
This command displays the GMRP forward-unregistered table.
show forward-unregistered [ switch <context_name>]
Syntax Description
switch
- Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show forward-unregistered Vlan Forward Unregistered Table
---------------------------------
Vlan ID : 1
Unreg ports : Gi0/1
Unreg Static Ports : Gi0/1
Unreg Forbidden Ports : Gi0/2
------------------------------------------------------
Vlan ID : 2
Unreg ports : Gi0/2
Unreg Static Ports : Gi0/2
Unreg Forbidden Ports : Gi0/1
------------------------------------------------------
Multiple Instance: iss# show forward-unregistered Switch - default
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 307 DATACOM SYSTEMS CONFIDENTIAL
Vlan Forward Unregistered Table
---------------------------------
Vlan ID : 1
Unreg ports : Gi0/49
Unreg Static Ports : Gi0/49
Unreg Forbidden Ports : None
------------------------------------------------------
Switch - cust1
Vlan Forward Unregistered Table
---------------------------------
Vlan ID : 1
Unreg ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4, Gi0/5, Gi0/6
Unreg Static Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4, Gi0/5, Gi0/6
Unreg Forbidden Ports : None
------------------------------------------------------
Vlan ID : 20
Unreg ports : Gi0/1
Unreg Static Ports : Gi0/1
Unreg Forbidden Ports : None
------------------------------------------------------
Vlan ID : 30
Unreg ports : Gi0/2
Unreg Static Ports : Gi0/2
Unreg Forbidden Ports : None
------------------------------------------------------
Related Commands
vlan - Configures a VLAN in the switch and is used to enter into the VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
forward-unregistered - Configures the forward unregistered information for a VLAN
VS-2024-F DATACOM SYSTEMS INC
308 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.67 show vlan traffic-classes
This command displays the traffic classes information of all the available interfaces.
show vlan traffic-classes [{port <interface-type> <interface-id> | switch <context_name>}]
Syntax Description
port
- Interface Type and ID of the port
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance:
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 309 DATACOM SYSTEMS CONFIDENTIAL
iss# show vlan traffic-classes Traffic Class table
---------------------
Port Priority Traffic Class
----- --------- -------------
Gi0/1 0 2
Gi0/1 1 0
Gi0/1 2 1
Gi0/1 3 3
Gi0/1 4 4
Gi0/1 5 5
Gi0/1 6 6
Gi0/1 7 7
Gi0/2 0 2
Gi0/2 1 0
Gi0/2 2 1
Gi0/2 3 3
Gi0/2 4 4
Gi0/2 5 5
Gi0/2 6 6
Gi0/2 7 7
Multiple Instance:
iss# show vlan traffic-classes Switch - default
Traffic Class table
---------------------
Port Priority Traffic Class
----- --------- -------------
Gi0/49 0 2
Gi0/49 1 0
Gi0/49 2 1
Gi0/49 3 3
Gi0/49 4 4
Gi0/49 5 5
VS-2024-F DATACOM SYSTEMS INC
310 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Gi0/49 6 6
Gi0/49 7 7
Switch - cust1
Traffic Class table
---------------------
Port Priority Traffic Class
----- --------- -------------
Gi0/1 0 2
Gi0/1 1 0
Gi0/1 2 1
Gi0/1 3 3
Gi0/1 4 4
Gi0/1 5 5
Gi0/1 6 6
Gi0/1 7 7
Gi0/2 0 2
Gi0/2 1 0
Gi0/2 2 1
Gi0/2 3 3
Gi0/2 4 4
Gi0/2 5 5
Gi0/2 6 6
Gi0/2 7 7
If executed without the ports option, this command displays the priority mapped to all the available traffic classes on the port.
Related Commands
vlan - Configures a VLAN in the switch and is used to enter into the VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
set vlan traffic-classes - Enables / disables traffic classes
vlan max-traffic-class - Assigns traffic class value to a port
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 311 DATACOM SYSTEMS CONFIDENTIAL
9.68 show garp timer
This command displays the GARP timer information of the available interfaces.
show garp timer [{ port <interface-type> <interface-id> | switch <context_name>}]
Syntax Description
port
- Interface type and ID of the port
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show garp timer port gigabitethernet 0/1 Garp Port Timer Info (in milli seconds)
---------------------------------------
Port Join-time Leave-time Leave-all-time
----- --------- ---------- --------------
Gi0/1 200 600 10000
Multiple Instance:
iss# show garp timer Switch - default
Garp Port Timer Info (in milli seconds)
---------------------------------------
VS-2024-F DATACOM SYSTEMS INC
312 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Port Join-time Leave-time Leave-all-time
----- --------- ---------- --------------
Gi0/49 200 600 10000
Switch - cust1
Garp Port Timer Info (in milli seconds)
---------------------------------------
Port Join-time Leave-time Leave-all-time
----- --------- ---------- --------------
Gi0/1 200 600 10000
Gi0/2 200 600 10000
Gi0/3 200 600 10000
Gi0/4 200 600 10000
Gi0/5 200 600 10000
Gi0/6 200 600 10000
The timer information is the same for GVRP and GMRP.
Related Commands
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
show vlan device info - Displays the VLAN related global status variables
set garp timer - Configures the GARP join time, leave time, and leaveall time in milli-seconds
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 313 DATACOM SYSTEMS CONFIDENTIAL
9.69 show vlan port config
This command displays the VLAN related parameters specific for ports.
show vlan port config [{port <interface-type> <interface-id> | switch <context_name>}]
Syntax Description
port
- Interface type and ID of the port
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show vlan port config Vlan Port configuration table
-------------------------------
VS-2024-F DATACOM SYSTEMS INC
314 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Port Gi0/1
Port Vlan ID : 1
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin : 00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Subnet Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
Filtering Utility Criteria : Default
Port Protected Status : Disabled
-------------------------------------------------------
Port Gi0/2
Port Vlan ID : 1
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin : 00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Subnet Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
Filtering Utility Criteria : Default
Port Protected Status : Disabled
-------------------------------------------------------
Multiple Instance: iss# show vlan port config
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 315 DATACOM SYSTEMS CONFIDENTIAL
Switch - default
Vlan Port configuration table
-------------------------------
Port Gi0/49
Port Vlan ID : 1
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin : 00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Peer
GVRP Protocol Tunnel Status : Peer
GMRP Protocol Tunnel Status : Peer
IGMP Protocol Tunnel Status : Peer
Filtering Utility Criteria : Enhanced
-------------------------------------------------------
Switch - cust1
Vlan Port configuration table
-------------------------------
Port Gi0/1
Port Vlan ID : 20
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Disabled
Port Mode : Hybrid
VS-2024-F DATACOM SYSTEMS INC
316 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin : 00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
-------------------------------------------------------
Port Gi0/2
Port Vlan ID : 1
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin : 00:01:02:03:04:0e
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
-------------------------------------------------------
If executed with out the optional parameter this command displays the port information of all the available ports.
Related Commands set port gvrp / set port gvrp - enable | disable - Enables or disables GVRP on the
interface
set port gmrp - Enables or disables GMRP on the interface
switchport pvid / switchport access vlan - Configures the PVID (VLAN ID) that would be assigned to untagged/priority-tagged frames/VLAN tagged frames
switchport acceptable-frame-type - Configures the acceptable frame type for the port
switchport ingress-filter - Enables ingress filtering on the port
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 317 DATACOM SYSTEMS CONFIDENTIAL
port mac-vlan - Enables MAC-based VLAN on the port
port protocol-vlan - Enables port protocol based VLANs
vlan restricted - Enables/disables restricted VLAN registration on the port
9.70 show vlan protocols-group
This command displays the protocol group database.
show vlan protocols-group [ switch <context_name>]
Syntax Description
switch
- Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show vlan protocols-group Protocol Group Table
--------------------
------------------------------------------
Frame Type Protocol Group
------------------------------------------
Enet-v2 IP 1
VS-2024-F DATACOM SYSTEMS INC
318 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Snap Novell 2
------------------------------------------
Multiple Instance: iss# show vlan protocols-group Switch - default
Protocol Group Table
--------------------
------------------------------------------
Frame Type Protocol Group
------------------------------------------
Enet-v2 IP 1
Snap Novell 2
------------------------------------------
Related Commands map protocol - Configures the group ID for a specific encapsulation and protocol value
combination
show protocol-vlan - Displays the entries in the protocol-VLAN database
switchport map protocols-group - Maps the protocol group configured to a particular VLAN identifier for the specified interface
9.71 show protocol-vlan
This command displays the entries in protocol-VLAN database.
show protocol-vlan [ switch <context_name>]
Syntax Description
switch
- Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show protocol-vlan
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 319 DATACOM SYSTEMS CONFIDENTIAL
Port Protocol Table
--------------------------------------
Port Group Vlan ID
--------------------------------------
Gi0/2 1 2
Gi0/1 2 3
--------------------------------------
Multiple Instance:
iss# show protocol-vlan Switch - default
Port Protocol Table
--------------------------------------
Port Group Vlan ID
--------------------------------------
Gi0/2 1 2
Gi0/1 2 3
--------------------------------------
Related Command
switchport map protocols-group - Maps the protocol group configured to a particular VLAN identifier for the specified interface
9.72 show mac-vlan
This command displays the entries in the MAC-VLAN database.
show mac-vlan [{interface <interface-type> <interface-id>] [ switch <context_name>]
Syntax interface - Interface Type and Identifier
VS-2024-F DATACOM SYSTEMS INC
320 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Description switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show mac-vlan interface gigabitethernet 0/1 Mac Map Table For Port 1--Mac Vlan Disabled
--------------------------
Mac Address Vlan ID MCast/Bcast
----------- ------- -----------
00:11:11:11:11:11 1 discard
00:22:22:22:22:22 1 allow
Multiple Instance: iss# show mac-vlan switch cust1 Switch - cust1
Mac Map Table
--------------
Mac Address Vlan ID
----------- -------
00:11:22:33:44:55 2
Related Commands
mac-vlan - Enables MAC-based VLAN for all the available interfaces of the VLAN
mac-map - Configures the VLAN-MAC address mapping
show vlan device info - Displays the VLAN global status variables
9.73 show subnet vlan mapping
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 321 DATACOM SYSTEMS CONFIDENTIAL
This command displays the entries in Subnet-VLAN database.
show subnet-vlan mapping [{interface <interface-type> <interface-id> | switch <string(32)>}]
Syntax Description
interface - Interface Type and Identifier
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show subnet -vlan mapping interface gigabitethernet 0/1
Subnet Map Table For Port 1--Subnet Vlan Enabled
-------------------------------------------------
Subnet Address Vlan ID ARP Traffic
-------------------------------------------------
14.0.0.0 1 allow
192.168.1.0 1 discard
Related Commands
map subnet: Configures a VLAN subnet mapping entry
show vlan device info - Displays the VLAN global status variables
VS-2024-F DATACOM SYSTEMS INC
322 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.74 show vlan counters
This command displays the VLAN counters database.
show vlan counters [vlan <vlan-range>] [ switch <context_name>]
Syntax Description
vlan - VLAN range.
