Intel® NetStructure™ 6000 Switch

Intel® NetStructure 6000 Switch User Guide 

Intel ® 

NetStructure 6000 

Switch 

User Guide

Copyright © 2000, Intel Corporation. All rights reserved. 

Intel Corporation, 5200 NE Elam Young Parkway, Hillsboro OR 97124-6497 

Information in this document is provided in connection with Intel® products. No license, express or 

implied, by estoppel or otherwise, to any intellectual property rights is granted by this document. Except as 

provided in Intel's Terms and Conditions of Sale for such products, Intel assumes no liability whatsoever, 

and Intel disclaims any express or implied warranty, relating to sale and/or use of Intel® products including 

liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any 

patent, copyright or other intellectual property right. Intel products are not intended for use in medical, life 

saving, or life sustaining applications. Intel may make changes to specifications and product descriptions at 

any time, without notice. 

*Other product and corporate names may be trademarks of other companies and are used only for explanation and to the 

owners’ benefit, without intent to infringe. 

First Edition May 2000 A19070-001

Contents 

Using the Switch 5 

Unpacking the Switch .................................................. 6 

Overview ..................................................................... 7 

Assessing the Installation Site ................................... 13 

Attaching Rack Mount Brackets................................. 13 

Setting Up the Chassis .............................................. 14 

Troubleshooting ......................................................... 22 

Equipment Replacement............................................ 23 

Using Intel® Device View 31 

Overview .................................................................... 32 

Installing Intel Device View ........................................ 32 

Starting Intel Device View .......................................... 34 

Installing a New Device.............................................. 35 

Using the Device Tree ............................................... 36 

Managing a Switch..................................................... 38 

Viewing RMON information........................................ 39 

Using the Web Device Manager 41 

Accessing the Web Device Manager ......................... 43 

Navigating the Web Device Manager ........................ 44 

View/Configure Device Menu..................................... 50 

Configure Management Menu ................................... 66 

VLAN Menu................................................................ 74 

Routing Menu........................................................... 100 

Reset and Update Menu .......................................... 114 

Help Menu................................................................ 119

Contents 


Using Local Management 121 

Connecting the Switch.............................................. 122 

The RS-232 Port ...................................................... 123 

The RJ-45 Management Port ................................... 126 

Setting a Password .................................................. 127 

Setting the IP Address.............................................. 130 

BOOTP/RARP and DHCP Client ............................. 131 

BOOTP Relay Agent ................................................ 133 

Command Console Interface.................................... 134 

Accessing the Command Console through Telnet ... 136 

Serial Line IP Connections (SLIP)............................ 137 

Point-to-Point Protocol (PPP)................................... 138 

Domain Name Service ............................................. 140 

Diagnostics............................................................... 142 

Upgrading the Firmware........................................... 143 

Managing the Switch 145 

Layer 2 Switching ..................................................... 146 

Link Aggregation ...................................................... 146 

Aggregated Port Numbers........................................ 155 

Virtual LANs (VLANs)............................................... 156 

Spanning Tree Protocol............................................ 166 

IGMP Snooping ........................................................ 172 

Port Mirroring............................................................ 176 

Layer 2 Frame Prioritization ..................................... 177 

SNMP Agent............................................................. 178 

RMON ...................................................................... 182 

NVRAM Backup ....................................................... 182 

SYSLOG................................................................... 184 

2 

2

Contents 


Broadcast and Multicast Storm Control ................... 185 

Layer 3 Switching & Routing.................................... 187 

IP Access Control .................................................... 187 

Routing Management............................................... 192 

GateD....................................................................... 194 

Appendix A: Command Reference 211 

Appendix B: GateD Reference 305 

Interfaces ................................................................. 306 

Adding Static Routes ............................................... 308 

RIP Configuration..................................................... 309 

RIP Interface Configuration...................................... 310 

OSPF Configuration................................................. 311 

Configuring ASE Routes .......................................... 312 

Configuring the Backbone........................................ 313 

Configuring OSPF Interfaces ................................... 314 

Virtual Links ............................................................. 315 

OSPF Neighbor Table.............................................. 317 

OSPF Area Link State Advertisement Database ..... 321 

Route Table ............................................................. 322 

Appendix C: Technical Information 325 

Support Services...................................................... 326 

Regulatory Information............................................. 329 

Limited Hardware Warranty ..................................... 330 

Index 333 

3 

3

Using the Switch 

Topic 

See Page 

Unpacking the Switch 6 

Overview 7 

Assessing the Installation Site 13 

Attaching Rack Mount Brackets 13 

Setting Up the Chassis 14 

Front Panel LEDs 21 

Troubleshooting 22 

Equipment Replacement 23

C H A P T E R 1 


Unpacking the Switch 

The chassis shipping carton contains the following items: 

• Intel® NetStructure 6000 Switch chassis, with the fan assembly, 

one power supply and four AC power cords. 

• Carrier Tray 

• Control Processor (CP) 

• Null modem cable for RS-232 Port 

• Rack mount kit 

• A pouch that includes 

-Rubber adhesive-backed feet 

-Product registration card 

-The Intel® NetStructure 6000 Switch Quick Start 

-The Intel® NetStructure 6000 Switch User Guide for the 

Gigabit and Fast Ethernet Modules 

-The Intel® NetStructure 6000 Switch User Guide 

-Late-breaking News 

-The Intel® Device View CD-ROM. 

Separate cartons include: an optional CP module, and, Gigabit 

Ethernet and Fast Ethernet modules that were ordered. 

Note 

Do not unpack the modules until you are ready to install 

them in the chassis. 

• Additional power supplies with AC power cords, if purchased. 

(Each power supply is shipped in a separate carton.) 

6



Overview 

AC POWER CONNECTION BACK 

POWER SUPPLIES 

MODULES 

RS-232 PORT 

FAN ASSESMBLY 

CONTROL PROCESSORS 

10/100 ETHERNET (RJ-45) PORT 

The chassis has five module slots. The bottom slot is reserved for the 

carrier tray which holds the primary and optional secondary control 

processors (CPs). The other slots may contain up to four I/O modules, 

which can be placed in any of the remaining slots. The table below 

describes the available modules. 

I/O Modules 

Available 

Modules 

per 

Chassis 

Available 

Ports per 

Chassis 

Features per 

Slot 

1000Base-SX 

Switch Module 

4 32 Eight-port 

full-duplex 

switched 

Gigabit 

Ethernet 

module 

7



I/O Modules 

Available 

Modules 

per 

Chassis 

Available 

Ports per 

Chassis 

Features per 

Slot 

1000Base-LX/ 

1000Base-SX 


10/100Base-TX 


100Base-FX 

Module 

Control 

Processor 

4 32 Eight-port 

full-duplex 

switch Gigabit 

Ethernet 

module with 

four LX and 

four SX ports. 

4 96 100Base-TX 

Ethernet 

module 

containing 24 

switched RJ- 

45 ports. 

4 48 100Base-FX 

Ethernet 

module 

containing 12 

SC Fiber 

Optic 

connectors. 

2 N/A Each contains 

one RS-232 

(DB9) 

connector and 

one RJ-45 10/ 

100 Ethernet 

management 

port. 

Each module and each CP has Light Emitting Diodes (LEDs) which 

are used to designate various board status. See the Intel® 

NetStructure 6000 Switch User Guide for the Gigabit and Fast 

Ethernet Modules for detailed information on the LEDs for each 

module. 

8



The chassis also includes the cooling system which is made up of a 

series of three fans. The three fans are contained in a single fan 

module. The fan module is hot swappable and can be easily replaced. 

See “Fan Assembly Replacement” for instructions on replacing a fan 

assembly. 

Warning 

Only fan assembly modules identified as “Hot Swappable 

Fan” on the front of the chassis can be replaced 

without powering down the switch. 

The power supply system consists of up to three individually 

replaceable power modules. 

Note 

Dual power supplies are recommended for proper operation 

of four media modules. 

In order to implement a redundant power supply system, any two of 

the three possible power supplies can be used to power the system. In 

the case where redundancy is required, the supplies load balance. 

Should one power supply fail, the other assumes the entire load. 

Each power supply module may be replaced without turning off 

power to the switch. See “Installing Power Supplies” for instructions 

on replacing a power supply. 

Redundant Control Processors 

The CP module occupies one half of the control processor slot. Using 

two CP boards, creates a redundant CP system. This allows the switch 

to support hot standby CP board that takes over should the first CP 

board fail during normal operation. (In addition, the crossbar logic is 

duplicated on each CP board, eliminating single points of failure 

within the chassis.) 

Each CP board contains a high-speed crossbar for moving data 

between boards connected to the backplane. 

An RS-232 port is included for connection to a remote terminal or 

modem. A 10/100 Ethernet management port is also included for outof-band 

management and firmware upgrades. This Ethernet port is 

not part of the switching fabric. 

9



Fault Tolerance 

The switch has a fault tolerant design to reduce network downtime 

with redundant fans, load-sharing power supplies, hot-swappable I/O 

and power modules. Non-volatile RAM (NVRAM) is available for 

backup and restoration of system parameters. See Chapter 5 for 

instructions on using the NVRAM backup commands. 

Switch Management 

Command line vs. Web browser 

The switch is managed using a command-line interface or using a 

Web browser. 

• Command Line Interface 

The CP module supports a command-line interface through the serial 

port or via Telent through the 10/100 management port. The 

command-line interface enables local or remote unit installation and 

maintenance. A set of system commands allows effective monitoring, 

configuration and debugging of the device. See “Accessing the 

Command Console Interface” in Chapter 4 for more information 

about the management features. 

• Web Device Manager 

The Web Device Manager provides access to the switch’s 

configuration, administration and statistics through a Web browser. 

See Chapter 3 for details. 

Layer 2 Switching 

Layer 2 switching moves packets through the switching fabric based 

upon the destination MAC address of the packet. The switch supports 

wire-speed Layer 2 switching for all network protocols. 

The functionality of the Layer 2 switching operates in the context of 

a single switched network segment. Multiple Virtual LAN (VLAN) 

operation and switching within a VLAN are discussed in Chapter 3 

and Chapter 5. 

10




Layer 3 switching performs a function similar to Layer 2 switching, 

except it looks at the network layer information rather than the 

destination MAC address. To improve the usability of the switch, it 

uses routing protocols to communicate existing routes to hosts and to 

coordinate route information with other routing devices. 

The routing capability must be considered for all network layer 

protocols supported by the switch. For each network layer protocol 

one or more routing protocols may be invoked. For the Internet 

Protocol (IPv4), these protocols are RIP v1, RIP v2, and OSPF. 

The functionality of Layer 3 switching relies upon the use of VLANs 

to define network segments. Routing occurs between the network 

segments. VLAN operation is discussed in Chapter 3 and Chapter 5. 

Link Aggregation 

The 6000 switch supports the 802.3ad draft link aggregation 

specification. Link Aggregation allows two or more physical ports on 

the switch to be grouped together to provide a single, aggregated port 

that has the combined bandwidth of the individual ports. Link 

Aggregation is useful when making connections between switches, 

stacks or to connect servers to the switch.An added benefit of Link 

Aggregation is increased performance, increased resiliency and fault 

tolerance. See Chapter 3 and Chapter 5 for instructions on 

configuring Link Aggregation. 

Virtual LANs 

Virtual LAN (VLAN) capability allows for the grouping of ports 

together into logical groups. Any port can be assigned to one or more 

virtual LANs, allowing effective reconfiguration without physically 

moving cables. The switch limits forwarding database (FDB) misses 

and broadcast and multicast traffic within a VLAN. The switch 

conforms to the IEEE 802.1Q definition of a VLAN aware bridge in 

a virtual bridge local area network. See Chapter 3 and Chapter 5 for 

instructions on setting up VLANs. 

11



Spanning Tree Protocol 

The 6000 switch supports multilayer Spanning Trees.The IEEE 

802.1D specification Spanning Tree Protocol allows switches or 

bridges to eliminate duplicate paths and loops in a network. However, 

the Spanning Tree Protocol must be operational on other bridges and 

switches throughout the network. The switch also supports 802.1s, a 

supplement to 802.1Q, that provides for multiple instances of 

Spanning Tree to run on a switch that has multiple VLANS. Each 

VLAN acts as a separate bridge or virtual bridge. 

See Chapter 3 and Chapter 5 for more information on setting up the 

Spanning Tree Protocol. 

Built-in SNMP 

The switch supports standard management approaches, including 

SNMP, out-of-band management through an RS-232 console port or 

modem, and through a TELNET session. An extensive set of 

supported SNMP Management Information Bases (MIBs) includes: 

• MIB II (RFC 1213) 

• Four-group RMON 1 (RFC 1757) 

• Etherlike MIB (STD50) 

• RIP version 2 MIB (RFC 1724l) 

• Bridge MIB (RFC 1493), 

• Q-Bridge MIB 

• OSPF MIB (RFC 1850) 

• Link Aggregation MIB (802.3ad) 

• IP Forwarding Table MIB (RFC 2096) 

• Intel® proprietary MIB 

See Chapter 5 for information on the SMNP agent commands. 

12



Assessing the Installation Site 

To operate the switch, the site should have the following facilities: 

• Power source to supply 6.0 A @ 125V, 60 Hz, or 3.0 A @ 250V, 

50 Hz, for each switch. 

• Operating environment temperature between 0º and 40º C 

(32º F to 104º F). 

• Allow at least four inches (4") of space surrounding the switch to 

provide for proper ventilation. 

• Do not exceed humidity levels at 90% non-condensing. 

The switch may be placed on a desk or table top, or it may be mounted 

in a standard 19" equipment rack. Apply the adhesive-backed rubber 

feet to the bottom of the switch if the switch is placed on a flat 

surface. 

Attaching Rack Mount 

Brackets 

To mount the chassis in an equipment rack, attach the rack mount 

brackets provided. 

Front Panel Screws 

1 Remove the four front-most screws on each side of the unit, as 

shown in the figure above. 

2 Fasten the brackets using the screws provided. 

13



3 After the brackets are securely fastened, the switch can be 

mounted into a standard (19") equipment rack. 

Caution 

Fully assembled, the switch weighs over 90 pounds. 

Mount the chassis prior to installing any modules or 

power supplies. Always use two people to lift the 

switch. 

Setting Up the Chassis 

Follow the instructions below to install the Carrier tray, CP, modules 

and any additional power supplies that were ordered. 

Assembled Chassis 

AC POWER CONNECTION BACK 

POWER SUPPLIES 

MODULES 

RS-232 PORT 

FAN ASSESMBLY 

CONTROL PROCESSORS 

10/100 ETHERNET (RJ-45) PORT 

14



Installing the Carrier Tray 

1 Remove the Carrier tray from the chassis carton. 

2 Carefully remove the Carrier tray from the ESD protective bag 

and place it on a flat surface. 

3 Lift the tray up by placing your hands on the sides of the tray or 

underneath the tray. 

4 Carefully slide the tray into the bottom slot of the Chassis (Slot 

5). 

5 Push the tray back until it connects with the backplane. 

Warning The backplane pins are easily bent. Use caution when 

inserting the carrier tray to insure proper alignment. 

6 Tighten both capture panel screws simultaneously. 

Carrier Tray Installation 

Slot 5 

Gender 

Adapter Bar 

Carrier Tray 

15



Installing the Control Processor 

Modules 

1 Remove the CP from the protective foam and caps. 

2 Carefully remove the CP from the ESD protective bag and place 

it on a flat surface. 

Warning Electrostatic Sensitive Device. Do not handle the 

printed circuit board unless the working area is static 

free!. 

Control Processor Installation 

Slot 5 

Primary CP 

3 Lift the board up by placing both hands on the side of the module 

faceplate panel or underneath the tray. 

4 Carefully slide the module into the left side of the Carrier tray. 

5 Push the module back until it connects with the gender adapter 

bar on the Carrier tray and the capture panel screws engage the 

chassis. 

16




7 If a secondary CP was ordered, repeat steps 1 through 6 and 

place the card on the right side of the Carrier tray. 

Control Processor Module 

Carrier Ready LED 

Status LED 

RS-232 Port 

Faceplate Panel 

Capture 

Panel 

Screw 

Diagnostics LED 

10/100 Ethernet Port (RJ-45) 

Primary/Secondary LED 

Note 

If the primary CP fails during boot up on a dual CP system, 

the secondary CP will not become the primary CP for at 

least five minutes. When both CPs boot successfully, the 

secondary CP assumes control within sixty-five seconds 

after the master CP fails. 

Installing Other Modules 

The Gigabit Ethernet and Fast Ethernet module may be placed in any 

of the four remaining slots. 

1 Remove the module from the modules’ carton. 

2 Carefully remove the module from the ESD protective bag and 

place it on a flat surface. 



free! 



4 Remove the blank filler tray from any of the slot bays. 

17



5 Carefully slide the module into the empty slot. 

6 Push the module back until it connects with the backplane and 

the capture panel screws engage the chassis. 

Warning The backplane pins are easily bent. Use caution when 

inserting the module to insure proper alignment. 


Module Installation 

Gigabit 

Ethernet 

Module 

Caution 

Always place one of the spare blank filler plates in the 

unused slots. This helps to maintain proper air flow 

throughout the chassis and keeps it free from dust. 

18



Installing Power Supplies 

If an additional power supply has been purchased, place it in any of 

the empty power supply bays at the top of the chassis. 

Note Intel recommends that for proper operation, you install an 

additional power supply if there are four media boards. 

1 Unpack the power supply from the carton. 

2 Loosen the capture panel screws on the face plate of the power 

supply bay until the face plate can be removed. 

3 Using the handle, pick up the power supply with one hand and 

support it underneath with the other hand. 

. 

Power Supply Installation 

Capture Panel 

Screws 

4 Push the power supply into the power supply bay until the capture 

panel screws engage the chassis. 

5 Tighten the capture panel screws simultaneously. 

19



Connecting the Power Cords 

1 Attach a power cord to each installed power supply. 

2 Plug the other end of each power cord into a properly protected 

AC power source. 

Once power is supplied, the switch automatically detects and powers 

up the modules found in each slot. 

Back Panel 

Checking Physical Condition 

Carefully review the switch installation instructions. Also complete 

the following physical examination of the switch and its cables: 

1 Check the switch for physical damage. 

2 Make sure the cables are installed according to instructions. 

3 Make sure all connections are secure and complete. 

4 Check the cables for possible crimps or excessive wear that may 

cause electrical short or incomplete connections. 

20



Front Panel LEDs 

Check the Control Processor (CP) front panel indicators (LEDs). 

LED Color Definition 

Status Solid Yellow Power up self-test 

running. 

Flashing Yellow 

Flashing Green 

Solid Green 

Power up diagnostics 

failed. 

Normal Operation - the 

CP module is operating 

normally and the media 

boards have completed 

their power up cycle. 

Boot image mode. 

Diagnostic Solid Yellow Running built-in selftest 

(BIST) sequence. 

Solid Green 

Passed built-in selftest 

(BIST) sequence. 

Carrier Ready Solid Green Carrier Board is 

operating. 

Primary/ 

Secondary 

Solid Yellow 

Solid Green 

Solid Yellow 

Carrier Board has 

failed. 

Designates the active 

CP. 

Designates the standby 

CP (requires two CP 

modules). 

• The Status LED on the CP board should light solid yellow while 

the built-in self-test (BIST) sequence is run. 

• The Status LED changes to flashing green if no errors are 

detected. 

21



• The Status LED changes to flashing yellow if an error condition 

is detected. 

• The Status LED maintains a solid green light if the switch boots 

up in boot image mode instead of the system image. See the 

Troubleshooting section to diagnose if there is a problem. 

Also check the Power Supply LEDs to ensure the power supplies are 

functioning properly. 

LED Color Definition 

AC Solid Yellow AC input power present. 

DC Solid Green Normal Operation - the 

power supply is operating 

normally. DC output is 

present. 

See the Intel® NetStructure 6000 Switch User Guide for the 

Gigabit and Fast Ethernet Modules for a description of the module 

LEDs. 

After completing the initial setup and power up, connect the switch to 

the network, set passwords for non-privileged and privileged mode, 

and assign an IP address to the switch. See Chapter 4 for details. 

Troubleshooting 

If the switch fails to operate, determine if there is a physical problem 

or a problem with the configuration of the switch to the network. This 

section gives you a quick guide to troubleshooting these problems. 

Troubleshooting Checklist 

Review the symptoms shown below for possible causes and 

recommended courses of action when the switch does not function as 

expected. 

22



Symptom Possible Cause Course of Action 

No indicators lighted. Power cord is loose. Check power cord 

connections. 

CP slot OK but other 

slots have no 

indicator lights 

CP LED display is 

solid green. 

Failure reported in 

one or more 

diagnostic tests. 

Power supply is 

faulty. 

Module has failed 

three times in a row. 

Bad board 

Power supply faulty 

Incompatible 

firmware version. 

Processor is in boot 

image mode instead 

of system image 

mode. 

Internal hardware is 

faulty. 

Refer to “Power 

Supply Replacement” 

for instructions on 

diagnosing power 

supply problems and 

replacing a power 

supply. 

Use show sysfails 

command to detect 

failed module. 

Use show sysfails 


failed module or 

power supply. 

Use show version 


firmware version. 

Reload firmware 

from Intel Web site. 

Contact Customer 

Support. 

Equipment Replacement 

Fan Assembly Replacement 

A fan failure can cause the chassis temperature to rise above 

acceptable levels. You are automatically notified on the console when 

a fan has failed. 

23



Type the non-privileged show sysfails command at the command line 

to display which of the three fans has failed. 

6000 Switch>#>show sysfails 

Fan Failure at Tue 6/8/99 12:59 

Fan 2 had failed, and is still failing. 

Note If the maximum operating temperature does not exceed 40º 

C (104º F), the switch continues to operate for the periods 

described in the following table Type show temperature at 

the command line to view the current switch temperature. 

Number of Failed Fans Shut-down Time 

1 None 

2 12 hours 

3 1 hour 

The following messages warn of impending shutdowns. 

• Trigger: temperature sensor has reached 44º C 

Warning: The switch temperature has reached 44º C. Automatic 

shutdown will occur at 48º C. 

In Intel Device View, this is a yellow warning alert. This message is 

sent every five minutes until the temperature drops below 44º C or 

reaches 46º C. 

• Trigger: temperature sensor has reached 46º C. 

Critical Warning: The switch has reached 46º C. Automatic 


In Intel Device View, this is a yellow warning alert. This message is 

sent every minute until the temperature drops below 46º C or reaches 

47º C. 

• Trigger: temperature sensor has reached 47º C. 

Critical Warning: The switch temperature has reached 47º C. 

Automatic shutdown will occur at 48º C. 

In Intel Device View, this is a red warning alert. This message is sent 

every one minute until the temperature drops below 47º C or reaches 

48º C. 

24




Critical Warning: The switch temperature has reached 47º C. 

Automatic shutdown has commenced. 

In Intel Device View, this is a red warning alert. 

• Trigger: temperature sensor has reached 44, 46 or 47º C and then 

has dropped back to 43º C. 

Critical Warning: The switch temperature has dropped below 

critical limits. The temperature is now 43º C. 

In Intel Device View, this is a green alert. 

When one or two fans have failed, the warning messages are: 


Critical Warning: The switch has reached 38C. Automatic 



every minute until the temperature drops below 38º C. 


Critical Warning: The switch has reached 39ºC. Automatic 



every minute until the temperature drops below 38º C. 

To replace the fan assembly 

Warning Only fan assembly modules identified as “Hot Swappable 

Fan” on the front of the chassis can be replaced 

without powering down the switch. 

1 Locate the fan assembly on the front panel of the chassis. 

2 Unscrew the capture panel screws on the fan assembly panel. 

3 Grasp the fan assembly with both hands and carefully pull it out 

from the backplane. 

25



Hot Swa pable Fan 

Capture 

Panel 

Screw 

Hot Swappable Fan label 

Fan Assembly 

Fan Assembly Panel 

4 Lift the fan assembly and place it safely on a flat surface. 

5 Unpack the replacement fan assembly. 

6 Slide the replacement fan assembly back until the capture panel 

screws engage the chassis. 

7 Tighten the capture panel screws. 

8 Reattach the power cords to the rear of the chassis. 

9 Type the non-privileged command clear sysfails after replacing 

a power supply to reset the show sysfails command. 

6000 Switch>#>clear sysfails 

The system failure area has been cleared. 

26



Power Supply Replacement 

A loss or reduction of power causes a full or partial shutdown of the 

switch. 

Type the show sysfails command at the terminal to determine which 

of the power supplies has failed. 

Type the non-privileged command clear sysfails after replacing a 

power supply to reset the show sysfails command. 



Caution 

If the switch has two power supplies, place the replacement 

in the empty power-supply bay before removing 

one of the power supplies. This prevents the switch 

from powering down during hot swap of the power supplies. 

Power Supply 

Capture Panel 

To replace a power supply 

1 Loosen the capture panel screws on the front of the power supply. 

2 Using the handle, pull out the power supply with one hand and 

27



grab it underneath with the other hand. 

3 Place the power supply on a flat surface. 

4 Unpack the replacement power supply. 

5 Place one hand on the handle and the other hand underneath to 

lift the power supply. 

6 Carefully slide the power supply into the power supply bay. 

7 Tighten the capture panel screws simultaneously. 

8 If returning the power supply, pack the original power supply in 

the materials provided for the replacement power supply. 

Note If a power supply bay is to remain empty, be sure to install 

the blank power supply face plate provided. This protects 

the chassis from dust. 

Replacing a Control Processor Module 

1 Remove the Control Processor from the carton. 

2 Carefully remove the Control Processor from the ESD protective 

bag and place it on a flat surface. 



free!. 

Secondary Control Processor Installation 

Secondary CP 

28





4 Carefully slide the module into the empty side of the Carrier 

tray. 

5 Push the module back until it connects with the gender adapter 

bar and the capture panel screws engage the chassis. 


Note 

If the primary Control Processor fail to boot up on a dual 

Control Processor system, the secondary Control Processor 

will not become the primary Control Processor for at least 

five minutes. When both Control Processors boot successfully, 

the secondary CP assumes control within sixty-five 

seconds after the master CP fails. 

Replacing Modules 

Gigabit 

Ethernet 

Module 

1 Disconnect the network interface cables from the module ports. 

2 Loosen the capture panel screws on either side of the module 

face plate. 

29



3 Pull the module out, away from the backplane. 



free! 

4 Place the module on a flat surface until you have removed the 

replacement module from the packing materials. 

5 Remove the replacement module from the ESD protective bag. 

6 Lift the module up by placing your hands on either side of the 

module face plate panel. Again, be careful not to touch the circuit 

area. 

7 Carefully slide the module into the slot. 

8 Push the module back until the capture panel screws engage the 

chassis. 


10 Pack the original module in the materials provided for the 

replacement module. 

The modules are hot swappable. Removing and inserting a module 

does not reset the switch. 

When a module is inserted or removed, the following message is 

displayed on the console, and the status LED on the CPU remains 

solid green. 

6000 Switch> 

Configuring system: Do not remove any media modules. 

Preparing for hot swap: OK 

Warning 

Do not insert or remove another medial module until 

the Status LED is flashing green. The system resets if 

the Status LED is not flashing. 

The following message is displayed if a module is removed or 

inserted before the Status LED has changed to flashing green: 

************************************************** 

* Media removal/failure during configuration update 

* Resetting system... 

************************************************** 

30

Using Intel® 

Device View 

Topic 

See Page 

Overview 32 

Installing Intel® Device View 32 

Starting Intel® Device View 34 

Installing a New Device 35 

Using the Device Tree 36 

Managing a Switch 38 

Viewing RMON Information 39



Overview 

Intel® Device View, versions 2.1.6 or later, lets you manage the 

Intel® NetStructure 6000 Switch and other supported Intel 

networking devices on your network. 

Intel Device View provides these features: 

• The ability to configure new network devices 

• Graphical device manager for Intel switches, hubs, and routers 

• Autodiscovery, which finds supported Intel devices on the network 

• The Device Tree, which shows all the supported devices detected on 

your network 

• Remote Network Monitoring (RMON) 

• Web or Windows* platform 

• Plug-in to HP OpenView*, IBM Tivoli NetView*, and Intel 

LANDesk® Network Manager. 

• Other useful tools such as a TFTP server, Telnet and Ping. 

Installing Intel Device View 

Before you install Intel Device View, make sure your PC meets the 

system requirements in the Intel® Device View User Guide, which is 

included on the Intel Device View CD-ROM. 

32


Using Intel® Device View 

To install Intel Device View 

1 Put the Intel Device View CD-ROM in your computer’s CD-ROM 

drive. The Intel Device View installation screen appears. If it does 

not appear, run autoplay.exe from the CD-ROM. 

2 Choose the version of Intel Device View you want to install. 

• Click Install for Windows to install Intel Device View for 

use on this PC only. 

• Click Install for Web to install Intel Device View on a Web 

server. You will be able to access the Device View server 

from any PC on your network with Internet Explorer 4.0x or 

later. 

• Click Install as Plug-in to install Intel network device support 

for HP OpenView, IBM Tivoli NetView, or Intel LANDesk 

Network Manager. This option is not available if you don’t have 

OpenView, LANDesk Network Manager, or NetView installed 

on the PC.3 

3 Follow the instructions on screen in the installation program. 

33



Starting Intel Device View 

Install either the Windows or Web version of Intel Device View. 

Windows* version 

If you manage devices with Intel Device View from only one location 

on the network, install the Windows version. From your desktop, 

click Start, then point to Programs > Intel Device View > Intel 

Device View - Windows. Intel Device View’s main screen appears. 

Web version 

If you want to manage devices from any PC on the network using 

Intel Device View, install the Web version. 

• From your desktop, click Start, then point to Programs > Intel 

Device View > Intel Device View - Web. Intel Device View’s main 

screen appears. 

• To view Intel Device View from another PC on your network, type 

the following URL, http://servername/devview/main.htm, where 

servername is the IP address or name of the server where Intel 

Device View is installed. In the example shown below, the URL is 

entered into the Address field in Internet Explorer. 

Intel Device View’s main screen appears. 

34



Installing a New Device 

After you’ve installed a new switch on your network, you can use 

Intel Device View’s Device Install Wizard to configure it for 

management. 

To install and configure a new switch for 

management 

1 Start Intel Device View. The Device Install Wizard appears. If it 

does not appear, click Install from the Device menu or doubleclick 

the appropriate MAC address in the Device Tree under 

Unconfigured Devices. 

2 In the Device Install Wizard - Start screen, click Next. 

3 In the Device Install Wizard - MAC Address screen, click the 

MAC address of the new switch, then click Next. 

4 Follow the instructions in the wizard to assign an IP address and a 

name to the switch. 

35



Using the Device Tree 

When you start Intel Device View, the Device Discovery service 

begins searching for supported Intel network devices on your 

network. As it discovers devices, the Device Discovery service adds 

an icon for each device to the Device Tree on the left side of the 

screen. Different states of the 6000 Switch are represented by unique 

icons in the Device Tree. 

Device Tree icons 

Device Tree root 

Subnet 

Intel NetStructure Switch 

(non-responding the icon is red) 

Unconfigured Intel NetStructure Switch 

Group of Intel NetStructure Switches 

Intel NetStructure Switch (Layer 3 capable) 

36



The Device Tree works much like Windows Explorer. To expand the 

root or a subnet, click the (+) next to the icon. To collapse the view, 

click the (-) next to the icon. Double-click a device icon to view the 

device image. 

To add a device to the Device Tree 

1 Right-click anywhere on the Device Tree. 

2 Click Add Device on the menu that appears. 

3 In the Add Device dialog box, type the IP address of the switch you 

want to add. 

4 Fill in the other fields, as appropriate. 

5 Click OK. 

The new switch’s icon appears in the Device Tree. 

To refresh the Device Tree 


2 Click Refresh on the menu that appears. 

Refreshing the Device Tree updates it to show any newly discovered 

devices and changes in device status. 

To delete a device from the Device Tree 

1 Right-click the device you want to remove from the Device Tree. 

2 Click Delete on the menu that appears. 

Deleting a device from the Device Tree does not affect the actual 

device. 

To find a device in the Device Tree 


2 Click Find on the menu that appears. 

3 In the Find Device dialog box, type the IP address of the device 

you want to find in the tree. 

4 Click OK. 

The device’s icon is highlighted in the Device Tree. 

37



Losing contact with a device 

If Intel Device View loses contact with a switch, it replaces the switch 

icon with the non-responding switch icon. When the non-responding 

switch icon appears, you will not be able to manage the device in Intel 

Device View. If you’re unable to ping the device or start a Telnet 

session, try accessing the switch’s Local Management. 

Managing a Switch 

To manage a 6000 switch, double-click the switch icon in the Device 

Tree. In the example shown below, the switch has been assigned an 

IP address of 124.123.122.3. 

38



The 6000 switch’s Web Device Manager appears in the Intel Device 

View window. Use the Web Device Manager as described in Chapter 

3. 

For complete information on using Intel Device View, refer to the 

program’s on-line help or see the User Guide on the Intel Device 

View installation CD-ROM. 

Viewing RMON information 

The remote monitoring (RMON) specification extends SNMP 

functionality to look at traffic patterns on the network instead of 

merely looking at the traffic for an individual device. The following 

RMON groups are supported: 

• Group 1 (Statistics): Monitors utilization and error statistics for 

each network segment (10 Mbps or 100 Mbps). 

• Group 2 (History): Records periodic statistical samples from 

variables available in the statistics group. 

39



• Group 3 (Alarms): Allows you to set a sampling interval and alarm 

thresholds for statistics. When a threshold is passed, the switch 

creates an event. For example, you might set an alarm if switch 

utilization exceeds 30%. 

• Group 9 (Events): Provides notification and tells the switch what to 

do when an event occurs on the network. Events can send a trap to a 

trap receiving station or place an entry in the log table, or both. For 

example, when the switch experiences an RMON Event, it sends out 

an Alarm. The switch also keeps a log that shows a list of the 

RMON Events and RMON Alarms that have occurred on the switch. 

To view RMON statistics 

1 Right-click the switch’s icon in the Device Tree, then point to 

RMON. 

2 Click the RMON option you want to view: 

You can also access RMON features by using LANDesk Network 

Manager, or an SNMP application that supports RMON such as 

OpenView. For more information about using RMON to monitor the 

switch, refer to the Intel Device View Help. 

40

Using the Web 

Device Manager 

Topic 

See Page 

Accessing the Web Device Manager 43 

Navigating the Web Device Manager 44 

View/Configure Device Menu 50 

Configure Management Menu 66 

VLAN Menu 74 

Routing Menu 100 

Reset and Update Menu 114 

Help Menu 119



The Web Device Manager is built into the Intel® NetStructure 

6000 Switch, and it lets you use a Web browser to manage and 

monitor the switch. For example, you can use the Web Device 

Manager to configure the switch or individual ports, to monitor traffic 

statistics and utilization and to view and configure switch devices, 

Virtual LANs (VLANs) and routing. 

Note 

If accessing the Web Device Manager through a serial or 

terminal connection, always make the connection through 

the management port instead of a media board port. 

The Web Device Manager can be used with the following frame 

capable browsers: Microsoft Internet Explorer*, versions 4.05 or 

later and Netscape Navigator*, versions 4.0 or later. The monitor 

display resolution should be set at 1024 x 768 pixels for best results. 

If you are using Microsoft Internet Explorer 4.0 or later, configure the 

browser to check for newer versions of stored pages each time you 

load the page. 

42


Using the Web Device Manager 

If you are using Netscape 4.0 or higher, configure the browser to 

compare cached documents to documents on the network every time. 

Note The top-level menu is normally collapsed until you rightclick 

to expand the menu items. Some older versions of 

Netscape browsers are incompatible and limit the mechanism 

for keeping track of open menu items. The Web 

Device Manager detects these incompatible browsers and 

expands all menu items. 

The menus do not collapse with Netscape for Solaris*, version 

4.04 and Netscape for Linux*, version 4.05 

Netscape for Solaris, version 4.5 and Netscape for Linux, 

version 4.61 are compatible. 

For additional information about using this interface, see Web Device 

Manager Help. 

Accessing the Web Device 

Manager 

1 Type the switch’s IP address in your Web browsers’ address or 

location field. 

2 Click OK. The password dialog box is displayed. 

43



3 Type in the default username priv. 

4 The switch is shipped with a “null” password (i.e., no password). 

Press OK to access the Web Device Manager. If you 

have not set a basic or privileged password, refer to the Configure 

Management menu later in this chapter for instructions on 

setting a password. 

If you have set a password, type the current privileged password 

for the switch, then click OK. The Web interface recognizes the 

password that was set at the console command line. 

Note If the basic password is used to login to the switch, you cannot 

configure or set features on the switch until you have 

logged in with the privileged password. 

5 In the menu on the left, select options to configure and access 

the various administrative areas of the switch configuration. 

Navigating the Web Device 

Manager 

1 Click a menu (such as View/Configure Device) on the left side 

of the Web Device Manager window to show options. 

2 Click an option in the menu. The corresponding screen appears 

on the right side of your Web browser window. 

44



45



Display Options 

Hypertext links are displayed in many of the tables. Click the link to 

access configuration screens for the selected option. 

The table below describes the colors used to display port connection 

information. 

Port Color 

Gray 

Green 

Orange Cross 

10/100 & Gigabit Ethernet 

Link Down 

Link Up 

Disabled Port 

Use the browser’s View menu font options to change the text size and 

display more data in the main frame. 

46



Buttons 

Each configuration screen includes various buttons on the bottom of 

the screen. 

Button 

Submit 

Reset 

Apply 

Default 

Help 

Function 

Applies the configuration settings on the current 

screen. Saves the settings to NVRAM. 

Clears any changes you made on the current 

screen and restores the currently applied 

settings. 

Saves the current configuration. 

Resets the current screen to the factory default 

settings. 

Displays help for current screen. 