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show vlan counters Port Vlan statistics
--------------------------
Port Gi0/1
Vlan ID : 1
In frames : 342
Out frames : 345
Discards : 0
Port Gi0/1
Vlan ID : 2
In frames : 446
Out frames : 248
Discards : 0
Port Gi0/2
Vlan ID : 2
In frames : 115
Out frames : 517
Discards : 7
Port Gi0/2
Vlan ID : 2
In frames : 0
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 323 DATACOM SYSTEMS CONFIDENTIAL
Out frames : 0
Discards : 0
Multiple Instance:
iss# show vlan counters Switch - default
Port Vlan statistics
--------------------------
Port Gi0/49
Vlan ID : 1
In frames : 75
Out frames : 0
Discards : 0
--------------------------
Switch - cust1
Port Vlan statistics
--------------------------
Port Gi0/1
Vlan ID : 1
In frames : 0
Out frames : 0
Discards : 0
--------------------------
Port Gi0/1
Vlan ID : 20
In frames : 0
Out frames : 0
Discards : 0
--------------------------
Port Gi0/2
Vlan ID : 1
In frames : 70
Out frames : 0
Discards : 0
--------------------------
VS-2024-F DATACOM SYSTEMS INC
324 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Port Gi0/2
Vlan ID : 30
In frames : 0
Out frames : 0
Discards : 2
--------------------------
Related Commands
vlan - Configures a VLAN in the switch and is also used to enter into the config-VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
9.75 show vlan statistics
This command displays VLAN statistics such as the number of unicast frames forwarded broadcast packets and unknown unicast packets flooded in that VLAN.
show vlan statistics [vlan <vlan-range>] [ switch <context_name>]
Syntax Description
vlan - VLAN range.
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 325 DATACOM SYSTEMS CONFIDENTIAL
Package Workgroup, Enterprise and Metro
Example Single Instance iss# show vlan statistics vlan 1 Unicast/broadcast Vlan statistics
-------------------------------------
Vlan Id : 1
Unicast frames received : 0
Mcast/Bcast frames received : 0
Unknown Unicast frames flooded : 0
Unicast frames transmitted : 0
Broadcast frames transmitted : 0
-------------------------------------
Multiple Instance iss# show vlan statistics vlan 1 switch sw1 Switch – sw1
Unicast/broadcast Vlan statistics
--------------------------------------
Vlan Id : 1
Unicast frames : 16
Broadcast frames : 10
Unicast frames flooded : 25
--------------------------------------
If VLAN ID is not specified in the command, statistics of all the VLAN existing in the system will be displayed.
Related Command
clear vlan statistics - Clears the VLAN counters
9.76 show mac-address-table
This command displays the static and dynamic unicast and multicast MAC address table.
VS-2024-F DATACOM SYSTEMS INC
326 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show mac-address-table [vlan <vlan-range>] [address <aa:aa:aa:aa:aa:aa>] [interface <interface-type> <interface-id> ]
Syntax Description
vlan - VLAN range
address - MAC address
interface - Interface type and ID
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show mac-address-table vlan 2 Vlan Mac Address Type ConnectionId Ports
---- ----------- ---- ----------- -----
2 00:01:02:03:04:21 Learnt Gi0/1
Total Mac Addresses displayed: 1
iss# show mac-address-table interface gigabitethernet 0/1
Vlan Mac Address Type ConnectionId Ports
---- ----------- ---- ----------- -----
2 00:01:02:03:04:21 Learnt Gi0/1
1 01:02:03:04:05:06 Static Gi0/1
Total Mac Addresses displayed: 2
If executed without the optional parameters this command displays all the static and dynamic MAC entries
Related Commands
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
mac-address-table static unicast - Configures a static unicast MAC address in the forwarding database
mac-address-table static multicast - Configures a static multicast MAC address in the forwarding database
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 327 DATACOM SYSTEMS CONFIDENTIAL
9.77 show dot1d mac-address-table This command displays the static/dynamic unicast and dynamic multicast FDB table entries, when the base bridge mode is transparent bridging.
show dot1d mac-address-table [address <aa:aa:aa:aa:aa:aa>] [{interface <interface-type> <interface-id> | switch <context_name>}]
Syntax Description
address - MAC address
interface-type, interface-id
- Interface type and ID
switch - Context/Switch Name
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show dot1d mac-address-table address 00:01:02:03:04:21 Mac Address Type Ports
----------- ---- -----
00:01:02:03:04:21 Learnt Gi0/2
Total Mac Addresses displayed: 1
iss# show dot1d mac-address-table interface gigabitethernet 0/2
Mac Address Type Ports
----------- ---- -----
00:01:02:03:04:21 Learnt Gi0/2
01:02:03:04:05:06 Static Gi0/2
Total Mac Addresses displayed: 2
If executed without the optional parameters this command displays all the static/dynamic unicast and dynamic multicast entries
Related Commands
VS-2024-F DATACOM SYSTEMS INC
328 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
mac-address-table static unicast – Transparent Bridging Mode - Configures a static unicast MAC address in the forwarding database when base bridge mode is transparent bridging.
mac-address-table static multicast – Transparent Bridging mode- Configures a static multicast MAC address in the forwarding database when base bridge mode is transparent bridging
9.78 show dot1d mac-address-table static unicast This command displays static unicast MAC address table when the base bridge mode is transparent bridging.
show dot1d mac-address-table static unicast [address <aa:aa:aa:aa:aa:aa>] [interface <interface-type> <interface-id>]
Syntax Description
address - MAC address
interface-type, interface-id
- Interface type and ID
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show dot1d mac-address-table static unicast address 00:01:02:03:04:21 Mac Address RecvPort Status Ports
----------- -------- ------ -----
00:11:22:33:44:55 Permanent Gi0/2
Total Mac Addresses displayed: 1
iss# show dot1d mac-address-table static unicast address 00:11:22:33:44:55 Mac Address RecvPort Status Ports
----------- -------- ------ -----
00:11:22:33:44:55 Permanent Gi0/2
Total Mac Addresses displayed: 1
If executed without the optional parameters this command displays all the static unicast MAC entries
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 329 DATACOM SYSTEMS CONFIDENTIAL
Related commands
mac-address-table static unicast – Transparent Bridging Mode - Configures a static unicast MAC address in the forwarding database when base bridge mode is transparent bridging.
9.79 show dot1d mac-address-table static multicast
This command displays static multicast MAC address table when the base bridge mode is transparent bridging.
show dot1d mac-address-table static multicast [address <aa:aa:aa:aa:aa:aa>] [interface <interface-type> <interface-id>]
Syntax Description
address - MAC address
interface-type, interface-id
- Interface type and ID
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show dot1d mac-address-table static multicast address 01:00:5E:01:02:03 Mac Address RecvPort Type Ports
----------- ---- ----- -----
01:00:5E:01:02:03 static Gi0/2-3
Total Mac Addresses displayed: 1
iss# show dot1d mac-address-table static multicast interface gigabitethernet 0/2
Mac Address RecvPort Type Ports
VS-2024-F DATACOM SYSTEMS INC
330 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
----------- ------ ---- -----
01:00:5E:01:02:03 static Gi0/2
01:00:5E:01:02:04 static Gi0/2
Total Mac Addresses displayed: 2
If executed without the optional parameters this command displays all the static multicast MAC entries
Related commands
mac-address-table static multicast – Transparent Bridging mode- Configures a static multicast MAC address in the forwarding database when base bridge mode is transparent bridging
9.80 show mac-address-table count
This command displays the number of MAC addresses present on all the VLANs or on the specified VLAN.
show mac-address-table count [vlan <vlan-id(1-4094)>] [ switch <context_name>]
Syntax Description
vlan
- VLAN ID
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance iss# show mac-address-table count Mac Entries for Vlan 1:
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 331 DATACOM SYSTEMS CONFIDENTIAL
--------------------------
Dynamic Unicast Address Count : 1
Dynamic Multicast Address Count : 0
Static Unicast Address Count : 1
Static Multicast Address Count : 1
----------------------------------------
Mac Entries for Vlan 2:
--------------------------
Dynamic Unicast Address Count : 1
Dynamic Multicast Address Count : 0
Static Unicast Address Count : 1
Static Multicast Address Count : 0
----------------------------------------
Multiple Instance: iss# show mac-address-table count switch cust1 Switch - cust1
Mac Entries for Vlan 1:
--------------------------
Dynamic Unicast Address Count : 1
Dynamic Multicast Address Count : 0
Static Unicast Address Count : 0
Static Multicast Address Count : 0
----------------------------------------
Mac Entries for Vlan 20:
--------------------------
Dynamic Unicast Address Count : 0
Dynamic Multicast Address Count : 0
Static Unicast Address Count : 0
Static Multicast Address Count : 0
----------------------------------------
Mac Entries for Vlan 30:
--------------------------
VS-2024-F DATACOM SYSTEMS INC
332 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Dynamic Unicast Address Count : 0
Dynamic Multicast Address Count : 0
Static Unicast Address Count : 0
Static Multicast Address Count : 0
----------------------------------------
If executed without the optional parameter this command displays the MAC addresses present on all the VLANs.
Related Commands
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
mac-address-table static unicast - Configures a static unicast MAC address in the forwarding database
mac-address-table static multicast - Configures a static multicast MAC address in the forwarding database
9.81 show mac-address-table static unicast
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 333 DATACOM SYSTEMS CONFIDENTIAL
This command displays the statically configured unicast addresses from the MAC address table.
show mac-address-table static unicast [vlan <vlan-range>] [address <aa:aa:aa:aa:aa:aa>] [{interface <interface-type> <interface-id> | switch <context_name>}]
Syntax Description
vlan - VLAN Id
address - MAC address
interface - Interface type and ID
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance:
iss# show mac-address-table static unicast Vlan Mac Address RecvPort Status ConnectionId Ports
---- ----------- -------- ------ ----- -------
2 00:11:22:33:44:55 Gi0/2 Del-OnTimeout Gi0/3
Multiple Instance:
iss# sh mac-address-table static unicast switch cust1 Switch - cust1
Vlan Mac Address SrvInst/ Status Ports
---- ----------- -------- ------ -----
1 00:11:22:33:44:55 Gi0/2 Permanent Gi0/3
Total Mac Addresses displayed: 1
If executed without the optional parameters this command displays the MAC address table for all the available interfaces.
Related Commands
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
mac-address-table static unicast - Configures a static unicast MAC address in the forwarding database
VS-2024-F DATACOM SYSTEMS INC
334 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show mac-address-table dynamic unicast - Displays the dynamic MAC address table for the specified address or for all the addresses
9.82 show mac-address-table static multicast
This command displays the statically configured multicast entries.
show mac-address-table static multicast [vlan <vlan-range>] [address <aa:aa:aa:aa:aa:aa>] [{interface <interface-type> <interface-id> | switch <context_name>}]
Syntax Description
vlan
- VLAN Id
address
- MAC address
interface - Interface type and ID
switch
- Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance:
iss# show mac-address-table static multicast Static Multicast Table
----------------------
Vlan : 1
Mac Address : 01:02:03:04:05:06
Receive Port : Gi0/1
Member Ports : Gi0/1
Forbidden Ports : Gi0/2
Status : Permanent
------------------------------------------------
Total Mac Addresses displayed: 1
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 335 DATACOM SYSTEMS CONFIDENTIAL
Multiple Instance:
iss# sh mac-address-table static multicast switch cust1 Switch - cust1
Static Multicast Table
----------------------
Vlan : 1
Mac Address : 01:02:03:04:05:06
Receive Port : Gi0/2
Member Ports : Gi0/3
Status : Permanent
------------------------------------------------
Total Mac Addresses displayed: 1
Related Commands
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
mac-address-table static multicast / mac address-table static mcast - Configures a static multicast MAC address in the forwarding database
show mac-address-table dynamic multicast - Displays the dynamic MAC address table for the specified address or for all the addresses
VS-2024-F DATACOM SYSTEMS INC
336 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.83 show mac-address-table dynamic unicast
This command displays the dynamically learnt unicast entries from the MAC address table.
show mac-address-table dynamic unicast [vlan <vlan-range>] [address <aa:aa:aa:aa:aa:aa>] [{interface <interface-type> <interface-id> | switch <context_name>}]
Syntax Description
vlan
- VLAN Id
address
- MAC address
interface
- Interface type and ID
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example Single Instance: iss# show mac-address-table dynamic unicast vlan 2 Vlan Mac Address Type ConnectionId Ports
---- ----------- ---- ------------ -----
2 00:01:02:03:04:21 Learnt Gi0/1
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 337 DATACOM SYSTEMS CONFIDENTIAL
Total Mac Addresses displayed: 1
Multiple Instance: iss# show mac-address-table dynamic unicast
Switch - default
Vlan Mac Address Type Ports
---- ----------- ---- -----
1 00:02:02:03:04:04 Learnt Gi0/2
1 00:03:02:03:04:04 Learnt Gi0/3
2 00:02:02:03:04:04 Learnt Gi0/2
2 00:03:02:03:04:04 Learnt Gi0/3
3 00:02:02:03:04:04 Learnt Gi0/2
3 00:03:02:03:04:04 Learnt Gi0/3
Total Mac Addresses displayed: 6
If executed without the optional parameters this command displays the MAC address table of all the available interfaces
Related Commands
vlan - Configures a VLAN in the switch and is also used to enter in to the config-VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
mac-address-table static unicast - Configures a static unicast MAC address in the forwarding database
show mac-address-table static unicast - Displays the statically configured unicast address from the MAC address table
VS-2024-F DATACOM SYSTEMS INC
338 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.84 show mac-address-table dynamic multicast
This command displays the dynamically learnt multicast MAC address.
show mac-address-table dynamic multicast [vlan <vlan-range>] [address <aa:aa:aa:aa:aa:aa>] [{interface <interface-type> <interface-id> | switch <context_name>}]
Syntax Description
vlan
- VLAN Id
address
- MAC address
interface - Interface type and ID
switch
- Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 339 DATACOM SYSTEMS CONFIDENTIAL
Package Workgroup, Enterprise and Metro
Example Single Instance:
iss# show mac-address-table dynamic multicast Vlan Mac Address Type ConnectionId Ports
---- ----------- ---- ------------ -----
2 01:03:05:07:09:04 Learnt Gi0/1
Total Mac Addresses displayed: 1
Multiple Instance:
iss# show mac-address-table dynamic multicast Switch - default
Vlan Mac Address Type Ports
---- ----------- ---- -----
2 01:02:02:02:02:02 Learnt Gi0/2, Gi0/3
3 01:02:02:02:02:02 Learnt Gi0/2
3 01:03:03:03:03:03 Learnt Gi0/3
Total Mac Addresses displayed: 3
If executed without the optional parameters this command displays the MAC address table of all the available interfaces.
Related Commands vlan - Configures a VLAN in the switch and is also used to enter into the config-VLAN mode
ports - Configures a static VLAN entry with the required member ports, untagged ports and forbidden ports
mac-address-table static multicast - Configures a static multicast MAC address in the forwarding database
show mac-address-table static multicast - Displays the statically configured multicast entries
VS-2024-F DATACOM SYSTEMS INC
340 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
9.85 show mac-address-table aging-time
This command displays the MAC address-table ageing time.
show mac-address-table aging-time [ switch <context_name>]
Syntax Description
switch
- Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
DATACOM SYSTEMS INC CHAPTER 9: VLAN
CLI USER MANUAL 341 DATACOM SYSTEMS CONFIDENTIAL
Example Single Instance:
iss# show mac-address-table aging-time Mac Address Aging Time: 300
Multiple Instance:
iss# show mac-address-table aging-time Context default: Mac Address Aging Time: 300
Related Commands
show mac-address-table - Displays the static and dynamic MAC entries
mac-address-table aging-time - Configures the MAC address table entry maximum age
9.86 show wildcard
This command displays wildcard Mac Address Table entries
show wildcard {mac-address <mac_addr> | broadcast} [switch <context_name>]
Syntax Description
mac-address / broadcast
- Unicast/Multicast/BroadCast Mac Address of Wildcard entry
VS-2024-F DATACOM SYSTEMS INC
342 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
switch - Context/Switch Name. This parameter is specific to Multiple Instance.
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show wildcard mac-address 01:02:03:04:05:06 Switch default
Wild Card Entries:
------------------
Mac Address Ports
---------------- , -------------------
01:02:03:04:05:06 Gi0/1
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 343 DATACOM SYSTEMS CONFIDENTIAL
Chapter
11 10.SNMPv3
SNMP (Simple Network Management Protocol) is the most widely-used network management protocol on TCP/IP-based networks. SNMPv3 is designed mainly to overcome the security shortcomings of SNMPv1/v2. USM (User based Security Model) and VACM (View based Access Control Model) are the main features added as part of the SNMPv3 specification. USM provides for both encryption and authentication of the SNMP PDUs, while VACM specifies a mechanism for defining access policies for different users with different MIB trees. Also, SNMPv3 specifies a generic management framework, which is expandable for adding new Management Engines, Security Models, Access Control Models and so on. With SNMPv3, the SNMP communication is completely safe and secure.
SNMPv3 is a multi-lingual Agent supporting all three versions of SNMP (SNMPv1, SNMPv2c and SNMPv3) while conforming to the latest specifications. It is available as a portable source code product, which can be easily integrated to any platform (any OS and any Processor). MIB integration is made simple with the aid of a tool called Middle Level Code Generator (MIDGEN), which is available along with DatacomSystems SNMP. MIDGEN generates the interface stubs required for every object in the MIB for the SET, GET and GETNEXT operations.
These stubs can be implemented by the respective modules supporting the MIB. DatacomSystems SNMP is provided as source code available for licensing to OEMs and VARs who wish to incorporate the multi-lingual SNMP functionality into their products.
The list of CLI commands for the configuration of SNMPv3 is as follows:
enable snmpsubagent
disable snmpsubagent
show snmp agentx information
show snmp agentx statistics
enable snmpagent
disable snmpagent
VS-2024-F DATACOM SYSTEMS INC
344 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
snmp community index
snmp group
snmp access
snmp engineid
snmp proxy name
snmp mibproxy name
snmp view
snmp targetaddr
snmp targetparams
snmp user
snmp notify
snmp filterprofile
snmp-server enable traps snmp authentication
snmp-server trap udp-port
snmp-server trap proxy-udp-port
snmp agent port
snmp tcp enable
snmp trap tcp enable
snmp-server tcp-port
snmp-server trap tcp-port
snmp-server enable traps
show snmp
show snmp community
show snmp group
show snmp group access
show snmp engineID
show snmp proxy
show snmp mibproxy
show snmp viewtree
show snmp targetaddr
show snmp targetparam
show snmp user
show snmp notif
show snmp inform statistics
show snmp-server traps
show snmp-server proxy-udp-port
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 345 DATACOM SYSTEMS CONFIDENTIAL
show snmp tcp
show snmp filter table
VS-2024-F DATACOM SYSTEMS INC
346 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.1 enable snmpsubagent
This command enables either snmp agent or agentx-subagent capabilities.
enable snmpsubagent { master { ip4 <ipv4_address> | ip6 <ipv6_address> } [port <number>] }
Syntax Description
snmpsubagent - Enables SNMP Subagent
master - The master agent address. It can be either ip4 or ip6.
port - Port number on which master agent listens subagent.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults port - 705
Example iss(config)# enable snmpsubagent master ip4 10.0.0.5 port 897
Related Commands
show snmp agentx information - Displays global information of SNMP Agentx communications.
show snmp agentx statistics - Displays all the information regarding SNMP Agentx statistics.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 347 DATACOM SYSTEMS CONFIDENTIAL
10.2 disable snmpsubagent This command disables agentx-subagent.
disable snmpsubagent
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# disable snmpsubagent
Related Commands
show snmp agentx information - Displays global information of SNMP Agentx communications.
show snmp agentx statistics - Displays all the information regarding SNMP Agentx statistics.
VS-2024-F DATACOM SYSTEMS INC
348 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.3 show snmp agentx information
This command displays global information of SNMP Agentx communications.
show snmp agentx information
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp agentx information
Agentx Subagent is enabled
TransportDomain :TCP
Master IP Address :10.0.0.2
Master PortNo :705
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 349 DATACOM SYSTEMS CONFIDENTIAL
10.4 show snmp agentx statistics
This command displays all the information regarding SNMP Agentx statistics.
show snmp agentx statistics
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp agentx statistics
Tx Statistics
Transmitted Packets :860
Open PDU :1
Index Allocate PDU :0
Index DeAllocate PDU :0
Register PDU :2
Add Agent Capabilities PDU :0
Notify PDU :0
Ping PDU :20
Remove Agent Capabilities PDU :0
UnRegister PDU :0
Close PDU :0
Response PDU :837
Rx Statistics
Rx Packets :859
Get PDU :1
GetNext PDU :836
GetBulk PDU :0
TestSet PDU :0
Commit PDU :0
Cleanup PDU :0
VS-2024-F DATACOM SYSTEMS INC
350 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Undo PDU :0
Dropped Packets :0
Parse Drop Errors :1
Open Fail Errors :0
Close PDU :0
Response PDU :21
10.5 enable snmpagent
This command enables SNMP agent.
enable snmpagent
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults SNMP agent is enabled.
Example iss(config)# enable snmpagent
Related Commands
disable snmpagent - Disables SNMP agent.
enable snmpsubagent - Enables either snmp agent or agentx-subagent capabilities.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 351 DATACOM SYSTEMS CONFIDENTIAL
10.6 disable snmpagent
This command disables SNMP agent.
disable snmpagent
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# disable snmpagent
Related Commands
enable snmpagent - Enables SNMP agent.
enable snmpsubagent - Enables either snmp agent or agentx-subagent capabilities.
VS-2024-F DATACOM SYSTEMS INC
352 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.7 snmp community index
This command configures the SNMP community details. The no form of this command removes the SNMP community details.
snmp community index <CommunityIndex> name <CommunityName> security <SecurityName> [context <Name >] [{volatile | nonvolatile}] [transporttag <TransportTagIdentifier | none>] [contextengineid <ContextEngineID>]
no snmp community index <CommunityIndex>
Syntax Description
CommunityIndex
- Community index identifier
name
- Community name
security
- User Name
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 353 DATACOM SYSTEMS CONFIDENTIAL
context
- Context name through which the management information is accessed when using the community string specified by the corresponding instance of SNMP community name
volatile | nonvolatile
- Storage type
transporttag
- Transport tag identifier
contextengineid Context engine identifier.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Community Index
- NETMAN/PUBLIC
CommunityName
- NETMAN/PUBLIC
Security Name
- None
ContextName
- Null
Transport Tag
- Null
Storage type
- Volatile
Example iss(config)# snmp community index myv3com name myv3com security xyz context myinst nonvolatile transporttag myv3tag
The community index identifier must be unique for every community name entry.