Slot Display 

The top frame displays a graphic of the current module that is 

installed in the first slot that contains a module. 

Click a link under the graphic to configure a port, monitor port 

statistics, and display module hardware version information. Click 

Port Help to view port configuration help. 

Note 

To view firmware versions, click the View/Configure 

menu, then Carrier. 

47



Configuring a Port 

You can use the Web Device Manager to enable or disable a port, and 

to change its speed, duplex, and priority settings. 

To change port settings 

1 Click Port Control under the displayed module. 

2 Select the options that you want to change. 

• Set Auto-negotiation: Auto-negotiation is enabled by 

default. Auto-negotiation allows each end of a link to query 

the other to determine a compatible mode of operation. For 

example, if both links support full-duplex operation, then the 

switch can determine this mode. When a link becomes active, 

the switch determines the highest throughput mode of 

operation between the two devices. 

• State: You can configure any port as up (enabled and allowing 

data to pass) or down (disabled with no data transmission or 

reception). All ports are enabled by default. 

• Priority: You can set the switch priority queue for packets sent 

or received on this port. Click the box to select the priority 

levels. The priority level ranges from seven (7), highest 

priority) to zero (0), lowest priority. Higher priority frames 

have precedence over lower priority or untagged frames. 

3 Click Submit. 

48



Monitor Statistics 

Use the Web Device Manager to monitor transmit and broadcast 

traffic and errors. 

To access statistics for a port, click Monitor Statistics below the 

displayed module. 

The table displays the following statistics 

• TX MCAST Pkts: Displays the number of multicast packets 

transmitted. Multicast packets are sent from one node to multiple 

nodes on a segment. 

• TX BCAST Pkts: Displays the number of broadcast packets 

transmitted. 

• TX UCAST Pkts: Displays the number of unicast packets 

transmitted. 

• TX errors: The total number of transmission errors detected 

since the last switch reboot. 

• RX MCAST Pkts: Displays the number of multicast packets 

received. Multicast packets are sent from one node to multiple 

nodes on a segment. 

• RX BCAST Pkts: Displays the number of broadcast packets 

received. 

49



• RX UCAST Pkts: Displays the number of unicast packets 

received. 

• RX errors: The total number of receive errors detected since the 

last switch reboot. 

Show Version Information 

To view module hardware version information, click Show Version 

Information under the displayed module. 

View/Configure Device Menu 

Use the View/Configure Device menu to view module configuration 

information, configure or change basic switch settings, and control 

and monitor switch traffic. 

50



Module information 

The type of modules that are installed in the 6000 switch are 

displayed in the Slot 1 through Slot 4 menu options. Click a slot 

number and the graphic changes to the selected module. 

The 6000 switch supports two control processors for redundancy. CP 

A is the control processor on the left side of the chassis. Click CP A, 

the firmware version and other internal hardware information is 

displayed. If you have installed a backup control processor, then click 

CP B to view the same information. 

51



Power Supplies & Fans 

To view power supply and fan status, click the View/Configure 

menu then Power Supplies & Fans. The Power Supplies, Fans and 

Temperature screen is displayed. 

Note 

If the maximum operating temperature or high water mark 

exceeds 48º C (118.4º F), the switch automatically shuts 

down. 

All Ports at a Glance 

All Ports at a Glance is used to view the current module 

configuration. Every media module that is installed in the switch is 

graphically displayed. Click any port and the Port Configuration 

screen is displayed. See Configuring a Port earlier in this chapter. 

52



DNS Configuration 

The switch supports contacting a server running the Domain Name 

Service (DNS) to substitute host names instead of network IP 

addresses. 

yourcompany.com 

192.2.2.150 

192.2.2.152 

53



To configure DNS 

1 Set the DNS default domain name. This permits the use of simple 

host names instead of network IP addresses each time a 

switch command is entered. 

2 Set the IP address of the primary DNS server. 

3 Set a backup DNS server in case the primary DNS server is 

unavailable. It is not mandatory to specify a backup server. It is 

provided as a redundancy feature. 

4 Click Enable. 


Configuring the IP Settings 

Use this feature to change the IP address of the switch. The 

information is stored in NVRAM. 

Note Changes to the IP configuration do not take effect until the 

next reboot of the switch. 

The out-of-band port or management port on the front of the CP is 

identified as interface et0. 

In-band through the switched ports is identified by interfaces sw1 

through sw4093 and are assigned for each VLAN configured to use 

IP. 

To change the IP address 

1 Type the new IP address, subnet mask and broadcast address. 


54



172.21.2.239 

172.21.255.255 

0.0.0.0 

172.21.2.239 

172.21.255.255 

0.0.0.0 

To change the default gateway 

Note If you do not plan to use the switch for routing, you can set 

a default gateway. 

1 Type the new default gateway address. 


Note Gateway changes take effect immediately. Type 0.0.0.0. to 

delete the default route. 

55



IP Access Control 

An Access Control List (ACL) is a list of rules used to permit or deny 

the flow of IP traffic through the network. The rules are created based 

on source and destination IP addresses. 

The order in which rules are applied to an incoming packet is 

determined by the order that a rule was entered into the ACL. The 

6000 switch supports a maximum of 128 filtering rules. 

The source IP address and source subnet mask or destination IP 

address and destination wildcard mask represents a single host or a 

range of hosts in a network. 

A wildcard mask is a method used to define a range of host IP 

addresses with an accompanying network or subnet IP address. It 

uses the same notation as the dotted decimal IP address. The wildcard 

mask cannot overlap with the corresponding network or subnet 

address 

There are two rules that are always placed at the end of the list 

whether implied or explicitly added to the list. 

• permit all all 

• deny all all 

If the ACL is empty or an end rule has been omitted, the “deny all all” 

rule is implied. 

To add an IP Access Control rule 

1 Click the View/ Configure menu, then click IP Access Control. 

The IP Access Control configuration screen is displayed. 

Note Disable ACL before adding rules. 

56



2 Click Add to add a rule. A configuration dialog box is displayed. 

57




• Action: Click Permit or Deny to select the type of rule to add. 

• Source: Select either Address/Mask, host or all 

• Address: For a single device, select Address/Mask, or host. 

The address must be the designated IP address of the device. 

If you select Address/Mask, type the designated IP address of 

the device in the Address box 

If you select host, type the IP address. The wildcard mask is 

automatically set to 0.0.0.0. 

If you select all, the address is automatically set to 0.0.0.0 and 

the mask is set to 255.255.255.255. 

• Mask: The wildcard mask must be 0.0.0.0 or the word host. 

• Destination: Select either Address/Mask, host or all 

If you select Address/Mask, type the designated IP address of 

the device in the Address box. 

If you select host, type the IP address. The mask is 

automatically set to the wildcard mask 0.0.0.0. 

If you select all, the address is automatically set to 0.0.0.0 and 

the wildcard mask is set to 255.255.255.255. 

• Address: Select the destination Address/Mask or host. The 

address must be the designated IP address of the device. 

• Mask: The wildcard mask must be 0.0.0.0 or the word host. 

4 Click Add to add the rule to the rules list. You are returned to 

the IP Access Control configuration screen. 

See the IP Access Control Sample Configuration in Chapter 5 for an 

example of how to use Access Control Lists. 

To place a new rule within an existing list, click a rule to select it then 

click Add. The Add Rule configuration window is displayed. After 

configuring the new rule, it is then placed after the rule that was 

highlighted. If no rule was highlighted, then the rule is placed at the 

beginning of the list. 

5 Click Enable. 


You can swap two existing permit or deny rules from their current 

position to a new position within the rule list. 

58



To swap rules 

1 Select the rules that you want to swap or reverse order. Use 

Ctrl-click or Command-click to select the rules that you want to 

swap. 

2 Click Swap. 

Note You cannot swap two rules, if one is an end rule. 

To delete a rule 

1 Click the rule that you want to delete. To select more than one 

rule, use Ctrl-click or Command-click to highlight the rules that 

you want to delete. 

2 Click Delete. 

Port Mirroring 

Port mirroring is a useful diagnostic tool because it allows you to send 

a copy of the good Ethernet frames transmitted or received on one 

port to another port. On the second port you can attach a protocol 

analyzer to capture and analyze the data without interfering with the 

client on the original port. 

To configure Port Mirroring 

1 Click the View/Configure menu, then Port Mirroring. The 

Port Mirroring configuration is displayed. 

59




• Status: Click Enabled to activate Port Mirroring. 

• Source Port: Type the port number for the port whose traffic 

you want to mirror. The range is determined by the number of 

ports installed in the chassis. 

• Monitor Port: Type the port number for the port to receive the 

mirrored traffic. This would be a port to which you have 

connected a protocol analyzer. The range is determined by the 

number of ports installed in the chassis. 

Note To change port settings, Port Mirroring must be disabled. 


BOOTP/DHCP Relay Agent 

A BOOTP relay agent enables the switch to pass DHCP and BOOTP 

broadcast messages from one subnet to another. 

To configure the BOOTP relay agent 

1 Click the View/Configure menu, then BOOTP/DHCP Relay 

Agent. 

60




• BOOTP/DHCP Relay: Click Enabled to activate the relay 

agent. 

• Maximum Number of Hops: Specifies a discard threshold. If 

a packet has traversed more hops than the value of the hops 

parameter, the router drops the packets. The range is between 

one and 16. The default is four. Select a number from the dropdown 

list. 

• Click Submit. 

Storm Control 

An excessive number of broadcast or multicast frames on a network 

can degrade network performance by starving out unicast traffic. 

Broadcast and multicast storm control is intended to safeguard 

against this threat by limiting the amount of broadcast and/or 

multicast traffic that a port is allowed to receive and forward. 

To configure storm control 

1 Click the View Configure menu, then Storm Control. The 

Storm Control Status table is displayed. 

61



2 Click a port number to change the settings. A dialog box opens. 


• Threshold: To protect against broadcast or multicast storms, a 

broadcast and/or multicast threshold is set for each port. A 

threshold is a percentage of the maximum bandwidth of the 

link. The higher you set the threshold percentage, the less 

effective the protection against broadcast storms. The default 

broadcast and multicast thresholds are 100 percent, which 

disables storm control. 

Type the Broadcast and Multicast Threshold percentage. 

The range is one to 100. The default is 100. 

• Discard Period: When the broadcast or multicast threshold for 

a port is exceeded, the switch disables frame reception for a 

given duration that is equal to the discard duration. 

Type the Broadcast and Multicast discard period. The range 

is zero (0) to 256 seconds.The default is 5 seconds. 


Spanning Tree 

The IEEE 802.1d specification for Spanning Tree protocol allows 

switches and bridges to eliminate duplicate paths and loops in a 

network. The protocol allows the switch to communicate with these 

other devices and to map the network. 

62



The Spanning Tree Protocol controls different states for each port, 

i.e., listening, forwarding, or blocking. 

To configure 802.1d or single spanning tree 

1 Click the View/Configure menu, then Spanning Tree. The 

Spanning Tree configuration screen is displayed. 

Note The forwarding database (FDB) should be set for Single 

VLAN Learning (SVL) mode before configuring 802.1d 

Spanning Tree. See VLAN FDB for instructions on changing 

the mode. 

2 Click Single in the Type box. 

3 Click On to enable Spanning Tree. 


5 Click Spanning Tree Configure. The Spanning Tree Configure 

screen is displayed. 

63



6 Type the priority value for the switch. The range is from 0 to 

65,335. The device with the lowest number becomes the root 

device (the starting point for the spanning tree). 


To configure the ports 

1 Click Port Configure. The Single Spanning Tree Port Configure 


2 Set the port cost. Type in a number from 1 to 65535. This value 

is used by the Spanning Tree Protocol to determine alternate 

routes in the network to forward traffic. The higher the cost of a 

port, the lower the chance of this port being used to forward 

traffic. When possible, give a port a low cost if it is connected to 

a fast network segment. 

3 Set the port priority. Type in a number from 1 to 65535 to set the 

port’s priority in the Spanning Tree. The higher the value, the 

lower the chance of this port being used as the root port. If two 

ports have the same priority value, the Spanning Tree uses the 

port with the lowest number. For example, the Spanning Tree 

would choose port 1 over port 4 if they both had the same priority 

setting. 


64




You can increase the bandwidth to some devices using Link 

Aggregation. Link Aggregation allows you to combine two or more 

adjacent ports so that they function as a single high-speed link. Link 

Aggregation is useful when making connections between switches 

(or switch stacks) or to connect servers to the switch. 

• Aggregate ports must be of the same media type, speed and 

belong to the same VLAN with the same tag status (tagged or 

untagged). Refer to VLAN Port Management for more 

information about VLAN frame tagging. 

• The ports must be configured for full-duplex mode 

• A maximum of 16 ports can be included in a single aggregation. 

• Aggregation is not possible with the RS-232 port or management 

port. 

To configure Link Aggregation 

1 Click the View/Configure menu, then Link Aggregation. The 

Link Aggregation Basic Configuration table is displayed. 

65



2 In the Media Port column, click the media ports that are to be 

aggregated or grouped together. 

3 In the Select column, click the Aggregator Port that is to be 

used as the aggregator link number. Each media port is assigned 

an aggregator port number, which is the same as the media port 

number by default. Select the lowest media port number of the 

group of media ports as the aggregator port number. In the picture 

above, media ports 1, 2, 3 and 4 are to be grouped together 

into aggregator link 1. 


The Link Aggregation Ports Table, Aggregators Table, Link 

Aggregation Port Statistics Table and Link Aggregation Ports Debug 

Table display information detailed in the IEEE 802.3ad draft 

specification. 

For more advanced features of link aggregation, see Chapter 5 and 

Appendix A. 

View CPU Processes 

The View CPU Processes screen displays the current status of all the 

active processes in the switch’s multitasking operating system. 

Configure Management Menu 

Use the Configure Management menu to view and set the switch 

configuration, set the date and time, change the basic and privileged 

password, Telnet to a terminal or console, ping a device and set 

SNMP configuration parameters. 

66



System at a Glance 

The System at a Glance displays common configuration parameters 

for the switch. 

To view the System at a Glance 

1 Click the Configure Management menu, then System at a 

Glance. 

2 Click a link to configure the parameters. 

67



Date & Time 

To change the date and time 

1 Click the Configure Management menu, then Date & Time. 

The Date and Time configuration screen is displayed. 

2 To change the date, select the month, day and year. 

3 To change the time, select the hour, minute, and second. 


Password, Basic 

To change the basic switch password 

1 Click the Configure Management menu, then Password, 

Basic. The Basic User Password screen is displayed. 

68



2 Type the previous password in the Old Password box. 

3 Type the new password in the New Password box. 

Note The maximum number of characters in a password is 10. 

4 Retype the new password in the Verify New Password box. 


Password, Privileged 

To change the privileged switch password 

1 Click the Configure Management menu, then Password, 

Privileged. The Privileged User Password screen is displayed. 

2 Type the previous password in the Old Password box. 

3 Type the new password in the New Password box. 

Note The maximum number of characters in a password is 10. 

4 Retype the new password in the Verify New Password box. 


69



Telnet to Console 

You can connect to the command console interface through Telnet. 

The switch’s firmware supports multiple simultaneous Telnet 

connections. The number of sessions is limited by the system 

resources. Telnet is enabled by default. 

To Telnet to another device 

1 Click Configure Management, then Telnet. The Telnet Feature 


2 Click Enable to activate Telnet (if it has been disabled). 

3 Click Open Console Session to open the Telnet window. 

Ping 

Ping tests connectivity between the switch and other devices. 

Successful completion of a ping request indicates that the IP levels of 

each device are able to communicate with each other. This verifies 

correct operation of the network interface, interface address 

information, and any routing between source and destination. 

70



To ping to a device 

1 Click the Configure Management menu, then Ping. The Ping 

from Switch configuration screen is displayed. 

2 Type in the IP address of the device you want to ping. 

3 Select the number of seconds to time-out before a connection is 

made from the drop-down box. If the device is on a remote network, 

you may need to adjust the timeout in order to receive a 

response. 

4 Click Ping to start the process. 

SNMP Configuration 

SNMP Security Level, Community Configuration, and Host 

Configuration combine to control read, write, and trap access for the 

managed device. The Community string is used by network 

management applications to gain access to the SNMP data in the 

managed device. 

71



To access SNMP configuration 

1 Click Configure Management, then SNMP Configuration. 

The SNMP Configuration screen is displayed. 

SNMP Community Configuration 

To configure SNMP Communities 

1 Click Communities. The SNMP Community Configuration 


2 Select the Security Level from the drop-down box. The default 

setting is 2, which allows stations in the host table to have write 

access. The other levels are described in the following table. 

72



Level 

Behavior 

1 Does not verify host in community. 

Anyone can configure the switch if 

they know the community string. 

2 Verifies host in community for write 

privileges only. 

3 Verifies host in community for read 

and write privileges. 

Note Only stations in the host table are able to view and configure 

the switch in Intel® Device View. Changing the default 

security level prevents this switch from being viewed by 

Intel Device View. 

3 Click the check boxes to select a Community string. The SNMP 

agent, along with the type of messages that are identified with it 

(get, set, trap), is referred to as an SNMP community. Each 

community is identified by a community name The default 

community settings are defined in the table below. 

Community Name 

Public 

Private 

Trap 

Permissions 

GET 

SET 

GET, SET 

4 Click Submit 

Host Configuration 

SNMP hosts provide an additional level of SNMP access control used 

in verifying SNMP permissions. For get and set operations, the agent 

verifies that the SNMP management station is in the host list. The list 

is also used to determine which management stations receive traps. 

As a configuration option, you can add up to eight IP addresses of 

network management stations where traps are specifically sent. 

73



To configure hosts 

1 Click Hosts under SNMP Configuration. The SNMP Host Configuration 


172.21.2.58 

172.21.2.58 

172.21.2.245 

172.21.2. 258 

172.21.2.58 

2 In the Host box, type in the IP address of the management stations. 

3 In the Community box, type in the community where the management 

station belongs. You can configure up to eight hosts. 


VLAN Menu 

Use the VLAN menu to create and manage VLANs, set VLAN 

security, configure IGMP Snooping and Spanning Tree for VLANs. 

74



VLAN Create/Delete 

To create a VLAN 

1 Click the VLAN menu, then VLAN Create/Delete. 

2 In the 802.1Q Tag box, type a VLAN identifier (VID). 

75



Associate a physical port on the switch to one or more VLAN 

identifiers (VID). VLANs are assigned a number from 1 to 4,094. 

This number becomes the VID and the number that is used to identify 

a VLAN. 

3 Type a name in the VLAN Name box (optional) 


To delete a VLAN 

1 Click the list of VLANs. 

2 Select the VLAN from the box that you want to delete. 

3 Click Delete VLAN. 

VLAN Port Management 

Use VLAN Port Management to view VLANs, add ports to existing 

VLANs and configure port tagging. 

To View Existing VLANs 

1 Click VLAN, then VLAN Port Management. The VLAN Port 

Management screen is displayed. 

2 Click Display VLANs and Configure PVIDs to view all 

VLANs. 

The VLANs are displayed in various colors. The VLAN identifier 

(VID) with the lowest number is displayed for ports that are members 

of multiple VLANs. Example: If Port 2 is a member of VLAN 1 (red), 

3 (blue) and 5 (yellow), red is displayed in the “member other VLAN” 

row. Click Color Code Help to match VLANs and colors. 

Ports that are members of multiple VLANs are indicated with the MV 

symbol. 

76



Port Type 

Global Port 

Slot Subport 

Description 

Refers to all ports in the switch. 

The first slot with an installed 

module begins the numbering 

sequence. A switch with four 8- 

port Gigabit Ethernet modules, 

would have ports 1 to 32. 

For each module, the ports are 

numbered from left to right, 

beginning with Port 1. For 

example, on a Gigabit Ethernet 

module, the ports are number 1 to 

8. 

77



3 Click a slot or global port number to display all VLANs of 

which this port is a member. A new window opens that displays 

the default PVID and the VID or VLANs of which the port is a 

member. 

To assign ports to a VLAN 

1 Click the VLAN menu, then VLAN Port Management 

2 Select a VLAN from the VLAN Port Management list. 

3 Click Assign Ports to this VLAN. 

78



4 Click the boxes under the port numbers on the Add to this 

VLAN row. 


Configure Port Tagging 

A VLAN tagged frame carries an explicit identification of the VLAN 

to which it belongs. Such a frame is classified as belonging to a 

particular VLAN based on the value of the VID that is included in the 

tag header. 

When frames are sent across the network, a tag header is used to 

indicate to which VLAN a frame belongs. This insures that the switch 

forwards the frame to only those ports that belong to that VLAN. 

To configure port tagging 

1 Click the VLAN menu, then VLAN Port Management. 

2 Select a VLAN from the list. 

3 Click Configure Port Tagging. The Configure Port Tagging 


79



4 Check individual ports to tag them for the selected VLAN. 


VLAN Interface Configuration 

VLANs can be assigned an IP address to allow management of the 

switch from that VLAN or to route frames between VLANs. This 

creates a network interface for the switch. The number of VLANs that 

can be assigned a network interface IP address is limited to 128. 

To create a VLAN interface 

1 Click the VLAN menu, then VLAN Interface Config. 

2 Select a VLAN from the list. 

3 Type the IP address, netmask and the broadcast address. 

4 Click Enable Routing check box. 

VLAN routing configuration allows control of which VLAN IP 

frames can be routed. For example, it is possible to specify that a 

particular VLAN cannot be used as the source when forwarding IP 

frames. 

Note If IP routing is disabled for a VLAN, it only applies to 

ingress or received IP frames. It is still possible for other 

VLANs to route to the VLAN. 

80



VLAN routing configuration can be used in environments where 

VLANs exist, and those VLANs are given IP addresses for 

management, but no routing is required. In this environment, IP 

routing can be disabled for each VLAN. 


VLAN Reset 

To reset all of the VLANs to the factory default 

1 Click the VLAN menu, then VLAN Reset. The VLAN Reset 



VLAN Security 

VLANs are used to limit traffic to a particular area of the network. 

802.1Q introduces the concept of tagged frames, where VLAN 

information is included in the frame. Using tagged frames allows 

VLAN information to be communicated across multiple switches. 

Such a VLAN tag includes information for both the VID and the 

priority of the frame. However, storing VLAN and priority 

information in the frame can cause security problems. 

To configure VLAN security 

1 Click the VLAN menu, then VLAN Security. The VLAN 

Security options are displayed. 

81



There are three main modes for setting VLAN security 

• 802.1Q ingress checking. 

• Trusted and untrusted 802.1Q tag mode. 

• Acceptable frame types. 

Ingress Checking 

An “Enable Ingress Filtering” parameter is associated with each port. 

If the “Enable Ingress Filtering” parameter is set for a port, the 

ingress rule discards any frame received on a port from a VLAN that 

does not include that port within its member set. 

To configure Ingress Checking 

1 Click Ingress Checks. The VLAN Security Port Ingress 

Checks screen is displayed. 

2 For each port that you want included in ingress checking, click 

the box under each port on the Ingress Rules Check row. 


82



VLAN Security Trusted and Untrusted Ports 

Trusted and untrusted 802.1Q tag modes can be used for enhanced 

security in a VLAN aware network. 

Each port in the system has a trusted or untrusted mode for the VID 

of a tagged frame. In trusted mode, the VID of a tagged frame is 

always used. In untrusted mode, the PVID of the port is used even if 

the frame is tagged. 

To configure trusted and untrusted frame tagging 

1 Click Trusted VID. The VLAN Security Trusted VID screen 

is displayed. 

1 For each port that you want trusted, click the box under each 

port on the Trusted row. 

2 For each port that you want designated untrusted, click the box 

under each port on the UnTrusted row. 


83



Similarly, each port in the system has a trusted or untrusted priority 

mode. In trusted priority mode, the priority of a tagged frame is 

always used. In untrusted priority mode, the default port priority is 

used even if the frame is tagged. 

Note To configure the port priority level, see “Configuring a 

Port” earlier in this chapter. 

To configure trusted and untrusted frame tagging 

1 Click Trusted Priority. The VLAN Security Trusted Priority 


2 For each port that you want trusted, click the box under each 

port on the Trusted row. 

84



3 For each port that you want designated untrusted, click the box 

under each port on the UnTrusted row. 


VLAN Security Accepted Frame Types 

Associated with each port of a VLAN bridge is an “acceptable frame 

types” parameter that controls the reception of VLAN-tagged and 

non VLAN-tagged frames on that port. The valid parameters are 

“accept any frames and “accept only VLAN-tagged frames. 

• Accept Any Frames 

This is the default setting when there are no rules that apply regarding 

the format of an ingress frame. Any frame types are accepted. 

• Accept only VLAN-tagged frames 

When “accept only VLAN-tagged frames” is set, the ingress rule 

discards any untagged frames or priority-tagged frames received on 

that port. Tagged frames that are not discarded are classified and 

processed according to the ingress rules that applies to that port. 

This mode can be used to prevent clients from gaining access to 

VLANs of which they are not a member. 

1 Click Accepted Frame Types. The VLAN Security Accepted 

Frame Types configuration screen is displayed.. 

85



2 For each port that you want to only accept tagged frames, click 

the box under each port on the Tagged row. 

3 For each port that you want to accept any type frames, click the 

box under each port on the Any row. 


VLAN IGMP Snooping 

IGMP Snooping (Internet Group Management Protocol) is a feature 

that allows the switch to forward multicast traffic intelligently on the 

switch. Based on the IGMP query and report messages, the switch 

forwards traffic only to the ports that request the multicast traffic. 

This prevents the switch from broadcasting the traffic to all ports and 

possibly affecting network performance. 

IGMP requires a router that learns about the presence of multicast 

groups on its subnets and keeps track of group membership. It is 

important to remember that multicasting is not connection oriented, 

so data is delivered to the requesting hosts on a best-effort level of 

service. 

Note IVL mode must be configured prior to configuring IGMP 

Snooping. See VLAN FDB for instructions on setting IVL 

mode. 

To configure IGMP snooping 

1 Click the VLAN menu, then VLAN IGMP Snooping. The 

IGMP Basic Settings screen is displayed. 

86



2 To enable IGMP Snooping, click Enabled. IGMP Snooping is 

disabled by default. 

Note IGMP Snooping must be disabled if SVL mode is invoked. 

3 In the IGMP Snooping Age-out Time box, type the amount of 

time acceptable (in seconds) between IGMP queries since the 

switch last received an IGMP query from the multicast server. 

The default value is 330 seconds. 

A query allows the server to determine which network hosts are 

(or want to be) part of the IP multicast group, and are 

configured and ready to receive traffic for the given application. 


In configuring IGMP Snooping 

• Identify which switch ports lead to routers and which switch 

ports lead to interested end-stations. 

• Create a separate broadcast domain for each multicast group 

and include only ports with interested end-stations. 

IGMP Snooping operates by recognizing multicast router ports and 

interested member ports and creating a separate broadcast domain for 

each multicast group. 

Configuring Control Ports 

Identifying the router ports is one of the prime features of IGMP 

Snooping. Once IGMP Snooping is enabled, auto discovery of ports 

is accomplished through the switch’s routing mechanism by sending 

ICMP router discovery messages or by snooping on the IGMP query 

messages sent by the multicast routers. However, in some cases, the 

multicast router ports may not be identified using auto discovery. 

Under such conditions, the network administrator needs to manually 

configure these router ports as control ports. 

A control port can be set to one of three modes 

• Normal 

Normal is the default mode. When the control port is set to 

“normal” mode, the switch automatically determines if a port 

has a control element (i.e., switch with IGMP Snooping or 

router). 

87



• Fixed 

When auto discovery does not identify a router port, then it 

needs to be configured in the “fixed” mode. IGMP Snooping 

forwards host membership reports only on the router ports 

• Forbid 

The “forbid” mode excludes the port as a multicast router port. 

To configure a control port 


IGMP Basic Settings screen is displayed. 

2 Select the VLAN identifier (VID) of the VLAN that you want 

to configure. 

3 Click Control Ports. The IGMP Snooping Control Port Settings 

for the VLAN that was selected is displayed. 

88



4 Click the Control Mode box to set the mode for the port. 


Configuring a data port 

There are two types of data ports 

• All group - A port belongs to all IP multicast groups. 

• IP group - A port belongs to a specific IP multicast group. 

Data ports can only be set to one of the following modes within a 

given VLAN: 

• Fixed 

permanently belongs to all or IP group. 

• Forbid 

disallow port to become a member of all or IP group. 

• Normal 

IMGP Snooping determines what group the port belongs to 

from the received IGMP reports. 

When an end station receives an IGMP Query message from the 

router, it responds with a Host Membership Report for each 

associated group. The switch marks ports as group member ports if it 

receives an IGMP Membership Group Report. For IGMP Snooping 

to work correctly, it is important that an IGMP Membership Report 

message be forwarded only to router ports. 

A separate address class known as Class D is used to identify 

multicast groups. The Class D address ranges from 224.0.0.0 through 

239.255.255.255, with addresses from 224.0.0.x and 224.0.1.x 

reserved for permanent assignment. Each of these addresses 

represents a group of IP end stations, also known as a “host group.” 

To include or exclude a data port from a particular IP multicast 

group 


IGMP Basic Settings screen is displayed 


to configure. 

3 Click Data Ports. The Configure IGMP Data Port screen is 

displayed. 

89



4 In the Select the IP Group box, select an IP multicast group 

from the list or type a new multicast group IP address in the 

Add IP Group box. 

5 If you typed an IP address of a multicast group, click Add IP 

Group. The Select Ports for IP Groups windows is displayed. 

90



6 Click the mode for each port. 

Note The multicast group is not created if all ports are set to 

‘Normal” mode. 


8 Click Close to return to the Configure Data Ports screen. 

91



Viewing IGMP Snooping Status 


IGMP Basic Settings screen is displayed 


to configure. 

3 Click Status. The IGMP Snooping Status for the selected 

VLAN is displayed. 

VLAN FDB 

The 802.1Q standard defines two types of VLAN learning. 

• A Shared VLAN Learning Bridge (SVL), uses a single 

forwarding database that is shared by all VLANs. 

• An Independent VLAN Learning Bridge (IVL) uses a separate 

forwarding database for each VLAN. 

Note IVL is required for per VLAN Spanning Tree and can be 

useful with IGMP snooping (when the same IP group is 

used on different VLANs). 

92



Configure SVL Forwarding Database (FDB) 

To configure SVL FDB 

1 Click VLAN in the menu, then VLAN FDB. The VLAN Forwarding 

Database screen is displayed. 

2 Click FDS Configure. The FDB Configure screen is displayed. 

3 Select the options that you want to change 

• Learning Mode: Select SVL from the drop-down box. 

• Aging: Aging is enabled by default. Click Disable to stop 

aging. 

• Age Time: Change the forwarding database aging time to the 

number of seconds. The range is from 10 to 32,767 seconds. 


93



To add a static entry to the Forwarding Database 

1 Click FDB Add/Delete Entry. The FDB Add/Delete Entry 


2 Type the static port number. 

3 Type the MAC address of the port. 


To delete a static entry 

1 Type the static port number. 

2 Type the MAC address of the port. 

3 Click the Delete check box. 


94



Configure IVL Forwarding Database 

Note IVL mode must be configured prior to configuring VLAN 

Spanning Tree. 

To configure IVL FDB 

1 Click the VLAN menu, then VLAN FDB. 

2 Click FDB Configure. 


• Learning Mode: Select IVL from the drop-down box. 

• Aging: Aging is enabled by default. Click disable to stop 

aging. 

• Age Time: Type an aging time in seconds. The time period is 

between 10 to 32,767 seconds. 

• Enter VLAN Identifier: A separate forwarding database is 

used for each VLAN. Type the VID in the VLAN identifier 

box and press Enter The VID is displayed in the VLAN 

identifier box. Or, select the VLAN identifier (VID) from the 

drop-down box of the VLAN. 

4 Click Submit 

95



To view FDB status 

1 Click the VLAN menu, then VLAN FDB. 

2 Click FDB Status. The VLAN forwarding Database for the 

selected FDB mode (IVL or SVL) is displayed. 

3 Click Refresh to renew the FDB table or Clear to empty the 

learned entries in the FDB table. 

96



VLAN Spanning Tree 

Spanning Tree per VLAN or PVSTP allows each VLAN to run a 

separate Spanning Tree with its own Bridge Protocol Data Units 

(BPDU’s). This allows different ports to be blocked or unblocked 

based on VLAN membership. Of the 2,048 VLANs, up to 100 

PVSTPs can be stored in NVRAM 

Note IVL mode must be configured prior to configuring Per 

VLAN Spanning Tree. See VLAN FDB for instructions on 

setting IVL mode. 

To configure Spanning Tree per VLAN 

1 Click the VLAN menu, then VLAN Spanning Tree. The Spanning 

Tree configuration screen is displayed. 

2 A separate forwarding database is used for each VLAN. Type 

the VID in the VLAN identifier box or select the VLAN identifier 

(VID) of the VLAN for which the FDB is to be created. 

3 Select Per VLAN in the Type box. 

4 Select On to enable Spanning Tree. 

5 Select the VLAN to configure for Spanning Tree from the dropdown 

box. 


97



7 Click Spanning Tree Configure. The Per VLAN Spanning 

Tree Configure screen is displayed. 

8 Select whether rapid reconfiguration is on or off. If set to On, 

rapid reconfiguration is triggered by one of two events, either a 

direct failure of the root port, or receiving an inferior BPDU 

from the local segment’s designated bridge on the root port link. 

Note Rapid reconfiguration should only be used in switches that 

are end nodes in the Spanning Tree because it may lead to 

unexpected traffic flows if it is used at the core of the network. 

9 Type the priority value for the VLAN. The range is from 0 to 

65,335. 


98



To configure the ports 

1 Click Port Configure. The Per VLAN Spanning Tree Port 

Configure screen is displayed. 

2 Set the port cost. Type in a number from 1 to 65535. This value 

is used by the Spanning Tree Protocol to determine alternate 

routes in the network to forward traffic. The higher the cost of a 

port, the lower the chance of this port being used to forward 

traffic. When possible, give a port a low cost if it is connected to 

a fast network segment. 

3 Set the port priority. Type in a number from 1 to 65535 to set the 

port’s priority in the spanning tree. The higher the value, the 

lower the chance of this port being used as the root port. If two 

ports have the same priority value, the spanning tree uses the 

port with the lowest number. For example, the spanning tree 

would choose port 1 over port 4 if they both had the same priority 

setting. 

4 Select On from the Quick Activation drop-down box. Quick 

Activation is useful when connecting the switch to a device that 

boots and connects to the switch faster than the 30-second forwarding 

delay that is the default for Spanning Tree. There is no 

need to transition through the listening and learning states for 

ports that connect to end stations. 


99



Routing Menu 

Use the Routing menu to configure Static Routes and the RIP and 

OSPF protocols. 

Click the Routing menu and the Routing Configuration Tutorial is 

displayed. This is a useful tutorial for learning how to configure RIP 

and OSPF through the Web Device Manager. 

Saving and Applying Changes 

After configuring any of the router configuration screens, you need to 

follow the instructions below to save the information to NVRAM. 

100



To save configuration changes 

1 Click Submit, the Configuration Status table changes to 

“Changes Pending.” The changes apply to the current session 

only. When you exit the Web Device Manager, all changes are 

lost.You can click Restore Previous to undo the previous 

action. 

2 Click Apply Change and the messages changes to “Save Pending.” 

The changes only apply to the current session only. When 

you exit the Web Device Manager, all changes are lost. Again, 

you can still click Restore Previous to restore the previous configuration. 

3 To save the changes to NVRAM, click Save Changes. Restore 

Previous does not apply. 

101



Routing Parameters 

To configure Routing 

1 Click the Routing menu, then click any Routing option. The 

Routing Protocols On/Off table is displayed. 

2 Click the RIP or OSPF check box to configure either protocol. 


4 On the General Routing Configuration screen, set the Router ID 

for OSPF and the Scan Interval for all of the interfaces. 

• If you plan to configure OSPF, type the Router ID in the Router 

ID box. The Router ID is a 32-bit number assigned to each 

router running the OSPF protocol. The number uniquely 

identifies the router within the autonomous system. 

• Type the Scan Interval. The scan interval sets the number of 

seconds indicating how often the system checks for interface 

changes. This is a global option that affects all interfaces. The 

range is from 15 to 3600, the default is 60. 

102



5 Click Submit, the Configuration Status table changes to 

“Changes Pending.” The changes apply to the current session 

only. When you exit the Web Device Manager, all changes are 

lost.You can click Restore Previous to undo the previous 

action. 

6 Click Apply Change and the messages changes to “Save Pending.” 

The changes only apply to the current session only. When 

you exit the Web Device Manager, all changes are lost. Again, 

you can still click Restore Previous to restore the previous configuration. 

7 To save the changes to NVRAM, click Save Changes. Restore 

Previous does not apply. 

Static Routes 

Static routes are used when IP routed packets are routed through 

remote hosts not directly connected to a physical network with its 

own routing table. If the keyword “default” is used for the destination 

address, a default route is created. The default route is used whenever 

there is no specific route to a destination. The network IP address 

associated with the default route is 0.0.0.0/0. 

103



To add a static route 

1 Click the Routing menu, then Static Routes. The Add Static 

Routes screen is displayed. 

2 Select the options that you want to change 

• Route: Fill in the Address/Length boxes with the destination 

IP address and length for this route. The length is the mask or 

prefix length of the netmask address. The length is between 

one (1) and 32. 

• Gateway: The next hop IP address for the static route. It 

should be on the same subnet as the specified interface. 

• Interface: The local interface which is used to send traffic to 

the static route. It should be attached to the same subnet as the 

gateway. You must use the actual IP address from a VLAN. 

The default is 0.0.0.0. 

• Pref: The preference of the static route. The default preference 

for default route is 20, and the default preference for other 

static routes is 60. The range is zero to 255. The default is 20. 

• Type: Select the statically configured route type. The choices 

are: 

- retain: route is retained in forwarding database table after 

GateD is disabled. 

- reject: packets destined to the route are rejected with ICMP 

sent to the source. 

- blackhole: packets destined to the route are rejected silently. 

- notinstalled: route is not installed in forwarding database 

table, but can be exported to other protocols. 

- normal: default setting. 

104



3 Click Add. 

Note The new route is displayed in the View and Modify Static 

Routes table. 

Default Route 

The default route is used whenever there is no specific route to a 

destination. The network IP address associated with the default route 

is 0.0.0.0/0. 

To add a default route 

1 Under Add Static Routes, type the IP address 0.0.0.0 in the 

Address box. 

2 Click zero (0) for the length. 

3 Click Add. The words “Default Route” are displayed in the 

Route: Address/Length column. 

RIP Configuration 

The switch supports both RIP version 1, RFC1058, and version 2, 

RFC2453. It always accepts RIP packets from both versions when 

RIP is enabled. To send version 2 packets, the specific RIP interfaces 

need to be configured. Only RIP version 1 packets are sent by default. 

To enable RIP 

1 Click the Routing menu, then click any Routing option. The 


2 Check the RIP check box. 


105



To configure RIP 

1 Click the Routing menu, then RIP Configuration. The RIP 

Interfaces screen is displayed. 

2 In the Protocol Preference box, type the preference. The range 

is from zero to 255. The default is 100. 

3 In the Metric box, type the Metric. The range is from zero to 16. 

Each RIP routing table entry contains a metric or cost for each 

destination, called a hop. RIP selects the route with the lowest 

hop count as the best route. However, the longest hop cannot 

exceed 15 hops. 


5 Click Apply Changes in the Configuration Status table. The 

changes apply to the current session only. 

6 In the Add RIP Interface box, select an IP address from the list. 

7 Click Add. 

106



8 To save the changes to NVRAM, click Save Changes in the 

Configuration Status tables. 

Configuring OSPF 

Open Shortest Path First (OSPF) is a topology-based link-state 

routing protocol. It provides greater capabilities than RIP. Link-state 

changes are promptly reported to reflect the topology database 

changes. OSPF is implemented according to RFC1583. 

To configure OSPF: 

• Set the Router ID 

• Enable OSPF 

• Add an OSPF Area 

• Configure the OSPF Area 

Set the Router ID 

Refer to Routing Parameters for instructions on setting the Router 

ID. 

To enable OSPF 

1 Click the Routing menu, then click any Routing option, the 


2 Check the OSPF check box. 

107



Adding an OSPF Area 

To add an OSPF Area 

1 Click the Routing menu, then Areas. The Configure OSPF 

Area screen is displayed. 

2 In the Add OSPF Area table, type the IP address of the area. 


4 Click Apply Changes in the Configuration Status table. The 

changes apply to the current session only. 

5 To save the changes to NVRAM, click Save Changes in the 

Configuration Status tables. 

108



To configure OSPF Area 

1 Select an area in the Configure OSPF Area table. 

2 Click the Interfaces link. Select an interface IP address from 

the list of valid interfaces in the Add Interface table. The table 

contains the list of configured VLANs. 

3 To add the interface to the Area, click the Add button. The new 

interface is displayed in the View Interfaces table. 

4 To save in NVRAM, click Save Changes. An OK message is 

displayed and the Configuration Status table changes to “Save 

Pending.” 

Setting OSPF Protocol Preferences 

The OSPF Protocol Preference is used to set OSPF protocol 

preference and allow the router to function as an OSPF Area Border 

Router (ABR). 

To configure OSPF preference 

1 Click the Routing menu, then Protocol Preference. The Global 

OSPF Configuration screen is displayed. 

109




• Protocol Preference. It sets the preference for OSPF when 

importing intra- and inter-area Autonomous System External 

(ASE) routes into the OSPF routing table. The default is 10. 

• Autonomous System Border Router: Areas exchange 

routing information with other areas within the autonomous 

system through area border routers. Click Yes to allow the 

router to be an OSPF autonomous system border router. This 

setting determines whether OSPF can process input routes 

from sources other than OSPF. 


Backbone 

OSPF requires that every area connect to the backbone and that every 

area, including the backbone area, be contiguous. 

Before configuring a Virtual Link, the backbone area must be added. 

To add the backbone 

Note OSPF must be enabled prior to configuring the backbone 

area. 

1 Click the Routing menu, then Backbone. 

2 Click Add Backbone The Select OSPF Backbone View configuration 


110



3 Click Authentication Type and the OSPF Backbone Authorization 


OSPF specifies authentication scheme per area. Each interface in the 

area must use the same authentication scheme although it may use a 

different authentication key. The current valid values are “None” for 

no authentication and “Simple” for simple password authentication. 

The default is none. 

Virtual Links 

A Virtual Link is used to logically connect an area to the Backbone, 

when it cannot physically connect to the Backbone. The two end 

points of a Virtual Link are Area Border Routers (ABR). The Virtual 

Link must be configured for each ABR. 

To configure a Virtual Link: 

• Add the Backbone. 

• Add the area for each Area Border Router. 

• Add the Router ID of the Area Border Router connected to each 

area. 

• Set the transit area used to link the Virtual Link to the Backbone. 

111



Add the backbone 

1 Click the Routing menu, then click Backbone. 

2 Click Add Backbone. The Select OSPF Backbone View configuration 


To add the area for the first Area Border Router 

3 Click the Routing menu, then Areas. The Configure OSPF Area 


4 In the Add OSPF Area table, type the IP address of the area. 


6 Click the Routing menu, then Virtual Links. The OSPF Virtual 

Link Configuration screen is displayed. 

112



7 In the Add VLINK box, type the Router ID of the ABR connected 

to the area. 

8 Click Add. 

9 Repeat steps 2 through 6 to configure the other Area Border 

Router. 

Add the transit area 

1 Click the Routing menu, then Virtual Links. The OSPF Virtual 

Link Configuration screen is displayed again 

2 In the Add Vlink box, type the Router ID to modify the configuration. 

3 Click Add. The Vlink is added to the table. 

4 Under the “Click link to modify Virtual Links” title is a table. 

Click Router ID. The Configure Vlink window opens. 

0.0.0.1 

5 Type in the transit area in the Transit Area box. This is the area 

that is used to link the Virtual Link to the Backbone. 

113




• authkey: Sets the authentication key for SIMPLE or NONE 

authentication. The key must be the same network wide. The 

key is: 

- one to eight decimal digits 

- one to eight hex digits preceded by 0x, or 

- one to eight characters between quotation marks (“”). 

• helloInterval: Specifies the interval, in number of seconds, for 

which the hello packets are sent through the interface. The 

range is from one to 120 seconds. The default is 10 seconds. 

• transitDelay: sets an estimated number of seconds it takes to 

transmit an Link State Advertisement (LSA) update over the 

interface. Transmission and propagation delays should be 

counted. The number is used in LSA age increment before the 

LSA is sent off from the interface. If the interface has a very 

low speed link, this needs to be carefully set. The range is from 

one to 120 seconds. The default is one second. 

• retransInterval: It sets the number of seconds between LSA 

retransmissions. It should be set well over round trip transit 

delay.The range is from one to 3,600 seconds. The default is 5 

seconds. 

• deadInterval: It specifies the number of seconds for which a 

neighbor is believed dead if it is still not heard (no hellos for a 

period of time). The typical value is four times the hello 

interval. The range is one (1) to 3,600 seconds. The default is 

40 seconds. 


For more information on virtual link configuration, refer to Chapter 5 

and Appendix B. 

Reset and Update Menu 

Use the Reset and Update menu to reset the system, save 

configuration information to NVRAM, and update the firmware. 

114



Reset 

To reset the switch 

1 Click the Reset and Update menu, then Reset System. 

2 Click Reset Now. 

The switch is immediately reset. Click your browser’s Reload or 

Refresh button to reconnect to the switch. 

NVRAM, Save 

Save NVRAM backs up the configuration information stored in the 

non-volatile RAM. 

115



To save system configuration information 

1 Click the Reset and Update menu, then NVRAM, Save. 

2 Click Download NVRAM File. The File Download window is 

displayed. 

3 Click OK. The Save As window is displayed. 

4 Type the file name in the File Name box. 

The Web Device Manager default NVRAM backup file is 

nvram.nvr. To uniquely identify the file on your local drive or 

server, overwrite the file name and identify the file using the IP 

address of the switch or other unique name. 

Note This is in contrast to the command line interface which 

requires that the NVRAM backup file is identified using the 

IP address of your switch in uppercase hex format. Refer to 

Chapter 5 for more information. 

5 Click Save. 

To restore the NVRAM file 

1 Click the Reset and Update menu, then NVRAM, Restore. 

2 Click Browse. The Choose File window is displayed. 

3 Locate the file to add it to the File Name box. 

4 Click Open. 

116



5 Click Link State Advertisement to load the NVRAM file. 

Updating with the Web Device 

Manager 

The Web interface is also available for upgrading the control 

processor, media boards and Web Device Manager. 

The files can be downloaded from the Intel Web site prior to 

upgrading. 

Note The file extension is not needed in the command syntax 

when typing the upgrade command. 

To upgrade the Web Device Manager 

1 Click the Reset and Update menu, then Upgrade Web Device 

Manager. 

2 If privileged mode is not set, type the default user name “priv” 

and password in the password dialog box. 

3 Click Browse and locate the webpage.bin file. 

4 Click Update. 

117



To upgrade the CP firmware 

1 Click the Reset and Update menu, then Upgrade CP Firmware. 

2 If privileged mode is not set, enter the default user name “priv” 


3 Click Browse and locate the cprel.bin file. 


To upgrade the Lookup Engine 

1 Click the Reset and Update menu, then Upgrade Lookup 

Engine. 

2 If privileged mode is not set, enter the default user name “priv” 


3 Click Browse and locate the lue.bin fil.e 


118



Help Menu 

Use the Help menu for links to Intel Customer Support Web pages 

and assistance in using the Web Device Manager features. 

To access help 

1 Click the Help menu, then Help Topics. The Help Topics menu 

is displayed. 

2 Click a topic and instructions on using the feature are described. 

3 For further assistance, the Help menu contains a link to the Intel 

Support Web pages. 

119

Using Local 

Management 

Topic 

See Page 

Connecting the Switch 122 

The RS-232 Port 123 

The RJ-45 Management Port 126 

Setting a Password 127 

Setting the IP Address 130 

BOOTP/RARP and DHCP Client 131 

BOOTP Relay Agent 133 

Command Console Interface 134 

Accessing the Command Console through Telnet 136 

Serial Line IP Connections (SLIP) 137 

Point-to-Point Protocol (PPP) 138 

Domain Name Service 140 

Diagnostics 142 

Upgrading the Firmware 143



Connecting the Switch 

The Control Processor (CP) offers several network interfaces through 

three physical interfaces: 

• In-band to the switched ports (i.e., onto the backplane) 

• A serial port 

• An RJ-45 Ethernet/Fast Ethernet management port. 

All network communication to the CP is done using TCP/IP. 

The serial network interface may be accessed using SLIP or PPP. See 

“Serial IP Connections (SLIP)” and the “Point-to-Point Protocol 

(PPP)” in this chapter for detailed information on configuring SLIP 

and PPP. 

All IP interfaces are configurable. Each port’s configuration is 

independent of any other interface. The IP configuration supports 

setting of the IP address, Classless Inter-Domain Routing (CIDR) 

subnet mask and broadcast address. SLIP and PPP interfaces also 

accept a destination address. 

Any port may be configured as up (active and allowing data to pass) 

or down (inactive with no data transmission or reception). All ports 

are enabled by default. To disable an individual port, the privileged 

mode disable port port_number command is used. 

Note Refer to “Setting a Password” later in this chapter for information 

on privileged mode. 

Port numbers 

The 6000 switch has five slots. The global port numbers refer to all 

of the media ports in the switch. The first slot with an installed 

module begins the numbering sequence. A switch with one 8-port 

Gigabit Ethernet modules and one 24-port 10/100Base-TX module, 

would have ports 1 to 32. 

Aggregated ports are the same number as the global or media port 

number by default.The aggregated port number is used with Link 

Aggregation and other Layer 2 and Layer 3 switching features. Refer 

to Chapter 5 for more information on aggregated ports and Link 

Aggregation. 

122


Using Local Management 

The table below outlines the port numbers for the switch with one 

Gigabit Ethernet module and one 10/100 modules. 

The Control Processor Module is always identified as port zero (0). 

Port 1 

Slot 1 

Slot 2 

Slot 3 

Slot 4 

Slot 5 

Primary CP 

Secondary CP 

Media Port Aggregated Port 

Slot 

Numbers Number 

Slot 1 (8-port Gigabit Ethernet) 1-8 1-8 

Slot 2 (Empty) 

Slot 3 (Empty) 

Slot 4 (24-port 100Base-TX) 9-24 9-24 

Slot 5 (CP) 0 

The RS-232 Port 

The switch comes with a serial connector on the CP module. This 

connector provides access to a command console interface or a serial 

IP network connection using the SLIP and PPP protocols. SLIP and 

PPP are used for out-of-band management, as a console interface 

through Telnet, or to upgrade switch system firmware. 

123



. 

IntelSwitch> 

Note 

A single-shielded null modem, six-foot DB9 female to DB9 

female cable, Part Number 654694-001, is included to connect 

the RS-232 port to a terminal. 

Connecting a Serial Console 

The serial port is a DB9 connector and is wired in the same manner 

as a personal computer COM port, i.e., Data Terminal Equipment 

(DTE). When connecting a serial device, use a null modem cable to 

connect the switch to a remote Data Communications Equipment 

(DCE) device such as a modem or data service unit (DSU), and use a 

straight-through cable to connect the switch to a DTE device such as 

a terminal or PC. 

124



The following table is the pinout for serial port and PC port 

connection. 

Switch Serial Port PC Port 

DB9 DTE DCE 

TXD 2 3 

RXD 3 2 

GND 5 5 

Default Data Transmission Settings 

The default data transmission settings are as follows: 

• 9600 baud 

• 8 bits 

• 1 stop bit 

• no parity 

You can change the baud rate with the privileged set baud command. 

The baud rate setting is stored in NVRAM so it is retained across a 

reset or power cycle. 

Note Refer to “Setting a Password” later in this chapter for information 

on privileged mode. 

A direct connection provides a command line. No other configuration 

is required. 

125



The RJ-45 Management Port 


An 8-pin 10/100Base-TX Ethernet connection is also available for 

management of the switch. The management port is not part of the 

switching fabric. 

The following table is the pinout for the RJ-45 connection. 

Pin 

Function 

1 RX+ 

2 RX- 

3 TX+ 

6 TX- 

The management port is identified as interface et0. 

126





IP. See Chapter 5 for information on VLAN interfaces. 

Note 

For out-of-band management, the privileged disable 

et0ipfwd command can be used to disable IP forwarding to 

and from the management port. This provides added security 

between the in-band ports and out-of-band management 

port.The privileged enable et0ipfwd command resumes IP 

forwarding. 

Setting a Password 

A password prompt is displayed after the switch has completed its 

power up diagnostics. 

ROM> ===== 6000 Switch ROM Resident DIAGNOSTICS/STARTUP ===== 

ROM> Waiting for Carrier Ready: OK 

ROM> Processor checks 

ROM> LED/ID/JUMPER checks 

ROM> + CP ID: A 

ROM> + JUMPERS: 000000D 

ROM> LED Display checks 

ROM> RS232 UART checks 

!"#$%&’()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTU- 

VWXYZ[\]^_‘abcdefghijklmnopqrstuvwxyz{|}~ 

ROM> Capella Register checks 

ROM> Size Memory = 01000000 

ROM> Bypassing DRAM checks 

ROM> Copy ’Boot-Image’ from ROM --> DRAM: OK 

ROM> Verify ’Boot-Image’: OK 

ROM> Watchdog/Timer checks 

ROM> PCI 82558 & IPC/PBM checks 

ROM> + i82558 CSR Map range: 0F800000 -> 0F801000 

ROM> + Detected 82558 MAC Address: 00:40:2f:00:90:00 

ROM> + IPC/PBM Map range: 00000000 -> 00100000 

ROM> Bypassing Packet Buffer checks 

ROM> DMA transfer checks 

ROM> Copy Load-Image from ROM --> DRAM Hi-memory: OK 

ROM> Verify Load-Image: OK 

ROM> Waiting for Carrier Lock: OK 

ROM> Validate RELEASE image: OK 

ROM> Copy ’Release-Image’ from NAND --> DRAM: OK 

ROM> Verify ’Release-Image’: OK 

ROM> Released Carrier Lock 

ROM> Jump to Release-Image ’C’ BOOT-CODE in DRAM 

Initializing Powerup Diagnostics... 

Powerup BIST Diagnostics are running:.......................... 

Powerup BIST Diagnostics Passed 

6000 Switch Console 

BOOTED: Mon 4/7/2000 13:00 

PASSWORD: 

127



The 6000 switch has two password modes: 

• basic 

• privileged 

The basic password is used to login into the switch after initial boot 

up. You have limited access to the command line. You can view and 

display system information with the show or di commands. 

The privileged password allows you to configure or set features on 

the switch. 

To add or change the switch’s basic password 

The switch is shipped with a “null” password (i.e., no password). 

Press Enter to get the command console prompt. 


1 Type set passwdbasic, then press Enter. 

2 Type the current password or press Enter. 

6000 Switch>#>set passwd 

ENTER OLD PASSWORD: 

PASSWORD CHANGED 

3 Type the characters for the password. 

Note A password is limited to 10 alpha or numeric characters. 

4 Verify the password by retyping it again. 

ENTER NEW PASSWORD: 

RETYPE NEW PASSWORD: 

If the system accepts the new password, the console displays the 

message: 


The switch stores the new password in its NVRAM. The new 

password is required the next time the command console is used. 

After the password is correctly entered, the basic switch commands 

are available. Type help at the command line prompt to see a list of 

the available commands. 

128



Accessing the privileged command set 

Use the set priv command to access the administrator or privileged 

command set. 

This command mode is password protected. However, as with the 

basic access password, the switch arrives from the factory with a 

“null” password defined for this mode. The first time set priv is 

executed, press the Enter key when prompted for a password. 

When privileged command mode is active, a hash mark (#) is added 

to the command-line prompt. 

6000 Switch>set priv 

6000 Switch>#> 

To set or change a password for privileged mode access 

1 Type set passwdpriv, then press Enter at the prompt. 

2 Enter the current password or press Enter. 

6000 Switch>#>set passwdpriv 



3 Type the new password, then press Enter. 

4 Retype the new password. 



The new password is stored in NVRAM. The next time privileged 

command mode is accessed, the password prompt appears. 

Type help to display the available privileged commands. To end 

privileged mode, use the logout command. The screen returns to the 

basic prompt. 

6000 Switch>#>logout 


129



Setting the IP Address 

After establishing a serial or management port connection: 

1 Provide the switch with a valid IP address, subnet mask, and 

broadcast address. 

If a Telnet connection is needed, use the enable telnetd command. 

See “Accessing the Command Console through Telnet” in this 

chapter for more information on the Telnet feature. 

Type the privileged ifconfig interface ip_address command, where 

interface is et0 for the management port and ip_address is the IP 

address of the switch. 

6000 Switch>#>ifconfig et0 192.221.222.4 

Remember that the IP address above is only an example. 



IP. See Chapter 5 for information on VLAN interfaces. 

Note If you do not plan to use the switch for routing, you can set 

a default gateway with the route add default gateway command, 

where gateway is the address of the gateway. 

2 Set a network mask and IP address 

The switch’s interface configuration command sets the default 

network mask and broadcast address and installs the correct routing 

information based on the class of the IP address. The network mask 

may be set in separate ifconfig commands as in these sample 

command lines: 

6000 Switch>#>ifconfig et0 192.168.200.4 

6000 Switch>#>ifconfig et0 netmask 255.255.255.0 

Or both values can be set in one command line as in the following 

sample line: 

6000 Switch>#>ifconfig et0 192.168.200.4 netmask 

255.255.255.0 

See the command summary in Appendix A for a detailed description 

of the ifconfig command and all of its IP addressing options. 

130



The IP address assigned to the switch’s interface is stored in 

NVRAM. When the switch firmware starts, it automatically 

configures the interface with this stored IP address. 

The ifconfig command inserts the appropriate routing information 

based upon the IP address specified. If a special network address 

mask is required, a separate ifconfig command should be issued last 

to set the mask. 

Note 

If the netmask changes, use the ifconfig sl0 netmask command 

after setting the IP address. 

BOOTP/RARP and DHCP 

Client 

BOOTP and RARP are software protocols commonly used to 

determine a machine’s own IP address when only the hardware 

address is known. When the switch powers up, it sends out 

simultaneous RARP and BOOTP requests. These requests are 

broadcast to all systems on the connected network or VLAN. BOOTP 

(or RARP) servers look for these requests, look up the requestor’s IP 

address based on the hardware address in the request packet, and send 

a response. If an IP address has already been set for the switch, neither 

BOOTP nor RARP requests are sent. 

If the switch receives a response to either its BOOTP or RARP 

request, it uses the information in the response to configure its IP 

address. If no response is received, it re-broadcasts the requests 10 

times, then terminates. At this point, the switch should be configured 

from the command-line console. 

BOOTP or RARP operation is configured for each individual 

network interface. When enabled, this sends BOOTP and RARP 

requests on that interface each time the system starts. The address 

assigned in the response message is not stored in NVRAM. 

If the switch receives both a BOOTP and a RARP response 

simultaneously, it uses the BOOTP response to configure its address. 

The switch recognizes a BOOTP or RARP response from any 

standard BOOTP or RARP server. To configure the BOOTP or 

RARP server, the interfaces’ MAC address needs to be known. Type 

ifconfig -a to display the interface’s MAC address. 

131



Configuring Network Interfaces 

When the privileged bootp interface command is issued, the current 

IP address for the interface is removed, and BOOTP/RARP requests 

are sent. If a BOOTP/RARP reply is received, then the interface is 

configured. If after 10 times no responses to the BOOTP/RARP 

requests are received, then the interface is marked as down. 

6000 Switch>#>bootp sw1 

Starting BOOTP and RARP on sw1 

If the bootp interface repeat command is used, the BOOTP/RARP 

requests are sent 10 times at the normal rate before backing off to a 

slower re-transmit interval. Repeated BOOTP never gives up. 

On future reboots, the BOOTP/RARP requests are re-issued even if 

the previous BOOTP/RARP requests were replied to, i.e., once a 

bootp command has been issued to an interface, it continues to 

BOOTP on future reboots. 

Issuing bootp interface identifies the interface as using BOOTP/ 

RARP for all future power ups. When a BOOTP/RARP response is 

received, the next time the system reboots, the interface once again 

issues a BOOTP/RARP request. 

Note Only the interfaces that have been enabled for BOOTP 

respond to BOOTP requests. The sw1 and et0 interfaces 

have BOOTP enabled by default. The IP address of the 

interface is not stored in NVRAM unless the response 

comes from Intel® Device View. Then the IP address is 

stored in NVRAM. 

DHCP Client 

DHCP is based on BOOTP and maintains some backward 

compatibility. BOOTP was designed for manual pre-configuration of 

the host information in a server database, while DHCP allows for 

dynamic allocation of network addresses and configurations to newly 

attached hosts. 

Additionally, DHCP allows for recovery and reallocation of network 

addresses through a leasing mechanism. 

In addition to the IP address, the 6000 switch’s DHCP client also 

requests the subnet mask and the default gateway for the client’s 

subnet. 

132



To configure DHCP, type bootp interface dhcp. 

To display how an interface is configured, type ifconfig -a. 

The ifconfig command can be used to configure an interface even 

though one of the dynamic configuration protocols is being run on the 

interface. This is useful if a BOOTP or DHCP server cannot be found 

and you know of a static IP address that can be used temporarily. 

To display the current state of the BOOTP/DHCP client process, type 

bootp show. 

BOOTP Relay Agent 

In many cases, BOOTP clients and their associated BOOTP server(s) 

do not reside on the same IP network or subnet. The switch acts as a 

BOOTP Relay Agent and transfers BOOTP and DHCP messages 

between clients and servers. 

The 6000 switch complies with RFC 1542 and provides BOOTP 

Relay Agent support. The BOOTP Relay Agent configuration is 

stored in NVRAM. All relay agent commands are available only in 

privileged mode. 

To configure the BOOTP Relay agent 

1 Type relay enable. 

2 To define a relay destination server IP address, type relay 

server add ip_address. Up to eight servers can be defined. 

6000 Switch>#>relay server add 172.21.2.143 

3 To specify the maximum number of hops or routers between the 

switch and the destination server, type relay maxHops count. 

6000 Switch>#>relay maxHops 6 

This sets a discard threshold. If a packet has traversed more hops than 

the value of the hops parameter, the router drops the packets. The 

range is between one and sixteen. The default is four. 

To delete a destination server, type relay server del ip_address. 

To delete all of the destination servers, type relay server del all. 

Use show sys to display whether the agent is enabled or disabled. 

133



To display the BOOTP Relay Agent configuration, type relay show. 

6000 Switch>#>relay show 

BOOTP/DHCP Relay : Enabled 

Discard Threshold: 10 Hops 

Server List : 172.21.3.143 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

Command Console Interface 

The switch executes a multi-tasking operating system on its control 

processor that manages all system activities. This system allows the 

administrator to query and configure the switch from either an 

attached terminal, a remote modem, or through any of its attached 

network interfaces. 

This section provides information on how to access the console 

commands and to set or enable the advanced configuration features in 

the switch. 

Access to the console interface is also necessary to: 

• Test the configuration and perform diagnostics. 

• Upgrade system and Web Device Manager software. 

Note 

The switch uses non-volatile memory (NVRAM) space to 

store configuration information. Each time the system starts, 

the switch reads the contents of its NVRAM and uses these 

values to set the system configuration. Most of the configuration 

options described in this section store their parameters 

in the NVRAM. 

134



Console Commands 

The console command set consists of two types of commands: 

general usage commands and restricted-access or privileged 

commands. 

General usage commands allow anyone with access to the console to 

display information about the switch. Access to privileged commands 

is restricted because these functions can alter the basic operation and 

configuration of the switch. Privileged command functions include 

operations such as loading a new firmware image, running 

diagnostics, or resetting factory default values. Normally, only 

network administrators need to use these commands. 

Execute the following system commands from the management 

station to verify the configuration. See Appendix A for more 

information about these console commands. 

Command 

ifconfig -a 

netstat 

ping 

set community 

set snmpmgr 

show counters 

show fdb 

show sys 

enable syslog 

Checks the following: 

Information about the network interfaces, 

including interface state, IP, network, and 

broadcast addresses, and counter values. 

Network statistics, i.e., active TCP connections. 

Connectivity through the switch. ping sends test 

IP frames to a specified node. 

Privileged commands that sets the type of 

messages identified with the SNMP agent. 

Privileged command that sets the SNMP agent 

to communicate with any SNMP management 

station. 

Counter values for specified ports 

Current contents of the forwarding database. 

System configuration parameters. 

An optional privileged command that records 

configuration changes, logins, and error 

messages to a log stored on a remote host. 

135



The syntax for the console commands can be abbreviated. The 

firmware recognizes a command when enough characters are typed 

to uniquely identify the command. The abbreviations only apply to 

the commands and not any of the options or parameters. Options still 

need to be spelled out completely. The upgrade commands are not 

abbreviated. 

In the example below, the loaddefaults command can be typed as 

loaddef to reset the switch to its factory defaults. 

6000 Switch>#>loaddef 

Any of the show commands may be typed with di instead of the word 

show. The word show can be abbreviated by typing sh before any of 

the options. 

6000 Switch>#>sh sys 

6000 Switch>#>di sys 

Accessing the Command 

Console through Telnet 

The command console can be accessed over the network through a 

Telnet connection. 

1 Telnet is enabled by default. If the command was manually disabled, 

used the privileged enable telnetd to activate the command. 

2 Connect to the switch using any Telnet application software 

installed on a network workstation or PC. 

3 Include the IP address of the 6000 switch. 

c:\windows\telnet.exe 192.22.2.12 

The switch’s firmware supports multiple simultaneous Telnet 

connections. The number of sessions is limited by the system 

resources. When no more sessions are available, the client application 

receives the message: 

connection refused. 

136



Disabling Telnet 

Disabling Telnet prevents the establishment of any Telnet 

connections. If Telnet is disabled, the only access to the command 

console is through the serial port. Use the disable telnetd command 

to disable Telnet. 

Setting Time-out Interval 

The default time-out on a Telnet session is 15 minutes. To limit or 

extend the time, a privileged user may change the default time-out 

interval. 

To set the default time-out interval, type set timeout default value. 

The range is from two to thirty minutes. 

6000 Switch>#>set timeout default 30 

Since multiple sessions are supported, individual sessions may be set 

at different timeout intervals. 

To change the interval, type set timeout current value. The range is 

from two to 30 minutes. 

6000 Switch>#>set timeout current 15 

To view the time-out intervals, type show timeout current. 

6000 Switch>#>show timeout current 

Login current timeout interval is 15 minutes. 

Serial Line IP Connections 

(SLIP) 

Using the serial port with SLIP provides an additional network 

interface that a network manager may use to communicate with the 

switch. In some cases, this additional network connection may be a 

vital component of the overall network design. The serial connection 

may be used as an out-of-band connection (in case the connection to 

the switch over the network is lost) or as a means to contact remote 

sites through a modem. 

137



With a working serial link, configuring a SLIP connection takes two 

steps: 

1 Giving the serial interface an IP address. 

2 Activating the SLIP software to convert the serial port from a 

console connection to a SLIP connection. 

Starting SLIP 

To start a SLIP connection 

1 Type ifconfig sl0 ip_address, then press Enter. 

The ifconfig command assigns the serial interface’s IP address. The 

command format uses sl0 for the name of the serial interface. 

Because SLIP is a point-to-point connections, a destination address 

must be specified. 

The following is a sample command line 

6000 Switch>#>ifconfig sl0 192.3.2.1 192.3.2.22 

2 Type the privileged command enable slip, then press Enter 

after the serial interface is configured. 

This command converts the serial or management port from a 

command console interface into a SLIP interface. The serial port 

waits for a SLIP connection to be attached after the command is 

issued. The system completes all SLIP processing automatically. 

Note The SLIP connection does not perform IP forwarding. It 

only connects the switch to the peer. During this connection, 

the peer cannot communicate with any other devices that 

are on the switched port. 

3 Type the disable slip command to return the serial port to a 

command console connection. 

Point-to-Point Protocol (PPP) 

The Point-to-Point Protocol (PPP) is supported as an additional 

network interface for the network manager to use to communicate 

with the switch. 

138



With a working serial link, configuring a PPP connection takes two 

steps 

1 Giving the serial interface an IP address. 

2 Activating the PPP software to convert the serial port from a 

console connection to a PPP connection. 

Starting PPP 

1 Type the privileged ifconfig ppp0 ip_address, then press Enter 

to set the IP address of the PPP link. The interface is designated 

as ppp0. 

Because PPP is a point-to-point connections, a destination address 

must be specified. 

6000 Switch>ifconfig ppp0 192.3.2.1 192.3.2.22 

2 Type the privileged enable ppp command, then press Enter 

after the serial interface is configured. 

6000 Switch>enable ppp 

Did you ifconfig ppp0 yet? y 

This command converts the serial port from a command console 

interface into a PPP interface. 

3 A message appears that ask you to confirm that you have used 

ifconfig to set the IP address of the ppp0 interface. Press y then 

press Enter to confirm you have completed Step 1. 

Note The PPP interface does not perform IP forwarding. It only 

connects the switch to the peer. During this connection, the 

peer cannot communicate with any other devices that are on 

the switched ports. 

The Password Authentication Protocol (PAP) is used before the PPP 

link is opened. At the command line, the switch requests that the 

connection is authenticated with a username of manager and a 

password which is the same as the non-privileged password. 

4 Type disable ppp to return the serial port to a command console 

connection. 

139



Logging PPP Connections 

The set ppp log and set ppp nolog commands control the logging of 

PPP events. Enable the syslog function must first before the PPP log 

records Link Control Protocol (LCP), authentication, and Internet 

Protocol Control Protocol (IPCP) packets that are sent or received. 

If PPP logging is not enabled, then only connection information is 

sent to the syslog. 

Displaying the PPP Status 

Use the show ppp command to query the status of a PPP connection. 

The output of this command depends on the current state of the PPP 

connection, as shown in the table below. 

Current PPP State 

PPP status for the last 

connection. 

Connection is being 

authenticated. 

PPP link has been established. 

PPP link is terminating. 

Output to Console 

PPP is waiting for LCP to open. 

The message “PPP is 

authenticating the host.” 

PPP status for the current 

connection. 

The message “PPP is 

terminating.” 

If a PPP connection is not currently open, the show ppp command 

displays the status of the last connection attempt. If the previous PPP 

connection failed, then the reason why it failed is displayed. 

Domain Name Service 

The switch supports contacting a server running the Domain Name 

Service (DNS) to substitute host names instead of network IP 

addresses as arguments for most commands. 

140



The following commands accept host names (in addition to IP 

addresses) as arguments: arp, loadnv, netstat, ping, route, savenv, 

sn 

Before running the enable dns command you need: 

1 To set the IP address of the primary DNS server. Type the privileged 

set dns primary ip_address command. 

6000 Switch>#>set dns primary 192.2.2.150 

2 Type the privileged set backup dns ip_address command to set 

the backup DNS server. 

3 Type set dns domain domain_name to set the DNS default 

domain. 

6000 Switch>#>set dns domain xyz.com 

Note The switch supports a default domain name of up to 64 

characters. 

4 Type enable dns to activate the use of the DNS. 

6000 Switch>#>enable dns 

Note The enable dns command fails if the primary DNS server 

has not been set. 

5 Type the set dns primary command without the IP address of 

the server to clear the DNS primary server. 

Note Clearing the DNS primary server automatically disables 

DNS. 

6 Type show dns to display the current DNS settings. 

Refer to Appendix A for additional DNS commands. 

141



Diagnostics 

During power up, the switch runs the ROM Resident Startup 

Diagnostics Report. 

ROM> ===== 6000 Switch ROM Resident DIAGNOSTICS/STARTUP ===== 

ROM> Waiting for Carrier Ready: OK 

ROM> Processor checks 

ROM> LED/ID/JUMPER checks 

ROM> + CP ID: A 

ROM> + JUMPERS: 000000D 

ROM> LED Display checks 

ROM> RS232 UART checks 

!"#$%&’()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTU- 

VWXYZ[\]^_‘abcdefghijklmnopqrstuvwxyz{|}~ 

ROM> Capella Register checks 

ROM> Size Memory = 01000000 

ROM> Bypassing DRAM checks 

ROM> Copy ’Boot-Image’ from ROM --> DRAM: OK 

ROM> Verify ’Boot-Image’: OK 

ROM> Watchdog/Timer checks 

ROM> PCI 82558 & IPC/PBM checks 

ROM> + i82558 CSR Map range: 0F800000 -> 0F801000 

ROM> + Detected 82558 MAC Address: 00:40:2f:00:90:00 

ROM> + IPC/PBM Map range: 00000000 -> 00100000 

ROM> Bypassing Packet Buffer checks 

ROM> DMA transfer checks 

ROM> Copy Load-Image from ROM --> DRAM Hi-memory: OK 

ROM> Verify Load-Image: OK 

ROM> Waiting for Carrier Lock: OK 

ROM> Validate RELEASE image: OK 

ROM> Copy ’Release-Image’ from NAND --> DRAM: OK 

ROM> Verify ’Release-Image’: OK 

ROM> Released Carrier Lock 

ROM> Jump to Release-Image ’C’ BOOT-CODE in DRAM 

Initializing Powerup Diagnostics... 

Powerup BIST Diagnostics are running:.......................... 

Powerup BIST Diagnostics Passed 

6000 Switch Console 

BOOTED: Mon 6/7/99 13:00 

PASSWORD: 

Note 

The switch displays an error message if it detects any errors, 

or failed components during the power up routine. 

Boot Image Mode 

The switch uses the boot image when the system image check has 

failed or become corrupted. The following message is displayed 

during Power Up Diagnostics: 

Jump to Boot-Image ’C’ BOOT-CODE in DRAM 

During normal boot up the command line reads: 

Jump to Release-Image ’C’ BOOT-CODE in DRAM 

142



If the switch is in boot image mode: 

• The CP status light remains solid green. 

• The prompt changes to: 

Bootcons> 

Note 

Reload the firmware available on the Intel Web site. If the 

switch continues to reboot, use Control X (^X) to end the 

reboot cycle. 

Upgrading the Firmware 

The upgrade capability is possible through the use of flash 

programmable memory. The system image contains the full set of 

switch functionality. When the switch starts up, it verifies the 

contents of the system image. Upon verification, the switch loads the 

system firmware, and begins executing this image. The system image 

may be upgraded to add new features. 

Warning Always upgrade the firmware through the RJ-45 management 

port, et0. Do not use a media board port for 

upgrades. 

To upgrade the CP system image 

1 At the prompt, type set priv, then press Enter to enter privileged 

mode. 

2 Type upgrade file_name ip_address_of_TFTP_ server 

This command requests the image file from the TFTP server at the IP 

address specified by ip_address_of_TFTP_server. A host name may 

be substituted for an IP address, if DNS is enabled. 

6000 Switch>#>upgrade /usr/6000switch/cprel 

192.2.2.10 

The upgrade file name is always cprel. 

For Unix-based TFTP servers, the file names are case-sensitive. 

Windows* 95 and Windows NT* servers are not case sensitive. 

143



Upon execution of the upgrade command, the system contacts the 

TFTP server and downloads the image files. After retrieving the files, 

the system erases flash memory and then reprograms it with the new 

image. This entire process should take less than one minute. 