Related Commands show snmp - Displays the status information of SNMP communications
show snmp community - Displays the configured SNMP community details
VS-2024-F DATACOM SYSTEMS INC
354 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.8 snmp group
This command configures SNMP group details. The no form of the command removes the SNMP group details.
snmp group <GroupName> user <UserName> security-model {v1 | v2c | v3 } [{volatile | nonvolatile}]
no snmp group <GroupName> user <UserName> security-model {v1 | v2c | v3 }
Syntax Description
GroupName
- Name of the SNMP group
user
- User Name
security-model
- Security Model
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 355 DATACOM SYSTEMS CONFIDENTIAL
volatile | nonvolatile
- Storage Type
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Group Name
- iso/initial
Example iss(config)# snmp group myv3group user myv3user security-model v1 volatile
Related Commands
show snmp group - Displays the configured SNMP groups
show snmp user - Displays the configured SNMP users
10.9 snmp access
This command configures the SNMP group access details. The no form of the command removes the SNMP group access details.
snmp access <GroupName> {v1 | v2c | v3 {auth | noauth | priv}} [read <ReadView | none>] [write <WriteView | none>] [notify <NotifyView | none>] [{volatile | nonvolatile}] [context <name>]
no snmp access <GroupName> {v1 | v2c | v3 {auth | noauth | priv}} [context <name>]
Syntax Description
GroupName
- Name of the group
VS-2024-F DATACOM SYSTEMS INC
356 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
v1 | v2c | v3
- Version of the SNMP
auth
- Authentication - Enables Message digest (MD5) or Secure Hash Algorithm (SHA) packet authentication
noauth
- no-authentication
priv
- Specifies both authentication and privacy
read
- A read view identifier
write
- A write view identifier
notify
- A notification view identifier
volatile | nonvolatile
- Storage type
context - Name of the SNMP context
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Group Name
- iso
Read/Write/Notify view
- iso
Storage Type
- volatile
Group Name
- initial
Read/Write/Notify View
- restricted
Storage Type
- non-volatile
Group Name
- initial
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 357 DATACOM SYSTEMS CONFIDENTIAL
Read/Write/Notify View
- iso
Storage Type
- non-volatile
Example iss(config)# snmp access myv2group v2 read v2readview write v2writeview notify v2notifyview nonvolatile
To configure an SNMP access along with the group, a group must have already been created using the snmp group command
Version 3 is the most secure model as it allows packet encryption with the priv key word
Related Commands
snmp group - Configures SNMP group details
snmp view - Configures the SNMP view
show snmp group - Displays the configured SNMP groups
show snmp group access - Displays the configured SNMP group access details
show snmp viewtree - Displays the configured SNMP Tree views
10.10 snmp engineid
This command configures the engine identifier. The no form of the command removes the configured engine identifier.
snmp engineid <EngineIdentifier>
no snmp engineid
Syntax Description
EngineIdentifier
- Engine ID
Mode Global Configuration Mode
VS-2024-F DATACOM SYSTEMS INC
358 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Package Workgroup, Enterprise and Metro
Defaults 80.00.08.1c.04.46.53
Example iss(config)# snmp engineid 80.0.08.1c.04.5f.a9
The Engine ID must be given as octets in hexadecimal separated by dots and the allowed length is 5 to 32 octets.
SNMP engine ID is an administratively unique identifier.
Changing the value of the SNMP engine ID has significant effects.
All the user information will be updated automatically to reflect the change
Related Commands
show snmp engineID - Displays the Engine Identifier
show snmp user - Displays the configured SNMP users
10.11 snmp proxy name
This command configures the proxy. The no form of the command removes the proxy.
snmp proxy name <ProxyName> ProxyType {Read | Write | inform | Trap} ContextEngineID <EngineId> TargetParamsIn <TargetParam> TargetOut <TargetOut> [ContextName <ProxyContextName>] [StorageType {volatile | nonvolatile}]
no snmp proxy name <ProxyName>
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 359 DATACOM SYSTEMS CONFIDENTIAL
Syntax Description
ProxyName - The locally arbitrary, but unique identifier associated with the tProxyEntry.
This will be the INDEX used for the Proxy Table.
ProxyType - Type of message that are forwarded using the translation parameters. Options are:
Read
Write
Inform
Trap ContextEngineID - Context engine identifier contained in messages
that are forwarded using the translation parameters.
TargetParamsIn - This object selects an entry in the snmpTargetParamsTable. The selected entry is used to determine which row of the snmpProxyTable is to be used for forwarding the received messages.
TargetOut - This object selects a management target defined in the snmpTargetAddrTable (in the SNMP-TARGET-MIB). The selected target is defined by an entry in the snmpTargetAddrTable whose index value (snmpTargetAddrName) is equal to this object.
This object is only used when selection of a single target is required (that is, when forwarding an incoming read or write request).
ContextName - Context name contained in messages that are forwarded using the translation parameters.
Storage Type - Storage type. Options are:
volatile
nonvolatile Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Storage Type - nonvolatile
Example iss(config)# snmp proxy name proxy1 ProxyType write ContextEngineID 80.00.08.1c.04.46.53 TargetParamsIn param2 TargetOut target2 ContextName pxyctxtname StorageType nonvolatile
Related Commands
VS-2024-F DATACOM SYSTEMS INC
360 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show snmp proxy - Displays proxy details.
10.12 snmp mibproxy name
This command configures the proxy. The no form of the command removes the proxy.
snmp mibproxy name <ProxyName> ProxyType {Read | Write | inform | Trap} mibid <MibId> TargetParamsIn <TargetParam> TargetOut <TargetOut> [StorageType {volatile | nonvolatile}]
no snmp mibproxy name <ProxyMibName>
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 361 DATACOM SYSTEMS CONFIDENTIAL
Syntax Description
ProxyName
- The locally arbitrary, but unique identifier associated with the tProxyEntry.
This will be the INDEX used for the Proxy Table.
ProxyType
- Type of message that are forwarded using the translation parameters. Options are:
Read
Write
Inform
Trap mibid - MIB identifier.
TargetParamsIn - This object selects an entry in the snmpTargetParamsTable. The selected entry is used to determine which row of the snmpProxyTable to use for forwarding the received messages.
TargetOut - This object selects a management target defined in the snmpTargetAddrTable (in the SNMP-TARGET-MIB). The selected target is defined by an entry in the snmpTargetAddrTable whose index value (snmpTargetAddrName) is equal to this object.
This object is only used when selection of a single target is required (that is, when forwarding an incoming read or write request).
ContextName - Context name contained in messages that are forwarded using the translation parameters
Storage Type - Storage type. Options are:
volatile
nonvolatile Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Storage Type - nonvolatile
Example iss(config)# snmp mibproxy name mibproxy1 ProxyType read mibid 1 TargetParamsIn param1 TargetOut target1 StorageType nonvolatile
Related Commands
show snmp mibproxy - Displays proxy details.
VS-2024-F DATACOM SYSTEMS INC
362 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.13 snmp view
This command configures the SNMP view. The no form of the command removes the SNMP view.
snmp view <ViewName> <OIDTree> [mask <OIDMask>] {included | excluded} [{volatile | nonvolatile}]
no snmp view <ViewName> <OIDTree>
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 363 DATACOM SYSTEMS CONFIDENTIAL
Syntax Description
ViewName
- View Name
OIDTree
- Object Identifier
OIDMask | none
- Defines views' subtrees
included | excluded
- Type of view
volatile | nonvolatile
- Type of storage
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults View Name
- iso/restricted
OIDTree
- 1
OIDMask
- None
View type - included
Storage type
- non-volatile
Example iss(config)# snmp view v2readview 1.3.6.1 mask 1.1.1.1 included nonvolatile
To configure an SNMP view (read/write/notify), a group must have already been created using the snmp group command and SNMP group access must be configured using the snmp access command.
Related Commands
snmp access - Configures the SNMP group access details
show snmp viewtree - Displays the configured SNMP Tree views
show snmp group access - Displays the configured SNMP group access details
VS-2024-F DATACOM SYSTEMS INC
364 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.14 snmp targetaddr
This command configures the SNMP target address. The no form of the command removes the configured SNMP target address.
snmp targetaddr <TargetAddressName> param <ParamName> {<IPAddress> | <IP6Address>} [timeout <Seconds(1-1500)] [retries <RetryCount(1-3)] [taglist <TagIdentifier | none>] [{volatile | nonvolatile}] [port <integer (1-65535)>]
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 365 DATACOM SYSTEMS CONFIDENTIAL
no snmp targetaddr <TargetAddressName>
Syntax Description
TargetAddressName - Name of the Target address (host)
param - SNMP parameter Name
IPAddress/ IP6Address
- IP/IP6 Address of the host
timeout - The time the SNMP agent waits for a response from the SNMP Manager before retransmitting the Inform Request Message
retries - The Maximum number of times the agent can retransmit the Inform Request Message
taglist - Tag Identifier
volatile | nonvolatile
- Storage type
port - SNMP Manager port number for sending the TRAP/INFORM messages to SNMP Manager. This value ranges between 1 and 65535.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults ParamName - Internet
IPAddress - 10.0.0.10
taglist - snmp
volatile | nonvolatile - volatile
port - 162
VS-2024-F DATACOM SYSTEMS INC
366 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Example iss(config)# snmp targetaddr issmgr param issd 10.0.0.10 taglist mytag nonvolatile
Target param must have been configured.
Related Commands
show snmp targetaddr - Displays the configured SNMP target Addresses
snmp targetparams - Configures the SNMP target parameters
show snmp targetparam - Displays the configured SNMP Target Address Params
10.15 snmp targetparams
This command configures the SNMP target parameters. The no form of the command removes the SNMP target parameters.
snmp targetparams <ParamName> user <UserName> security-model {v1 | v2c | v3 {auth | noauth | priv}} message-processing {v1 | v2c | v3} [{volatile
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 367 DATACOM SYSTEMS CONFIDENTIAL
| nonvolatile}] [filterprofile-name <profilename> ] [filter-storagetype {volatile | nonvolatile}]
no snmp targetparams <ParamName>
Syntax Description
ParamName - SNMP Parameter Name
user - User Name
security-model - Security Model
auth - Authentication - Enables Message digest (MD5) or Secure Hash Algorithm (SHA) packet authentication
noauth - no-authentication
priv - Specifies both authentication and privacy
message-processing
- Message processing model
volatile | nonvolatile
- Storage type
filterprofile-name
- Name of the filter profile to be used for the specified target address.
filter-storagetype
- Storage type for the filter. This can be:
volatile - Temporary storage. Details are lost once restarted.
nonvolatile - Permanent storage. Details are present even after restart.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults ParamName - internet
User/Security Name - None
VS-2024-F DATACOM SYSTEMS INC
368 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Security Model - v2c
Security Level - NoauthNoPriv
Message Processing Model
- v2c
Storage Type - Non-volatile
ParamName - test1
User/Security Name - None
Security Model - v1
Security Level - NoauthNoPriv
Message Processing Model
- v1
Storage Type - Non-volatile
Example iss(config)# snmp targetparams param1 user user1 security-model v3 noauth message-processing v3
User information must have been configured prior to the configuration of SNMP target parameters
Related Commands snmp user - Configures the SNMP user details
snmp filterprofile - Creates Notify filter Table
show snmp targetparam - Displays the configured SNMP Target Address Params
show snmp user - Displays the configured SNMP users.
10.16 snmp user
This command configures the SNMP user details. The no form of the command removes the SNMP user details.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 369 DATACOM SYSTEMS CONFIDENTIAL
snmp user <UserName> [auth {md5 | sha} <passwd> [priv DES <passwd>]] [{volatile | nonvolatile}] [EngineId <EngineID>]
no snmp user <UserName> [EnginId <EngineID>]
Syntax Description
UserName
- Name of the User
auth
- Authentication Algorithm - can be Message Digest 5 or Secure Hash Algorithm
passwd
- Password associated with the Authentication type
priv DES
- Private encryption password
volatile | nonvolatile
- Storage type - can be either volatile or non-volatile
EngineId - SNMP engine identifier
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults UserName
- Initial
Authentication Protocol
- None
Privacy Protocol
- None
Storage type
- Non-volatile
Storage type
- Non-volatile
Example iss(config)# snmp user user1
SNMP passwords are localized using the local SNMP engine ID
VS-2024-F DATACOM SYSTEMS INC
370 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Related Commands
show snmp engineID - Displays the Engine Identifier
show snmp user - Displays the configured SNMP users
10.17 snmp notify
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 371 DATACOM SYSTEMS CONFIDENTIAL
This command configures the SNMP notification details. The no form of this command removes the SNMP notification details.
snmp notify <NotifyName> tag <TagName> type {Trap | Inform} [{volatile | nonvolatile}]
no snmp notify <NotifyName>
Syntax Description
NotifyName
- Notification Name
tag - Tag Name
type - Type of Notification
volatile | nonvolatile
Storage type of the notification details
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Notify Name
- iss/iss1
Notify Tag
- iss/iss1
Storage type
- volatile
Example iss(config)# snmp notify note1 tag tag1 type Inform
Related Commands
show snmp notif - Displays the configured SNMP Notifications
show snmp targetaddr - Displays the configured SNMP target Addresses
VS-2024-F DATACOM SYSTEMS INC
372 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.18 snmp filterprofile
This command creates Notify filter Table. The no form of the command removes the filter entry from the table.
snmp filterprofile <profile-name> <OIDTree> [mask <OIDMask>] {included | excluded} [{volatile | nonvolatile}]
no snmp filterprofile <profilename> <OIDTree>
Syntax Description
profile-name
- Name of the filter profile.
OIDTree - Object Identifier
mask <OIDMask>
- Defines a family of subtrees, in combination with the object identifier.
included | excluded
- Type of filter. This indicates whether the OID and mask should be included in or excluded from the fileter profile.
volatile | nonvolatile
- Storage type.
volatile - Temporary storage. Details are lost once restarted.
nonvolatile - Permanent storage. Details are present even after restart.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# snmp filterprofile filter1 1.5 mask 1.1 included nonvolatile
Related Commands show snmp filter table - Displays the configured SNMP filters
snmp targetparams - Configures the SNMP target parameters
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 373 DATACOM SYSTEMS CONFIDENTIAL
10.19 snmp-server enable traps snmp authentication
This command enables generation of authentication traps for SNMPv1 and SNMPv2c. The no form of the command disables generation of authentication traps for SNMPv1 and SNMPv2c.
snmp-server enable traps snmp authentication
no snmp-server enable traps snmp authentication
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Generation of authentication traps is disabled by default.
Example iss(config)# snmp-server enable traps snmp authentication
VS-2024-F DATACOM SYSTEMS INC
374 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.20 snmp-server trap udp-port
This command configures the udp port over which agent sends the trap. The no form of the command configures the snmp agent to sent trap on default udp port.
snmp-server trap udp-port <port>
no snmp-server trap udp-port
Syntax Description
port - Port number
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# snmp-server trap udp-port 1234
Related Commands show snmp notif - Displays the configured SNMP Notification types.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 375 DATACOM SYSTEMS CONFIDENTIAL
10.21 snmp-server trap proxy-udp-port
This command configures the udp port over which agent sends the trap. The no form of the command configures the snmp agent to sent trap on default udp port.
snmp-server trap proxy-udp-port <port>
no snmp-server trap proxy-udp-port
Syntax Description
port - Port number
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 162
Example iss(config)# snmp-server trap proxy-udp-port 162
Related Commands
show snmp-server proxy-udp-port - Displays the proxy udp port.
VS-2024-F DATACOM SYSTEMS INC
376 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.22 snmp agent port
This command configures the agent port on which agent listens.
snmp agent port <port>
Syntax Description
port - Port number. This value ranges between 1 and 65535.
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 161
Example iss(config)# snmp agent port 100
Related Commands
show snmp - Displays the status information of SNMP communications
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 377 DATACOM SYSTEMS CONFIDENTIAL
10.23 snmp tcp enable
This command enables sending snmp messages over tcp. The no form of the command disables sending snmp messages over tcp.
snmp tcp enable
no snmp tcp enable
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Disabled
Example iss(config)# snmp tcp enable
Related Commands
show snmp tcp - Displays the configuration for snmp over tcp.
VS-2024-F DATACOM SYSTEMS INC
378 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.24 snmp trap tcp enable
This command enables sending snmp trap messages over tcp. The no form of the command disables sending snmp trap messages over tcp.
snmp trap tcp enable
no snmp trap tcp enable
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults Disabled
Example iss(config)# snmp trap tcp enable
Related Commands
show snmp tcp - Displays the configuration for snmp over tcp.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 379 DATACOM SYSTEMS CONFIDENTIAL
10.25 snmp-server tcp-port
This command configures the tcp port over which agent sends the snmp message. The no form of the command configures the snmp agent to sent snmp message on default tcp port.
snmp-server tcp-port <port>
no snmp-server tcp-port
Syntax Description
port - Port number
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 161
Example iss(config)# snmp-server tcp-port 161
Related Commands
show snmp tcp - Displays the configuration for snmp over tcp.
VS-2024-F DATACOM SYSTEMS INC
380 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.26 snmp-server trap tcp-port
This command configures the tcp port over which agent sends the trap. The no form of the command configures the snmp agent to sent trap on default tcp port.
snmp-server trap tcp-port <port>
no snmp-server trap tcp-port
Syntax Description
port - Port number
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 162
Example iss(config)# snmp-server trap tcp-port 162
Related Commands
show snmp tcp - Displays the configuration for snmp over tcp.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 381 DATACOM SYSTEMS CONFIDENTIAL
10.27 snmp-server enable traps
This command enables generation of a particular trap. The no form of the command disables generation of a particular trap.
snmp-server enable traps {[firewall-limit] [linkup] [linkdown] [sip-states] [sip-cfg-change] [coldstart] [poe-power] [dhcp-pool-limit] [dsx1-line]}
no snmp-server enable traps {[firewall-limit] [linkup] [linkdown] [sip-states] [sip-cfg-change] [coldstart] [poe-power] [dhcp-pool-limit] [dsx1-line]}
Syntax Description
firewall-limit
- Firewall attack summary trap
linkup - Linkup trap
linkdown - Linkdown trap
sip-states - SIP states trap
sip-cfg-change
- SIP configuration change trap
coldstart - Coldstart trap
poe-power - Power on Ethernet trap
dhcp-pool-limit
- DHCP Server pool limit trap
dsx1-line - DSX1 line trap
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config)# snmp-server enable traps firewall-limit
Related Commands
show snmp-server traps - Displays the set of traps that are currently enabled.
VS-2024-F DATACOM SYSTEMS INC
382 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.28 show snmp
This command displays the status information of SNMP communications.
show snmp
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp
0 SNMP Packets Input
0 Bad SNMP Version errors
0 Unknown community name
0 Get request PDUs
0 Get Next PDUs
0 Set request PDUs
0 SNMP Packets Output
0 Too big errors
0 No such name errors
0 Bad value errors
0 General errors
0 Trap PDUs
0 SNMP Rollback failures
SNMP Manager-role output packets
0 Drops
SNMP Informs:
0 Inform Requests generated
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 383 DATACOM SYSTEMS CONFIDENTIAL
0 Inform Responses received
0 Inform messages Dropped
0 Inform Requests awaiting Acknowledgement
SNMP Trap Listen Port is 162
snmp agent port : 170
Related Command snmp agent port - Configures the agent port on which agent listens
10.29 show snmp community
This command displays the configured SNMP community details.
show snmp community
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
384 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Example iss# show snmp community Community Index: NETMAN
Community Name: NETMAN
Security Name: none
Context Name:
Transport Tag:
Storage Type: volatile
Row Status: active
------------------------------
Community Index: PUBLIC
Community Name: PUBLIC
Security Name: none
Context Name:
Transport Tag:
Storage Type: volatile
Row Status: active
Related Command snmp community index - Configures the SNMP community details
10.30 show snmp group
This command displays the configured SNMP groups.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 385 DATACOM SYSTEMS CONFIDENTIAL
show snmp group
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp group Security Model: v1
Security Name: none
Group Name: iso
Storage Type: volatile
Row Status: active
------------------------------
Security Model: v2c
Security Name: none
Group Name: iso
Storage Type: volatile
Row Status: active
------------------------------
Security Model: v3
Security Name: initial
Group Name: initial
Storage Type: nonVolatile
Row Status: active
------------------------------
Security Model: v3
Security Name: templateMD5
Group Name: initial
Storage Type: nonVolatile
Row Status: active
------------------------------
Security Model: v3
Security Name: templateSHA
Group Name: initial
Storage Type: nonVolatile
Row Status: active
VS-2024-F DATACOM SYSTEMS INC
386 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Related Commands
snmp group - Configures the SNMP group details
snmp user - Configures the SNMP user details
10.31 show snmp group access
This command displays the configured SNMP group access details.
show snmp group access
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp group access Group Name: iso
Read View: iso
Write View: iso
Notify View: iso
Storage Type: volatile
Row Status: active
------------------------------
Group Name: iso
Read View: iso
Write View: iso
Notify View: iso
Storage Type: volatile
Row Status: active
------------------------------
Group Name: initial
Read View: restricted
Write View: restricted
Notify View: restricted
Storage Type: nonVolatile
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 387 DATACOM SYSTEMS CONFIDENTIAL
Row Status: active
------------------------------
Group Name: initial
Read View: iso
Write View: iso
Notify View: iso
Storage Type: nonVolatile
Row Status: active
Related Commands
snmp access - Configures the SNMP group access details
snmp view - Configures the SNMP view
10.32 show snmp engineID
This command displays the Engine Identifier.
show snmp engineID
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp engineID EngineId: 80.00.08.1c.04.46.53
Related Command
snmp engineid - Configures the engine identifier
VS-2024-F DATACOM SYSTEMS INC
388 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.33 show snmp proxy
This command displays proxy details.
show snmp proxy
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 389 DATACOM SYSTEMS CONFIDENTIAL
Example iss# show snmp proxy Proxy Name : PROXY1
Proxy ContextEngineID : 80.00.08.1c.04.46.54
Proxy ContextName :
Proxy TargetParamIn : param1
Proxy SingleTargetOut : Tgt1
Proxy MultipleTargetOut :
Proxy Type : Read
Storage Type : Non-volatile
Row Status : Active
----------------------------------------------------
Proxy Name : PROXY2
Proxy ContextEngineID : 80.00.08.1c.04.46.54
Proxy ContextName :
Proxy TargetParamIn : param1
Proxy SingleTargetOut : Tgt1
Proxy MultipleTargetOut :
Proxy Type : Write
Storage Type : Non-volatile
Row Status : Active
----------------------------------------------------
Related Command
snmp proxy name - Configures the proxy.
10.34 show snmp mibproxy
This command displays proxy details.
VS-2024-F DATACOM SYSTEMS INC
390 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
show snmp mibproxy
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp mibproxy Prop Proxy Name : proxy1
Prop MibID : 2
Prop Proxy TargetParamIn : param1
Prop Proxy SingleTargetOut : target1
Prop Proxy MultipleTargetOut :
Prop Proxy Type : Read
Prop Storage Type : Non-volatile
Prop Row Status : Active
----------------------------------------------------
Related Command
snmp mibproxy name - Configures the proxy.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 391 DATACOM SYSTEMS CONFIDENTIAL
10.35 show snmp viewtree
This command displays the configured SNMP Tree views.
show snmp viewtree
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp viewtree View Name: iso
Subtree OID: 1
Subtree Mask:
View Type: included
Storage Type: nonVolatile
Row Status: active
------------------------------
View Name: restricted
Subtree OID: 1
Subtree Mask:
View Type: included
Storage Type: nonVolatile
Row Status: active
------------------------------
Related Command
snmp view - Configures the SNMP view
VS-2024-F DATACOM SYSTEMS INC
392 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.36 show snmp targetaddr
This command displays the configured SNMP target Addresses.
show snmp targetaddr
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# sh snmp targetaddr
Target Address Name : ht231
IP Address : 12.0.0.100
Port : 150
Tag List : tg231
Parameters : pa231
Storage Type : Non-volatile
Row Status : Active
------------------------------
Related Commands snmp targetaddr - Configures the SNMP target address
snmp targetparams - Configures the SNMP target parameters
snmp notify - Configures the SNMP notification details
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 393 DATACOM SYSTEMS CONFIDENTIAL
10.37 show snmp targetparam
This command displays the configured SNMP Target Address Params.
show snmp targetparam
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# sh snmp targetparam
Target Parameter Name : internet
Message Processing Model : v2c
Security Model : v2c
Security Name : none
Security Level : No Authenitcation, No Privacy
Storage Type : Non-volatile
Row Status : Active
Filter Profile Name : None
Row Status : Active
------------------------------
Target Parameter Name : pa231
Message Processing Model : v3
Security Model : v3
Security Name : u231
Security Level : No Authenitcation, No Privacy
Storage Type : Volatile
VS-2024-F DATACOM SYSTEMS INC
394 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Row Status : Active
Filter Profile Name : filter1
Row Status : Active
------------------------------
Target Parameter Name : test1
Message Processing Model : v2c
Security Model : v1
Security Name : none
Security Level : No Authenitcation, No Privacy
Storage Type : Non-volatile
Row Status : Active
Filter Profile Name : None
Row Status : Active
------------------------------
Related Commands
snmp targetparams - Configures the SNMP target parameters
snmp user - Configures the SNMP user details
10.38 show snmp user
This command displays the configured SNMP users.