Note By default, the upgrade command requests multiple files 

named with the cprel prefix from the TFTP server’s root 

directory. TFTP is a file transfer protocol often used to provide 

files to stand-alone devices. The TFTP server can be 

run on any number of nodes on a network. The upgrade 

command uses TFTP to download the specified files. To 

configure the TFTP server’s operation, refer to your TFTP 

server software documentation. See Appendix A for more 

information about the upgrade commands. 

When upgrading the system image, always include an upgrade to the 

switch’s lookup engine. 

3 To upgrade the lookup engine, type upgradelue file_name 

ip_address_of_TFTP_ server, then press Enter. 

The upgradelue file name is always lue. 

The following is a sample command line 

6000 Switch>#> upgradelue lue 192.2.2.10 

Warning Do not interrupt the upgrade command while it is executing. 

4 Type diag reset to reset the switch after the new image is programmed 

into the flash memory. 

The following upgrade commands should only be used when directed 

by authorized support personnel. 

Use the upgradeboot command to upgrade a new boot image. 

Warning If the boot image upgrade is not successful, do not reset 

the switch. Run the upgradeboot command again. 

Use the upgradee24 command to upgrade the 10/100Base-TX 

module. 

Use the upgradegs command to upgrade the Gigabit Ethernet 

module. 

144

Managing the 

Switch 

Topic 

See Page 

Layer 2 Switching 146 

Link Aggregation 146 

Virtual LANs (VLANs) 156 

Spanning Tree Protocol 166 

IGMP Snooping 172 

Port Mirroring 176 

Layer 2 Frame Prioritization 177 

SNMP Agent 178 

RMON 182 

NVRAM Backup 182 

SYSLOG 184 

Broadcast and Multicast Storm Control 185 

Layer 3 Switching & Routing 187 

IP Access Control 187 

Routing Management 192 

GateD 194


Managing the Switch 


Layer 2 switching forwards frames based upon the destination MAC 

address of the packet. The 6000 switch supports wire-speed Layer 2 

switching for all network protocols. The Layer 2 switching operates 

in the context of a single switched network segment. 

The 6000 switch performs the following Layer 2 functions 

• Learning 

The ability to learn the location of MAC addresses based on the 

source address (SA) in data packets received on the switch’s port. 

• Switching 

The ability to switch a data packet to the correct output port based on 

the destination address (DA) in the packet. 

• Aging 

Removes addresses from the FDB after a specified period of time. 

The switch is a “store-and-forward” switch which means that the 

entire frame is stored in the switch’s memory before the frame is 

forwarded to the output port of the switch. This characteristic 

increases the latency of the switch but facilitates error checking and 

protocol translation. 


The 6000 switch supports the IEEE 802.3ad draft Link Aggregation 

specification. Link Aggregation allows two or more physical ports on 

the switch to be grouped together to provide a single, aggregated port 

that has the combined bandwidth of the individual ports. Link 

Aggregation is useful when making connections between switches, 

stacks or to connect servers to the switch. 

The following restrictions apply when setting up aggregate ports: 

• Aggregator ports must be of the same media type, speed and 

belong to the same VLAN with the same tag status (tagged or 

untagged). Refer to the VLAN section later in this chapter for 

more information about VLAN frame tagging. 

• The ports must be configured for full-duplex mode 

146



• A maximum of 16 ports can be included in a single aggregation. 

• Aggregation is not possible with the serial port or management 

port. 

Note 

Enable the Spanning Tree Protocol prior to configuring link 

aggregation to prevent loops in the network. See the Spanning 

Tree protocol section later in this chapter. 

Port numbering 

Link aggregation combines two or more media ports into an 

aggregation link. When the ports are grouped together, the 

aggregation link is identified by an aggregator port number. Each 

media port on the switch is assigned an aggregated port number, 

which by default is the same number as the media port number. 

It is recommended that you use the aggregator port number of the 

lowest media port as the aggregation link group number. 

Aggregated link 

to server or switch 

Normal, 

nonaggregated 

links 

147



Slo1 Slot 2 Slot 4 

Media 

Port 

Number 

Aggregator 

Port 

Number 

Media 

Port 

Number 

Aggregator 

Port 

Number 

Media 

Port 

Number 

Aggregator 

Port 

Number 

1 1 9 9 17-40 17-40 

2 1 10 10 

3 1 11 11 

4 4 12 12 

5 5 13 13 

6 6 14 14 

7 7 15 15 

8 8 16 16 

Configuring Link Aggregation 

To quickly configure link aggregation: 

• Select the media ports on the 6000 switch that are to be 

aggregated together into an aggregated link. 

• Assigned an aggregated port number. 

In the example below, the media ports are 13, 14, 15 and 16. Port 13 

is the lowest numbered port. 

Each media port that is to be aggregated must be added individually. 

Port 15 

Port 14 

Port 13 

Port 16 

Aggregation Link 13 

148



To configure media ports 13, 14, 15 and 16 to aggregator port 13, type, 

set link media_ port port aggregator_port t 

6000 Switch>#>set link 13 port 13 




When the link aggregation link was formed, aggregator port 13 

includes media ports 13, 14, 15, and 16 attached to it. Aggregator 

ports 14, 15 and 16 still exist, but are in the “down” state. 

Note In the above example, port 13 is already set to aggregator 

port 13 by default. It is not required to set a media port to an 

aggregator port number that is already the default. 

The show port group port_number command displays the 

aggregator link and the ports included in that link. 

6000 Switch>#>show port group 13 

port 13, key 000D 

Other ports with same key { NONE } 

Configured media ports { 13 14 15 16 } 

Active media ports: { 13 14 15 16 } 

Note The “active media ports” displayed are only ports with 

physical cables attached. Unconnected ports are not displayed. 

A single MAC address is assigned to the aggregated link for 

management functions Type show port aggregator_port to display 

the MAC address. 

Deleting ports from an aggregation link 

To delete a port from an aggregator link, 

For example to remove port 16 from aggregator link 13, type set link 

port port_number agg_default. 

6000 Switch>#>set link 16 agg_default 

The port is no longer a member of the aggregator link and the 

aggregator port reverts back to its default aggregator port number, 

which is 16. 

149



To reset all of the links, type set link port all agg_default. The ports 

return to their default aggregator number. 

Aggregation between switches 

The easiest way to configure link aggregation between switches 

requires that the aggregator ports, on either switch, be set to “active” 

mode. The ports on the 6000 switch are set to passive mode by 

default. Passive mode means that the port does not initiate a control 

frame. It responds to control frames, but it does not send out any. 

Active mode, automatically sends control frames. 

To set a port to active mode, type set link media_ port port 

aggregator_port active. 

6000 Switch>#>set link 3 port 3 active 



If the aggregation link is already configured, to change the aggregator 

ports from the default passive mode to active mode, type set port 

aggregator_port active. 

6000 Switch>#>set port 3 active 

Note 

The aggregator ports on the other switch do not have to be 

set to “active.” As long as one end of a link is set to 

“active,” the other side responds. 

150



Example A creates an aggregation link 3 on Switch A linking media 

ports 3, 4, and 5. The ports on Switch A should be set to active mode. 

Example A 

Switch A 

3,3 4,3 5,3 

Switch B 

5,3 

4,3 

3,3 



Media Port Aggregator Media Port Aggregator 

3 3 3 3 

4 3 4 3 

5 3 5 3 

151



In Example B, the media port and aggregator port numbers are not the 

same on both ends of a link. 

Example B 


1,1 2,1 3,1 


4,4 

5,4 

6,4 




1 1 4 4 

2 1 5 4 

3 1 6 4 

152



In Example C, all ports on Switch A are in aggregator group 1, while 

each port on Switch B are in their own unique group. Therefore, no 

aggregation occurs between the aggregation links. 

Example C 


1, 1 

2,1 

3,1 


NO AGGREGATION 

1,1 

2,2 

3,3 




1 1 1 1 

2 1 2 2 

3 1 3 3 

153



In Example D, all ports on Switch A are in aggregation link 1. A link 

can be made between Switch A, aggregation link 1 and Switch B, 

aggregation link 4. However, Port 6 cannot be linked since the 

aggregation link number does not match. 

Example D 


1,1 2,1 3,1 


4,4 

5,4 

6,6 




1 1 4 4 

2 1 5 4 

3 1 6 6 

154



For more information on Link Aggregation, refer to Appendix A. 

Aggregated Port Numbers 

With the implementation of link aggregation, many features of the 

6000 switch now use the aggregator port number instead of the media 

port number. This includes: 

• VLANs 

• Spanning Tree 

• Port Mirroring 

• IGMP Snooping 

• Broadcast and Multicast Storm Control 

• Forwarding Database 

The media ports on the switch are numbered from their position on 

the switch. Port 1 is the first port in the first module on the switch. In 

the example below, a 6000 switch has three 8-port Gigabit Ethernet 

modules and one 24-port 10/100Base-TX module. The switch would 

have forty-eight physical ports. If the switch has four 10/100Base-TX 

modules, the number of physical ports would be 96. 

By default, the aggregator port number is the same as the media port 

number. When viewing configuration information for the features 

listed above, it is important to remember that you are viewing the 

aggregator port numbers and not media port numbers even if link 

aggregation is not configured. 

Slot 

Module 

Example of Default Port Settings 

Media 

Ports 

Numbers 

Slot 1 8-port 1000Base-SX 1-8 1-8 


Slot 3 24-port 10/100Base-TX 17-40 17-40 


Aggregator 

Port 

Numbers 

155



Virtual LANs (VLANs) 

Virtual LANs or VLANs can be roughly equated to a broadcast 

domain. More specifically, VLANs can be seen as analogous to a 

group of end stations, perhaps on multiple physical LAN segments, 

that are not constrained by their physical location and can 

communicate as if they were on a common LAN. 

The switch conforms to the IEEE 802.1Q specification for a VLANaware 

bridge in a virtual bridged local area network. The 6000 switch 

uses port-based VLANs, whereby VLAN membership of each 

untagged frame is determined by noting the port on which it arrives. 

The slot identification is not needed when configuring VLANs. 

The switch supports 2,048 VLANs regardless of the number of ports 

available on the system. However, any of the 4,094 VLAN IDs may 

be assigned to the 2,048 VLANs. 

Note 

802.1Q VLANs and IGMP Snooping both share resources 

which might be limited with Link Aggregation. Link Aggregation 

consumes more resources and depending on your 

network configuration, might restrict the number of VLANs 

that can be created. instructions on configuring IGMP 

Snooping are included in this chapter. 

Creating a VLAN 

To create a VLAN 

1 At the prompt, type set priv to enter privileged mode. 

2 Associate a port on the switch to one or more VLAN identifiers 

(VID). VLANs are assigned a number from 1 to 4,094. This 

number becomes the VID. Type vlan VID create. The ports do 

not have to exist in order to create a VID. 

6000 Switch>#>vlan 2 create 

156



Port 1 

(VID 1) 

Ports 8 & 16 

(VID 4) 




Ports 9-12 

VID 2 

VLAN 1 

SALES 

192.22.22.1 

SW1 




Port 7 (VID 3) 



VLAN 4 

ACCOUNTING 

192.22.22.4 

SW4 


VLAN 2 

ENGINEERING 

192.22.22.2 

SW2 

VLAN 3 

MARKETING 

192.22.22.3 

SW3 

3 Designate the port or ports assigned to a VLAN. 

Type vlan VID add port(s) port 

If the VLAN does not exist, then this command creates the VLAN. 

Each switch port can be assigned to one or more VLANs. The slot 

where the port resides is not applicable to the VLAN configuration. 

For example, to connect ports 9 through 12 on the Gigabit Ethernet 

module to VLAN 2 

6000 Switch>#>vlan 2 add ports 9 12 

Note If Link Aggregation is configured, the ports are aggregator 

ports designated by the aggregator port number. If Link 

Aggregation is not configured, then the media port number 

is used. 

4 Type vlan print to verify that the ports have been added to the 

correct VLAN. 

The factory default has all VLANs as members of VLAN 1. The ports 

need to be removed from VLAN 1 if they are no longer members of 

VLAN 1. 

5 Type vlan VID del port(s) port to remove the ports connected 

to a VLAN. 

6000 Switch>#>vlan 1 del ports 8 10 

6 Assign a Port VLAN Identifier (PVID). 

157



Type vlan port port PVID pvid to assign the PVID. 

6000 Switch>#>vlan port 2 pvid 1001 

All untagged and priority-tagged frames received by a port belong to 

the VLAN whose port VLAN identifier (PVID) is associated with 

that port. 

The PVID must contain a valid VLAN identifier value. It should not 

contain the reserved null value of zero (0) or the number 4,095. The 

default PVID is one (1). 

Type vlan source_ VID move port(s) port_list vlan destination_VID 

to move a port from one VLAN to another. 

The example below, moves port 8 in VLAN 2 to VLAN 4. 

6000 Switch>#>vlan 2 move port 8 vlan 4 

Assigning VLAN Names 

VLANs can also be identified by which group or departments they 

belong to by using an identifier or name, such as “engineering” or 

“sales.” 

Note A VLAN must be created using the VID prior to assigning 

or using a name. 

To assign a name to a VLAN, type vlan VID name string. 

6000 Switch>vlan 2 name sales 

VLAN names must have the following properties: 

1 The name must be unique across all VLANs. 

2 The name can contain only alphanumeric characters (a..z, A..Z, 

0..9). 

3 A name cannot exceed 15 characters. 

4 The name must contain at least one letter (1234 is not a valid 

VLAN name.) 

If names have been assigned to the VLANs, the vlan print command 

lists the VID with the name in parentheses, i.e., VLAN 2 (sales). 

VLANs are referenced by using the VlD or the VLAN name. For 

example, if VLAN 2 has been named “sales” then the following 

commands are identical: 

158



6000 Switch> vlan 2 add port 3 

6000 Switch> vlan sales add port 3 

The VLAN name can be substituted for the VID in all of the VLAN 

commands, including the vlan name command.This command line 

changes the name of the sales VLAN to accounts. 

6000 Switch> vlan name sales accounts 

Confirming VLAN Membership 

The vlan print command identifies which ports are members of 

which VLANs. The vlan print and vlan print by port commands 

can be used in both privileged and non-privileged mode. 

The information is displayed in VLAN order. 

VLAN Configuration Storage 

All changes that are made to the VLAN configuration are stored in 

the non-volatile memory of the switch. When the switch is rebooted, 

the VLAN configuration is automatically returned to how it was set 

before the reboot. 

The VLAN configuration is not reset when a new module is inserted 

into the chassis. The VLAN settings conform to the settings of the 

previous media board. For example, if a Gigabit Ethernet card is 

replaced with a 24-port 10/100Base-TX module, the VLAN 

configuration would remain on the first eight ports of the 10/100 card. 

With a change in media card type, it is recommended to reset the 

VLAN configuration. Use the vlan reset slot slot_number command. 

This resets all ports on the media card to be a member of VLAN 1 

with a PVID of 1. The vlan reset command without parameters resets 

all of the slots. 

159



Frame Tagging 

The switch supports the IEEE 802.1Q specification for VLAN 

tagging. 

There are three basic types of frames: 

• Untagged 

• Priority-tagged 

• Tagged 

An untagged frame or a priority-tagged frame does not carry any 

identification of the VLAN to which it belongs. Such frames are 

classified as belonging to a particular VLAN based on parameters 

associated with the receiving port. 

A VLAN tagged frame carries an explicit identification of the VLAN 

to which it belongs. Such a frame is classified as belonging to a 

particular VLAN based on the value of the VID that is included in the 

tag header. 

When frames are sent across the network, a tag header is used to 

indicate to which VLAN a frame belongs. This insures that the switch 

forwards the frame to only those ports that belong to that VLAN. 

The switch supports both tagged and non-tagged frames 

simultaneously on a per VID and port basis. 

Type vlan VID {tag | untag} port(s) port_list to set the frame type 

that is transmitted to the port or ports of the specified VLAN. 

6000 Switch>#>vlan 2 tag ports 2 6 

Warning 

If a port is a member of two or more VLANs, it is recommended 

that only one VLAN on the port transmit 

untagged frames. The untagged VLAN should equal the 

PVID for that port 

160



. 

Overlapping VLAN Configuration 

VLAN1 

VLAN2 

Port 9 

Port 12 

Port 16 

PVID 1 PVID 2 

PVID 2 

Hub 



172.21.1.1 



172.21.1.2 172.22.1.2 

172.22.1.1 

For example, in the Overlapping VLAN Configuration drawing 

above, VLAN 1 and VLAN 2 share Port 12. Station 172.22.1.1 would 

not receive frames from Station 172.22.1.2 unless the frames are 

tagged since it shares Port 12 through a hub with Station 172.21.1.2, 

and the PVID for Port 12 is 2. 

Warning 

Untagged overlapping VLANs can create problems 

with routing protocols, such as OSPF. 

161



VLAN tagging must be used when connecting two or more switches 

that share a common VLAN. 

NORTH WING 

Tagged Link 

SOUTH WING 

Port 1 

tagging 

for 

VLAN 1 

& VLAN 2 

Port 2 

PVID 1 

Untagged 

Port 3 

PVID 2 

Port 1 

tagging 

for 

VLAN 1 

& VLAN 2 

Port 2 

PVID 1 

Untagged 

Port 3 

PVID 2 

Sales 

VLAN 1 

Accounting 

VLAN 2 

Sales 

VLAN 1 

Accounting 

VLAN 2 

VLAN 1 = {Port 1, Port 2} 




Each switch in the figure above shares VLAN 1 and VLAN 2 through 

Port 1. The frames must be tagged between the two switches to 

determine the frame destination. The tagging allows the transmittal of 

frames from the Sales department in the North Wing to the Sales 

department in the South Wing and the Accounting department in the 

North Wing to the Accounting department in the South Wing. Once 

the switch knows the destination of the frame, the tagging is removed 

and the frame is sent untagged to the VLAN. 

VLAN Security 

VLANs are used to limit traffic to a particular area of the network. 

The IEEE 802.1Q specification introduces the concept of tagged 

frames, where VLAN information is included in the frame. Using 

tagged frames allows VLAN information to be communicated across 

multiple switches. Such a VLAN tag includes information for both 

the VID and the priority of the frame. However, storing VLAN and 

priority information in the frame can cause security problems. 

162



• Clients can set the VID of a tagged frame to any value. 

• Clients can set the priority of a tagged frame to any value. 

Trusted and untrusted 802.1Q tag mode, 802.1Q ingress checking, 

and the control of acceptable frame types addresses these security 

issues. 

Trusted and untrusted IEEE 802.1Q tags 

Trusted and untrusted 802.1Q tag modes can be used for enhanced 


Each port in the system has a trusted or untrusted mode for the VID 

of a tagged frame. In trusted mode, the VID of a tagged frame is 

always used. In untrusted mode, the PVID of the port is used even if 

the frame is tagged. The default is trusted. 

To set the security mode 

1 Type vlan ports port_list untrusted for untrusted VID mode. 

6000 Switch>#>vlan ports 3 4 untrusted 

2 Type vlan ports port_list trusted for trusted VID mode. 

6000 Switch>#>vlan ports 8 10 trusted 

Similarly, each port in the system has a trusted or untrusted priority 

mode. In trusted priority mode, the priority of a tagged frame is 

always used. In untrusted priority mode, the default port priority is 

used even if the frame is tagged. See “Layer 2 Frame Prioritization” 

later in this chapter for information on setting the priority. 

The trusted or untrusted modes for VID and priority can be used in 

environments where security is an issue. The untrusted VID mode is 

similar to the acceptable frame-type mode for each port. 

163



802.1Q ingress checking and acceptable frame 

types 

An “Enable Ingress Filtering” parameter is associated with each port. 

If the “Enable Ingress Filtering” parameter is set for a port, the 

ingress rule discards any frame received on a port from a VLAN that 

does not include that port within its member set. The default is to have 

ingress checking disabled. 

Type vlan ports port_list enable ingcheck to enable ingress 

checking. 

Type vlan ports port_list disable ingcheck to disable ingress 

checking. 

An example of the use of ingress checking could apply to a student/ 

faculty environment VLAN setup. In this environment there are two 

VLANs, one for students and one for faculty. Clients on either VLAN 

should not be able to access machines on the other VLAN. This is 

easy to set up using PVIDs and connecting the students machines to 

one set of ports, and the faculties to another set of ports. The problem 

is that it is possible for a student to send a VLAN tagged frame with 

the tag set to the VID of the faculties VLAN. Without ingress 

checking this frame would be transmitted to the faculty VLAN. With 

ingress checking enabled, the frame is dropped since the ingress port 

is not a member of the faculty VLAN. 

Acceptable Frame Types 

Associated with each port of a VLAN bridge is an “acceptable frame 

types” parameter that controls the reception of VLAN-tagged and 

non VLAN-tagged frames on that port. The valid parameters are 

“accept any frames” and “accept only VLAN-tagged frames.” 

• accept any frames 

This is the default setting when there are no rules that apply regarding 

the format of an ingress frame. Any frame type is accepted. 

Type vlan ports port_list admit any to set the configuration to 

accept any frames. 

164



• accept only VLAN-tagged frames 

When “accept only VLAN-tagged frames” is set, the ingress rule 

discards any untagged frames or priority-tagged frames received on 

that port. Tagged frames that are not discarded are classified and 

processed according to the ingress rules that apply to that port. 

Note A priority tagged frame is not a VLAN tagged frame. A priority 

tagged frame has an 802.1Q tag but the VID is zero. 

Type vlan ports port_list admit tagonly to set the configuration to 

accept only tagged frames, 

This mode can be used to prevent clients from gaining access to 

VLANs of which they are not a member. 

Configuring a VLAN with an IP 

Address 

VLANs can be assigned an IP address to allow management of the 

switch from that VLAN or to route frames between VLANs. This 

creates a network interface for the switch labeled swVID. The number 

of VLANs that can be assigned a network interface IP address is 

limited to 128. 

The VLAN network interface number matches the VID. For example, 

VLAN 1 creates interface sw1, VLAN 80 creates sw80, etc. 

Type vlan VID ifconfig ip_address to configure a VLAN with an IP 

address. 

6000 Switch>#>vlan 2 ifconfig 192.2.22.166 

Use the ifconfig -a command to view the network interfaces. 

Type ifconfig interface delete to remove an interface. 

VLAN Routing Configuration 

VLAN routing configuration allows routing to be enabled or disabled 

for specific VLANs. This feature enhances the security of a network. 

Type vlan VID enable iproute to enable VLAN routing. 

The switch’s VLANs are used to provide IP routing interfaces, e.g., 

VLAN 3 can be configured with an IP address, which causes the IP 

interface sw3 to be created. 

165



VLAN routing configuration allows control of what VLAN IP frames 

can be routed. For example, it is possible to specify that VLAN 3 

cannot be used as the source when forwarding IP frames. 

Note If IP routing is disabled for a VLAN, it only applies to 

ingress or received IP frames. It is still possible for other 

VLANs to route to the VLAN. 

VLAN routing configuration can be used in environments where 

VLANs exist, and those VLANs are given IP addresses for 

management, but no routing is required. In this environment, IP 

routing can be disabled for each VLAN. 

Type vlan VID disable iproute to disable VLAN routing. 

Caution 

For more complex environments, access control lists 

should be used to control IP routing. See IP Access 

Control in this chapter. 

Spanning Tree Protocol 

The 6000 Switch adds an extra layer of functionality with the 

introduction of multilayer Spanning Trees. The two types of 

Spanning Tree models are: 

• IEEE 802.1d Spanning Tree 

The switch becomes a bridge for which Spanning Tree parameters 

can be set. Every port, regardless of VLAN membership, is part of the 

same Spanning Tree. 

• Spanning Tree per VLAN 

The switch supports IEEE 802.1s, a supplement to 802.1Q, that 

provides for multiple instances of Spanning Tree to run on a switch 

that has multiple VLANS. Each VLAN acts as a separate bridge or 

Virtual Bridge which allows you to set the entire range of Spanning 

Tree commands for that bridge and the bridge ports.This allows 

traffic to pass that would otherwise be blocked. 

To activate the Spanning Tree protocol 

1 Type enable spantree in privileged mode. 

2 Select which type of Spanning Tree to implement. 

Type set spantree type stp to configure 802.1d Spanning Tree. 

166



Type set spantree type pvstp to configure a separate Spanning Tree 

for each VLAN. 

Note 

Spanning Tree can only be defined per bridge for all ports 

on that bridge. Single Spanning Tree (STP) and Port VLAN 

Spanning Tree (PVSTP) cannot run at the same time on a 

single bridge. 

802.1d Spanning Tree 

The IEEE 802.1d specification for Spanning Tree protocol allows 

switches and bridges to eliminate duplicate paths and loops in a 

network. The protocol allows the switch to communicate with these 

other devices and to map the network. 

Note When the Spanning Tree protocol has been enabled, direct 

communication with the switch (e.g., Telnet or SNMP) is 

not available for 15 to 30 seconds as the protocol initializes 

itself for operation on the network. This delay also applies 

upon power up after the protocol has been enabled. 

The Spanning Tree protocol controls different states for each port: 

• listening 

• forwarding 

• blocking 

By default, Spanning Tree protocol is disabled in the switch. 

167



The Spanning Tree protocol: 

• Assigns a unique address to each switch (usually the MAC 

address of the Control Processor). 

• Assigns a priority value to each switch. 

• Selects a root switch. This is the starting point for the Spanning 

Tree. 

• Assigns a unique address to each port on each switch. 

• Calculates a path cost for each port on each switch. 

• Assigns the root port of the switch based on path cost. 

To configure the Spanning Tree protocol 

1 The Root Switch 

The bridge with the lowest identifier (usually the MAC address) is the 

root switch. The MAC address is assigned when the IP address is 

assigned for the switch. 

2 Assign the Switch’s Priority. 

Type the privileged set spantree priority value command. The range 

is from 0 to 65,335. The default is 32,768. 

6000 Switch>set spantree priority 1 

3 Assign the Root Port. 

Type the set spantree portpri port_number value command to 

assign a priority value to a port. The range is from 1 to 255. The 

default is 128. 

After the root switch is selected, the other switches determine which 

port is the most cost-effective path to the root switch. This port 

becomes the root port. 

The command line below sets the priority of port 3 to 1. 

6000 Switch>set spantree portpri 3 1 

4 Set the Port Cost. 

Finally, the Spanning Tree protocol detects the switch and switch 

ports that have access to the root. The bridge then enables those ports 

to be used for forwarding packets and disables others ports to prevent 

loops. These disabled ports are kept in backup mode in case a primary 

port or link fails. 

168



With Link Aggregation, multiple physical links are formed into a 

single, higher speed, logical link. Spanning Tree uses the link speed 

as an indication of the path cost in an attempt to block lower speed 

ports in preference to higher speed ports. Spanning Tree needs to be 

able to change the path cost for that port. 

Type set spantree portcost port_number auto to automatically set 

the path cost to the link speed of the port. 

6000 Switch>set spantree portcost 9 auto 

Port cost can be set manually on the switch. Ports set manually are 

fixed and the path cost does not change even if the link speed 

changes. If the media type changes, the port reverts to auto mode. 

Note The Spanning Tree protocol must be enabled before setting 

the port cost. The protocol settings are held in NVRAM. 

To set the port cost for port 9, type set spantree portcost 

port_number value. 

6000 Switch>set spantree portcost 9 10 

5 Type show spantree to display the current Spanning Tree Configuration, 

6 Type set spantree defaults to return the parameters to the 

default values. 

Spanning Tree per VLAN 

Spanning Tree per VLAN or PVSTP allows each VLAN to run a 

separate Spanning Tree with its own Bridge Protocol Data Units 

(BPDU’s). This allows different ports to be blocked or unblocked 

based on VLAN membership. Of the 2,048 VLANs, up to 100 

PVSTPs can be stored in NVRAM. 

The 802.1Q standard defines two types of VLAN learning. 

• A Shared VLAN Learning Bridge (SVL), uses a single 

forwarding database that is shared by all VLANs. 

• An Independent VLAN Learning Bridge (IVL) uses a separate 


A switch that supports PVSTP must be configured as an IVL switch. 

If the switch is configured as an SVL switch, 802.1d Spanning Tree 

is enabled. 

169



Type fdb mode ivl to set the switch as an IVL switch. 

When in IVL mode, the VLAN ID (VID), MAC address, and port 

number are stored in the forwarding database. 

To configure per VLAN Spanning Tree 

1 Type the privileged set spantree priority priority_value VID to 

assign the VLAN priority. The range is from 0 to 65,335. The 

default is 16,384. 

6000 Switch>set spantree priority 1 3 

2 Type set spantree portpri port_number portpriority_value VID 

to assign a priority value to a port within a VLAN,. The range is 

from 1 to 255. The default is 128. 


3 Port cost can be automatically set to the link speed of the port. 

Type set spantree portcost port_number auto VID 

6000 Switch>set spantree portcost 3 auto 3 

Type set spantree portcost port_number portcost_value VID to 

manually assign a portcost to an individual port within a VLAN. 

6000 Switch>set spantree portcost 3 1 3 

Note Manually set ports are fixed and the path cost does not 

change even if the link speed changes. If the media type 

changes, the port reverts to auto mode. 

4 Type show spantree all to display the current per VLAN Spanning 

Tree Configuration. 

5 Type set spantree defaults to reset all ports and bridge values 

to their default value. 

Rapid Reconfiguration 

Rapid reconfiguration 

• Places a root port on a failed path into a blocking state. 

• Selects a non-designated port as the new root. 

• Immediately activates that port, passing the listening and 

learning states. 

Rapid reconfiguration can never be initiated on a bridge that has been 

selected as the root bridge because a root bridge has no root ports. 

170



Type set spantree rapid on VID to set rapid reconfiguration for a 

PVSTP domain. 

Type set spantree rapid on to set rapid reconfiguration for a STP 

domain. 

Note If rapid reconfiguration is set for a STP domain, it cannot be 

turned on for a PVSTP domain. 

When rapid reconfiguration feature is triggered, the switch either 

removes all entries from the forwarding database that point to the 

failed link or it redirects them to the new root port. 

Rapid Port Activation 

Rapid port activation is useful when connecting the switch to a device 

that boots and connects to the switch faster than the 30-second 

forwarding delay that is the default for Spanning Tree. There is no 

need to transition through the listening and learning states for ports 

that connect to end stations. 

Type set spantree portquick port_number on to set rapid port 

activation. 

Note Rapid port activation should only be used when connecting 

a single end station to a switch port. If a port is connected 

with rapid port activation to a port on another switch or 

router, network loops may occur. 

Type set spantree portquick port_number off to disable rapid port 

activation, 

Type show spantree all in either privileged or non-privileged mode 

to display the Spanning Tree configuration,. 

171



IGMP Snooping 

IGMP Snooping is a Layer 2 function of the switch. It reduces the 

flooding of IP multicast traffic, optimizes the usage of the network 

bandwidth, and prevents multicast traffic from being flooded to parts 

of the network that do not need it. 

The 6000 switch supports IGMP snooping as it is defined by 

IGMPv1, specified in RFC-1112, and IGMPv2, specified in RFC- 

2236. 

IGMP snooping is disabled by default on the switch. When disabled, 

all IGMP and IP multicast traffic floods within a given VLAN. 

Basic configuration 

Note IVL mode must be configured prior to configuring IGMP 

Snooping. In SVL mode, information pertaining to the 

VLAN ID is no longer available in the forwarding database. 

See Spanning Tree Per VLAN earlier in this chapter for 

instructions on setting IVL mode. IGMP Snooping must be 

disabled if SVL mode is invoked. 

Type enable igmpsnoop to enable IGMP Snooping. 

Configuring multicast router ports 

In configuring IGMP Snooping 

• Identify which switch ports lead to routers and which switch 

ports lead to interested end stations 

• Create a separate broadcast domain for each multicast group and 

include only ports with interested end stations 

IGMP Snooping operates by recognizing multicast router ports and 

interested member ports and creating a separate broadcast domain for 

each multicast group. 

Identifying the router ports is one of the prime features of IGMP 

Snooping. Once IGMP Snooping is enabled, auto discovery of ports 

is accomplished through the switch’s routing mechanism by sending 

ICMP router discovery messages or by snooping in the IGMP query 

messages sent by the multicast routers. However, in some cases, the 

172



multicast router ports may not be identified by using auto discovery. 

Under such conditions, the network administrator needs to manually 

configure these router ports as control ports. 

Type igmpsnoop port(s) port_list control mode { normal | fixed | 

forbid }VID to configure a control port. 

A control port can be set to one of three modes: 

• normal 

The default mode of a port is “normal.” When the control port is 

set to “normal” mode, the switch automatically determines if a 

port has a control element (i.e., switch with IGMP Snooping or 

router). 

• fixed 

When auto discovery does not identify a router port, then it needs 

to be configured in the “fixed” mode. IGMP Snooping forwards 

host membership reports only on the router ports 

• forbid 


For example, to configure router port 20 in fixed mode: 

6000 Switch>#>igmpsnoop port 20 control mode fixed 

VID 3 

Configuring a data port 

There are two types of data ports: 

• All group - A port belongs to all IP multicast groups. 

• IP group - A port belongs to a specific IP multicast group. 

Data ports can be only be set to one of the following modes within a 

given VLAN: 

• fixed 

permanently belonging to all or IP group. 

• forbid 

disallow port to become a member of all or IP group. 

173



• normal 

IMGP Snooping determines what group the port belongs to from 

the received IGMP reports. 

When an end station receives an IGMP Query message from the 

router, it responds with a Host Membership Report for each group 

member. The switch marks ports as group member ports if it receives 

an IGMP Membership Group Report. For IGMP Snooping to work 

correctly, it is important that an IGMP Membership Report message 

be forwarded only to router ports. 

A separate address class known as Class D is used to identify 

multicast groups. The Class D address ranges from 224.0.0.0 through 

239.255.255.255, with addresses from 224.0.0.x and 224.0.1.x 

reserved for permanent assignment. Each of these addresses 

represents a group of IP end stations, also known as a “host group.” 

Adding or excluding ports from an IP multicast 

group 

Type igmpsnoop port(s) port_list group ip_group mode { normal | 

fixed | forbid } VID to include or exclude a data port from a particular 

IP multicast group 

6000 Switch>#>igmpsnoop ports 1 2 3 group 

239.147.6.99 mode fixed VID 1 

In the example above, port 1, 2, and 3 are included as members of IP 

multicast group 239.147.6.99 regardless of whether an IGMP 

membership report for that group is received or not. 

If the forbid keyword is substituted in the above command, ports 1, 2, 

and 3 are excluded from IP multicast group even though the system 

has received an IGMP membership report for the same group. This is 

a security feature to disallow an end station to participate in a 

particular multicast session. Instead of a particular IP multicast 

group, the “all” keyword implies all IP multicast groups. Therefore, 

if you type: 

igmpsnoop ports 1 2 3 group all mode forbid VID 1 

Port 1, 2, and 3 are prohibited from receiving any multicast traffic. If 

the keyword “fixed” is used instead, IGMP Snooping is disabled on 

those ports. This feature is useful for network management purpose, 

i.e., the port is attached to a management station that is in a 

promiscuous mode. 

174



Resetting control and data ports 

The reset commands are used to set the control and data port 

configuration to normal mode. For example, type igmpsnoop port 

control reset VID 1 to reset all control ports in VID 1 to normal 

mode. 

Type igmpsnoop port data reset all to reset all control ports on VID 

1 to normal mode,. 

Displaying configured ports 

Type igmpsnoop print config VID to display the configuration for 

all ports on a particular VLAN. 

Type igmpsnoop print config all to display the configuration for all 

ports on a particular VLAN. 

Type igmpsnoop print all to view the active multicast groups. 

Type igmpsnoop print VID to view the status per VLAN. 

The configuration information is immediately stored in NVRAM. 

The switch loads the configuration from NVRAM during boot up. 

If the number of configuration entries exceeds the allotted NVRAM 

space, new configuration entries are not saved and a warning message 

is issued. 

Note 

Only configuration information is saved. Snooping status 

(i.e., membership information) is not saved. 

Setting aging time 

An aging time is used to specify the time acceptable (in seconds) 

between IGMP queries since the switch last received an IGMP query 

from the multicast server. A query allows the server to determine 

which network hosts are (or want to be) part of the IP multicast group, 

and are configured and ready to receive traffic for the given 

application. 

175



Type igmpsnoop set agetime value to set the timer,. The range is 

from 330 to 500 seconds. The default value is 330 seconds. 

6000 Switch>igmpsnoop set agetime 400 

Port Mirroring 

Port mirroring is a useful diagnostic tool because it provides the 

ability to diagnose a connection by attaching a packet analyzer to a 

port and “snooping” all of the traffic transmitted. On the second port 

you can attach a protocol analyzer to capture and analyze the data 

without interfering with the client on the original port. Port mirroring 

is disabled by default on the switch. 

All VLAN traffic is transmitted to the source port and its mirror port 

to ensure that all frames received by the source port are transmitted to 

the destination or monitor port. 

Any port may be selected as a source or monitor port, regardless of 

the speed of the port. For example, it is acceptable to designate a 

Gigabit Ethernet port as the source and a 10/100 port as the monitor 

port even though there might be some frame loss on the monitor port. 

This permits diagnosing problems on the Gigabit Ethernet connection 

using a 10 or 100 MB packet analyzer. 

To support this function, set a source and destination mirrored port. 

1 Type set portmirror sourceport port_number to set the source 

port. 

2 Type set portmirror monitorport port_number to set the monitor 

port. 

3 Type enable portmirror to activate port mirroring. 

Note 

Port mirroring must be disabled prior to setting the source 

and destination port numbers. Type disable portmirror to 

disable portmirroring. 

Restrictions 

• Ports are aggregated ports. It’s not possible to mirror a single 

media port inside a multiport aggregation. 

• If the monitor port is a multiport aggregation then all mirrored 

traffic is sent to the lowest numbered media port in that 

aggregation. 

176



• A network loop occurs if both source and monitor ports are 

plugged into a hub. 

Type show portmirror to display the port mirroring configuration 

information. 

Layer 2 Frame Prioritization 

Today’s local area networks must respond to delivering new 

technologies that require congestion control and prioritization. Layer 

2 provides packet prioritization capabilities for the application of 

network policies. The switch supports the IEEE 802.1p, 802.1D and 

802.1Q specification for traffic prioritization of Layer 2 frames. 

This standard defines how network frames are tagged with user 

priority levels ranging from 7 (highest priority) to 0 (lowest priority). 

Switches and routers prioritize traffic delivery according to the user 

priority tag, giving higher priority frames precedence over lower 

priority or untagged frames. 

Each port is assigned a default user priority. That default user priority 

is only used on untagged frames. Tagged frames already contain a 

priority. All of the ports have a factory default user priority of zero 

(0). You must be in privileged mode to configure the ports. 

Type set priority port(s) port_ list pri to set the default user priority 

for individual ports. 

6000 Switch>#>set priority port 3 7 

Type set priority port(s) all pri to set the default priority for all ports. 

6000 Switch>#>set priority ports all 7 

Type set priority port(s) {all | port list} default To reset a port or all 

of the ports to their factory default setting. 

6000 Switch>#>set priority ports all default 

Each port in the system also has a trusted or untrusted priority mode. 

In trusted priority mode, the priority of a tagged frame is always used. 

In untrusted priority mode, the default port priority is used even if the 

frame is tagged. 

1 Type set priority ports port_list trusted To reset a port or all 

of the ports to their factory default setting, 

6000 Switch>#>set priority ports 8 10 trusted 

177



2 Type set priority ports port_list untrusted for untrusted priority. 

6000 Switch>#>set priority ports 3 4 untrusted 

Type show priority to view the port priority and priority mode. 

SNMP Agent 

The switch comes with an SNMP agent. After the switch’s IP address 

is set, the SNMP agent can communicate with any SNMP 

management station. 

The SNMP agent: 

• Responds to requests from the network management station for 

the value of a MIB variable using the get-request or get-nextrequest 

format. 

• Responds to requests from the network management station to 

set or change MIB variables. 

• Sends messages or traps to the network management station that 

a significant change has occurred. The table describes the 

supported traps. 

Generic 

Trap 

Number 

Specific 

Trap 

Number Condition 

0 Cold Start 

1 Warm Start 

2 Link Down 

3 Link Up 

6 1 

CarrierCPSlot 

ChangeEvent 

Description 

System starting from 

power down state. 

System restart 

without power down. 

The link state of a 

port is changed from 

up to down. 

The link state of a 

port is changed from 

down to up. 

The primary CP 

board is changed 

from slot A to slot B 

or vice-versa. 

178



Generic 

Trap 

Number 

6 2 

6 3 

6 4 

Specific 

Trap 

Number Condition 

CarrierStatusA 

ChangeEvent 

CarrierStatusB 

ChangeEvent 

MediaCard 

ChangeEvent 

6 5 FanFailEvent 

6 6 PowerSupplyFailEvent 

6 7 HighTemperatureEvent 

Description 

The status (inserted/ 

running) of the CP in 

slot A has changed. 

The status (inserted/ 

running) of the CP in 

slot A has changed. 

One or more of the 

media cards is 

inserted or removed. 

One or more fans has 

failed. 

One or more power 

supplies has failed. 

The temperature 

exceeded the High 

Temperature 

Mark and the switch 

shuts down 

immediately. 

SNMP Communities 

The SNMP agent, along with the type of messages that are identified 

with it (get, set, trap), is referred to as an SNMP community. Each 

community is identified by a community string or name and a 

community number. The community_number is any number from 1 

to 3. 

Community 

Number 

Community 

String 

1 Public GET 

2 Private SET 

Permissions 

3 Trap GET, SET 

179



Configuring the SNMP Agent 

1 Type the privileged set snmpmgr host_ip_address community 

_number [index] command to set the manager or host address 

for one station. 

6000 Switch>set snmpmgr 193.1.1.143 1 1 

If assigning an address to additional stations, follow the IP address 

with the community number and index number of the station. Up to 

eight indexes or hosts can be added. 

2 Type set snmpmgr to assign the IP address 0.0.0.0 to remove 

an address from the list, as in the following command line: set 

snmpmgr 0.0.0.0 [index] 

6000 Switch>set snmpmgr 0.0.0.0 1 

As a configuration option, you can give your switch up to eight IP 

addresses of network management stations to which traps should be 

specifically sent. However, one station is the most common scenario. 

3 Type show community to display the SNMP community string 

for all access types to the SNMP MIBs 

4 Type the privileged set community community_number string 

[get] [set] [trap] command to set the type of messages to be 

exchanged between the SNMP manager and agent. 

6000 Switch>#>set community 1 public get trap 

6000 Switch>#>set community 2 private get set trap 

180



5 Type set snmpSecurityLevel level to control security levels on 

the switch. The default setting is 2, which allows stations in the 

host table to have write access. 

Level 

1 

2 

3 

Behavior 

Does not verify host in community. 

Anyone can configure the switch if they 

know the community string. 

Verifies host in community for write 


Verifies host in community for read and 

write privileges. 

6000 Switch>#>set snmpSecurityLevel 3 

Note Only stations in the host table are able to view and configure 

the switch in Intel® Device View. Changing the default 

security level prevents other stations from being viewed by 


If the switch does not respond to an SNMP query: 

• Check to see if the host appears in a show snmpmgr command. 

• Check to see if the community is a valid string. 

• Check the console to see if the SNMP query is generating any 

errors. 

If the switch is slow to respond, there might be a host that is 

bombarding the switch with SNMP traffic that is not on the snmpmgr 

list. If this is the case, the switch is being slowed down by sending 

“Authentication Failure” traps. 

To fix the problem: 

• Find the offending host. 

• Stop it from requesting information from the switch. 

• Or, add it to the snmpmgr list with the set snmpmgr command. 


181



RMON 

RMON1 is supported. RMON is an extension to SNMP and is 

defined by of RFC1757, “Remote Network Monitoring Management 

Information Base.” Four of the nine RMON1 groups are supported. 

Group Name 

Statistics 1 

History 2 

Alarms 3 

Events 9 

Group Number 

RMON history is available for the first 10 ports after boot up. To add 

history for other ports, use Intel Device View or a third-party RMON 

compliant browser to delete the history-control table row for a port 

already in the table. 

The total number of entries in the history control table must be less than 

or equal to 20. By default, each port has two entries, one for 30-second 

sample intervals, and one for 30-minute sample intervals. 

There are no command line commands to enable or disable the 

RMON agent. A graphical network management interface is 

available through Intel Device View and third-party RMON 

compliant browsers. 

NVRAM Backup 

As part of the switch’s fault tolerant structure, non-volatile RAM 

(NVRAM) is used to store configuration information for the switch. 

Use the NVRAM Backup privileged command savenv to back up this 

configuration information. 

If the CP carrier module has failed, use the loadnv command to 

restore the system parameters from the backup file located on the 

TFTP server to the replacement CP carrier module. 

Note 

To configure the TFTP server’s operation, refer to the TFTP 

server software documentation. 

182



Backup 

Note Before the backup file is uploaded to the TFTP server, the 

file must already exist and be able to be read and written by 

everyone. 

To begin the backup 

1 Create the file. 

The file name is the switch’s IP address in hex uppercase format (i.e. 

IP address 192.2.2.1 is named C0020201.) 

Note To get the file name, use the savenv command with the IP 

address of the switch. The command returns the file name in 

hex uppercase format. An error message occurs, because the 

file was not created in advance. 

6000 Switch>#>savenv 192.2.2.1 

Using remote file name = C002023F saving nvram version 

1 

No response from TFTP server 

TFTP upload failed. 

2 Create the file on the TFTP server. To configure the TFTP 

server’s operation, see the TFTP server software documentation 

3 Type the savenv [path] ip_address_of_tftp_server command. 

Use the path argument only to save the NVRAM to a file in a 

directory other than the default directory “/tftpboot.” 

Example without path address: 


Example with path address: 

6000 Switch>#>savenv /pathname 192.2.2.12 

Restore 

Type the privileged loadnv [path] ip_address_of_tftp_server 

command to restore the non-volatile RAM. The loadnv command 

checks that the version of the non-volatile RAM file is compatible 

with the system version before it restores non-volatile RAM. 

6000 Switch>#>loadnv 192.2.2.1 

Note 

After restoring the NVRAM, you are prompted to reset the 

switch. Type Y for yes to begin the reset process. 

183



Use the path argument only if the NVRAM file was saved in a 

directory other than the default directory “/tftpboot.” By default, the 

filename on the server is assumed to be the IP address of the switch 

in uppercase hex format (i.e., C0020201.) 

SYSLOG 

The syslog feature records such events as logins, configuration 

changes and error messages that occur on the switch. If an error 

condition occurs, the switch attempts to write an entry to the system 

log. The log information is sent to a syslog service on a remote host. 

All of the syslog command settings and log entries are held in 

NVRAM. 

To set the Syslog service address 

1 Type the privileged set syslog ipaddr ip_address to set the 

address of where the syslog service resides. 

6000 Switch>#>set syslog ipaddr 192.2.2.143 

2 Type enable syslog to begin the output to the system log. 

6000 Switch>#>enable syslog 

The table below displays a typical entry in the system log on the 

remote host. 

Oct 27 11:16:08 6000Switch Console[2]: syslog started 

Oct 27 11:17:26 6000Switch Console[2]: Non-privileged user logged in 

Oct 27 11:17:35 6000Switch Console[2]: Privileged user logged in 

Oct 27 11:17:43 6000Switch Console[2]: Privileged user logged out 

Oct 27 11:17:44 6000Switch Console[2]: Non-privileged user logged out 

Logging Commands 

The switch’s syslog can log all user commands that are typed from 

any console session. 

1 Type the privileged set syslog lcmds to enable this feature. 

The following is an example of the system log when command 

logging is enabled: 

Oct 27 11:24:24 6000Switch Console[2]: command, "di sys" 

Oct 27 11:24:39 6000Switch Console[2]: command, "enable spantree" 

Oct 27 11:25:05 6000Switch Console[2]: command, "di fdb" 

184



Only valid commands are logged. If a command is not understood, 

then it is not logged. 

2 Type the privileged set syslog nolcmds to disable logging of all 

the commands. 

Similar to command logging, the switch’s syslog can record all 

output from any console session. 

3 Type the privileged set syslog lout to log all output from the 

switch. 

4 Type the privileged set syslog nolout to disable logging of the 

output information. 

To display the Syslog setup 

Type show syslog to display the current syslog parameters. 

Type disable syslog to end output to the syslog. 

Broadcast and Multicast 

Storm Control 

An excessive number of broadcast or multicast frames on a network 

can degrade network performance by starving out unicast traffic. 

Broadcast and multicast storm control is intended to safeguard 

against this threat by limiting the amount of broadcast and/or 

multicast traffic that a port is allowed to receive and forward. 

To protect against broadcast or multicast storms, a broadcast and/or 

multicast threshold is set for each port. A threshold is a percentage of 

the maximum bandwidth of the link. The higher you set the threshold 

percentage, the less effective the protection against broadcast storms. 

The default broadcast and multicast thresholds are 100 percent, which 

disables storm control. 

1 Type set storm bthreshold percentage { all | port_number } to 

set the parameters for broadcast storm control. 

6000 Switch>set storm bthreshold 90 3 

2 Type set storm mthreshold percentage { all | port_number } to 

set the parameters for multicast storm control. 

6000 Switch>set storm mthreshold 95 3 

185



3 If the port is set to zero, it can discard indefinitely. Type set 

storm nodiscard { all | port_number } to resume receiving on a 

port that is discarding. 

The switch does not have the ability to discard broadcast or multicast 

traffic selectively. The discarding state is actually a “receive 

disabled” state. When the broadcast or multicast threshold for a port 

is exceeded, the switch disables frame reception for a given duration 

that is equal to the discard duration. The discard duration range is 

zero (0) to 256 seconds.The default is 5 seconds. 

1 Type set storm bdiscard seconds { all | port_number } to set 

the broadcast discard duration. 

6000 Switch>set storm bdiscard 4 3 

2 Type set storm mdiscard seconds { all | port_number } to set 

the multicast discard duration. 

6000 Switch>set storm mdiscard 8 3 

A duration of zero (0) seconds is used to permanently disable the port 

until it is changed. The switch sends alerts that notify the system 

administrator that the port has exceeded a threshold and the port has 

been disabled for the stated duration. 


The following message is displayed: 

Port 1 will be disabled when broadcast load reaches 

threshold. User interaction is required to remove the 

port from discarding state. 

Note The switch may or may not detect a rate that is over the 

threshold. The switch does not enter discard mode unless 

the calculated rate is at least one percent more than the 

threshold for two consecutive four-second periods. It takes 

from eight to eleven seconds to detect a rate that is two percent 

more than the threshold. 

Type show storm to display the storm control information,. Select 

from the following parameters: 

• Active displays the storm control information for all the ports 

that are actively monitoring. 

• Discarding displays storm control information for all the ports 

that are currently discarding packets. 

186



• All displays storm control information for all the ports, 

regardless of what state the storm control software has for that 

port. 

6000 Switch>#>show storm all 

Using a port number instead of any of the other parameters displays 

only the storm control information for that port. 

6000 Switch>#>show storm 3 

The Storm Control configuration is stored in the NVRAM of the 

switch. 

Layer 3 Switching & Routing 

Layer 3 switching supports dynamic routing protocols to maintain the 

routing tables. For each network layer protocol, one or more routing 

protocols may be invoked. For IP, these protocols are RIP v1, RIP v2, 

and OSPF. 

Layer 3 switching moves frames through the switching fabric based 

upon the destination network protocol address of the packet. The 

switch supports wire-speed Layer 3 switching for IP networks. 

Layer 3 switching operates in the context of multiple switched 

network segments. This functionality relies upon multiple VLAN 

operation. 

IP Access Control 

On the 6000 switch, IP Access Control is applied to incoming 

routable traffic to limit access to end devices on different networks or 

subnets. 

An Access Control List (ACL) of rules is used to permit or deny the 

flow of IP traffic through the network. The rules are created based on 

source and destination IP addresses. 

ACL rules are enforced on routable traffic only. IP frames between 

two end devices connected to the switch on different VLANs may be 

blocked and unable to ping or Telnet each other. 

187



IP access control and access lists do not apply to frames that are 

switched within the same VLAN. If the devices are on the same 

VLAN, they maintain their IP connectivity and are able to ping or 

Telnet each other even though ACL rules may forbid IP traffic 

between the two. 

IP connection between an end station and the 6000 switch is never 

subjected to ACL rules. An end station can Telnet the switch or use 

an SNMP agent for management activities. 

The IP Access Control configuration is stored in NVRAM. 

ACL rules 

The order rules are applied to an incoming packet are determined by 

the order that a rule was entered into the ACL. The 6000 switch 

supports a maximum of 128 filtering rules. 

The source IP address and source wildcard mask or destination IP 

address and destination wildcard mask represents a single host or a 

range of hosts in a network. 

A wildcard mask is a method used to define a range of host IP 

addresses with an accompanying network or subnet IP address. It 

uses the same notation as the dotted decimal IP address. The wildcard 

mask cannot overlap with the corresponding network or subnet 

address. 

Network/ 

Subnet 

Address 

Wildcard Mask Examples 

Wildcard 

Mask 

172.18.1.0 0.0.0.255 

172.18.2.0 0.0.0.7 

Description 

All the host addresses in the range 

172.18.1.0. through 172.18.1.255, 

All the host addresses in the range 

172.18.2.0. through 172.18.2.7, 

172.18.3.0 0.0.255.255 Invalid since address and mask overlap, 

For a single device or host, the address must be the designated IP 

address of the device and the wildcard mask must be 0.0.0.0 or the 

word “host.” 

permit 172.18.1.2 0.0.0.0 172.18.3.2 0.0.0.0 

or 

permit 172.18.1.2 host 172.18.3.2 host 

188



For a range of devices, the address must represent a network or subnet 

address and the wildcard mask must identify the range of IP 

addresses. The address and wildcard mask pair of 0.0.0.0/ 

255.255.255.255 or the word “all” represents all possible IP 

addresses. 

6000 Switch>#>deny 172.18.2.0 0.0.0.255 172.18.3.0 

0.0.0.255 

In the example below, the rule denies any packets from being sent 

from source IP 17.18.4.0/ 0.0.0.255 to all IP addresses. 

6000 Switch>#>deny 172.18.4.0 0.0.0.255 all 

The format for any rule includes: 

• An action (deny or permit) 

• A source IP address and source wildcard mask 

• A destination IP address and destination wildcard mask 

Adding a permit rule 

Type acl add rule_number permit (source_address 

source_wildcard_mask)( destination_address 

destination_wildcard_mask) in privileged mode to add a permit rule. 

6000 switch>#>acl add 1 permit 172.18.1.2 0.0.0.0 

172.18.3.2 0.0.0.0 

When adding a rule, all subsequent rules (starting from the requested 

rule number) are shifted one position down towards the last rule. An 

end rule can only be overwritten with a new end rule. 

For example, if a new rule 1 is added. The existing rule 1 becomes 

rule 2 and all of the other rules shift down one number. 

3 Type enable acl to activate IP Access Control once you have 

completed adding all of the rules to the ACL. 

6000 switch>#>enable acl 

Note 

ACL is disabled by default. When disabled, all routable 

packets are forwarded to the destination interface. It is recommended 

that ACL remain disabled while adding rules to 

the rules list. 

189



Adding a deny rule 

1 Type acl add rule_number deny (source_address 


destination_wildcard_mask) in privileged mode to add a deny 

rule. 

6000 switch>#>acl add 1 deny 172.18.2.0 0.0.0.255 all 

2 Type enable acl in privileged mode to activate ACL. 

Adding an end rule 

There are two rules that are always placed at the end of the list 

whether implied or explicitly added to the list. 

• Permit all all 

• Deny all all 

If the ACL is empty or an end rule has been omitted, the “deny all all” 

rule is implied. 

Moving a permit or deny rule 

1 You can move an existing permit or deny rule from its current 

position to a new position within the rule list. Type acl move 

rule_number to rule_number to move a rule. 

6000 switch>#>acl move 4 to 2 

You cannot move an end rule or move any other rule to the end rule 

position. 

Note 

An end rule cannot be overwritten unless the target rule is 

itself an end rule. 

Modifying a rule 

You can modify existing rules. 

Type acl modify rule_number permit (source_address 


destination_wildcard_mask.) to modify a permit rule. 

6000 switch>#>acl modify 5 permit 172.18.1.3 host 

172.18.3.0 0.0.0.3 

Note 

You cannot modify an existing rule with an end rule unless 

the existing rule itself is an end rule. 

190



Deleting a rule 

1 Type acl del rule_number to delete a rule. 

6000 switch>#>acl del 1 

2 Type acl del all to delete all of the rules. 

6000 switch>#>acl del all 

Displaying the rule list 

Type acl print rules to display the existing list of rules. 

IP Access Control Sample Configuration 

Collections 


6000 Switch 

Hospital Billing 

Admissions 

Network 

Manager 

192.168.1.2 


192.168.1.3 


192.168.1.4 

1 6 

VLAN 1: 

192.168.1.1 

2 

3 

Rule 3,6 

Rule 1,4 

Rule 2,4 

Rule 3,4 

4 VLAN 2: 5 

192.168.2.1 

VLAN 3: 

192.168.3.1 

7 

Rule 5 

192.168.3.2 

192.168.3.3 

Patient Records 


Radiology 

Department 


192.168.2.2 192.168.2.3 

For example, the diagram of a hospital network displays how IP 

filtering might be used in a typical network. Seven ports on the switch 

are being used to connect two servers and five workstations. The 

network has been divided into three subnets. 

• Subnet 1, the finance department, includes collections, 

admissions and the network manager. 

• Subnet 2 is the radiology department. 

• Subnet 3 is the computer room and includes all of the shared 

resources that need to be protected. 

The following access rules are required in this network: 

• Collections can access the billing server only. 

• Admissions can access both the billing and patient records 

servers. 

191



• The network manager can access all devices on all subnets. 

• The radiology subnet can access the patient records server only. 

Rule 

Action 

IP Source 

Address 

Source 

Wildcard 

Mask 

IP 

Destination 

Address 

1 Permit 192.168.1.2. host 192.168.3.2 host 

Destination 

Mask 

2 Permit 192.161.1.3 host 192.168.30 0.0.0.3 

3 Permit 192.168.1.4 host ALL 

4 Permit 192.168.3.0 0.0.0.255 ALL 

5 Permit 192.168.2.0 0.0.0.3 192.168.3.3 host 

6 Permit 192.168.2.0 0.0.0.255 192.168.1.4 host 

7 Deny ALL ALL 

Routing Management 

The routing and Layer 3 switching functions are divided into two 

areas: the switching engine and routing table management. 

Configuration of the routing protocols is performed for each of the 

network interfaces. The configuration parameters and the application 

to perform the routing protocols is based on the GateD daemon. 

For each protocol and configurable option, the system displays the 

following characteristics: 

• A protocol is started (or stopped) when it is added (or removed) 

from an interface. 

• Protocol operation occurs only on the interfaces where it has 

been enabled. 

• The interface reports the correct status and configuration 

information. 

192



RIP 

The Routing Information Protocol (RIP) is an interior gateway 

protocol (IGP) used by routers to exchange routing table information 

for local networks. RIP is a distance vector protocol which sends the 

complete routing table to its neighbor routers. 

RIP uses broadcast User Datagram Protocol (UDP) data packets to 

exchange routing information. Each router sends or advertises 

routing information updates every 30 seconds. 

The switch supports both RIP version 1, RFC1058, and version 2 , 

RFC2453. It always accepts RIP packets from both versions when 

RIP is enabled. To send version 2 packets, the specific RIP interfaces 

need to be configured. Only RIP version 1 packets are sent by default. 

For information on the gated commands associated with the RIP 

protocol, see “RIP Configuration” later in this section. 

OSPF 

Open Shortest Path First (OSPF) is a topology-based link-state 

routing protocol. It provides greater capabilities than RIP. Link-state 

changes are promptly reported to reflect the topology database 

changes. OSPF is implemented according to RFC1583. 

In a link-state protocol, each router maintains a database for each 

connected area network topology, which it builds out of the collected 

link-state advertisements of all involved routers of the area. 

OSPF allows networks to be grouped into areas. Routing information 

passed between areas is abstracted, potentially allowing a significant 

reduction in routing traffic. OSPF areas are connected by the 

backbone area, identified by 0.0.0.0. 

All areas must be logically contiguous and the backbone is no 

exception. To permit maximum flexibility, OSPF allows the 

configuration of virtual links, which enable the backbone area to 

appear contiguous despite the physical reality of the network. 

For information on the gated commands associated with the OSPF 

protocol, see “OSPF Configuration” later in this section. 

193



GateD 

The Gated Routing Daemon or GateD 1 is included with the switch to 

manage IP routing protocols. When GateD* is configured, the switch 

acts as a router. GateD is enabled by default. 

The network administrator uses GateD to control the import and 

export of routing information by: 

• Individual protocol 

• Autonomous system 

• Source and destination interface 

• Previous hop router 

• Specific destination address. 

The configuration can be modified, added to or deleted without 

restarting GateD, while still preserving the previous configuration. 

The command line interface also provides the ability to query 

different GateD contents, such as the GateD routing table or OSPF 

LSA (link-state advertisement) database. 

GateD consists of various routing protocols. Using these routing 

protocols, the switch exchanges routing information with its 

neighbors within their routing domain and contributes the learned 

routes into the GateD routing table. 

GateD selects the best routes from its centralized database and stores 

them in the system forwarding table. It also retrieves system 

information including real-time events and then sends it to routing 

protocols. 

Routing Protocols 

The GateD syntax supports Interior Routing Protocols (IRP), which 

include RIP and OSPF. Interior protocols are used to exchange 

routing information within an autonomous system (AS). 

1. ©1995, 1996, 1997, 1998 The Regents of the University of Michigan 

All Rights Reserved. 

Gate Daemon was originated and developed through release 3.0 

by Cornell University and its collaborators. 

194



Interface 

An interface is the connection between a router and one of its attached 

networks. It is always identified by an IP address in GateD. 

GateD learns all interfaces from the system. The route to an interface 

has a preference of 0 which is the highest since it is directly 

connected. 

Static Routes 

Static routes are manually configured. When configuring static 

routes, all necessary information must be provided to form a useful 

route entry for forwarding traffic. 

Preference 

Different protocols can find different paths (i.e., routes) to a 

destination network. They are all stored in the GateD routing table. 

Preference determines which one is going to be selected for the 

system forwarding table. The table displays the default preference in 

GateD. 

Source of Route 

local interface 0 

OSPF 10 

static routes 60 

RIP 100 

OSPF AS external 150 

The route with the lowest preference number is selected. The 

preference can be set manually in different protocols. 

Components 

When in GateD, the prompt indicates the current component. 

gated>rip 

gated/rip> 

Default 

195



The major components are listed below: 

Component 

ifs 

static 

policy 

rip 

ospf 

rTable 

Description 

Interfaces 

Static Route 

Import or Export Policy 

Routing Information Protocol 

Open Shortest Path First Protocol 

GateD Routing Database 

When a command is issued, it only applies to the current component. 

For example, di without any arguments, displays all attributes and 

sub-components (but not recursively) of the current component. In 

the examples below, RIP is the current component. 

Examples 

gated/rip> di pref 

preference:100 

gated/rip> di 

rip: 

preference: 100 

defaultmetric: 16 

trustedgates: 172.18.3.182, 172.16.2.1, 172.21.2.1 

if[172.18.1.101] 

if[172.18.2.101] 

if[172.18.5.101] 

gated/rip> di if[172.18.1.101] 

if[172.18.1.101] 

mode: 

both 

version: 1 

metricIn: 1 

metricOut: 0 

authtype: 

none 

authkey: 

196



Configuring GateD 

1 Type gated, then press Enter at the privileged prompt to start 

GateD. 

The prompt changes to gated>. 


ENTER PASSWORD: 

6000 Switch>#>gated 

gated> 

2 Type config, then press Enter to enter configuration mode. 

gated> config 

gated# 

Configuration mode is required to add components and set attributes. 

Once in config mode, the prompt includes a hash mark (#) without the 

greater than (>) sign. 

3 Type add component_name, then press Enter. 

gated# add rip 

The components include: ifs, static, policy, rip, ospf, and rTable. 

4 Type the component name at the gated# prompt, then press 

Enter to display or configure attributes for the selected component. 

gated#rip 

gated/rip# 

5 Type display or di, then press Enter to view the configurable 

attributes for the component. 

gated/rip# di 

rip 

----------------------------- 


defaultMetric: 16 

trustedGates: 

stats 

6 Type set value to select the RIP version, then press Enter. 

gated/rip#set version 2 

197



The set command assigns a value to an attribute 

7 Type activate or act, then press Enter. 

gated/rip# activate 

The new configuration does not take effect until the activate 

command is issued. 

The first stage of activation is semantics checking. The add, del, set 

and save commands impact the network configuration. Once these 

commands are issued, semantics checking is conducted to ensure that 

the change is consistent with the remainder of the system. 

If the command passes semantics checking, it is executed. If it fails, 

the command is voided and has no impact. 

8 Type save, then press Enter. 

gated/rip#save 

The save command is used to permanently save the current 

configuration into NVRAM. 

9 Type end, then press Enter to leave configuration mode and 

return to the gated prompt. 

gated>config 

gated#rip 

gated/rip#set version 2 

gated/rip# activate 

gated/rip# save 

gated/rip# end 

gated> exit 

6000 switch> 

If end is used prior to the save command, the configuration is not 

stored in NVRAM. 

10 The display or di command can be used to view the current 

configuration. 

11 Type exit to exit GateD. 

198



Adding Interfaces 

The IP interfaces are configured with VLANs with the ifconfig 

command. GateD maintains a copy of the IF (interface) table, which 

is the GateD ifs component. A GateD interface is the connection 

between a router and one of its attached networks. 

The set scanInterval time is a global option that affects all interfaces. 

It sets the number of seconds indicating how often GateD checks the 

system for interface changes. The range is from 15 to 3600 seconds. 

The default is 60 seconds. 

gated>config 

gated#ifs 

gated/ifs#set scaninterval 75 

gated/ifs#if[172.16.3.1] 

gated/ifs/if[172.16.3.1]#di 

if[172.16.3.1] 

------------------------------------- 

ifIndex: 2 

state: UP 

transitions: 0 

mtu: 1436 

media:BCAST 

metric: 0 

mask: 255.255.240.0 

potocols: NONE 

preference: 0 

gated/ifs/if[172.16.3.1]# 

Adding Static Routes 

Static routes are used to manually configure entries into the routing 

table. A static route creates a path to an IP network not visible by the 

routing protocol. 

If the keyword default is used for the destination address, a default 

route is created. The default route is used whenever there is no 

specific route to a destination. The network IP address associated 

with the default route is 0.0.0.0/0. 

The maximum number of static routes is 1024. 

199



To add a static route 

1 At the gated> prompt type config, then press Enter to enter 

configuration mode. The prompt changes to gated#. 

gated>config 

gated# 

2 Type add static, then press Enter. 

gated#add static 

3 Type static, then press Enter to enter static component mode. 

gated/#static 

4 Type di to display the attributes required to configure the static 

route. 

gated/static#di 

static 

-------------------- 

default 

route[192.27.2.3/1] 

The interface and gateway need to be defined. 

5 Type add route [x.x.x.x/l], then press Enter. 

The x.x.x.x is the IP address of the route and /l (l for length) is the 

mask or prefix length of the netmask address. 

Note Always include the brackets when the add command is 

used to add an interface address. The brackets are not used 

with the set command. 

200



gated/static#add route 192.27.2.3/24 

gated> 

gated>config 


gated#static 

gated/static#add route [192.27.2.3/24] 

gated/static#di 

static 

-------------------- 

default 

route[192.27.2.3/1] 

gated/static# 

To add a default route 

1 Type add default, then press Enter at the prompt. 

gated/static#add default 

2 Type default, then press Enter at the prompt to configure the 

default component. 

gated/static/#default 

3 Type di to display the attributes required to configure the static 

route. 

gated/static/default#di 

if: 0.0.0.0 

gateway: 0.0.0.0 

pref: none 

type: 60 

The interface and gateway need to be defined. 

4 Type set if ip_address, then press Enter to set the interface. 

gated/static/default#set if 192.25.1.1 

Note The brackets are not used with the set command to configure 

IP addresses. 

5 Type set gateway ip_address, then press Enter to set the gateway 

address. 

gated/static/default#set gateway 192.255.25.0 

201



6 Type activate, then press Enter. 

gated/static/default#activate 

7 Type save, then press Enter to save the configuration in 

NVRAM. 

gated/static/default#save 

Note 

The switch supports up to 1024 static and dynamic routes. 

gated> 

gated>config 


gated#static 

gated/static#add default 

gated/static/#default 


if: 0.0.0.0 


pref: none 

type: 60 

gated/static/default#set if 192.25.1.1 

gated/static/default#set gateway 192.255.255.0 

gated/static/default#activate 

gated/static/default#save 


RIP selects the route with the lowest “hop count” (metric) as the best 

route. The hop count is the number of routers through which data 

must pass to reach its destination. RIP assumes that the best approach 

is the one that uses the fewest routes. 

RIP deletes routes from the routing table if the metric is greater than 

15 hops away. All routes through a gateway are also deleted if no 

updates are received by the gateway within a specified time period. 

Generally, RIP issues routing updates every 30 seconds. If a gateway 

does not issue routing updates within 180 seconds, all routes through 

that gateway are deleted from the routing table. 

RIP does not require a considerable amount of configuration. The 

basic RIP defaults should work for any system that is running RIP. 

202



To configure RIP 

1 Type config at the gated> prompt, then press Enter to enter 

configuration mode. The prompt changes from gated> to 

gated#. 

gated> config 

gated# 

2 Type add rip, then press Enter at the gated# prompt. 

gated# add rip 

gated# 

3 Type rip, then press Enter at the gated# prompt. The prompt 

changes to gated/rip#. 

gated# rip 

gated/rip# 

4 Add the interfaces used by RIP, where interfaces are always 

designated by if[x.x.x.x]. 

Note Always surround the interface address with square brackets 

([ ]) when using the add command. The switch supports 

128 interfaces. 

gated/rip# add if[172.18.4.101] 

5 Type the interface at the gated/rip# prompt to display or configure 

attributes for the selected interface. 

gated/rip# if[172.18.4.101] 

gated/rip/if[172.18.4.101]# 

6 Type di, then press Enter to display the attributes required to 

configure the RIP interface. 

gated/rip# if[172.18.4.101] di 

if[172.18.4.101] 

---------------------------------------- 

mode: 

both 

version: 1 

metricIn: 1 

metricOut: 0 

authType: none 

authKey: 

stats 

203



7 Set the RIP version number. Type set version or ver 1 or set 

version or ver 2 to specify the RIP packet version (RIP 1 or 

RIP 2) sent from the interface. The default is RIP 1. 

gated/rip/if[172.18.4.101]#set ver 2 

Note Incoming RIP packets from both versions are always 

accepted by the interface regardless of this setting. 


9 Type save, then press Enter to save the configuration in 

NVRAM. 

gated>config 

gated#add rip 

gated#rip 

gated/rip# add if[172.18.4.101] 

gated/rip# if[172.18.4.101] 

gated/rip/if[172.18.4.101]#set version 2 

gated/rip/if[172.18.4.101]#activate 

gated/rip/if[172.18.4.101]#save 

See Appendix B, GateD Reference, for more information on the RIP 

protocol configuration. 

OSPF Configuration 

OSPF is a protocol designed to be used inside Autonomous Systems. 

It is not designed to route between Autonomous Systems. OSPF is 

more complicated to configure than RIP. Before beginning the OSPF 

configuration, a network plan should be drawn to identify the 

topology of the network. 

204



Backbone 

0.0.0.0 

Ports 1-3 

Ports 9-11 

Ports12-13 

Ports 6-8 

Ports 14-15 

VLAN 1 

VLAN 2 

VLAN 3 

Router 1 (R1) 

OSPF ON 

Router 3 (R3) 

OSPF ON 

Area 0.0.0.2 

Router 2 (R2) 

OSPF ON 

Area 0.0.0.1 

192.21.2.1 

193.21.2.1 194.21.2.2 

IntelSwitch 

Subnet A 

HOST 1 

192.21.2.22 

Subnet B 

HOST 2 

Subnet C 

HOST 3 

193.21.2.22 194.21.2.22 

To configure OSPF 

1 Type config, then press Enter at the gated> prompt to enter 

configuration mode. The prompt changes from gated> to 

gated#. 

gated>config 

gated# 

2 Type set routerID x.x.x.x, then press Enter to set the routerID. 

The x.x.x.x is the IP address of the router. 

gated#set routerid 193.21.2.2 

The routerID is a 32-bit number assigned to each router running the 

OSPF protocol. The number uniquely identifies the router withn the 

autonomous system. 

3 Type add ospf, then press Enter at the gated# prompt. 

gated#add ospf 

4 Type ospf, then press Enter. 

205



The OSPF component is ready for configuration. 

gated#ospf 

gated/ospf# 

5 Type add area [x.x.x.x], then press Enter. 

Type the router ID of the Area Border Router 

gated/ospf#add area[0.0.0.2] 

Each OSPF router must be configured into at least one OSPF area. If 

more than one area is configured, at least one must be the backbone. 

Add an area number to set the areaID for the interface. 

6 Type area[x.x.x.x], then press Enter at the gated/ospf# prompt. 

The prompt changes to include the area. 

gated/ospf#area[0.0.0.2] 

gated/ospf/area[0.0.0.2]# 

7 Add the interfaces. The add if[x.x.x.x] command defines the 

interfaces used by OSPF. 

Note The switch supports up to 128 interfaces. The maximum 

number of interfaces within the same area is 32. 

gated/ospf/area[0.0.0.1]#add if[193.21.2.22] 

8 Type the interface address, then press Enter at the gated/ospf/ 

area[0.0.0.1]# prompt. The prompt changes to include the interface. 

gated/ospf/area[0.0.0.2]# 

gated/ospf/area[0.0.0.2]#if[193.21.2.22 

gated/ospf/area[0.0.0.2]/if[193.21.2.22# 


gated/ospf/area[0.0.0.2]/if[193.21.2.22#act 

10 Type save, and then press Enter to save the configuration in 

NVRAM. 

gated/ospf/area[0.0.0.2]/if[193.21.2.22#save 

206



gated>config 

gated#set routerid 193.21.2.2 


gated#ospf 


gated/ospf#area[0.0.0.2] 

gated/ospf/area[0.0.0.2]#add if[193.21.2.22] 

gated/ospf/area[0.0.0.2]#activate 

gated/ospf/area[0.0.0.2]#save 

Creating Virtual Links 

The OSPF protocol requires that all areas must be connected to the 

backbone. OSPF requires that every area connect to the backbone and 

that every area, including the backbone area, be contiguous. 

A virtual link is used to logically connect an area to the backbone, 

when it cannot physically connect to the backbone. The two end 

points of a virtual link are Area Border Routers (ABR). The virtual 

link must be configured for each ABR. 

To configure a virtual link 

• Add the area for each Area Board Router. 

• Add the Router ID of the Area Border Router connected to each 

area. 

• Add the backbone. 

• Set the transit area used to link the virtual link to the backbone. 

In the Virtual Link Topology example, Area 0.0.0.1 is connected to 

the backbone through ABR1. Area 0.0.0.2 needs to be connected 

through ABR1 to Area 0.0.0.1 to be connected to the backbone. 