show snmp user
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp user Engine ID: 80.00.08.1c.04.46.53
User: initial
Authentication Protocol: none
Privacy Protocol: none
Storage Type: nonVolatile
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 395 DATACOM SYSTEMS CONFIDENTIAL
Row Status: active
------------------------------
Engine ID: 80.00.08.1c.04.46.53
User: templateMD5
Authentication Protocol: MD5
Privacy Protocol: none
Storage Type: nonVolatile
Row Status: active
------------------------------
Engine ID: 80.00.08.1c.04.46.53
User: templateSHA
Authentication Protocol: SHA
Privacy Protocol: DES_CBC
Storage Type: nonVolatile
Row Status: active
------------------------------
Related Commands snmp user - Configures the SNMP user details
show snmp community - Displays the configured SNMP community details
10.39 show snmp notif
This command displays the configured SNMP Notification types.
show snmp notif
VS-2024-F DATACOM SYSTEMS INC
396 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp notif Notify Name: iss
Notify Tag: iss
Notify Type: trap
Storage Type: volatile
Row Status: active
------------------------------
Notify Name: iss1
Notify Tag: iss1
Notify Type: trap
Storage Type: volatile
Row Status: active
Related Commands
snmp notify - Configures the SNMP notification details
snmp targetparams - Configures the SNMP target parameters
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 397 DATACOM SYSTEMS CONFIDENTIAL
10.40 show snmp inform statistics
This command displays the inform message statistics.
show snmp inform statistics
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp inform statistics Target Address Name : issmanager
IP Address : 10.0.0.10
Inform messages sent : 20
Acknowledgement awaited for : 2 Inform messages
Inform messages dropped : 0
Acknowledgement failed for : 0 Inform messages
Informs retransmitted: 0
Inform responses received: 18
SNMP Manager must have been configured and Inform type notifications must have been generated.
VS-2024-F DATACOM SYSTEMS INC
398 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.41 show snmp-server traps
This command displays the set of traps that are currently enabled.
show snmp-server traps
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp-server traps Currently enabled traps:
------------------------
linkup,linkdown,
Related Command
snmp-server enable traps - Enables generation of a particular trap.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 399 DATACOM SYSTEMS CONFIDENTIAL
10.42 show snmp-server proxy-udp-port
This command displays the proxy udp port.
show snmp-server proxy-udp-port
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp-server proxy-udp-port snmp-server proxy-udp-port : 162
Related Command
snmp-server trap proxy-udp-port - Configures the udp port over which agent sends the trap.
VS-2024-F DATACOM SYSTEMS INC
400 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
10.43 show snmp tcp
This command displays the configuration for snmp over tcp.
show snmp tcp
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp tcp snmp over tcp disabled
snmp trap over tcp disabled
snmp listen tcp port 161
Snmp listen tcp trap port 162
Related Command
snmp tcp enable – Enables sending snmp messages over tcp.
snmp trap tcp enable - Enables sending snmp trap messages over tcp.
snmp-server tcp-port – Configures the tcp port over which agent sends the snmp message.
snmp-server trap tcp-port - Configures the tcp port over which agent sends the trap.
DATACOM SYSTEMS INC CHAPTER 10: SNMPV3
CLI USER MANUAL 401 DATACOM SYSTEMS CONFIDENTIAL
10.44 show snmp filter table
This command displays the configured SNMP filters.
show snmp filter table
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show snmp filter table
Filter Name : filter1
Subtree OID : 1.5
Subtree Mask : 1.1
Filter Type : Included
Storage Type : Non-volatile
Row Status : Active
------------------------------
Related Command
snmp filterprofile - Creates Notify filter Table
VS-2024-F DATACOM SYSTEMS INC
402 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Chapter
12 11.SNTP
The SNTP (Simple Network Time Protocol) module is used to synchronize the time and date in ISS by contacting the SNTP Server. It supports different time zones, where the user can set the required time zone.
The following are the list of SNTP commands:
sntp
set sntp client
set sntp client version
set sntp client addressing mode
set sntp client port
set sntp client clock-format
set sntp time zone
set sntp client clock-summer-time
set sntp client authentication-key
set sntp unicast-server auto-discovery
set sntp unicast-poll-interval
set sntp unicast-max-poll-timeout
set sntp unicast-max-poll-retry
set sntp unicast-server
set sntp broadcast-mode send-request
set sntp broadcast-poll-timeout
set sntp broadcast-delay-time
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 403 DATACOM SYSTEMS CONFIDENTIAL
set sntp multicast-mode send-request
set sntp multicast-poll-timeout
set sntp multicast-delay-time
set sntp multicast-group-address
set sntp anycast-poll-interval
set sntp anycast-poll-timeout
set sntp anycast-poll-retry-count
set sntp anycast-server
set sntp client clock-format
show sntp status
show sntp unicast–mode status
show sntp broadcast–mode status
show sntp multicast–mode status
show sntp anycast–mode status
debug sntp
VS-2024-F DATACOM SYSTEMS INC
404 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.1 sntp
This command enters SNTP configuration mode.
sntp
Mode Profile configuration mode
Package Workgroup, Enterprise and Metro
Example iss(config)# sntp iss(config-sntp)#
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 405 DATACOM SYSTEMS CONFIDENTIAL
11.2 set sntp client This command enables or disables SNTP client module.
set sntp client {enabled | disabled}
Syntax Description
enabled - Enables the SNTP client module
disabled - Disables the SNTP client module
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults disabled
Example iss(config-sntp)# set sntp client enabled
SNTP client should be enabled
Related Command
show sntp status: Displays SNTP status
VS-2024-F DATACOM SYSTEMS INC
406 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.3 set sntp client version
This command sets the operating version of the SNTP for the client.
set sntp client version { v1 | v2 | v3 | v4 }
Syntax Description
v1
- SNTP Version 1
v2
- SNTP Version 2
v3 - SNTP Version 3
v4
- SNTP Version 4
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults v4
Example iss(config-sntp)# set sntp client version v3
SNTP client should be enabled
Related Command
show sntp status: Displays SNTP status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 407 DATACOM SYSTEMS CONFIDENTIAL
11.4 set sntp client addressing mode
This command sets the addressing mode of SNTP client as either unicast, multicast, broadcast, anycast.
set sntp client addressing-mode { unicast | broadcast | multicast | anycast }
Syntax Description
unicast
- Sets the addressing mode of SNTP client as unicast.
broadcast
- Sets the addressing mode of SNTP client as broadcast.
multicast Sets the addressing mode of SNTP client as multicast
anycast - Sets the addressing mode of SNTP client as anycast.
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults unicast
Example iss(config-sntp)# set sntp client addressing-mode unicast
SNTP client should be enabled
Related Command show sntp anycast–mode status – Displays the SNTP anycast mode status
show sntp broadcast–mode status – Displays the SNTP broadcast mode status
show sntp multicast–mode status – Displays the SNTP multicast mode status
show sntp status: Displays SNTP status
show sntp unicast–mode status - Displays the SNTP Unicast Mode status
VS-2024-F DATACOM SYSTEMS INC
408 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.5 set sntp client port
This command sets the listening port for SNTP client greater than 1024 as below 1024 are reserved. Therefore the configurable listening port for SNTP client starts at 1025.The no form of command deletes the listening port for SNTP client and sets the default value.
set sntp client port <portno(1025-65535)>
no sntp client port
Syntax Description
port no - Listening port for SNTP client
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults 123
Example iss (config-sntp)# set sntp client port 1026
SNTP client should be enabled
Related commands
show sntp status: Displays SNTP status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 409 DATACOM SYSTEMS CONFIDENTIAL
11.6 set sntp client clock-format
This command sets the system clock format as AM PM format or HOURS format.
set sntp client clock-format {ampm | hours}
Syntax Description
am-pm - Sets the system clock in am/ pm format
hours - Sets the system clock in 24 hours format
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default hours
Example iss (config-sntp)# set sntp client clock-format ampm
SNTP clock format configuration in the Switch: Date – Hours, Minutes, Seconds, Date Month and Year
Month – Jan, Feb, Mar…..
Year - yyyy
Related Command
show sntp clock - Displays the current time.
VS-2024-F DATACOM SYSTEMS INC
410 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.7 set sntp time zone
This command sets the system time zone with respect to UTC. The no form of command resets the system time zone to GMT.
set sntp client time-zone <+/- UTC TimeDiff in Hrs:UTC TimeDiff in Min> Eg: +05:30
no sntp client time-zone
Syntax Description
+/- - After or before UTC
UTCTimeDiff in Hrs
- UTC Time difference in hours
UTC TimeDiffin Min
- UTC Time difference in minutes
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-sntp)# set sntp client time-zone +05:30
SNTP server must be enabled prior to the execution of this command.
Related Command
show sntp status: Displays SNTP status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 411 DATACOM SYSTEMS CONFIDENTIAL
11.8 set sntp client clock-summer-time
This command enables the Daylight Saving Time. The no form of the command disables the Daylight Saving Time.
set sntp client clock-summer-time <week-day-month,hh:mm> <week-day-month,hh:mm> Eg: set sntp client clock-summer-time First-Sun-Mar,05:10 Second-Sun-Nov,06:1
0
no sntp client clock summer-time
Syntax Description
week-day-month
- Week – First, Second, Third, Fourth or Last week of month. Day –Sunday, Monday, Tuesday, Wednesday, Thursday, Friday or Saturday. Month: January, February, March, April, May, June, July, August, September, October, November or December.
hh:mm - Time in hours and minutes
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-sntp)# set sntp client clock-summer-time First-Sun-Jan,12:12 Second-Sun-Mar,12:12
Related Commands: show sntp status: Displays SNTP status
VS-2024-F DATACOM SYSTEMS INC
412 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.9 set sntp client authentication-key
This command sets the authentication parameters. The no form of the command disables authentication.
set sntp client authentication-key <key-id> md5 <key>
no sntp client authentication
Syntax Description
key-id - Key Identifier (integer value). Range is 1 – 65535.
md5 - Message Digest Algorithm
key - Key value (string value)
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Example
iss(config-sntp)# set sntp client authentication-key 123 md5 DatacomSystems SNTP client should be enabled
Related Command
show sntp status: Displays SNTP status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 413 DATACOM SYSTEMS CONFIDENTIAL
11.10 set sntp unicast-server auto-discovery
This command configures SNTP client status of auto-discovery of server.
set sntp unicast-server auto-discovery {enabled | disabled}
Syntax Description
enabled - Enables the auto discovery of server
disabled - Disables the auto discovery of server
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults disabled
Example iss(config-sntp)# set sntp unicast-server auto-discovery enabled
SNTP client addressing mode should be unicast
Related Command
show sntp unicast–mode status - Displays the SNTP Unicast Mode status
VS-2024-F DATACOM SYSTEMS INC
414 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.11 set sntp unicast-poll-interval
This command configures SNTP client poll interval.
set sntp unicast-poll-interval <value (16-16284) seconds>
Syntax Description
value - Poll interval value in seconds.
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 64
Example iss(config-sntp)# set sntp unicast-poll-interval 50
SNTP client addressing mode should be unicast
Related Command show sntp unicast–mode status - Displays the SNTP Unicast Mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 415 DATACOM SYSTEMS CONFIDENTIAL
11.12 set sntp unicast-max-poll-timeout This command configures SNTP client maximum poll interval timeout.
set sntp unicast-max-poll-timeout <value (1-30) seconds>
Syntax Description
value - Maximum poll interval time out value in seconds.