207



ABR1 Router ID 1.0.0.1 

Vlan2 

PVID 2 

Ports 1-4 

172.20.3.101 

Vlan1 

PVID 1 

Ports 5-8 

172.18.3.101 

Backbone 

Area 0.0.0.0 

ABR2 

Router ID 1.0.0.2 

172.20.6.101 

Area 0.0.0.1 

Transit Area 

Area 0.0.0.2 

To create a virtual link for Area 0.0.0.2 through ABR1 

1 Type config, then press Enter at the gated> prompt to enter configuration 

mode. The prompt changes from gated> to gated#. 

gated>config 

gated# 

2 Type add ospf, then press Enter at the gated# prompt. 


3 Type ospf, then press Enter to configure the OSPF component. 

gated#ospf 

gated/ospf# 

4 Type add area [x.x.x.x], then press Enter to add area 0.0.0.1 to 

OSPF. 


5 Type add area[0.0.0.1]/if[172.20.3.101], then press Enter to 

add the IP address of the interface connected to the area. The 

interface in this example is the address for VLAN2. 

gated/ospf#add area[0.0.0.1]/if [172.20.3.101] 

208



6 Type add backbone, then press Enter to add the backbone 

area. 

gated/ospf#add backbone 

The backbone may only be configured with the keyword backbone. 

It may not be specified as area 0. 

7 Type add backbone/vlink [1.0.0.2], then press Enter to add the 

routerID of ABR2, which is one end of the virtual link. 

gated/ospf/backbone#add vlink [1.0.0.2] 

8 Type set backbone/vlink/transitarea 0.0.0.1 to add area 

0.0.0.1 as the transit area. 

The virtual link must be inside of the transit area. 

gated/ospf/#set backbone/vlink [1.0.0.1]/transitarea 0.0.0.1 



NVRAM. 

gated>config 


gated#ospf 

gated/ospf# 


gated/ospf#add area[0.0.0.1]/if [172.20.3.101] 


gated/ospf#add backbone/vlink [1.0.0.2] 

gated/ospf#set backbone/vlink[1.0.0.2]/transitarea 

0.0.0.1 

gated/ospf#activate 

gated/ospf#save 

Repeat this process on ABR2, which is the router at the other end of 

the virtual link. 

11 Type add backbone, then press Enter to add the backbone area. 


209



12 Type add backbone/vlink [1.0.0.1], then press Enter to add the 

routerID of ABR1. 

gated/ospf/backbone#add vlink [1.0.0.1] 

13 Type set backbone/vlink/transitarea 0.0.0.1, then press Enter 

to add area 0.0.0.1 as the transit area. 



NVRAM. 


gated/ospf#add backbone/vlink [1.0.0.2] 

gated/ospf#set backbone/vlink[1.0.0.2]/ 

transitarea 0.0.0.1 

gated/ospf#activate 

gated/ospf#save 

See Appendix B for more information about virtual links. 

210

$ 

Appendix A: 

Command 

Reference

A P P E N D I X A 

Command Reference 

This appendix is a reference for the command console interface. This 

interface allows you to control and configure your switch as well as to 

troubleshoot its installation. 

You can access the switch’s command-line interface directly from the 

serial or management port with a terminal or emulator (such as 

HyperTerminal* in Windows 95/98), or Telnet via PPP or SLIP protocol 

through one of the I/O ports. 


To access the interface via Telnet, use any standard Telnet application. 

To access the interface via a direct serial connection, plug in one end of 

a serial cable to the serial port on the switch control processor and the 

other end into a terminal or a computer installed with terminal emulation 

software. 

See Chapter 4 for more details about using these methods to access the 

command line interface. 

212



Conventions Used in this Section 

item | item 

vertical bars separate mutually exclusive items in 

a command line. 

[ item | item] 

square brackets enclose optional items. 

{item |... item} 

braces enclose mutually exclusive items, one of 

which is mandatory. 

Command Line Editing 

To make changes and correct mistakes before entering a command, use 

the following short-cut keys to edit the command line. 

^H (backspace) erases previous character 

^W erases previous word (up to space or start of line) 

^U erases entire line 

^C interrupts current command 

Non-printable characters are displayed as the percent sign (%). 

Use the exclamation point (!) as a shortcut to repeat previously entered 

commands. 

The following are the ! options: 

!! 

repeats the last command entered. 

! history_number 

repeats the command associated with the line number 

specified by history_number as reported by the history 

command. 

! string 

repeats the most recent command starting with the string 

or substring specified by string. 

213



Console Command Summaries 

The table below groups the commands by function. Note that some 

commands are privileged operations designed for switch administration 

only. Access to these commands is restricted and requires an 

administrator password. These commands are designated with a check 

mark (✓). 

Type Command Function 

Utility 

? 

Display 

batch 

clear 

help 

history 

kill 

ps 

di 

show 

Network Interface arp ✓ 

Displays a list of the 

switch commands. 

Downloads then 

executes the contents 

of the file as a list of 

console commands. 

✓ Clears various tables 

or counters. 

Displays the switch 

commands. 

Displays the contents 

of the command 

history buffer for the 

current session. 

✓ Ends a process. 

Displays the status of 

all currently active 

processes. 

Displays information 

about the switch. The 

same as the show 

command. 

Displays information 

about switch 

configuration and 

operation. 

Displays or modifies 

the contents of the 

Addressess 

Resolution Protocol 

(ARP) table. 

214




System 

Administration 

fdb 

gated 

ifconfig 

netstat 

ping 

route 

bootp 

date 

diag reset 

loaddefaults 

loadnv 

logout 

relay 

✓ 

✓ 

✓ 

✓ 

✓ 

Allows manual 

manipulation of 

forwarding database 

addressesses. 

Allows management 

of routing protocols. 

Controls a network 

interface. 

Displays specified 

network protocol 

statistics and routing 

information. 

Tests connectivity 

between the switch 

and another IP node. 

Manipulates 

information in the IP 

routing table. 

Tests BOOTP and 

RARP processing on 

the network. 

Displays or sets the 

switch’s clock/ 

calendar. 

✓ Resets the switch. 

✓ 

✓ 

✓ 

Reloads non-volatile 

RAM to the factory 

default settings. 

Restores non-volatile 

RAM configuration 

that was stored on a 

host system. 

Exits privileged 

command mode or 

console access. 

Transfers BOOTP 

messages between 

clients and servers. 

215




System 

Configuration 

savenv 

upgrade 

upgradelue 

upgradewp 

upgradeboot 

upgradee24 

upgradeegs 

acl 

disable 

enable 

igmpsnoop 

set 

vlan 

✓ 

✓ 

✓ 

✓ 

✓ 

✓ 

✓ 

✓ 

✓ 

✓ 

✓ 

Backs up system 

configuration stored 

in non-volatile RAM. 

Programs new system 

software image. 

Programs new lookup 

engine image. 

Programs new Web 

Server pages and 

images into flash 

memory. 

Programs a new boot 

image in flash 

memory. 

Programs a new 10/ 

100Base-TX module 

image into flash 

memory. 

Programs a new 

Gigabit Ethernet 

module image into 

flash memory. 

Controls flow of IP 

traffic with Access 

Control List of rules. 

Deactivates a 

configurable switch 

option. 

Activates a 

configurable switch 

option. 

Prevent flooding of 

IP multicast traffic. 

✓ Modifies switch 


✓ Sets up virtual LANs. 

216



Note 

Except for the upgrade commands, the syntax for the switch 

console commands may be abbreviated. The software recognizes 

a command when you type enough characters to uniquely 

identify the command. The abbreviations only apply to the 

commands and not any of the options. Options still need to be 

spelled out completely. 

217



? 

Command 

See also 

? help 

Description 

Displays a list of the switch’s commands and their command line syntax. 

Only those commands available for the current mode (privileged or nonprivileged) 

are displayed. 

Example for non-privileged mode 

6000 Switch>? 

Commands: 

-------------------------------------------- 

? Display this message 

acl Access-list configuration commands 

arp Examine the address resolution table 

date Display/set date 

di 

Display, use ’show help’ for more info 

disable Disable options 

enable Enable options 

gated Enter gated user interface 

help Display this message 

history Display command history 

ifconfig Configure a network interface 

igmpsnoop Configure IGMP Snooping 

logout Logout of privileged command mode or session 

netstat Display network protocol statistics 

ping Run icmp echo 

ps 

Display active processes 

set Set, use ’set help’ for more info 

show Display, use ’show help’ for more info 

vlan VLAN configuration commands 

Example for privileged mode 

6000 Switch>#>? 

Commands: 

-------------------------------------------- 

218




? 

acl 

arp 

batch 

bootp 

clear 

date 

di 

diag 

disable 

enable 

fdb 

gated 

help 

history 

ifconfig 

igmpsnoop 

kill 

loaddefaults 

loadnv 

logout 

ls 

netstat 

ping 

ps 

route 

savenv 

show 

upgrade 

upgradboot 

upgradee24 

upgradegs 

upgradelue 

upgradewp 

vlan 

Display this message 

Access-list configuration commands 

Examine the address resolution table 

Execute commands from RAM 

Send BOOTP/RARP requests 

Clear, use ’clear help’ for more info 

Display/set date 


Run diagnostic Menus 

Disable options 

Enable options 

Add/Delete/Lookup FDB entries 

Enter gated user interface 


Display command history 

Configure a network interface 

Configure IGMP Snooping 

Send a signal to a process 

Load factory defaults into NVRAM 

Load NVRAM from the network 

Log out of command mode or session 

Display Files 

Display network protocol statistics 

Run icmp echo 


Add/delete/display an ip route 

Upload NVRAM to the network 

Set, use ’set help’ for more info 


Download a new FLASH image and program it in 

Download a new boot image and program it in 

Download a new Ether FLASH image and program it in 

Download a new Gig FLASH image and program it in 

Download a new LUE FLASH image and program it in 

Download a new Web Page and FLASH it. 

VLAN configuration commands 

219



acl 

Command 

acl option 

Description 

An Access Control List (ACL) of rules is used to permit or deny the flow 

of IP traffic through the network. The rules are created based on source 

and destination IP addresses. 

The following are the acl options 

6000 Switch>#>acl ? 

Usage: acl add {permit | deny} 

acl modify {permit | deny} 

acl move to 

acl del { | all} 

acl print {rules | counters | all} 

Notes: 

A is a source IP address. 

A is a destination IP address. 

A is a wildcard mask for a range of source IP addresses. 

A is a wildcard mask for a range of destination IP addresses. 

Use ’host’ for a wildcard mask of 0.0.0.0. 

Use ’all’ for an address/mask pair of 0.0.0.0/255.25.255.255. 

A "permit all all" or a "deny all all" ends the list. 

An implicit "deny all all" is assumed in the absence of an end rule. 

Examples: 

acl add 4 permit 192.168.1.3 host 192.168.3.0 0.0.0.3 

acl add 5 deny all all 

acl modify 1 deny all 192.168.3.0 0.0.0.255 

acl move 2 to 4 

acl del 3 

acl add rule_number { permit | deny } source_address 

source_address_wildcard_mask destination_address 

destination_address_wildcard_mask 

This ACL command adds a rule at a specified position in the 

rule list. The position must be within the range of positions of 

the existing rules or after the last rule of the current list, so long 

as the last existing rule is not an end rule. All subsequent rules 

(starting from the requested position) are shifted one position 

towards the last rule. Also, use this command to overwrite an 

end rule with a new end rule. 

Example 

6000 Switch>#>acl add 1 permit all all 

6000 Switch>#>acl add 1 permit 192.168.1.2 host 192.168.3.2 host 

6000 Switch>#>acl add 2 permit 192.168.1.3 host 192.168.3.0 0.0.0.3 

6000 Switch>#>acl add 3 permit 192.168.1.4 host all 

6000 Switch>#>acl add 4 permit all 192.168.3.0 0.0.0.255 

6000 Switch>#>acl add 5 denyall all 

220



acl modify rule_number { permit | deny } source_address 

source_address_wildcard_mask destination_address 

destination_address_wildcard_mask 

permits modification of an existing rule at a specified position 

in the rule list. The position must be within the range of 

positions of the existing rules. This command does not allow a 

rule to be overwritten with an end rule unless the target rule is 

itself an end rule. 

Example 

6000 Switch>#>acl modify 4 permit 192.168.3.0 0.0.0.255 ALL 

6000 Switch>#>acl modify 5 permit all all 

acl move rule_nunber to rule_nunber 

permits moving an existing rule from its current position to a 

new position within the rule list. The positions must be within 

the range of positions of the existing rules. If an end rule exists 

in the ACL, the end rule cannot be moved. Any other rule 

cannot be moved to the end rule position. 

Examples 

6000 Switch>#>acl move 4 to 2 

6000 Switch>#>acl move 3 to 4 

acl del { rule_number | all } 

permits deletion of a rule at a specified position in the rule list 

or empties the rule list. The position must be within the range 

of positions of the existing rules when deleting a single rule. 

Example 

6000 Switch>#>acl del 1 

6000 Switch>#>acl del all 

221



acl print { rules | counters | all } 

displays the existing list of rules, counters or both. 

Example 

6000 Switch>#>acl print rules 

Rule Action IP SA Source wildcard IP DA Dest wildcard 


2 Permit 192.161.1.3 host 192.168.30 0.0.0.3 


4 Permit 192.168.2.0 0.0.0.255 ALL 

5 Permit 192.168.2.0 0.0.0.3 192.168.3.3 host 

6 Permit 192.168.2.0 0.0.0.255 192.168.1.4 host 


Total # of entries found in the ACL = 7 

Total # of implicit denials reported in the ACL = 0 

Total # of denials reported in the ACL = 0 

Example 

6000 Switch>#> acl print counters 

Rule Action Hits 

1 Permit 0000000000 

2 Permit 0000000000 

3 Permit 0000000000 

4 Permit 0000000000 

5 Permit 0000000000 

6 Permit 0000000000 

7 Deny 0000000000 

Example 

6000 Switch>#> acl print all 

Rule Action IP SA Source wildcard IP DA Dest wildcard 


1 Hits= 0000000000 

2 Permit 192.161.1.3 host 192.168.30 0.0.0.3 

2 Hits= 0000000000 


3 Hits= 0000000000 

4 Permit 192.168.2.0 0.0.0.255 ALL 

4 Hits= 0000000000 

5 Permit 192.168.2.0 0.0.0.3 192.168.3.3 host 

5 Hits= 0000000000 

6 Permit 192.168.2.0 0.0.0.255 192.168.1.4 host 

6 Hits= 0000000000 


7 Hits= 0000000000 

222



arp 

Command 

arp option 

Description 

Displays or modifies the contents of the switch’s Address Resolution 

Protocol (ARP) table. This table maps a host’s IP addresses to its 

associated network hardware addresses. The table is maintained 

automatically. 

The following are the arp options: 

arp 

displays arp options. 

Example 

6000 Switch>arp 

Usage: arp -a 

arp -d { hostname | ip_address } 

arp -s { hostname | ip_address } hardware_address 

arp -a 

displays the current contents of the switch’s ARP table. 

Available in non-privileged mode. 

Example 

6000 Switch>arp -a 

192.2.21.58 at 00:60:08:bf:4d:c9 

192.2.21.229 at 00:60:97:67:27:60 

arp -d { hostname | ip_address } 

privileged command that deletes the IP address specified by 

ip_address from the switch’s ARP table. The IP address must 

be in the standard four-part, decimal-separated format. If DNS 

is enabled, a host name can be substituted for the IP address. 

Example 

6000 Switch>arp -d 192.168.43.210 

arp -s { hostname | ip_address } hardware_address 

privileged command that adds the specified IP-to-hardware 

address mapping to the ARP table. The IP address must be in 

the standard four-part, decimal-separated format, and the 

hardware-addresses must be in colon-separated hexadecimal 

format using IEEE canonical order (see Examples). If DNS is 

enabled, a host name may be substituted for the IP address 

Example 

6000 Switch>arp -s 192.168.43.210 00:02:f4:01:23:45 

223



batch 

Command 

batch option 

See also 

set snmpmgr 

Description 

Allows the network manager to define standardized configuration 

information in a batch file on the server. Then with one command, the 

administrator can automate the configuration process. 

A batch file can contain any of the valid console commands and must 

have the word “end” as the final statement. 

The following are the batch options: 

batch 

displays batch help. 

Example 

6000 Switch>batch 

Usage: batch filename [server] 

batch filename [ server ] 

downloads the file specified by filename from a specific server, 

then executes the contents of the file as a list of console 

commands. The server parameter identifies the server’s IP 

address and must be in the standard four-part, decimalseparated 

format. If DNS is enabled, a host name is also valid. 

The batch file is transferred to the switch with TFTP. 

224



bootp 

Command 

bootp option 

See also 

relay. ifconfig, vlan 

Description 

A privileged command used to test BOOTP/RARP or DHCP client 

processing for a given interface. 

The following are the bootp options. 

bootp help 

displays help for the command. 

Example 

6000 Switch>#>bootp help 

Usage: bootp (Use BOOTP) 

bootp repeat (Use Repeated BOOTP) 

bootp dhcp (Use DHCP) 

bootp help 

bootp show 

bootp interface 

Note Only the interfaces that have been enabled for BOOTP respond 

to a BOOTP requests. The sw1 and et0 interfaces have 

BOOTP enabled by default. The IP address of the interface is 

not stored in NVRAM unless the response comes from Intel® 

Device View. Then the IP addresses are stored in NVRAM. 

Example 

6000 Switch>#>bootp sw2 

Starting BOOTP and RARP on interface sw2. 

Sending RARP request to sw2 with address 02:51:41:10:00:09 

Sending BOOTP request to sw2 with address 02:51:41:10:00:09 


















No BOOTP or RARP response received for sw2. 

225



bootp interface repeat 

configures an interface for Repeated BOOTP. Repeated 

BOOTP re-transmits the BOOTP request 10 times at the 

‘normal’ rate before backing off to a slower re-transmit 

interval. Repeated BOOTP never gives up. 

Example 

6000 Switch>#>bootp sw4 repeat 

(NO MESSAGE) 

bootp interface dhcp 

configures an interface for DHCP. The DHCP client uses 

several states for processing the protocol. The current state can 

be determined by running the show command listed below. 

Example 

6000 Switch>#>bootp sw5 dhcp 

(NO MESSAGE) 

If the interface has not been created, the message is 

"bootp_start: Could not find interface . 

Use the "vlan" commands or "ifconfig sw5 create" to create a VLAN interface. 

Aborting BOOTP and RARP." 

bootp show 

displays the current state of the BOOTP/DHCP client process. 

Example 

6000 Switch>#>bootp show 

numClients: 5 

type.00 

DHCP 

ifname.00 sw1 

DHCP state.00 SELECTING 

type.01 

ifname.01 

DHCP state.01 

DHCP 

sw4 

SELECTING 

type.02 

Repeated BOOTP 

ifname.02 sw3 

xmitCount.02 372 

type.03 

BOOTP 

ifname.03 sw2 

xmitCount.03 6 

type.04 

DHCP 

ifname.04 et0 

DHCP state.04 BOUND 

lease.server.ipAddr.0 172.21.3.4 

4 

lease.ourIpAddr.04 172.21.10.10 

lease.length.04 600 

lease.subnetMask.04 255.255.0.0 

lease.routers.04 172.21.3.4 

226



This example displays five interfaces that are being dynamically 

configured by the BOOTP client process. The first two – sw1 and sw4 – 

are running DHCP and are in the Selecting state (i.e., they have not 

contacted any DHCP servers). The third entry is running Repeated 

BOOTP and has transmitted a BOOTP request 372 times. The fourth 

entry is running BOOTP and has transmitted 6 requests. The fifth entry 

is running DHCP and is in the BOUND state (i.e., this interface has been 

configured successfully). 

227



clear 

Command 

clear option 

See also 

show fdb, show counters 

Description 

A privileged utility that allows the counters and forwarding database to 

be emptied. 

The following are the clear options: 

clear help 


Example 

6000 Switch>#>clear help 

Usage: clear counters 

clear fdb 

clear fdb 

clear fdb IP 

clear sysfails 

clear counters 

sets to zeros all the counters in the system. 

Example 

6000 Switch>clear counters 

(NO MESSAGE) 

clear fdb 

removes all entries from the forwarding database. 

Example 

6000 Switch>clear fdb 

(NO MESSAGE) 

clear fdb IP 

removes all IP switching entries from the forwarding database 

and lookup engine. 

Example 

6000 Switch>clear fdb IP 

(NO MESSAGE) 

clear fdb VID 

clears the forwarding database for a VLAN. Independent 

VLAN learning mode (IVL) must be set with the fdb mode ivl 

command. 

Example 

6000 Switch>clear fdb 5 

(NO MESSAGE) 

228



clear sysfails 

clears out error messages generated from the show sysfails 

commands. 

Example 



229



date 

Command 

date option 

Description 

Displays or sets the system’s clock/calendar. 

The following are the date options: 

date 

displays the current date information. 

Example 

6000 Switch>#>date help 

Usage: date Display date and time 

date mm/dd/yy hh:mm Set date and time(24hr mode) 

example: date 5/23/95 11:43 

date weekday mm/dd/yy hh:mm 

sets the calendar where weekday is the three-letter abbreviation 

for the day of the week; mm is the number of the month; dd is 

the two-digit date; yy is the last two digits of the year; hh is the 

hour; and mm is the minute. The clock is set for 24 hour mode. 

Example 

6000 Switch>date Tue 5/23/99 11:43 AM 

6000 Switch>date Tue 5/01/00 13:43 PM 

230



di 

Command 

di option 

See also 

show 

Description 

Displays information about the system in both privileged and nonprivileged 

mode. 

Example 

6000 Switch>#>di ? 

Commands 

------------------------------ 

show ? 

show community 

show counters 

show dns 

show fdb 

show help 

show hwversion 

show lastboot 

show link 

show memstats 

show microtime 

show port 

show portmirror 

show ppp 

show priority 

show snmpmgr 

show spantree 

show storm 

show sys 

show sysfails 

show syslog 

show temperature 

show treetype 

show version 


Display SNMP community table 

Display port counters 

Display DNS info 

Display Forwarding Database 


Display hardware revision info 

Display last boot time 

Display link mode of a port 

Display mbuf and malloc stats 

Display system clock 

Display port aggregation 

Display port mirroring parameters 

Display PPP info 

Display 801.D/Q priority information 

Display SNMP Manager addresses 

Display Spanning Tree info 

Display storm control info 

Display system configuration 

Display system failures 

Display syslog parameters 

Display temperature 

Display login timeout for Telnet session 

Display software version number 

Note 

di is functionally equivalent to the show command. See the 

show command for details about the options. 

231



diag reset 

Command 

diag reset 

Description 

A privileged command that resets the switch. The terminal returns to the 

power up diagnostics screen. 

Warning 

Only field support engineers should use the other diagnostic 

commands. 

232



disable 

Command 

disable option 

See also 

enable 

Description 

A privileged command that deactivates a configurable switch option and 

stores changes to the options in non-volatile memory. 

The following are the disable options: 

disable { ? | help } 

displays the list of disable options. 

Example 

6000 Switch>#>disable ? 

Commands: 

-------------------------------------------- 

? 

acl 

aging 

dns 

et0ipfwd 

help 

igmpsnoop 

port 

portmirror 

ppp 

slip 

spantree 

syslog 

telnetd 

web 


Disable ACL 

Disable FDB aging 

Disable DNS 

Disable IP forward to/from et0 

Disable this message 

Disable IGMP Snooping 

Disable a port 

Stop port mirroring 

Disable PPP 

Disable Serial Line IP (slip) 

Disable spanning tree 

Disable syslog 

Stop the Telnet daemon 

Stop the HTTP daemon 

disable acl 

disables access control lists. (See acl for details on the Access 

Control List commands.) 

Example 

6000 Switch>disable acl 

acl has been disabled 

disable aging 

disables aging of the forwarding database entries. Aging is 

enabled by default 

If Independent VLAN Learning (IVL) mode is set, the 

command is displayed as disable aging VID, where VID is a 

VLAN identifier. To set the mode to Independent VLAN 

Learning (IVL), type fdb mode ivl. 

233



Example 

6000 Switch>disable aging 

Aging disabled. 

disable dns 

terminates the use of the domain name server. 

Example 

6000 Switch>disable dns 

(NO MESSAGE) 

disable et0ipfwd 

disables IP forwarding to and from the management console 

port, identified as interface et0. 

Example 

6000 Switch>disable et0ipfwd 

IP Forwarding to/from et0 disabled 

disable igmpsnoop 

disables IGMP Snooping. IGMP Snooping is disabled by 

default. When disabled, all IGMP and IP multicast traffic 

floods within a given VLAN. 

Example 

6000 Switch>disable igmpsnoop 

igmpsnoop has been disabled. 

disable port portnum 

terminates usage of a port. 

Example 

6000 Switch>disable port 2 

(NO MESSAGE) 

disable portmirror 

terminates portmirroring. This option is disabled by default. 

See set portmirror sourceport port_number and set 

portmirror monitorport port_number commands 

Example 

6000 Switch>disable portmirror 

Portmirror has been disabled. 

disable ppp 

stops the current Point-to-Point Protocol (PPP) on the serial or 

management port on the front panel; the serial port can now be 

used for a direct-connect terminal console. PPP is disabled on 

the serial port by default. 

Example 

6000 Switch>disable ppp 

(NO MESSAGE) 

234



disable slip 

disables Serial Line IP (SLIP) control of the serial or 

management port on the front panel; the serial port can now be 

used for a direct-connect terminal console. SLIP is disabled on 

the serial port by default. 

Example 

6000 Switch>disable slip 

(NO MESSAGE) 

disable spantree 

deactivates the Spanning Tree Protocol. The protocol is 


Example 

6000 Switch>disable spantree 

Spanning Tree disabled. 

disable syslog 

disables output to the system log. The syslog command is 


Example 

6000 Switch>disable syslog 

(NO MESSAGE) 

disable telnetd 

disables the Telnet daemon; the switch refuses subsequent 

Telnet connection attempts. The Telnet daemon is enabled by 

default. 

Example 

6000 Switch>disable telnetd 

(NO MESSAGE) 

disable web 

privileged command disables the HTTP daemon. 

Example 

6000 Switch>disable web 

(NO MESSAGE) 

235



enable 

Command 

enable option 

See also 

disable 

Description 

A privileged command that activates a configurable switch option and 

stores changes to the options in non-volatile memory. 

The following are the enable options: 

enable { ? | help } 

displays the list of enable options. 

Example 

6000 Switch>#>enable ? 

Commands: 

-------------------------------------------- 

? 

acl 

aging 

dns 

et0ipfwd 

help 

igmpsnoop 

port 

portmirror 

ppp 

slip 

spantree 

syslog 

telnetd 

web 


Enable ACL 

Enable FDB aging 

Enable DNS 

Enable IP forward to/from et0 


Enable IGMP Snooping 

Enable a port 

Start port mirroring 

Enable PPP 

Enable Serial Line IP (slip) 

Enable spanning tree 

Enable syslog 

Start the Telnet daemon 

Start the HTTP daemon 

enable acl 

enables access control list. (See acl for details on the Access 

Control List commands.) 

Example 

6000 Switch>enable acl 

acl has been enabled. 

236



enable aging 

enables aging of the forwarding database entries. This option is 

enabled by default. See the set agingtime command to set the 

number of seconds for the age time. The default aging time is 

300 seconds. 

If Independent VLAN Learning (IVL) mode is set, the 

command is displayed as enable aging VID, where VID is a 

VLAN identifier. To set the mode to Independent VLAN 


Example 

6000 Switch>#>enable aging 

Aging enabled with an age time of 300 seconds. 

6000 Switch>#>fdb mode ivl 

6000 Switch>#>enable aging 

Aging enabled with an age time of 300 seconds. 

enable dns 

Privileged command that activates the use of the DNS domain 

name. (See set dns primary ip_address.) 

Example 

6000 Switch>set dns primary 192.2.2.122 

6000 Switch>enable dns 

enable et0ipfwd 

enables IP forwarding to/from the management console port, 

identified as interface et0. 

Example 

6000 Switch>enable et0ipfwd 

6000 Switch>IP Forwarding to/from et0 enabled 

enable igmpsnoop 

enables IGMP Snooping. IGMP Snooping is disabled by 

default. When disabled, all IGMP and IP multicast traffic 

floods within a given VLAN. 

Example 

6000 Switch>#>enable igmpsnoop 

Unable to enable IGMP Snooping: FDB is in SVL mode. 

6000 Switch>#>enable igmpsnoop 

igmpsnoop has been enabled 

237



enable port port_number 

any port can be configured as up (active and allowing data 

to pass) or down (inactive with no data transmission or 

reception). All ports are enabled by default. 

Example 

6000 Switch>enable port 8 

(NO MESSAGE) 

enable portmirror 

starts portmirroring. This option is disabled by default. See set 

portmirror sourceport port_number and set portmirror 

monitorport port_number commands 

Example 

6000 Switch>enable portmirror 

Portmirror has been enabled. 

enable ppp 

activates the Point-to-Point Protocol (PPP) control of the serial 

or management port on the CP for out-of-band management. 

PPP connections provide network access through the serial 

port. The command console is not available on the serial port 

while PPP is active; only Telnet control is available. This 

option is disabled by default. The serial interface using PPP is 

identified by the interface ppp0. 

Example 

6000 Switch>enable ppp 

Did you ifconfig ppp0 yet? y 

enable slip 

activates Serial Line IP (SLIP) control of the serial or 

management port on the CP for out-of-band management. 

SLIP connections provide network access through the serial 

port. The command console is not available on the serial port 

while SLIP is active; only Telnet control is available. This 

option is disabled by default. The serial interface using SLIP is 

identified by the interface sl0. 

Example 

6000 Switch>enable slip 

Did you ifconfig sl0 yet? y 

enable spantree 

activates the Spanning Tree Protocol. The Spanning Tree 

Protocol is disabled by default. 

Example 

6000 Switch>enable spantree 

Spanning tree enabled. 

238



enable syslog ip_address 

enables output to the system log. Syslog is disabled by default. 

Example 

6000 Switch>enable syslog 

(NO MESSAGE) 

enable telnetd 

enables the Telnet daemon, allowing the switch to accept 

Telnet connection attempts. This option is enabled by default. 

Example 

6000 Switch>enable telnetd 

(NO MESSAGE) 

enable web 

privileged command that enables the HTTP daemon. This 

option is enabled by default. 

Example 

6000 Switch>enable web 

{NO MESSAGE} 

239



fdb 

Command 

fdb option 

Description 

Privileged command that supports manual deletion, addition and lookup 

of MAC addresses. 

The following are the fdb command options: 

fdb { ? | help } 

lists the available fdb options. 

Example 

6000 Switch>fdb ? 

Usage: fdb add {VID} 

fdb del {VID} 

fdb lookup {VID} 

fdb mode {IVL | SVL} 

Note: format is aa:bb:cc:dd:ee:ff 

IVL is Independent VLAN Learning FDB mode 

SVL is Shared VLAN Learning FDB mode 

fdb add { VID } mac port 

Adds a MAC addresses to the FDB. If Independent VLAN 

(IVL) mode is set, then a MAC address can be added to a 

VLAN forwarding database. 

Example 

6000 Switch>#>fdb add 08:00:07:4e:56:70 3 

address 08:00:07:4e:56:70 added on port 3 

fdb del { VID } mac 

Deletes a MAC address from the forwarding database. If 

Independent VLAN Learning (IVL) mode is set, then a MAC 

address can be deleted from a VLAN forwarding database. 

Example 

6000 Switch>#>fdb del 08:00:07:4e:56:70 

address 08:00:07:4e:56:70 removed 

fdb lookup { VID } mac 

Look up a MAC address in the forwarding database.If 

Independent VLAN Learning (IVL) mode is set, then look up 

of a VLAN MAC address is available. 

Example 

6000 Switch>#>fdb lookup 08:00:07:4e:56:70 

08:00:07:4e:56:70 Found on Port 3 

240



fdb mode { ivl | svl } 

sets the mode of the forwarding database. IVL is Independent 

VLAN Learning mode. When in IVL mode, there is one 


SVL is Shared VLAN Learning mode. When in SVL mode, 

there is one forwarding database shared by all VLANs. 

Example 

6000 Switch>#>fdb mode svl 

fdb mode set to SVL (Shared VLAN Learning) 

6000 Switch>#>fdb mode ivl 

fdb mode set to IVL (Independent VLAN Learning) 

241



gated 

Command 

gated option 

The Gated Routing Daemon or GateD 1 is included with the switch to 

manage IP routing protocols. GateD is enabled by default. 

See Appendix B, GateD Reference, for a comprehensive list of all of 

the GateD commands. Privileged mode is required to configure 

GateD. 

Example 

6000 Switch>#>gated help 

available gated commands 

--------------------------- 

 

activate 

add 

alias 

act 

config 

delete 

display 

end 

exit 

help 

history 

restart 

save 

set 

- change to the subcomponent 

- activate new config 

- add a subcomponent 

- set up or display simple aliases 

- activate new config 

- enter gated config mode 

- delete a subcomponent 

- display content of attr or comp 

- end the config mode 

- exit from gated UI 

- help on cmd, comp, attr 

- show history of commands 

- restart gated with the current configuration 

- save the current config in NVRAM 

- set/reset/unset an attribute 

1.©1995, 1996, 1997, 1998 The Regents of the University of Michigan 

All Rights Reserved. 

Gate Daemon was originated and developed through release 3.0 

by Cornell University and its collaborators. 

242



help 

Command 

See also 

help ? 

Description 

Displays the switch commands. Typing an individual command with 

help displays the available options. Only those commands available for 

the current mode (privileged or non-privileged) are displayed 

Example 

6000 Switch>#>help 

Commands: 

-------------------------------------------- 


arp Examine the address resolution table 

batch Execute commands from ram 

bootp Send bootp/rarp requests 

clear Clear, use ‘clear help’ for more info 

date Display/set date 

di 

Display, use ‘show help’ for more info 

diag Run diagnostic menus 

disable Disable options 

enable Enable options 

fdb Add/Delete/Lookup FDB entries 

gated Enter gated user interface 

help Display this message 

history Display command history 

ifconfig Configure a network interface 

ls 

Display Files 

logout Logout of privileged command mode or Session 

netstat Display network protocol statistics 

ping Run icmp echo 

ps 


set Set, use ‘set help’ for more info 

show Display, use ‘show help’ for more info 

vlan VLAN configuration commands 

web Start the HTTP daemon 

Example 

6000 Switch>#>fdb help 

Usage: fdb add {VID} 

fdb del {VID} 

fdb lookup {VID} 

fdb mode {IVL | SVL} 

Note: format is aa:bb:cc:dd:ee:ff 

IVL is Independent VLAN Learning FDB mode 

SVL is Shared VLAN Learning FDB mode 

243



history 

Command 

history 

See also 

Command Line Editing 

Description 

Displays the contents of the command history buffer for the current 

session, identifying each command with a reference number. Use history 

command with the ! event identifier to shorten command-line entry. 

Example 

6000 Switch>#>history 

2 history 

3 ifconfig -a 

4 help 

5 set priv 

6 kill ? 

7 show ? 

8 show temperature 

9 show sysfails 

10 show sys 

11 show sys 

12 show lastboot 

13 clear ? 

14 di ? 

15 history 

244



ifconfig 

Command 

ifconfig option 

Description 

Controls a network interface. Enter all IP addresses and mask values in 

standard four-part, decimal-separated format (e.g.,192.2.2.1.). The 

values for interface include the following: 

et0 

sl0 

ppp0 

sw1- 

sw4093 

RJ-45 Ethernet/Fast Ethernet Connector on the active 

CP module. 

Serial interface using SLIP. 

Serial interface using PPP. 

In-band through the switched ports. sw_number 

interfaces are assigned for each VLAN configured to 

use IP. 

Note All ifconfig commands are privileged except ifconfig -a. 

The following are the ifconfig options: 

ifconfig 

displays ifconfig options. 

Example 

6000 Switch> ifconfig 

Usage: ifconfig -a 

ifconfig 

ifconfig up | down 

ifconfig {create | delete} 

ifconfig netmask 

ifconfig broadcast 

ifconfig netmask broadcast 

ifconfig netmask 

ifconfig broadcast 

ifconfig netmask broadcast 

ifconfig 

ifconfig -a 

displays all information about all network interfaces available. 

This includes the interface state, IP address, netmask, 

broadcast address, and counter values. 

245



Example 

6000 Switch>ifconfig -a 

et0: flags=8063 

inet 192.16.3.10 netmask 255.255.240.0 broadcast 192.16.15.255 

ether 02:51:41:17:00:00 

InPackets 1864 InErrors 0 OutPackets 1 OutErrors 0 

lo0: flags=8009 

inet 127.0.0.1 netmask 255.0.0.0 


ppp0: flags=8010 


sl0: flags=c010 


sw1 [VLAN 1]: flags=8063 


ether 02:51:41:17:00:08 




ether 02:51:41:17:00:09 




ether 02:51:41:17:00:0a 

InPackets 0 InErrors 0 OutPackets 1 OutErrors 



ether 02:51:41:17:00:0b 




ether 02:51:41:17:00:0c 




ether 02:51:41:17:00:0d 




ether 02:51:41:17:00:0e 




ether 02:51:41:17:00:0f 


ifconfig interface create | delete 

Creates a network interface without any IP addresses 

information assigned. The interface is assigned an sw_number 

only. The VLAN identified by the sw_number is created, but 

no ports are assigned. Use also to delete an interface. 

Example 

6000 Switch>#>ifconfig sw1 create 

246



ifconfig interface ip_address [ dest_address ] 

configures the specified IP address for the interface specified 

by interface. For the point-to-point SLIP or PPP interface, the 

destination address is specified by dest_address and is 

required. 

Example 

Setting the point-to-point addresses for the SLIP interface: 

6000 Switch>ifconfig sl0 192.2.2.131 192.2.2.132 

ifconfig interface { up | down } 

changes the state of the interface specified. If the state is up, 

the interface is enabled and can send and receive network 

traffic. If the state is down, the specified interface is disabled 

and will not send or receive network traffic. 

ifconfig interface [netmask netmask ] [broadcast broadcast_address ] 

sets the network address mask to netmask and the broadcast 

address to broadcast_address for the interface specified by 

interface. 

ifconfig interface ip_address netmask netmask broadcast 

broadcast_address 

changes all address information for the interface, setting the 

address to ip_address, and the network address mask to 

netmask, and the broadcast address to broadcast_address for 

the interface specified by interface. 

Example 

Setting a network address mask and a broadcast address for the switch. 

6000 Switch>ifconfig sw0 netmask 255.255.255.0 broadcast 192.2.2.255 

ifconfig ppp0 delete 

removes any IP address information from ppp0. The interface 

is marked as being down. 

ifconfig sl0 delete 

removes any IP address information from sl0. The interface is 

marked as being down. 

247



ifconfig et0 delete 

removes any IP address information from the management 

port, et0. The interface is marked as being down. 

Note 

ifconfig adjusts the network address mask and broadcast 

address according to the IP address specified. Therefore, you 

do not need to provide a mask or broadcast address when setting 

the IP address unless you are using subnetworks. If you 

are using subnetworks, you must set the network address mask 

and broadcast address at the same time or after changing the IP 

address. If ifconfig changes an existing IP address to a new IP 

address with a different network class, then you must set the 

network address mask after changing the IP address. 

248



igmpsnoop 

Command 

igmp options 

Description 

A privileged command used to reduce the flooding of IP multicast traffic. 

All configurations are saved in the NVRAM immediately. 

The following are the igmpsnoop options 

igmpsnoop help 

displays the command options. 

Example 

6000 Switch>#>igmpsnoop help 

Usage: igmpsnoop port{s} control mode {normal | fixed | forbid} VID 

 

igmpsnoop port{s} group { | all} mode {normal | fixed 

| forbid} VID 

igmpsnoop port {control | data} reset {VID | all} 

igmpsnoop {set | print} agetime {} 

igmpsnoop print {config} {VID | all} 

Notes: 

A is a list of port numbers such as 1 2 3 4. 

Use ’igmpsnoop {control | data} reset’ to reset ports on all slots to normal 

mode. 

Use ’igmpsnoop print {VID | all} for listing of active multicast groups. 

Examples: 

igmpsnoop port 5 control mode fixed VID 2 

igmpsnoop port 4 control mode normal VID 1 

igmpsnoop port 1 2 group all mode forbid VID 1 

igmpsnoop port 4 6 group 239.1.1.1 mode fixed VID 3 

igmpsnoop port data reset all 

igmpsnoop set agetime 500 

igmpsnoop print config VID 3 

igmpsnoop print alligmpsnoop port(s) port_list control mode { 

normal | fixed | forbid } VID ID 

used to manually configure a router port as a control port for 

IGMP Snooping. A control port can be set to one of three 

modes 

normal 

The default mode of a port is “normal.” When the control port 

is set to “normal” mode, the switch automatically determines if 

a port has a control element (i.e., switch with IGMP Snooping 

or router). 

fixed 

When auto discovery does not identify a router port, then it 

must be configured to the “fixed” mode. IGMP Snooping 

forwards host membership reports only on the router ports 

249



forbid 


igmpsnoop port(s) port_list group { ip_group | all } mode { normal | 

fixed | forbid } VID ID 

used to recognize interested member ports and creates a 

separate broadcast domain for each multicast group. 

Example 

6000 switch>#>igmpsnoop ports 1 2 3 group 239.147.6.99 mode fixed VID 1 

Port 1, 2, 3 are included as members of IP multicast group 

239.147.6.99 even when an IGMP membership report for the 

group has not been received on those ports. 

6000 switch>#>igmpsnoop ports 1 2 3 group all mode forbid VID 

If the forbid keyword is substituted in the above command, 

ports 1, 2, and 3 are excluded from IP multicast group even 

though the system has received an IGMP membership report 

for the same group from those ports. This is a security feature 

to disallow an end station from participating in a particular 

multicast session. Instead of a particular IP multicast group, 

the all keyword implies all IP multicast groups. 

igmpsnoop port { control | data } reset { VID ID | all } 

resets the ports to normal mode. 

Example 

To reset all control ports on VID 1 to normal mode. 

6000 switch>#>igmpsnoop port control reset VID 1 

To reset all data ports in the system (all VLANs) to normal mode. 

6000 switch>#>igmpsnoop port data reset all 

igmpsnoop { set | print } agetime { value (secs) } 

set or display the aging time used to specify the time 

acceptable (in seconds) between IGMP queries since the 

switch last received an IGMP query from the multicast server. 

the range is from 330 to 500 seconds. The default is 330 

seconds. 

Example 

Sets the agetime. 

6000 switch>#>igmpsnoop set agetime 350 

Displays the previous configured aging value. 

6000 switch>#>igmpsnoop print agetime 

250



igmpsnoop print { config } { VID ID | all } 

displays the port configuration either for an individual VLAN 

or for all of the ports. 

Example 

Displays the configuration for all ports on an individual VLAN 

6000 switch>#>igmpsnoop print config VID 1 

Displays the configured ports for all VLAN in the system. 

6000 switch>#>igmpsnoop print config all 

igmpsnoop print { all | VID ID } 

displays all VLANs that have active multicast sessions. 

Example 

The MAC address column displays the on-going multicast group(s) for 

the VLAN. The IP address column indicates that IGMP Snooping saw 

these two IP addresses mapped into the same MAC address. However, 

IGMP Snooping can not differentiate which port belongs to which IP 

multicast group. 

6000 switch>#>igmpsnoop print all 

VID MAC Address IP Address(es) Port(s) 

2 0x01-00-5e-13-06-63 239.147.6.99 1, 2, 6, 7 

225.19.6.99 

2 0x01-00-5e-00-00-01 239.0.0.1 1, 5 

5 0x01-00-5e-00-01-02 225.0.1.2 10, 15, 18, 20 

8 0x01-00-5e-00-05-03 238.0.5.3 54,67,72 

251



kill 

Command 

kill signal pid 

See also 

ps 

Description 

A privileged command used to kill processes. The following are the valid 

signals: 

1 equivalent to SIGHUP - hang-up a process 

2 equivalent to SIGINT - interrupts a process 

3 equivalent to SIGKILL - kills a process 

All signals terminate the specified process. 

Example 

6000 Switch>#>ps (displays the processes that are running) 

pid name Status wakeups stack usage wait address 

0 

1 

2 

3 

4 

5 

Kernel 

callout 

console 

telntd 

xsnmpd 

Telnet05 

Ready 

Sleeping 

Sleeping 

Running 

Running 

Running 

0 

21100 

2 

2 

2 

435 

1160 

704 

408 

368 

1104 

1240 

6000 Switch>#>kill 3 5 (kills pid number 5 the telnet process) 

0x800be300 

0x80148c10 

0x800fb3ae 

0x800faf38 

252



loaddefaults 

Command 

loaddefaults 

A privileged command that is used to reload non-volatile RAM to the 

factory default settings. This includes loading the default VLAN 


Warning 

This command takes effect immediately. To save new 

configuration information, use the savenv command 

prior to using loaddefaults. See the savenv command. 

Example 

6000 Switch>#>loaddefaults 

Do you really want to load the factory defaults? (y/n) 

y 

..........Loading Factory Defaults .......... 

253



loadnv 

Command 

loadnv 

See also 

savenv 

Description 

A privileged command that is used to restore the non-volatile RAM 

contents. The command checks that the version of the non-volatile RAM 

is the same as the version in the file before it restores the non-volatile 

RAM. 

The following is the loadnv option: 

loadnv [path] {ip_address_of_tftp_server | hostname_of_tftp_ server} 

Use the path argument only if you have saved the NVRAM file in a 

directory other than the TFTP server’s root directory. The filename on 

the server is the IP address of the switch in uppercase hex format, i.e., 

C0020201. 

Example 

6000 Switch>#>loadnv 192.2.21 

Using RAM address 80181638 

Loading C002023F to nvram 

/ 

done 

254



logout 

Command 

logout 

Description 

The logout command is used to return to non-privileged mode from 

privileged mode. A password is needed to activate another console or 

Telnet session. In non-privileged mode, type set priv to access a 

password prompt. 

Example 

PASSWORD: 




6000 Switch>#>logout 


255



ls 

Command 

ls 

Description 

Privileged command that displays all of the files associated with the Web 

Device Manager. 

Note The enable web command must be activated before the ls 

command displays the files. 

Example 

6000 Switch>#>ls 

ffileName = nvram.nvr, size = 2 

fileName = xint_msg.txt, size = 2381 

fileName = vlan.htm, size = 226 

fileName = arp.htm, size = 232 

fileName = contents.htm, size = 14192 

fileName = date_time.htm, size = 12071 

fileName = empty_foot.htm, size = 177 

256



netstat 

Command 

netstat option 

See also 

route 

Description 

Displays the specified network protocol statistics and routing 

information. 

The following are the netstat options: 

netstat [tcp | udp | ip | icmp | igmp | igmpsnoop | mbuf | tftp | routes] 

displays the list of currently active network connections. 

Example 

6000 Switch>netstat 

Active Internet connections (including servers) 

Proto Recv-Q Send-Q Local address Foreign address (state) 

tcp 0 3 192.2.2.222:23 192.2.2.211:1301 ESTABISHED 

tcp 0 0 *.:23 *.:0 LISTEN 

tcp 0 0 *.:80 *.:0 LISTEN 

utp 0 0 *.:161 *.:0 

utp 0 0 *.:1024 *.:0 

netstat tcp 

displays statistics for the Transmission Control Protocol. 

257



Example 

6000 Switch>netstat tcp 

tcp: 

845 data packets (37362 bytes) 

0 data packets (0 bytes) retransmitted 

17 ack-only packets (8 delayed) 

0 URG only packets 

0 window probe packets 

0 window update packets 

4 control packets 

1342 packets received 

853 acks (for 37370 bytes) 

4 duplicate acks 

0 acks for unsent data 

746 packets (869 bytes) received in-sequence 

0 completely duplicate packets (0 bytes) 

0 packets with some dup. data (0 bytes duped) 

0 out-of-order packets (0 bytes) 

0 packets (0 bytes) of data after window 

0 window probes 

0 window update packets 

0 packets received after close 

0 discarded for bad checksums 

0 discarded for bad header offset fields 

0 discarded because packet too short 

0 connection requests 

5 connection accepts 

5 connections established (including accepts) 

4 connections closed (including 0 drops) 

0 embryonic connections dropped 

847 segments updated rtt (of 848 attempts) 

0 retransmit timeouts 

0 connections dropped by rexmit timeout 

0 persist timeouts 

0 keepalive timeouts 

netstat udp 

displays statistics for the User Datagram Protocol. 

Example 

6000 Switch>netstat udp 

udp: 

0 incomplete headers 

0 bad data length fields 

13 bad checksums 

0 socket overflows 

0 no such ports 

netstat ip 

displays statistics for the Internet Protocol. 

Example 

6000 Switch>netstat ip 

ip: 

15535 total packets received 

1 bad header checksum 

0 with size smaller than minimum 

0 with data size < data length 

0 with header length < data size 

0 with data length < header length 

258



0 fragments received 

0 fragments dropped (dup or out of space) 

0 fragments dropped after timeout 

0 packets forwarded 

2527 packets not forwardable 

0 redirects sent 

netstat icmp 

displays statistics for the Internet Control Message Protocol. 

Example 

6000 Switch>netstat icmp 

icmp: 

0 calls to icmp_error 

0 errors not generated ‘cuz old message was icmp 

0 messages with bad code fields 

0 messages < minimum length 

0 bad checksums 

0 messages with bad length 

0 message responses generated 

netstat igmp 

displays counters for the Internet Group Management Protocol. 

Example 

6000 Switch>netstat igmpsnoop 

0 Messages received 

0 Messages received with too few bytes 

0 Members queries received 

0 Membership queries received with invalid field(s) 

0 Membership reports received 

0 Membership reports received with invalid fields(s) 

0 Membership reports received for groups to which we belong 

0 Membership reports sent 

netstat igmpsnoop 

displays IGMP Snooping statistics. 

Example 

6000 Switch>#>netstat igmpsnoop 

0 IGMP frames received 

0 membership queries received 

0 membership reports received 

0 membership leaves received 

0 membership queries dropped because port(s) in forbidden state 

0 membership reports dropped because port(s) in forbidden state 

0 membership leaves dropped because port(s) in forbidden state 

0 membership queries forwarded to VLAN ports 

0 membership reports forwarded to VLAN ports 

0 membership leaves forwarded to VLAN ports 

32 membership queries generated and sent 

44 membership queries dropped because VLAN interface(s) is not set 

0 membership reports dropped because VLAN interface(s) is not set 

0 membership leaves dropped because VLAN interface(s) is not set 

259



netstat mbuf 

displays how many memory buffers are in use. 

Example 

6000 Switch>netstat mbuf 

3 out of 384 mbufs in use 

3 mbufs allocated to protocol control blocks 

0/80 extended mbufs in use 

0 requests for memory denied 

0 requests for memory delayed 

0 call to protocol drain routines 

netstat tftp 

displays counters for the Trivial File Transfer Protocol. 

Example 

6000 Switch>netstat tftp 

tftp: 

tftp put stats: 

0 blocks rcvd 

0 puts finished OK 

tftp get stats: 

0 blocks_rcvds 

0 acks sent 

0 timeouts 

0 blocks out of sequence 

0 gets finished OK 

netstat routes 

displays the contents of the system’s routing table. 

Example 

6000 Switch>netstat routes 

Routing tables 

Internet: 

Destination Gateway Flags Refs Use Interface 

127.0.0.1 127.0.0.1 UH 0 0 lo0 

192.21 link# UC 0 0 sw0 

192.2.2.26 00:60:97:67:24:7F UHL 1 14928 sw0 

260



ping 

Command 

ping option 

See also 

ifconfig, route, netstat, vlan 

Description 

Tests connectivity between the switch and another node. Successful 

completion of a ping request indicates that the IP levels of each node are 

able to communicate with each other. This verifies correct operation of 

the network interface, interface address information, and any routing 

entries needed to get to the destination node. 

For each packet sent, ping prints a status message showing the size of the 

packet, its destination IP address, and a sequence number. When the 

specified number of packets have been sent (or when you stop ping with 

control-c [^C]), ping displays a summary of the results. 

The following are the ping options: 

ping [ help ] 

displays the command options. 

Example 

6000 Switch>#>ping help 

Usage: ping [-s] {ip_address | hostname} [size] [cnt] 

^C to stop pinger. 

ping ip_address | hostname 

sends one ICMP echo request packet to the node with the IP 

addresse specified by ip_address or hostname. A host name 

can be substituted for an IP address, if DNS is enabled. 

Example 

6000 Switch>ping 192.2.2.1 64 10 

PING 192.2.2.1: 64 data bytes 

72 bytes from 192.168.2.1: icmp_seq=0. 




----192.168.2.1 PING Statistics---- 

10 packets transmitted, 10 packets received, 0% packet loss 

ping -s ip_address | hostname 

continuously sends echo request packets at one second 

intervals. Enter a control-c (^C) to stop ping execution. A host 

name can be substituted for an IP address, if DNS is enabled. 

261



ping ip_address | hostname size 

changes the byte size, specified by size, of the echo request 

packet payload. The total packet size will be eight bytes larger 

than size. A host name can be substituted for an IP address, if 

DNS is enabled. 

ping ip_address | hostname size count 

specifies the number of packets to send. If count is used, then 

size must also be present. The -s option overrides the count 

parameter. A host name can be substituted for an IP address, if 

DNS is enabled. 

262



ps 

Command 

ps option 

Description 

Privileged command that displays the current status of all the active 

processes in the switch’s multitasking operating system. 

The following are the ps options: 

ps 

displays all process information. 

Example 

6000 Switch>#>ps 

pid name Status wakeups stack usage wait address 

0 

1 

2 

3 

4 

5 

Kernel 

callout 

console 

telntd 

xsnmpd 

Telnet05 

Ready 

Sleeping 

Sleeping 

Sleeping 

Sleeping 

Running 

0 

21100 

2 

2 

2 

435 

1160 

704 

408 

368 

1104 

1240 

0x800be300 

0x80148c10 

0x800fb3ae 

0x800faf38 

ps -s 

displays information about the stack space allocated to each 

process. 

Example 

6000 Switch>ps -s 

pid name status pgroup stack usage stack base size 

0 

1 

2 

3 

4 

5 

6 

Kernel 

callout 

Console 

telnet03 

httpd 

telnetd 

xsnmp 

Ready 

Sleeping 

Sleeping 

Sleeping 

Sleeping 

Sleeping 

Sleeping 

0 

0 

2 

3 

4 

5 

0 

1848 

1064 

656 

1568 

840 

644 

1320 

0x80fffff0 

0x80f813f0 

0x80f82bf0 

0x80f8a7f0 

0x80f84ff0 

0x80f863f0 

0x80f893f0 

4096 

5120 

6144 

5120 

6144 

5120 

12288 

263



ps -p 

displays extended process information. 

Example 

6000 Switch>ps -p 

pid name status pc pblk address current sp 

0 

1 

2 

3 

4 

5 

Kernel 

callout 

console 

telntd 

xsnmpd 

Telnet05 

Ready 

Sleeping 

Sleeping 

Sleeping 

Sleeping 

Running 

0x80000f24 

0x80000f24 

0x80000f24 

0x80000f24 

0x80000f24 

0x80000f24 

0x80119ee0 

0x8011a500 

0x8011ab20 

0x8011b140 

0x8011b760 

0x8011bd80 

0x801fff50 

0x801ff370 

0x801fe730 

0x801fcdc8 

0x801fcdc8 

0x801fc238 

ps -i 

displays information about signals pending, ignored, and 

blocked. 

Example 

6000 Switch>ps -i 

pid name pgroup pending ignored block 

0 

1 

2 

3 

4 

5 

Kernel 

callout 

console 

telntd 

xsnmpd 

Telnet05 

0 

0 

2 

3 

0 

5 

0x00000000 

0x00000000 

0x00000000 

0x00000000 

0x00000000 

0x00000000 

0xffffffff 

0xffffffff 

0xffffffff 

0xfffffffc 

0xffffffff 

0xffffffff 

0x00000000 

0x00000000 

0x00000000 

0x00000000 

0x00000000 

0x00000000 

264



relay 

Command 

relay option 

Description 

Privileged command that is used to transfer BOOTP messages between 

clients and servers. 

A BOOTP relay agent enables the switch to pass BOOTP and DHCP 

broadcast messages from one subnet to another. To support and use 

BOOTP and DHCP service across multiple subnets, routers connecting 

each subnet must comply with BOOTP relay agent capabilities described 

in RFC 1542. To be compliant with RFC 1542 and provide relay agent 

support, the switch must be able to recognize BOOTP and DHCP 

protocol messages and process (relay) them appropriately. Because 

DHCP uses the same message structure and the same UDP port numbers 

(ports 67 and 68) as BOOTP, routers intercept DHCP messages as 

BOOTP messages and act on them in the same way. 

The following are the relay options 

relay help 

displays command options. 

Example 

6000 Switch>#>relay 

Usage: 

relay ? 

relay help 

relay disable 

relay enable 

relay maxHops 

relay server {add | del} { | all} 

relay show 

Notes: 

is 1-16 with a default of 4. 

A maximum of 8 server may be ed. 

is only valid with . 

relay disable 

used to disable the relay agent. 

Example 

6000 Switch>#>relay disable 

relay has been disabled 

265



relay enable 

used to enable the relay agent. 

Example 

6000 Switch>#>relay enable 

relay has been enabled 

relay maxHops count 

used to specify the maximum number of hops (or routers) 

between the switch and the destination server. If the hops count 

of a BOOTREQUEST message is greater than the maxHops 

setting, the message is discarded. 

Example 

6000 Switch>#>relay maxHops 10 

relay server { add | del } { ip_address | all } 

used to add/delete the relay destination server IP address. Up to 

eight servers can be defined. 

Examples 

6000 Switch>#>relay server add 172.21.2.143 

6000 Switch>#>relay server del 172.21.2.143 

6000 Switch>#>relay server del all 

relay show 

displays the BOOTP Relay Agent configuration. 

Example 

6000 Switch>#>relay show 

BOOTP/DHCP Relay : Disabled 

Discard Threshold : 10 Hops 

Server List : 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

: 0.0.0.0 

The show sys command also displays whether the agent is enabled or 

disabled. 

266



route 

Command 

route option 

See also 

netstat 

Description: 

Privileged command that manipulates information in the IP routing table. 

The routing table specifies a path to network nodes not directly attached 

to the switch. 

route [ help | ? ] 


Example 

6000 Switch>#>route help 

Usage: route add 

route add netmask 

route add default 

route delete default 

route delete netmask 

route display 

route add destination netmask [ netmask ] gateway 

adds an IP route, where destination is the address of the remote 

host and gateway is the address of an intermediate host, a 

router, or a computer with routing capabilities. The 

intermediate host will be the first (and possibly only) step in 

forwarding packets sent from the switch to the remote host. 

Specify all IP addresses in standard four-part, decimalseparated 

format. 

It is possible to assign a generic route. This allows the switch 

to send packets destined to any node on the specified 

subnetwork through the given gateway. The destination 

parameter specifies the IP addresss, in dotted-decimal notation, 

of the subnetwork with the host portion of the address set to 0. 

The remaining parameters are the same as above. 

Example 

6000 Switch>#>route add 192.1.1.0 192.1.1.124 1 

(NO MESSAGE) 

route add destination netmask mask gateway 

adds a non-standard netmask address, where destination is the 

IP address of the remote host, and gateway is the address of an 

intermediate host, a router, or a computer with routing 

capabilities. 

Example 

6000 Switch>#>route add 198.139.158.55 netmask 255.255.255.224 

198.139.158.32 

(NO MESSAGE) 

267



route add default gateway 

adds a generic default route as the destination address when 

invoking the route command. The routing table lists the IP 

address of the default route as 0.0.0.0. 

Example 

6000 Switch>#>route add default 192.1.1.0 

(NO MESSAGE) 

route delete { destination | default } 

deletes a route. 

Example 

6000 Switch>#>route delete 192.1.1.0 

(NO MESSAGE) 

268



savenv 

Command 

savenv 

See also 

loadnv 

Description 

A privileged command that is used to back up the non-volatile RAM 


The following is the savenv option: 

savenv [ path ] ip_address_of_tftp_server | hostname_of_tftp_server 

Use the path argument only to save the NVRAM to a file in a directory 

other than the default directory “/tftpboot”. The file name is the IP 

address of the switch in uppercase hex format. 

Example 


Using remote filename = C002023F 

- 

done 


269



set 

Command 

set option 

See also 

show 

Description 

Privileged command that modifies the switch’s configuration options. 

The following are the set options: 

set { ? | help } 

displays the list of set options. 

Example 

6000 Switch>#>set help 

Commands: 

-------------------------------------------- 

set ? 

set agingtime 

set baud 

set community 

set dns 

set help 

set link 

set passwdbasic 

set passwdpriv 

set portmirror 

set ppp 

set priority 

set priv 

set privpasswd 

set prompt 

set snmpmgr 

set snmpSecurityLevel 

set spantree 

set storm 

set syslog 

set timeout 


Set FDB aging time 

Set baud rate 

Set SNMP community strings 

Set dns features 


Sets operating mode of a port 

Set a new basic user password 

Set a new privileged password 

set port mirroring parameters 

Set PPP options 

Set 802.1D/Q priority parameters 

Set priviledge mode for executing debug commands 

Set a new priv password 

Set prompt 

Set IP address of SNMP Managers 

Set security level of SNMP 

Sets Spanning Tree protocol 

Set broadcast/multicast storm control parameters 

Set syslog features 

Set login timeout for telnet session 

set agingtime { VID } time 

non-privileged command that changes the forwarding database 

aging time to the number of seconds specified by value (10 to 

32,767 seconds). The current aging time value can be seen 

through the show fdb or show sys command. If Independent 

VLAN Learning (IVL) mode is set, the command is displayed 

as set agingtime VID time, where VID is a VLAN identifier. 

To set the mode to Independent VLAN Learning (IVL), type 

fdb mode ivl. 

270



Example 

6000 Switch>set agingtime 300 

(NO MESSAGE) 

set baud [600 | 1200 | 2400 | 4800 | 9600 | 19200 | 38400] 

changes the serial port’s baud rate to the given baud rate. 

Example 

6000 Switch>set baud 9600 

System RS-232 baud rate set 

set community community_number string [get] [set] [trap] 

sets the SNMP community string for read-write access to the 

SNMP MIBs. 

Community 

Number 

Community 

String 

Example 

6000 Switch>#>set community 2 private get set trap 

Permissions 

1 Public GET 

2 Private SET 

3 Trap GET, SET 

set dns 

privileged command that sets dns features. 

set dns domain domain_name 

sets the DNS default domain. The switch supports a default 

domain name of up to 64 characters. To clear the DNS default 

domain, use the command without the domain_name. 

Example 

6000 Switch>set dns domain xyz.com 

set dns primary ip_address 

sets the IP address of the primary DNS server. Must be set 

before you can execute the enable DNS command. To clear the 

DNS primary server, use the set dns primary command 

without the IP address of the server. 

Example 

6000 Switch>set dns primary 192.2.2.150 

271



set dns backup ip_address 

sets a backup DNS server if the primary DNS server is 

unavailable. It is optional to set a backup DNS server. 

Example 

6000 Switch>set dns backup 192.2.2.111 

To clear the backup DNS server, use the set dns command 

without the IP address of the backup server. 

Example 

6000 Switch>set dns backup 

set link 

sets the operating mode of a port. 

set link port_number [autoneg | noautoneg] 

enables or disables auto-negotiation from a Gigabit Ethernet 

port. Auto-negotiation is on by default. 

set link port_number {[autoneg | noautoneg] [100 | 10 ] 

[full | half ] defaults]} 

sets the speed and duplex of the ports on the 10/100 module. 

The link configuration is stored in non-volatile memory. (See 

show link to display the current state of the link.) 

The port_number is one of the 24 ports on the module and 

options are one of the following: 

default restores autonegotiation. 

100 sets port to 100Mb half-duplex mode. 

10 sets port to 10Mb half-duplex mode. 

Full sets port to full-duplex mode. 

Half sets port to half-duplex mode. 

Example 

6000 Switch>set link 6 defaults 

set link port { port | active | passive | aggregate | individual | 

agg_default } 

configures the state of media ports for link aggregation. 

set link port port_number 

Sets the aggregator port number for a media port. 

Example 

6000 Switch>set link 5 port 5 



272



Select from the following parameters: 

set link port port_number { active | passive } 

link aggregation between switches requires that at least one of 

the aggregated ports, on either switch, be set to “active” mode. 

The ports on the 6000 switch are set to passive mode by 

default. Passive mode means that the port does not initiate a 

control frame. It responds to control frames, but it does not 

send out any. Active mode, automatically sends control frames. 

To set a port to active mode, type set link media_ port port 

aggregated_port active. 

Example 

The example below creates an aggregator group 3 on Switch A linking 

media ports 3, 4, and 5 and sets the mode to active. 

6000 Switch>set link 3 port 3 active 



set link port port_number aggregate 

used to reset a port that was restricted from being part of an 

aggregator link with the “individual” mode setting. The port is 

then able to be part of an aggregation link. 

set link port port_number individual 

ports set to individual mode cannot be part of an aggregation 

link. 

set link port { port_number | all } agg_default 

returns a port or all aggregator links to their default aggregator 

setting. 

set passwdbasic 

changes the switch’s access password. This password is 

requested when the serial console is first connected or when a 

new Telnet connection is accepted. When you change the 

password, you are asked to enter the current password and the 

new password, then to re-enter the new password to validate it. 

The password must be 10 characters or less. 

Example 

6000 Switch>set passwdbasic 





273



set passwdpriv 

changes the privileged password. The system requests the 

privileged password upon execution of the set priv command. 

When changing the password, you are asked to enter the 

current password and the new password, then to re-enter the 

new password to validate it. The password must be 10 

characters or less. 

Example 

6000 Switch>#>set passwdpriv help 

ENTER OLD PRIV PASSWORD: 

ENTER NEW PRIV PASSWORD: 

RETYPE NEW PRIV PASSWORD: 

PRIV PASSWORD CHANGED. 

set ppp [log | nolog | negip | nonegip] 

enables or disables logging of Point-to-Point (PPP) packets 

sent or received. The negip and nonegip command allows or 

refuses IP addresses proposed by the peer. 

Example 

6000 Switch>set ppp log 

(NO MESSAGE) 

set portmirror monitorport port_number. 

sets the port that a protocol analyzer may be attached to 

analyze the traffic transmitted from a source port. Port 

mirroring must be disabled prior to setting the source port. 

In order to ensure that all frames received by the source port 

are transmitted to the destination or monitor port, the monitor 

port automatically receives traffic from all VLANs of which 

the source port is a member. 

Example 

6000 Switch>#>set portmirror help 

Usage: set portmirror sourceport 

set portmirror monitorport 

To start port mirroring use the "enable portmirror" command 

Example 

6000 Switch>set portmirror monitorport 3 

(NO MESSAGES DISPLAYED) 

set portmirror sourceport port_number 

sets the source mirrored port for port mirroring. Port mirroring 

must be disabled prior to setting the source port. 

Example 

6000 Switch>set portmirror sourceport 5 

(NO MESSAGES DISPLAYED) 

274



set priv 

non-privileged command that allows access to privileged 

commands. Use of this command requires you to type the 

privileged password. Use logout to quit privileged mode. 

Example 




set priority port(s) { all | port_list } default 

resets a port or all of the ports to their factory default settings. 

Example 


set priority port(s) { all | port_list } pri 

Example 


set priority port{s} { all | port list } { trusted | untrusted } 

Trusted and untrusted 802.1Q tag modes are used for enhanced 


Each port in the system has a trusted or untrusted mode for the 

VID of a tagged frame. In trusted priority mode, the priority of 

a tagged frame is always used. In untrusted priority mode, the 

default port priority is used even if the frame is tagged. 

Example 

6000 Switch>#>set priority ports 8 10 trusted 

6000 Switch>#>set priority ports 3 4 untrusted 

set prompt [ -d ] promptstring 

privileged command that changes the command console 

prompt to the string specified by promptstring. If the -d option 

is included, then the prompt becomes the default prompt for all 

future console sessions. Prompt settings are not stored in nonvolatile 

memory, so must be reset each time the system 

restarts. 

Example 

6000 Switch> set prompt -d newname 

newname> 

set snmpmgr host_ip_address community_number [ index ] 

privileged command that sets the IP addresses of an SNMP 

manager. The switch’s SNMP agent notifies up to eight 

different SNMP managers with SNMP trap messages. The IP 

address of a management node or host is entered as 

host_ip_address. If index is a value from 1 through 8, then 

index is taken as an index into a table of manager addresses and 

replaces the specified entry with the new addresses. The 

275



default value for index is 1. If you want to delete an entry, use 

the IP address of 0.0.0.0. and include the index number. 

Only SNMP management stations whose IP address has been 

listed with the 6000 Switch SNMP agent are able to set SNMP 

values. Other SNMP stations are limited to read-only access. 

Example 


set snmpSecurityLevel 

controls SNMP security levels on the switch. The default 

setting is 2, which allows stations in the host table to have 

write access. 

Level 

Behavior 

1 does not verify host in community. 

Anyone can configure the switch if 

they know the community string. 

2 verifies host in community for write 


3 verifies host in community for read 

and write privileges. 

Note 

Only stations in the host table are able to view and configure 

the switch in Intel Device View. Changing the default 

security level prevents other stations from being viewed by 


Example 

6000 Switch>#>set snmpSecurityLevel 3 

set spantree 

privileged command that changes the Spanning Tree protocol 

parameters. 

Example 

6000 Switch>#>set spantree help 

Usage: set spantree type 

set spantree priority 

set spantree portcost {auto | } 

set spantree portpri 

set spantree rapid 

set spantree portquick 

set spantree defaults 

set spantree type 

276



set spantree portcost port_number { auto | cost_value }VID 

changes the Spanning Tree bridge port cost associated with the 

port specified by port_number to the value specified by cost. If 

Independent VLAN Learning (IVL) mode is set, the command 

is displayed as set spantree rapid { on | off } VID, where VID 

is a VLAN identifier. To set the mode to Independent VLAN 


Example 

To set the port cost for Gigabit Ethernet port 3: 

6000 Switch>#>set spantree portcost 3 10 

set spantree portpri port_number value VID 

sets the bridge port priority to the value specified by value for 

the Spanning Tree Protocol. If Independent VLAN Learning 

(IVL) mode is set, the command displays as set spantree 

rapid { on | off } VID, where VID is a VLAN identifier. To set 

the mode to Independent VLAN Learning (IVL), type fdb 

mode ivl. 

Example 

The following command line, sets the priority of port 3 to 1: 


set spantree rapid { on | off } VID 

Rapid reconfiguration quickly designates a new root port for a 

root port that is on a failed path. If Independent VLAN 

Learning (IVL) mode is set, the command displays as set 

spantree rapid { on | off } VID, where VID is a VLAN 

identifier. To set the mode to Independent VLAN Learning 

(IVL), type fdb mode ivl. 

If rapid reconfiguration is set for an STP domain, it cannot be 

turned on for a PVSTP domain. 

Example 

6000 Switch>set spantree rapid on 1 

(NO MESSAGE) 

277



set spantree portquick port_number { on | off } VID 

sets or disables rapid port activation. Use rapid port activation 

only when connecting a single end station to a switch port. If a 

port is connected with rapid port activation to a port on another 

switch or router, network loops may occur. If Independent 

VLAN Learning (IVL) mode is set, the command displays as 

set spantree rapid { on | off } VID, where VID is a VLAN 

identifier. To set the mode to Independent VLAN Learning 

(IVL), type fdb mode ivl. 

Example 

6000 Switch>set spantree portquick 1 

(NO MESSAGE) 

set spantree defaults 

all ports and bridge values are set to the default values. 

Example 

6000 Switch>set spantree defaults 

(NO MESSAGE) 

set spantree type { stp | pvstp } 

select to configure 802.1d Spanning Tree (stp) or a separate 

Spanning Tree for each VLAN (pvstp). 

Example 

6000 Switch>set spantree type stp 

(NO MESSAGE) 

set storm 

privileged command to limit the amount of broadcast and 

multicast frames traffic that a port is allowed to receive and 

forward. 

Example 

6000 Switch>#>set storm help 

Usage: set storm bthreshold 

set storm bdiscard 

Usage: set storm mthreshold 

set storm mdiscard 

To resume receiving on a port that is discarding: 

set storm nodiscard 

set storm bthreshold percentage { all | port_number } 

sets the parameters for broadcast storm control. The default 

broadcast threshold is 100 percent, which disables storm 

control. 

Example 

6000 Switch>set storm bthreshold 90 3 

278



set storm bdiscard seconds { all | port_number } 

sets the broadcast discard duration. The discard duration range 


Example 

6000 Switch>set storm bdiscard 4 3 

set storm mthreshold percentage { all | port_number } 

sets the parameters for multicast storm control. The default 

multicast threshold is 100 percent, which disables storm 

control. 

Example 

6000 Switch>set storm mthreshold 95 3 

set storm mdiscard seconds { all | port_number } 

sets the multicast discard duration. The discard duration range 


Example 


set storm nodiscard { all | port_list } 

resumes receiving on a port that is discarding. The discard 

duration range is zero (0) to 256 seconds.The default is 5 

seconds. 

Example 


The following message is displayed: 

Port 1 will be disabled when broadcast load reaches threshold. User interaction 

is required to remove the port from discarding state. 

set syslog 

The syslog feature records such events as logins, configuration 

changes and error messages that occur on the switch. If an 

error condition occurs, the switch attempts to write an entry to 

the system log. The log information is sent to a syslog service 

on a remote host. All of the syslog command settings and log 

entries are held in non-volatile RAM. 

Example 

6000 Switch>#>set syslog help 

Usage: set syslog host {ip_address | hostname} 

set syslog {lcmds | nolcmds} 

set syslog {lout | nolout} 

set syslog facility 

can be auth, authpriv, cron. daemon, kern, lpr, mail, 

news, syslog, user, uucp, or local0 through local7. 

Default is local0. 

279



set syslog host [ ip_address | hostname ] 

privileged command that sets the address of the syslog daemon 

host. 

Example 

6000 Switch>set syslog 192.2.2.143 

set syslog facility facility_type 

offers the ability to change the facility level to where the syslog 

messages are sent. While the priority of a syslog message 

determines the level of severity, the facility level describes 

who the message came from. The table below lists the facility 

types. 

Facility Types 

auth 

authpriv 

cron 

daemon 

kern 

lpr 

mail 

news 

syslog 

user 

uucp 

local0 through local7 

Description 

The authorization system 

Same as auth. Messages are logged to a 

file with restricted read rights. 

Unix clock daemon that executes 

commands at specified dates and times. 

System daemons. 

Messages generated by the kernel. 

The line printer spooling system. 

The mail system. 

Reserved for the USENET network 

news system. 

Messages generated internally by 

syslog. 

Messages generated by user processes. 

Reserved for the UUP system. It 

currently does not use the syslog 

mechanism. 

Reserved for local use. The default 

facility level for the switch is local0. 

set syslog lcmds 

enables syslog to log all commands that are entered. 

280



Example 

6000 Switch>set syslog lcmds 

(NO MESSAGE) 

set syslog nolcmds 

disables the syslog from logging all commands. 

Example 

6000 Switch>set syslog nolout 

(NO MESSAGE) 

set syslog lout 

enables the syslog to log all output from the 6000 Switch 

console. 

Example 

6000 Switch>set syslog lout 

(NO MESSAGE) 

set syslog nolout 

disables the syslog from logging all output from the 6000 

Switch console. 