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 5
Example iss(config-sntp)# set sntp unicast-max-poll-timeout 25
SNTP client addressing mode should be unicast
Related Command
show sntp unicast–mode status - Displays the SNTP Unicast Mode status
VS-2024-F DATACOM SYSTEMS INC
416 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.13 set sntp unicast-max-poll-retry This command configures SNTP client maximum retry poll count.
set sntp unicast-max-poll-retry <value (1-10) times>
Syntax Description
value - Maximum retry poll count value
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 3
Example iss(config-sntp)# set sntp unicast-max-poll-retry 10
SNTP client addressing mode should be unicast
Related Command
show sntp unicast–mode status - Displays the SNTP Unicast Mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 417 DATACOM SYSTEMS CONFIDENTIAL
11.14 set sntp unicast-server This command configures SNTP unicast server attributes. The no form of command deletes the sntp unicast server attributes and sets to default.
set sntp unicast-server {ipv4 <ucast_addr> | ipv6 <ip6_addr>} [{primary | Secondary}] [{version3 | version 4}] [<portid(1025-36564)>]
no sntp unicast-server {ipv4 <ucast_addr> | ipv6 <ip6_addr>}
Syntax Description
ipv4, ipv6 - Version 4 and Version 6 IP address
Primary/ secondary
- Primary/ Secondary NTP servers
Port-id - Port identifier
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-sntp)# set sntp unicast-server ipv4 12.0.0.100 Primary 3 1234
SNTP client addressing mode should be unicast
Related Command
show sntp unicast–mode status - Displays the SNTP Unicast Mode status
VS-2024-F DATACOM SYSTEMS INC
418 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.15 set sntp broadcast-mode send-request
This command sets the status of sending the request for knowing the delay.
set sntp broadcast-mode send-request {enabled | disabled}
Syntax Description
enabled - When enabled the SNTP request packet is sent to broadcast server to calculate the actual delay.
disabled - When disabled no SNTP request packet is sent out to broadcast server instead default value for the delay is taken.
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults disabled
Example iss(config-sntp)# set sntp broadcast-mode send-request enabled
SNTP client addressing mode should be broadcast
Related Command
show sntp broadcast–mode status – Displays the SNTP broadcast mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 419 DATACOM SYSTEMS CONFIDENTIAL
11.16 set sntp broadcast-poll-timeout This command configures SNTP client poll interval in broadcast mode.
set sntp broadcast-poll-timeout [<value (1-30) seconds>]
Syntax Description
value - Poll interval time out value in seconds for broadcast mode
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 5
Example iss(config-sntp)# set sntp broadcast-poll-timeout 30
SNTP client addressing mode should be broadcast
Related Command
show sntp broadcast–mode status – Displays the SNTP broadcast mode status
VS-2024-F DATACOM SYSTEMS INC
420 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.17 set sntp broadcast-delay-time This command configures SNTP delay time in broadcast mode.
set sntp broadcast-delay-time [<value (1000-15000) microseconds>]
Syntax Description
value - Delay time value in micro seconds in broadcast mode
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 8000
Example iss(config-sntp)# set sntp broadcast-delay-time 2000
SNTP client addressing mode should be broadcast
Related Command
show sntp broadcast–mode status – Displays the SNTP broadcast mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 421 DATACOM SYSTEMS CONFIDENTIAL
11.18 set sntp multicast-mode send-request
This command sets the status of sending the request for knowing the delay.
set sntp multicast-mode send-request {enabled | disabled}
Syntax Description
enabled - When enabled the SNTP request packet is sent to broadcast server to calculate the actual delay.
disabled - When disabled no SNTP request packet is sent out to broadcast server instead default value for the delay is taken.
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults disabled
Example iss(config-sntp)# set sntp multicast-mode send-request enabled
SNTP client addressing mode should be multicast
Related Command
show sntp multicast–mode status – Displays the SNTP multicast mode status
VS-2024-F DATACOM SYSTEMS INC
422 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.19 set sntp multicast-poll-timeout This command configures SNTP client poll interval in multicast mode.
set sntp multicast-poll-timeout [<value (1-30) seconds>]
Syntax Description
value - Poll interval time out value in seconds in multicast mode
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 5
Example
iss(config-sntp# set sntp multicast-poll-timeout 10
SNTP client addressing mode should be multicast
Related Command
show sntp multicast–mode status – Displays the SNTP multicast mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 423 DATACOM SYSTEMS CONFIDENTIAL
11.20 set sntp multicast-delay-time This command configures SNTP delay time in multicast mode.
set sntp multicast-delay-time [<value (1000-15000) microseconds>]
Syntax Description
value - Delay time value in micros seconds in multicast mode
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 8000
Example iss(config-sntp)# set sntp multicast-delay-time 2000
SNTP client addressing mode should be multicast
Related Command
show sntp multicast–mode status – Displays the SNTP multicast mode status
VS-2024-F DATACOM SYSTEMS INC
424 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.21 set sntp multicast-group-address This command configures SNTP multicast group address.
set sntp multicast-group-address {ipv4 {<mcast_addr> | default} | ipv6 {<ipv6_addr> | default}}
Syntax Description
ipv4, ipv6 - Version4, Version 6 multicast group address
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-sntp)# set sntp multicast-group-address ipv4 224.1.1.10.
SNTP client addressing mode should be multicast
Related Command
show sntp multicast–mode status – Displays the SNTP multicast mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 425 DATACOM SYSTEMS CONFIDENTIAL
11.22 set sntp anycast-poll-interval
This command configures SNTP client poll interval in anycast mode.
set sntp anycast-poll-interval [<value (16-16284) seconds>]
Syntax Description
value - Poll interval value in seconds in anycast mode.
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 64
Example iss(config-sntp)# set sntp anycast-poll-interval 20
SNTP client addressing mode should be anycast
Related Command
show sntp anycast–mode status – Displays the SNTP anycast mode status
VS-2024-F DATACOM SYSTEMS INC
426 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.23 set sntp anycast-poll-timeout This command configures SNTP client poll timeout in anycast mode.
set sntp anycast-poll-timeout [<value (1-30) seconds>]
Syntax Description
value - Poll interval time out value in seconds in anycast mode
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 5
Example iss(config-sntp)# set sntp anycast-poll-timeout 10
SNTP client addressing mode should be anycast
Related Command
show sntp anycast–mode status – Displays the SNTP anycast mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 427 DATACOM SYSTEMS CONFIDENTIAL
11.24 set sntp anycast-poll-retry-count This command configures SNTP poll retries in anycast mode.
set sntp anycast-poll-retry-count [<value (1-10)>]
Syntax Description
value - Maximum retry poll count value in anycast mode
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Default 3
Example iss(config-sntp)# set sntp anycast-poll-retry-count 5
SNTP client addressing mode should be anycast
Related Command
show sntp anycast–mode status – Displays the SNTP anycast mode status
VS-2024-F DATACOM SYSTEMS INC
428 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.25 set sntp anycast-server This command configures SNTP multicast or broadcast server address in anycast mode.
set sntp anycast-server { broadcast | multicast {ipv4 [<ipv4_addr>] |ipv6 [<ip6_addr>]} }
Syntax Description
broadcast - Configures SNTP broadcast server address in anycast mode
multicast - Configures SNTP multicast server address in anycast mode.
ipv4,ipv6 - Version 4, Version 6
ipv4 addr, ip6addr
- Version 4/ Version 6 any cast address
Mode SNTP Configuration Mode
Package Workgroup, Enterprise and Metro
Example iss(config-sntp)# set sntp anycast-server ipv4 12.0.0.100
SNTP client addressing mode should be anycast
Related Command
show sntp anycast–mode status – Displays the SNTP anycast mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 429 DATACOM SYSTEMS CONFIDENTIAL
11.26 show sntp clock
This command displays the current time.
show sntp clock
Mode User EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show sntp clock current time : Sat Jan 01 2000 00:07:04 (UTC + 0: 0 )
Related Command
Error! Reference source not found.: Displays the system date and time.
VS-2024-F DATACOM SYSTEMS INC
430 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
11.27 show sntp status
This command displays SNTP status.
show sntp status
Mode User EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show sntp status
sntp client is enabled
current sntp client version is v4
current sntp client addressing mode is unicast
sntp client port is 123
sntp client clock format is 24 hours
sntp client authenticatin key id is 5
sntp client authentication algorithm is md5
sntp client auth Key is DatacomSystems
sntp client time zone is + 05:30
sntp client dst start time is not set
sntp client dst end time is not set
Related Command
show sntp unicast–mode status – Displays the SNTP Unicast Mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 431 DATACOM SYSTEMS CONFIDENTIAL
show sntp broadcast–mode status – Displays the SNTP broadcast mode status
show sntp multicast–mode status - Displays the SNTP multicast mode status
show sntp anycast–mode status - Displays the SNTP anycast mode status
11.28 show sntp unicast–mode status
This command displays the SNTP Unicast Mode status.
show sntp unicast-mode status
Mode User EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show sntp unicast-mode status auto discovery of sntp/ntp servers is disabled
unicast poll interval value is 50
unicast max poll time out value is 25
unicast max retry time value is 10
unicast primary server address is 12.0.0.100
unicast primary server version is 3
unicast primary server port is 1234
Related Command
VS-2024-F DATACOM SYSTEMS INC
432 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
set sntp unicast-server auto-discovery - Configures SNTP client status of auto-discovery of server
set sntp unicast-poll-interval - Configures SNTP client poll interval
set sntp unicast-max-poll-timeout - Configures SNTP client maximum poll interval timeout
set sntp unicast-max-poll-retry - Configures SNTP client maximum retry poll count
11.29 show sntp broadcast–mode status
This command displays the SNTP broadcast mode status.
show sntp broadcast-mode status
Mode User EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show sntp broadcast-mode status
send sntp request to server in broadcast mode is disabled
broadcast poll time out value is 5
broadcast delay time value is 8000
broadcast sntp server is 12.0.0.100
Related Command
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 433 DATACOM SYSTEMS CONFIDENTIAL
set sntp broadcast-mode send-request - Sets the status of sending the request for knowing
the delay
set sntp broadcast-poll-timeout - Configures SNTP client poll interval in broadcast mode
set sntp broadcast-delay-time - Configures SNTP delay time in broadcast mode
11.30 show sntp multicast–mode status
This command displays the SNTP multicast mode status.
show sntp multicast-mode status
Mode User EXEC Mode
Package Workgroup, Enterprise and Metro
VS-2024-F DATACOM SYSTEMS INC
434 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Example iss# show sntp multicast-mode status
send sntp request to server in multicast mode is disabled
multicast poll time out value is 5
multicast delay time value is 8000
multicast group address is 12.0.0.100
Related Command
set sntp multicast-mode send-request - Sets the status of sending the request for knowing the delay
set sntp multicast-poll-timeout - Configures SNTP client poll interval in multicast mode
set sntp multicast-delay-time - Configures SNTP delay time in multicast mode
set sntp multicast-group-address - Configures SNTP multicast server address
11.31 show sntp anycast–mode status
This command displays the SNTP anycast mode status.
show sntp anycast-mode status
DATACOM SYSTEMS INC CHAPTER 11: SNTP
CLI USER MANUAL 435 DATACOM SYSTEMS CONFIDENTIAL
Mode User EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show sntp anycast-mode status
anycast poll interval value is 64
anycast max poll time out value is 5
anycast max retry time value is 3
anycast server type is broadcast
primary server address is 12.0.0.100
Related Command
set sntp anycast-poll-interval - Configures SNTP client poll interval in anycast mode
set sntp anycast-poll-timeout - Configures SNTP client poll timeout in anycast mode
set sntp anycast-poll-retry-count - Configures SNTP poll retries in anycast mode
11.32 debug sntp
VS-2024-F DATACOM SYSTEMS INC
436 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
This command enables SNTP trace. The no form of the command disables the SNTP trace.
debug sntp {all | [init-shut] [mgmt] [data-path] [control] [pkt-dump] [resource] [all-fail] [buff]}
no debug sntp {all | [init-shut] [mgmt] [data-path] [control] [pkt-dump] [resource] [all-fail] [buff]}
Syntax Description
init/shut
- Initialization/ Shutdown messages
mgmt - Management Messages
data-path - Data Path Messages
control - Control Messages
pkt-dump - Packet Dump Messages
resource - Resource Messages
all-fail
- All failure Messages
buff - Buffer Message
Mode User EXEC Mode
Package Workgroup, Enterprise and Metro
Defaults Debugging is Disabled
Example debug sntp all
DATACOM SYSTEMS INC CHAPTER 12: RMON
CLI USER MANUAL 437 DATACOM SYSTEMS CONFIDENTIAL
Chapter
13 12.RMON
RMON (Remote Monitoring) is a standard monitoring specification5 that enables various network monitors and console systems to exchange network-monitoring data.
The RMON specification defines a set of statistics and functions that can be exchanged between RMON-compliant console managers and network probes. As such, RMON provides network administrators with comprehensive network-fault diagnosis, planning, and performance-tuning information.
The list of CLI commands for the configuration of RMON is as follows:
set rmon
rmon collection history
rmon collection stats
rmon event
rmon alarm
show rmon
VS-2024-F DATACOM SYSTEMS INC
438 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
12.1 set rmon
This command is used to enable or disable the RMON feature.
set rmon {enable | disable}
Syntax Description
enable - Enables the RMON feature in the system
disable - Disables the RMON feature in the system
Mode Global Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults The RMON Module is disabled by default
Example iss(config)# set rmon enable
All the other RMON Module commands can be executed only when the RMON Module is enabled. Fatal error messages are displayed when commands are executed without enabling the RMON feature.
Related Command
show rmon - Successful execution of this command without any messages indicates that RMON feature is enabled in the system
DATACOM SYSTEMS INC CHAPTER 12: RMON
CLI USER MANUAL 439 DATACOM SYSTEMS CONFIDENTIAL
12.2 rmon collection history
This command enables history collection of interface statistics in the buckets for the specified time interval. The no form of the command disables the history collection on the interface.
rmon collection history <index (1-65535)> [buckets <bucket-number (1-65535)>] [interval <seconds (1-3600)>] [owner <ownername (127)>]
no rmon collection history <index (1-65535)>
Syntax Description
index
- History table index
buckets
- The maximum number of buckets desired for the RMON collection history group of statistics
interval
- The number of seconds in each polling cycle
owner
- Optional field - allows the user to enter the name of the owner of the RMON group of statistics
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults bucket number
- 50
interval
- 1800 seconds
owner
- monitor
Example iss(config-if)# rmon collection history 1 buckets 2 interval 20
The RMON feature must be enabled for the successful execution of this command.
The polling cycle is the bucket interval where the interface statistics details are stored.
Related Command
show rmon - Displays the history collection for the configured bucket (show rmon history [history-index (1-65535)>])
VS-2024-F DATACOM SYSTEMS INC
440 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
12.3 rmon collection stats
This command enables RMON statistic collection on the interface. The no form of the command disables RMON statistic collection on the interface.
rmon collection stats <index (1-65535)> [owner <ownername (127)>]
no rmon collection stats <index (1-65535)>
Syntax Description
index
- Statistics table index
owner
- Optional field - allows the user to enter the name of the owner of the RMON group of statistics with a string length of 127
Mode Interface Configuration Mode
Package Workgroup, Enterprise and Metro
Defaults owner
- monitor
Example iss(config-if)# rmon collection stats 1
The RMON feature must be enabled for the successful execution of this command.
Related Command
show rmon - Displays the RMON collection statistics (show rmon statistics [<stats-index (1-65535)>])
DATACOM SYSTEMS INC CHAPTER 12: RMON
CLI USER MANUAL 441 DATACOM SYSTEMS CONFIDENTIAL
12.4 rmon event
This command adds an event to the RMON event table. The added event is associated with an RMON event number. The no form of the command deletes an event from the RMON event table.
rmon event <number (1-65535)> [description <event-description (127)>] [log] [owner <ownername (127)>] [trap <community (127)>]
no rmon event <number (1-65535)>
Syntax Description
number - Event number
description - Description of the event
log - Used to generate a log entry
owner - Owner of the event
trap - Used to generate a trap. The SNMP community string is to be passed for the specified trap.
Mode Global Configuration Mode
Package
Example
Workgroup, Enterprise and Metro
iss(config)# rmon event 1 log owner DatacomSystems trap
NETMAN
The RMON feature must be enabled for the successful execution of this command.
Related Commands
rmon alarm - Sets an alarm on a MIB object
show rmon events - Displays the RMON events
show rmon alarms - Displays the RMON alarms
show snmp community - Configures the SNMP community details
VS-2024-F DATACOM SYSTEMS INC
442 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
12.5 rmon alarm
This command sets an alarm on a MIB object. The Alarm group periodically takes statistical samples from variables in the probe and compares them to thresholds that have been configured. The no form of the command deletes the alarm configured on the MIB object.
rmon alarm <alarm-number> <mib-object-id (255)> <sample-interval-time (1-65535)> {absolute | delta} rising-threshold <value (0-2147483647)> [rising-event-number (1-65535)] falling-threshold <value (0-2147483647)> [falling-event-number (1-65535)] [owner <ownername (127)>]
no rmon alarm <number (1-65535)>
Syntax Description
alarm-number
- Alarm Number. This value ranges between 1 and 65535.
mib-object-id
- The mib object identifier
sample-interval-time
- Time in seconds during which the alarm monitors the MIB variable. This value ranges between 1 and 65535 seconds.
absolute - Used to test each mib variable directly
delta Used to test the change between samples of a variable
rising-threshold
- A number at which the alarm is triggered. This value ranges between 0 and 2147483647.
falling-threshold value
- A number at which the alarm is reset. This value ranges between 0 and 2147483647.
rising-event-number
- The event number to trigger when the rising threshold exceeds its limit. This value ranges between 1 and 65535.
This feature is optional only in the code using the industrial standard command, otherwise this feature is mandatory.
falling-event-number
- The event number to trigger when the falling threshold exceeds its limit. This value ranges between 1 and 65535.
This feature is optional only in the code using the industrial standard command, otherwise this feature is mandatory.
owner - Owner of the alarm
Mode Global Configuration Mode
DATACOM SYSTEMS INC CHAPTER 12: RMON
CLI USER MANUAL 443 DATACOM SYSTEMS CONFIDENTIAL
Package Workgroup, Enterprise and Metro
Defaults By default, the least event number in the event table is assigned for the rising and falling threshold as its event number.
Example iss(config)# rmon alarm 4 1.3.6.1.6.3.16.1.2.1.4.1.4.110.111.110.101 2 absolute rising-threshold 2 2 falling-threshold 1 2 owner DatacomSystems
The RMON Feature must be enabled for the successful execution of this command
RMON events must have been configured
In DatacomSystems ISS, we cannot monitor all the mib objects through RMON. This will be applicable only to the Ethernet interfaces
Falling threshold should be less than rising threshold.
Related Commands
rmon collection stats - Enables RMON statistic collection on the interface
rmon event - Adds an event to the RMON event table
show rmon alarms - Displays the RMON alarms
show rmon events - Displays the RMON events
VS-2024-F DATACOM SYSTEMS INC
444 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
12.6 show rmon
This command displays the RMON statistics, alarms, events, and history configured on the interface.
show rmon [statistics [<stats-index (1-65535)>]] [alarms] [events] [history [history-index (1-65535)] [overview]]
Syntax Description
statistics
- The configured stats index value
alarms
- The configured alarm
events - The configured event
history
- The configured history index
overview - Displays only the overview of rmon history entries
Mode Privileged EXEC Mode
Package Workgroup, Enterprise and Metro
Example iss# show rmon statistics 2 RMON is enabled
Collection 2 on Gi0/2 is active, and owned by fsoft,
Monitors ifEntry.1.2 which has
Received 1240 octets, 10 packets,
2 broadcast and 10 multicast packets,
0 undersized and 1 oversized packets,
0 fragments and 0 jabbers,
0 CRC alignment errors and 0 collisions.
# of packets received of length (in octets):
DATACOM SYSTEMS INC CHAPTER 12: RMON
CLI USER MANUAL 445 DATACOM SYSTEMS CONFIDENTIAL
64: 0, 65-127: 10, 128-255: 0,
256-511: 0, 512-1023: 0, 1024-1518: 0
iss# show rmon
RMON is enabled
iss# show rmon history
RMON is enabled
Entry 1 is active, and owned by fsoft
Monitors ifEntry.1.1 every 3000 second(s)
Requested # of time intervals, ie buckets, is 3,
Granted # of time intervals, ie buckets, is 3,
Sample 1 began measuring at 0
Received 0 octets, 0 packets,
0 broadcast and 0 multicast packets,
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
0 CRC alignment errors and 0 collisions,
# of dropped packet events is 0
Network utilization is estimated at 0
Sample 2 began measuring at 0
Received 0 octets, 0 packets,
0 broadcast and 0 multicast packets,
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
0 CRC alignment errors and 0 collisions,
# of dropped packet events is 0
Network utilization is estimated at 0
iss# show rmon events
RMON is enabled
Event 1 is active, owned by
VS-2024-F DATACOM SYSTEMS INC
446 ERROR! NO TEXT OF SPECIFIED STYLE IN DOCUMENT. CONFIDENTIAL
Description is
Event firing causes nothing,
Time last sent is Aug 27 18:30:01 2009
Event 2 is active, owned by
Description is
Event firing causes nothing,
Time last sent is Aug 27 18:31:36 2009
iss# show rmon alarms
RMON is enabled
Alarm 4 is active, owned by DatacomSystems
Monitors 1.3.6.1.6.3.16.1.2.1.4.1.4.110.111.110.101 every 2 second(s)
Taking absolute samples, last value was 3
Rising threshold is 2, assigned to event 2
Falling threshold is 1, assigned to event 2
On startup enable rising or falling alarm
iss# show rmon statistics 2 alarms events history 1
RMON is enabled
Collection 2 on Ex0/1 is active, and owned by monitor,
Monitors ifEntry.1.1 which has
Received 5194 octets, 53 packets,
0 broadcast and 0 multicast packets,
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
53 CRC alignment errors and 0 collisions.
# of packets received of length (in octets):
64: 0, 65-127: 53, 128-255: 0,
256-511: 0, 512-1023: 0, 1024-1518: 0
Alarm 4 is active, owned by DatacomSystems
Monitors 1.3.6.1.6.3.16.1.2.1.4.1.4.110.111.110.101 every 2 second(s)
DATACOM SYSTEMS INC CHAPTER 12: RMON
CLI USER MANUAL 447 DATACOM SYSTEMS CONFIDENTIAL
Taking absolute samples, last value was 3
Rising threshold is 2, assigned to event 2
Falling threshold is 1, assigned to event 2
On startup enable rising or falling alarm
Event 1 is active, owned by
Description is
Event firing causes nothing,
Time last sent is Aug 27 18:30:01 2009
Event 2 is active, owned by
Description is
Event firing causes nothing,
Time last sent is Aug 27 18:31:36 2009
iss# show rmon history overview
RMON is enabled
Entry 1 is active, and owned by fsoft
Monitors ifEntry.1.1 every 3000 second(s)
Requested # of time intervals, ie buckets, is 3,
Granted # of time intervals, ie buckets, is 3
If the show rmon command is executed with out enabling the RMON feature, then the following output is displayed
iss# show rmon
RMON feature is disabled
Related Commands
set rmon - Enables or disables the RMON feature
rmon collection history - Enables history collection of interface statistics in the buckets for thespecified time interval
rmon collection stats - Enables RMON statistic collection on the interface
rmon event - Adds an event to the RMON event table
rmon alarm - Sets an alarm on a MIB object