Example 

6000 Switch>set syslog nolout 

(NO MESSAGE) 

set timeout 

privileged command that sets login timeout for Telnet session. 

The range is from two to thirty minutes. 

Example 

6000 Switch>#>set timeout 

Usage:set timeout current . 

set timeout default . 

Login timeout range is 2..30 minutes 

set timeout current value 

changes the current timeout interval for a Telnet session. The 

range is from two to 30 minutes. 

Example 

6000 Switch>#>set timeout current 15 

(NO MESSAGE) 

set timeout default value 

sets the default time-out interval, The range is from two to 

thirty minutes. 

Example 

6000 Switch>#>set timeout default15 

(NO MESSAGE) 

281



show 

Command 

show option 

See also 

set 

Description 

The show command displays information about the switch configuration 

and operation. Most of these commands are only useful in diagnostic 

situations. 

Note show is functionally the same as the di command. 

The following are the show options: 

show { ? | help } 

lists the various show options available. 

EXAMPLE 

6000 Switch>#>show ? 

Commands: 

show ? 


show counters 

show dns 

show fdb 

show help 


show lastboot 

show link 

show memstats 


show port 

show portinfo 


show ppp 

show priority 

show snmpmgr 

show snmpSecurityLevel 

show spantree 

show sprom 

show storm 

show sys 

show sysfails 

show syslog 


show treetype 

show timeout 

show version 


Display SNMP community table 

Display Sweet counters 

Display DNS info 

Display Forwarding Database 


Display Hardware Version info 

Display last boot time 

Display link mode of a port 

Display mbuf and malloc stats 

Display system clock 

Show port aggregation 

Displays Spanning Tree port info 

Displays port mirroring parameters 

Display PPP info 

Displays 802.1D/Q priority information 

Display SNMP Manager addresses 

Display secuirty level of SNMP 

Display Spanning Tree info 

Display serial eeprom 

Display storm control information 

Display system configuration 

Display system failures 

Display syslog parameters 

Display temperature 

Display Spanning Tree Type 

Display login timeout for Telnet session 

Display Software Version Number 

282




privileged command that displays the SNMP community string 

for all access types to the SNMP MIBs. 

Example 

6000 Switch>#>show community 

Community Table: 

Community 1: 

public 

Permissions: GET|---|---- 

Community 2: 

private 

Permissions: ---|SET|---- 

Community 3: 

trap 

Permissions: GET|SET|---- 

show counters {physical} { all | port1 {port2 ...} | {et0}} 

displays counter values for the port specified by port_number. 

Example 

6000 Switch>show counters all 

TX multicast packets ok 

TX broadcast packets ok 

TX unicast packets ok 

RX multicast packets ok 

RX broadcast packets ok 

RX unicast packets ok 

TX packets bad 

TX packets deferred 

late collision packets 

excessive collisions 

carrier sense errors 

SQEs 

RX alignment error 

RX packet too long 

RX CRC errors 

frames w/1 collision 

more than 1 collision 

RX byte count 

TX byte count 

PORT 

00 01 02 03 04 

0000000000 

0000000001 

0000000000 

0000000000 

0000000000 

0001698952 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000022656 

0000000000 

0000000000 

0000000001 

0001350369 

0000000000 

0000000000 

0001699160 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

13446535840 

0000000000 

0000000000 

0000000001 

0001350330 

0000000000 

0000000000 

0001699160 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

1344540569 

0000000000 

0000000000 

0000000001 

0001312196 

0000000000 

0000000000 

0001659939 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

1314363349 

0000000000 

0000000000 

0000000001 

0001311627 

0000000000 

0000000000 

0001660738 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

0000000000 

1313921286 

0000000000 

show dns 

Display the current Domain Name Service settings. 

Example 

6000 Switch>show dns 

DNS 

: Enabled 

DNS Domain Name: xyz.com 

DNS Primary Server: 192.2.2.122 

DNS Backup Server: 192.2.2.111 

283



show fdb option 

displays the current contents of the forwarding database. 

Example 

6000 Switch>show fdb 

FDB aging time 300 seconds, Aging is Enabled. 

MAC addresses Port Network 

00:00:00:00:00:03 

00:a0:24:d7:e0:24 

00:a0:24:e0:22:74 

00:a0:24:e0:2c:ae 

00:a0:24:e0:36:30 

00:a0:24:e0:36:bb 

---- 3 

---- 3 

---- 3 

---- 3 

---- 3 

---- 3 

there were 6 entries found 

show fdb [ entry_count ] 

displays no more than the number of addressesses specified by 

entry-count. The default is the first 200 or less addressesses. 

show fdb all 

displays all the addressesses in the database. The maximum 

number that can be stored is 55,000. 

show fdb tally 

displays the number of addressesses stored for each port. 

show fdb IP [tally] 

displays the number of addressesses 

show fdb VID 

Individual VLAN Learning (IVL) mode must be activiated 

with the fdb mode ivl command to display the VLAN 

information. 

6000 Switch>#>show fdb 

FDB mode is indepedent (IVL) 

GIG LEARNED 

GIG LEARNED 

GIG LEARNED 

GIG LEARNED 

GIG LEARNED 

GIG LEARNED 

FDB for VLAN 1, FDB age time 10 seconds, aging is enabled 

VID MAC Address Port Network 

1 00:00:00:00:01:01 ---- 1 GIG LEARNED 

1 00:00:00:00:01:02 ---- 2 GIG LEARNED 

FDB for VLAN 1: there were 2 entries found 

FDB for VLAN 2, FDB age time 300 seconds, aging is enabled 

284




2 00:00:00:00:01:01 ---- 3 GIG LEARNED 


FDB for VLAN 3, FDB age time 10 seconds, aging is disabled 


3 00:00:00:00:03:03 ---- 4 GIG LEARNED 



displays the hardware version information. 

Example 

6000 Switch>show hwversion 

CP/CARRIER BOARD REVISIONS: 

CP Location 

Carrier Status 

CP A inserted 

CP B inserted 

CP A running 

CP B running 

8051 Microcontroller Revision 

Xilinx CP Control Revision 

Xilinx Carrier Revision 

Scontroller Revision 

BCT Revision 

LUE 3 parser/resolver 

LUE 3 editor 

LUE 3 memsize 

LUE 3 type 

LUE 4 parser/resolver 

:Slot A/Primary 

:Ready 

:Yes 

:No 

:Yes 

:No 

:3 

:c 

:a 

:2 

:1f 

:c 

:ed11 

:128K 

:LUE2P1E, LXA Interface 

:c 

show lastboot 

displays the date and time the system was restarted. 

Example 

6000 Switch>show lastboot 

BOOTED: Wed 3/13/00 04:18 

285



show link { port_number | all } 

displays the basic media configuration for the port number 

designated by port_number or for all ports. 

Example 

6000 Switch>#>show link 18 

Port 18 (10/100) Autonegotiation is enabled. Speed=10Mb Duplex=half. Link is UP. 

Link Partner NOT autoneg capable 

Local Advert: 100BX Full Duplex | 100BX | 10 BT Full Duplex | 10BT 

6000 Switch>#>show link 1 

Port 1 (Switched Gbe) Autonegotiation is enabled. Link is UP. 

Local Advert: No tx flow control. Obeys flow control. Duplex=full. 

Remote Advert: No tx flow control. Does NOT obey flow control. 

Duplex=full. 

show link agg { port_number | all } 

displays the current state of the port link specified by all for all 

ports or a selected port number designated by port_number. 

This command is available in both privileged and nonprivileged 

mode. These are the configuration parameters that 

are stored in NVRAM via the set link command. The table of 

aggregator parameters is displayed followed by the table of 

media port parameters. 

Example 

6000 Switch>#>show link agg 4 

----------------- Aggregator 802.3ad Configuration ------------------------------- 

Admin- 

GP SPri System ID Name 

State AKey 

4 8000 00:40:2F:02:24:01 Agport_28 up 001C 

Field definitions (not included in command line display) 

Show 

Field 

802.3ad MIB 

set 

link 

option 

Description 

GP n/a n/a Global port number (starts at 1 

and counts through installed 

ports only). 

SPri AggActorSystemPriority (no) System priority (16 bit hex). 

System 

ID 

AggActorSystemID (no) System ID for the local system in 

MAC address format. 

Name AggName (no) ASCII name for aggregator (15 

chars) 

Admin 

State 

AggAdminState 

up, 

down 

“Up” allows aggregation, 

“down” disables aggregation. 

AKey AggActorAdminKey akey Key for the aggregator (16 bit 

hex) 

286



----------------- Media Port 802.3ad Configuration -------------------------------------------------- 

----------------- Admin Partner Information ---------- 

MP LACP PKey Pri State SPri System ID Key Port PPri State 

Port 

4 0004 0004 80 ALP 8000 00:00:00:00: 

00:00 

0001 0001 80 4 

Field definitions (not included in command line display) 

Show 

Field set link option IEEE 802.3ad MIB Description 

MP n/a n/a Media port number (starts at 1 

and counts through installed 

ports only). 

LACP 

Port 

(no) AggPortActorPort Port number (16 bit hex) used by 

Link Aggregation Control Protocol 

(automatically derived 

from MP). 

PKey key AggPortActorAdminKey Key (16 bit hex) assigned to the 

media port. 

Pri pri AggPortActorPortPriority Priority of media port (8 bit 

hex). 

State 

active, passive, AggPortActorAdminState 

short_tmo, 

long_tmo, aggregate, 

individual 

show memstats 

displays memory resource usage. 

Media port state displayed as: 

G=aggregate, I=individual, 

S=short_tmo, L=long_tmo, 

A=active, P=passive 

(Following parameters are the 

administrative partner values 

used when the link has timed out 

and default values must be 

used.) 

Partner system priority (16 bit 

hex) 

Partner system ID (MAC 

address format) 

SPri partner_ 

system_pri 

AggPortPartnerAdmin SystemPriority 

System ID partner_ system AggPortPartnerAdmin SystemID 

Key partner_ key AggPortPartnerAdminKey Partner port key (16 bit hex 

value) 

Port partner_ port AggPortPartnerAdminPort Partner port number (16 bit hex) 

PPri partner_ port_pri AggPortPartnerAdmin 

PortPriority 

State partner_ state AggPortPartnerAdmin 

State 

Partner port priority (8 bit hex) 

Partner state (8 bit hex) 

Bit0: 0 = passive,1= active 

Bit1: 0=long, 1=short timeout 

Bit2: 0=individual, 1= aggregate 

Bit3: 1=in sync (with other 

mports in agg group) 

Bit4: 1=collecting (rx enabled) 

Bit5: 1=distributing (tx enabled) 

Bit6: 1=defaulted (rx timeout) 

Bit7: 1= expired 

287



Example 

6000 Switch>#>show memstats 

MBSTATS: 

3 out of 384 mbufs in use 

3 mbufs allocated to protocol control blocks 

0/80 extended mbufs in use 

0 requrests for memory denied 

0 requests for memory delayed 

0 call to protocol drain routines 

MALLOC STATS (64 byte chunks): 

chunks 1024 free chunks 757 


lists the number of seconds and microseconds since the system 

was last restarted as well as the last restart date and time. 

Example 

6000 Switch>show microtime 

System clock is 4807 seconds, 900000 microseconds 

BOOTED: Wed 3/13/0 04:18 

show port { port_number | all } 

displays port and port aggregation information. If a port has 

been disabled with the disable port command, then the port 

status is displayed as disabled. An active port is displayed as 

being “up” or “down.” 

Example 

6000 Switch>#>show port 1 

6000 Switch>#>sh port 1 

Port= 1, ID= 1, mac=00:99:99:00:00:00, mode=A, status=UP at sysUpTime 684890 

Combined data rate=200MB over 2 attached mports (of 2 SELECTED or STANDBY). 

[(8000,00-40-2F-02-1B-81,0001,00,0000),(8000,00-00-00-00-00-00,0001,00,0000)] 

Actor (key=0001) 

Partner (key=0001) 

MP Port Pri State Churn RxState/T MuxState Port Pri State Churn 

01 0001 80 .FDCSGLP No DEFAULT/00 DISTRIBUTING 0001 80 ..DCSGLP No 

02 0002 80 .FDCSGLP No DEFAULT/00 DISTRIBUTING 0001 80 ..DCSGLP No . 

6000 Switch>#>show port all 

Port= 1, ID= 1, mac=00:40:2F:02:1E:C8, mode=A, status=DOWN at sysUpTime 0 


Port= 2, ID= 2, mac=00:40:2F:02:1E:C9, mode=A, status=DOWN at sysUpTime 0 


Port= 3, ID= 3, mac=00:40:2F:02:1E:CA, mode=A, status=DOWN at sysUpTime 0 


Port= 4, ID= 4, mac=00:40:2F:02:1E:CB, mode=A, status=DOWN at sysUpTime 0 


Port= 5, ID= 5, mac=00:40:2F:02:1E:CC, mode=A, status=DOWN at sysUpTime 0 


Port= 6, ID= 6, mac=00:40:2F:02:1E:CD, mode=A, status=DOWN at sysUpTime 0 


Port= 7, ID= 7, mac=00:40:2F:02:1E:CE, mode=A, status=DOWN at sysUpTime 0 


Port= 8, ID= 8, mac=00:40:2F:02:1E:CF, mode=A, status=DOWN at sysUpTime 0 


288



show portinfo port_number 

privileged command to display the Spanning Tree port 

information. 

Example 

6000 Switch>#>show portinfo 3 

Spantree stats: tx_configs: 0x93 rx_configs: 0x0 tx_bpdus: 0x0 rx_bpdus: 0x0 

llc rx 79009 tx 147 rxbad 79009 

stpdebug: 

port_id: 

root_age: 

state: 

designated_root: 

designated_cost: 

designated_bridge: 

designated_port: 

tx_configs: 

rx_configs: 

tx_bpdus: 

rx_bpdus 

stpdebug: 


Displays port mirroring parameters. 

Example 

6000 Switch>show port mirroring 

Port Mirroring Info: 

Port Mirroring is Enabled. Source Port 22, Destination Port 23. 

If both source and mirror ports are removed the display would 

say: 

6000 Switch>show portmirror 

Port Mirroring Info: 

Source port is not set to a valid port. 

Monitor port is not set to a valid port. 

Port Mirroring is Enabled. 

0x0 

0x8003 

0x0 

forwarding 

00:00:55:55:00:00 

0x0 

00:00:55:55:00:00 

0x8003 

0x31 

0x0 

0x0 

0x0 

0x0 

top_change FALSE bridge_top_chg_time 23 top_timer_active: FALSE top_value 23 

change_detected FALSE 

msg_age: 

msg_age: 

msg_age: 

0x0 

0x0 

0x0 

show ppp 

show the PPP options that have been negotiated or failure 

reasons. 

Example 

6000 Switch>show ppp 

PPP is attempting to start up a link. 

Modem control is disabled. 

The previous PPP attempt was successful. 

289



show ppp stats 

displays PPP statistics, such as packets dropped, compressed 

packets, etc. 

Example 

6000 Switch>show ppp stats 

Kernel PPP error counts: 

Unsupported protocols: 

Mbuf failures: 

Compression failures: 

Input packets dropped: 

Input queue full: 

Bad FCS: 

Packet too short: 

Packet too big 

Garbage received: 

Missing UI: 

Bad protocols: 

VJ Compression Statistics: 

Outbound packets: 

Outbound compressed packets: 

Searches for connection state: 

Times could not find conn. state: 

Inbound uncompressed packets: 

Inbound compressed packets: 

Inbound unknown type packets: 

Inbound packets discarded due to error: 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

0 

show priority 

Displays 802.1D/Q priority information. 

Example 

6000 Switch>#>show priority 

Port Port Trusted Port Port Trusted Port Port Trusted 

Priority 

Priority 

Priority 

1 0 YES 2 0 YES 3 0 YES 

4 0 YES 5 0 YES 6 0 YES 

7 0 YES 8 0 YES 9 0 YES 

10 0 YES 11 0 YES 12 0 YES 

13 0 YES 14 0 YES 15 0 YES 

16 0 YES 17 0 YES 18 0 YES 

19 0 YES 20 0 YES 

show snmpmgr 

displays the current set of eight SNMP manager addresses that 

the switch uses. 

290



Example 

6000 Switch>show snmpmgr 

1>192.2.2.212 Community: public 

2>192.2.2.214 Community: private 

3>192.2.2.216 Community: trap 

4>192.2.2.218 Community: trap 

5>0.0.0.0 Community None 




show snmpSecurityLevel 

Displays security level of SNMP 

show spantree 

displays current Spanning Tree configuration. If Individual 

VLAN Learning (IVL) mode is activated with the fdb mode 

ivl command, the command syntax is show spantree {VID | 

all }. 

291



Example 

STP mode 

6000 Switch>#>show spantree 

__________________________________________________________ 

Spanning tree enabled 


Designated Root 

Designated Root Priority 

Designated Root Cost 

Designated Root Port 

00:00:55:55:00:00 

16384 

0 

0 

Root Max Age 20 sec Hello Time 2 sec Forward Delay 13 sec 

Bridge ID 

00:00:55:55:00:00 

Bridge ID Priority 32768 

Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec 

Port 1 Quick N State forwarding Path Cost Auto 4 Port Priority 128 

Port 2 Quick N State blocking Path Cost Auto 4 Port Priority 128 






Port 8 Quick Y State blocking Path Cost Auto 4 Port Priority 128 

PVSTP Mode 

6000 Switch>#>show spantree 55 

__________________________________________________________ 


SPANNING TREE FOR VID 55 

Designated Root 00:40:2f:02:25:01 

Designated Root Priority 16384 

Designated Root Cost 0 

Designated Root Port 0 

Root Max Age 20 sec Hello Time 2 sec Forward Delay 18 sec 

Bridge ID 00:40:2f:02:25:01 

Bridge ID Priority 16384 

Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 18 sec 

Rapid Off 

Port 36 Quick N State forwarding Path Cost Auto 19 Port Priority 128 

______________________________________________________________ 

292



show sprom slotID 

privileged command to display the contents of the serial 

EEPROM. This is a command that provides information to 

Customer Support during diagnostics, i.e., serial number, MAC 

address, version number, etc. If the slotID is not designated, 

the command defaults to the Control Processor slot, which is 

always in Slot 5. 

6000 Switch>#>show sprom 

CP and Carrier BD Serial EEPROM Contents: 

Protected Area: 

EEPROM valid 

Model 

Mfg Date 

Serial Number 

Rev Level 

Variance 

MAC address 

MAC Size 

Feature Bits Personality 

Value 

: 55aa 

: CP 

:1/8/99 

: 8 

: 0 

: Jan99 

: 00:40:2f:00:b0:00 

: 128 

: 0002 

: (erased) 

Hardware Checksum values: 

1: ffffffff 2: ffffffff 3: ffffffff 4: ffffffff 

5: ffffffff 6: ffffffff 7: ffffffff 8: ffffffff 


show storm [ active | discarding | all ] 

Displays storm control configuration. 

Select from the following parameters: 

active displays the storm control information for all the ports 

that are actively monitoring 

discarding displays storm control information for all the 

ports that are currently discarding packets. 

all displays storm control information for all the ports, 

regardless of what state the storm control software has for 

that port. 

293



Example 

6000 Switch>#>show storm 3 

Broadcast Storm Control Settings and State Info 

PORT 

THRESHOLD 

DISCARD 

PERIOD 

BCAST_ 

RATE 

MCAST_ 

RATE 

BCAST MCAST BCAST MCAST 

percent seconds percent percent 

CURRENT STATE 

-------------------------------------------------------------------------- 

3 100 100 5 5 na na not monitoriing 

Broadcast: disables 0 enables 0, Multicast: disables 0 enables 0 

show sys 

displays system configuration parameters. 

Example 

6000 Switch>show sys 

ET0 IP address 

ET0 IP netmask 

ET0 IP broadcast 

ET0 MAC address 

Default Gateway 

Primary SNMP Mgr 

Spanning Tree 

Telnetd 

Web Server 

DNS 

GateD 

Syslog 

Syslog IP address 

Modem control 

Aging 

FDB age time 

Serial Baud 

: 192.2.2.144 

: 255.255.255.0 

: 192.2.2.255 

: 00:00:55:55:00:00 

: invalid 

: 0.0.0.0 

: Disabled 

: Enabled 

: Enabled 

: Enabled 

: Disabled 

Disabled 

: 0.0.0.0 

: Disabled 

: Disabled 

: 300 seconds 

: 9600 bps 

HARDWARE CONFIGURATION: 

Slot 1 has a 10/100BaseT board with 24 ports 

Serial Number is: -1 

Slot 5 has: 

CP A Serial Number : -1 

Carrier Serial Number: 24 

show sysfails 

privileged commmand to show any system failures such as fan 

or temperature failures. To clear out the show sysfails 

messages, type clear sysfails. 

294



Example 


There have been no system failures. 

If one fan has failed, the output is as follows: 


Fan Failure at Tue 6/8/99 12:59 

Fan 2 had failed, and is still failing. 

Other messages include: 

Fan fan_number had failed, but it is currently working. 

Temperature exceeded high water mark: degrees C on time 

Board in slot slot_number has failed number times in a row and is currently DIS- 

ABLED.Will attempt to enable it on the next reboot. 

Board in slot slot_number has failed number times in total. 

Slot slot_number DISABLED due to insufficient power. 

The switch was shutdown since the temperature (degrees C) was too high. 

All media boards were disabled since the maximum shutdown period was reached 

on a fan failure. 

show syslog 

displays the current parameters for the syslog feature. This 

command is available in privileged and non-privileged mode. 

Example 

6000 Switch>#>show syslog 

Syslog 

: Disabled 

Syslog IP address : 0.0.0.0 

Log user commands: Disabled 

Log all output : Disabled 


privileged command that displays the chassis temperature. 

Example 

6000 Switch>#>show temperature 

Temperature is 34 degrees centigrade. 

show timeout { current | default } 

displays the current or default time out interval for a Telnet 

session. 

Example 



6000 Switch>#>show timeout default 

Login default timeout interval is 15 minutes. 

295



show timeout { current | default } 

displays the timeout interval set for a Telnet session. 

Example 



6000 Switch>#>show timeout default 

Login default timeout interval is 15 minutes. 

show treetype 

Displays Spanning Tree type. 

Example 

6000 Switch>#>show treetype 

Single Spanning Tree 

show version 

displays the firmware version number. This command is 

available in privileged and non-privileged mode. 

Example 

6000 Switch>#>show version 

CP Version 

CP Boot Version 

LUE Version 

Web Page Version 

6070_v7.0.latest Apr 13 2000 11:20:49 [7.0] (DEBUG) 

6002_v6.0.latest Feb 25 2000 16:49:46 BOOTROM [6.0a] 

LFA P2E1.PR25.ED45 Dec 28 1999 

6070_v7.0.latest Apr 13 2000 10:28:50 [7.0] 

296



upgrade 

Command 

upgrade option 

Description 

Privileged command that programs new system software into the 

switch’s flash memory. The image is located in a file on a host that is 

running a TFTP server. 

Example 

6000 Switch>upgrade help 

Usage: upgrade template_filename {ip_address | hostname} 

upgrade {ip_address | hostname} 

The template_filename specified should be the name of the 

image minus the filename extension. 

CP system software: cprel 

The following are the upgrade options: 

upgrade filename ip_address | hostname 

requests image files from the TFTP server at the IP address 

specified by ip_address to upgrade the CP system image. A 

host name can be substituted for an IP address, if DNS is 

enabled. 

Example 

6000 Switch>#>upgrade /usr/6000switch/cprel 192.2.2.10 

upgrade ip_address | hostname 

requests the default image file cprel from the TFTP server at 

the IP address specified by ip_address. [Extensions added as 

needed.A host name may be substituted for an IP address, if 

DNS is enabled.] 

Example 

6000 Switch>#> upgrade 192.2.2.10 

Note ip_address is the IP address of the TFTP server and filename is 

the name of the file that is downloaded to the CP Flash memory. 

297



upgradelue 

Command 

upgradelue option 

Description 

Privileged command that programs new lookup engine firmware into the 

switch’s flash memory. The image is located in a file on a host that is 

running a TFTP server. 

The following are the upgradelue options: 

upgradelue help 


Example 

6000 Switch>#>upgradelue help 

Usage: upgradelue template_filename {ip_address | hostname} 

upgradelue {ip_address | hostname} 



LUE software: lue 

upgradelue template_filename { ip_address | hostname } 


specified by ip_address to upgrade the lookup engine. 

Example 

6000 Switch>#>upgradelue /usr/6000switch/lue 192.2.2.10 

upgradelue { ip_address | hostname } 

requests the default image file Web page from the TFTP server 

at the IP address specified by ip_address. [Extensions added as 

needed.] 

Example 

6000 Switch>#> upgradelue 192.2.2.10 


the name of the file that is downloaded to the 6000 Switch 

flash memory. 

298



upgradewp 

Command 

upgradewp option 

Description 

A privileged command that programs new Web Devices Manager pages 

and images into the switch’s flash memory. The image is located in a file 

on a host that is running a TFTP server. 

The following are the upgradewp options: 

upgradewp help 


Example 

6000 Switch>#>upgradewp 

Usage: upgradelue template_filename {ip_address | hostname} 

upgradelue {ip_address | hostname} 



Web system software: webpage 

upgradewp web_page_filename { ip_address | hostname } 


specified by ip_address to upgrade the Web Server images. 

Example 

6000 Switch>#>upgradewp /usr/6000switch/webpage 192.2.2.10 

upgradewp { ip_address | hostname } 

requests the default image file webpage from the TFTP server 

at the IP address specified by ip_address. [Extensions added as 

needed.] 

Example 

6000 Switch>#> upgradewp 192.2.2.10 


the name of the file that is downloaded to the 6000 Switch 

flash memory. 

299



vlan 

Command 

vlan option 

Description 

Privileged command that allows you to define virtual LANs (VLANs). 

VLANs allow you to limit broadcast packets, multicast packets and 

forwarding lookup failures to a subset of the ports on the switch. 

6000 Switch>vlan help 

Usage: vlan create 

vlan delete 

vlan {add | del} port{s} 

vlan move port{s} vlan 

vlan {tag | untag} port{s} 

vlan name 

vlan ifconfig { | netmask | broadcast } 

vlan ifconfig {create | delete} 

vlan ifconfig ip delete 

vlan port{s} PVID 

vlan print {by port} 

vlan reset {slot } 

Notes: 

A is a list of port numbers such as 1 2 3 4. 

Use "vlan reset" to reset ports on all slots. 

Type "vlan ifconfig" for help on configuring interfaces. 

The following are the vlan options: 

vlan VID create 

Creates a VLAN identifier (VID). VLANs are assigned a 

number from 1 to 4,094. The ports do not have to exist in order 

to create a VID. 

vlan [ VID | name ] del port[s] port list 

removes one or more ports connected to a VLAN. 

vlan [ VID | name ] add port[s] port list 

connects the switch port specified by portID to the VLAN 

specified by vlanID. If the VLAN does not exist, this command 

also creates it. The vlanID may be a VLAN number or VLAN 

name. 

Example 

6000 Switch>vlan 2 add port 2 

Adding flood to VLAN 2 from port 2 

vlan { srcVID | name } move port[s] port_list vlan { dstVID | name } 

command used to move ports from one VLAN to another. The 

srcVID identifies the source VLAN and the dstVID is the 

destination VLAN. 

300



Example 

6000 Switch>#>vlan 2 move port 8 vlan 4 

vlan [ VID | name ] {tag | untag} port[s] port list 

sets the frame type that is transmitted from a port to a given 

VLAN. 

Example 

6000 Switch>#>vlan 2 tag ports 2 6 

vlan [ VID | nam e] name string 

sets a description used to identify a VLAN, i.e., VLAN 2 is 

sales. 

Example 

6000 Switch>vlan 2 name sales 

vlan [ VID | name ] ifconfig { ip_address | netmask mask | broadcast 

broadcast_address } 

command to configure a VLAN with an IP address.This 

creates a network interface for the CP module, which is labeled 

sw_numberVID. 

vlan [ VID | name ] ifconfig {create | delete} 

command to create a network interface for a VLAN. If the 

VLAN has not been previously created, it creates the VLAN 

along with the interface. Also used to delete a network 

interface for a VLAN. 

Example 

6000 Switch>vlan 9 ifconfig create 

Created VLAN 9 

Created Interface sw9 for VLAN 9 

vlan ports port_list admit tagonly 

The ingress rule discards any untagged frames or prioritytagged 

frames received on the port. Tagged frames that are not 

discarded are classified and processed according to the ingress 

rules that apply to that port. 

Note A priority-tagged frame is not a VLAN tagged frame. A priority-tagged 

frame has an 802.1Q tag but the VID is zero. 

To set the configuration to accept only tagged frames, type vlan ports 

port_list admit tagonly 

This mode can be used to prevent clients from gaining access to VLANs 

of which they are not a member. 

vlan ports port_list enable ingcheck 

VLAN security command.If the “Enable Ingress Filtering” 

parameter is set for a port, the ingress rule discards any frame 

received on a port from a VLAN that does not include that port 

301



within its member set. To disable ingress checking, type vlan 

ports port_list disable ingcheck. 

Example 

6000 Switch>vlan port 5 enable ingcheck 

vlan port{s} port list PVID pvid 

command is used to assign the PVID. The switch supports the 

802.1Q specification for VLAN tagging. All untagged and 

priority-tagged frames received by a port belong to the VLAN 

whose port VLAN identifier (PVID) is associated with that 

port. The PVID must contain a valid VLAN identifier value 

and shall not contain a null value of zero (0). The default PVID 

is one (1). 

Example 



Changing port 23’s PVID to 23. 

vlan print [by port] 

displays all ports assigned to a Virtual LAN. If names have 

been assigned, the name is listed in parentheses next to the 

VLAN number, i.e., VLAN2 (sales). 

Example 

6000 Switch>vlan print 

Port PVID Trusted Ing. check Admint Any 

1 1 Yes No Yes 










VLAN 1 (NoName1): 

ip routing from this VLAN: enabled 

Port Members: { 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 

16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 

31 32 33 34 35 36 } 

Forbidden Members: { None } 


inet 192.168.1.2 mask 255.255.255.0 bcast 192.168.1.255 


ether 00:40:2f:02:25:09 

Port Members: { 13 } 


302






ether 00:40:2f:02:25:0a 






ether 00:40:2f:02:25:0b 



6000 Switch>vlan print byport 

Port PVID Trusted Ing. Check Admit Any VID-Membership 

1 1 Yes No Yes { 1 } 

2 1 Yes No Yes { 1 22} 

3 1 Yes No Yes { 1 } 

4 1 Yes No Yes { 1 } 

5 1 Yes No Yes { 1 } 

6 1 Yes No Yes { 1 } 

7 1 Yes No Yes { 1 } 

8 1 Yes No Yes { 1 } 

9 1 Yes No Yes { 1 } 

10 1 Yes No Yes { 1 55} 

vlan reset slot { slot ] 

clears all VLAN settings for both the current session and all 

future sessions, i.e., clears configuration in non-volatile 

memory. The vlan reset command without the slot identifier 

resets all ports. 

Example 

6000 Switch>#>vlan reset 

VLANs reset to defaults 

303

% 

Appendix B: 

GateD Reference

A P P E N D I X B 

GateD Reference 

This appendix is a supplementary reference for the GateD* command 

structure. 

Interfaces 

The interface statement is used to define routing characteristics for the 

network interfaces. An interface is the connection between a router and 

one of its attached networks. In the GateD command syntax, an interface 

is identified as ifs. 

Configurable Parameters 

scanInterval time 

The scanInterval is a global parameter affecting all of the interfaces. 

Controls how often GateD checks the system for interface changes. The 

range is from 15 to 3600 seconds. The default is 60 seconds. 

gated/ifs# di 

ifs 

----------------------- 

scanInterval: 60 

if[127.0.0.1] 

if[172.28.91.175] 

if[172.28.92.175] 

if[172.28.93.175] 

if[172.28.94.175] 

if[172.28.95.175] 

preference preference 

Sets the preference for routes to this interface when it is up and 

functioning properly. Preference is determined by the system or import 

policy. The range is from zero (0) to 255. The default is 0. 

306



Read-Only Parameters 

gated/ifs> if[192.0.0.1 

gated/ifs/if[192.0.0.1]> di 

if[192.0.0.1] 

---------------------------- 

ifIndex: 

ifName: 

state: 

transitions: 

mtu: 

media: 

metric: 

mask: 

protocols: 

preference: 

1 

lo0 

UP 

0 

472 

LOOPBACK 

0 

255.255.255.255 

NONE 

0 

ifIndex 

The index of the interface in the system interface (IF) table. 

state 

The up or down state of the interface. 

transitions 

The number of UP/DOWN transitions for the interface. 

mtu 

The maximum transmission unit (MTU) is the largest packet size that can 

be transmitted by the interface without fragmentation. The default for 

Ethernet is 1500 bytes. 

media 

There are four types of interfaces. The switch currently only supports 

three. 

Type 

LOOPBACK 

BCAST 

POINT-TO-POINT 

(P2P) 

Description 

A simulated adapter that is always 

identified by the IP address 127.0.0.1. 

A multi-access interface, cable of a 

physical level broadcast, such as Ethernet 

and Token Ring. There is an associated 

subnet mask and broadcast address. 

A tunnel to another host, usually on a 

serial link 

307



metric 

The metric learned from the system. The default OSPF link cost is based 

on the metric. (defined by speed/bandwidth). The range is from zero to 

16. 

mask 

The network mask of the subnet to which the interface is attached. 

protocols 

The protocols running on the interface. 

Adding Static Routes 

Static routes are used when IP routed packets are routed through remote 

hosts not directly connected to a physical network with its own routing 

table. The route [x.x.x.x/l] command is used to manually configure static 

routes. 

If the keyword default is used for the destination address, a default route 

is created. The default route is used whenever there is no specific route 

to a destination. The network IP address associated with the default route 

is 0.0.0.0/0. 

Static routes are created under the static component. 


if: 0.0.0. 


pref: none 

type: 60 


gateway ip_addr 

Sets the next hop IP address for the route. It must be on the subnet of the 

specified interface. 

if ip_addr 

Sets the local interface for the statically configured route. It must be 

attached to the same network as the gateway. 


Sets the preference for this static route. The range is from 0 to 255. The 

default is 60. 

308



type 

Type 

NORMAL 

RETAIN 

REJECT 

BLACKHOLE 

NOINSTALL 

Description 

Normal static route. This is the default type. 

The static route is kept in the system forwarding 

table, even when GateD is disabled. 

The packet destined to the network is rejected. 

ICMP unreachable is sent to originator. Note: 

The reject route can be exported into different 

routing domains. 

The packet is dropped silently. The blackhole 

route is not picked up by any protocols. 

The route is not installed into the system 

forwarding table, but can be exported into 

routing protocols. 


RIP selects the route with the lowest “hop count” (metric) as the best 

route. The hop count is the number of routers through which data must 

pass to reach its destination. RIP assumes that the best approach is the 

one that uses the fewest routes. 

RIP maintains routes in the routing table. First, if the metric is greater 

than 15 hops away, then the route is deleted. All routes through a 

gateway are also deleted if no updates are received from the gateway 

within a specified time period. Generally RIP issues routing updates 

every 30 seconds. If a gateway does not issue routing updates within 180 

seconds, all routes through that gateway are deleted from the routing 

table. 

309




gated/rip# d 

rip 

--------------------- 


defaultMetric: 16 

stats 


Sets the route preference learned from RIP. The default preference is 

100. This may be overridden by a preference specified in the import 

policy. 

defaultMetric metric 

Each RIP routing table entry contains a metric or cost for each 

destination, called a hop. RIP selects the route with the lowest hop count 

as the best route. However, the longest hop cannot exceed 15 hops. The 

metric can be overridden by the export policy. 

RIP Interface Configuration 

The ifs command defines the interfaces used by RIP and defines the 

configuration parameters for that interface. 


mode {none | ripin | ripout | both} 

Type 

NONE 

RIPIN 

RIPOUT 

BOTH 

Description 

disable RIP on the interface 

receives RIP packets only 

sends RIP packets only 

receives and sends RIP packets (default) 

version ver {1 | 2 } 

Specifies the RIP packet version (RIP 1 or RIP 2) sent from the interface. 

The default is RIP 1. Note: incoming RIP packets from both versions are 

always accepted on the interface regardless of this setting. 

310



metricIn metric 

Specifies the RIP metric increment to the learned routes before they are 

installed. Using this parameter makes the routes learned from this 

interface less preferable. 

metricOut metric 

Specifies the RIP metric increment to the routes sent out via this 

interface. Using this parameter makes the routes received from this link 

less preferable. 

authType authtype {none | simple} 

It is only meaningful to RIP version 2. When SIMPLE authentication is 

used, a network-wide authKey is provided. The default is none. 

authKey key 

It is only used when authentication type is SIMPLE. The authKey 

(password) must be the same network wide. 

OSPF Configuration 

OSPF is a protocol designed to be used inside Autonomous Systems. It 

is not designed to route between Autonomous Systems. 

gated/ospf# di 

ospf 

--------------------- 

preference: 

asBdrRtr: 

stats 

lsaDb 

nbrTable 

ase 

area[0.0.0.1] 

gated/ospf# 

10 

yes 

] 



It sets the preference for OSPF when importing intra- and inter-area 

Autonomous System External (ASE) routes into the GateD routing table. 

The default is 10. 

asBdrRtr { yes |no } 

311



Areas exchange routing information with other areas within the 

autonomous system through area border routers. Set the flag to allow 

(yes) or disallow (no) the router to be an OSPF autonomous system 

border router. This setting determines whether OSPF can process input 

routes from sources other than OSPF. 

Configuring ASE Routes 

The following parameters specify how to import OSPF ASE routes into 

the GateD routing table and how to export routes from the GateD routing 

table into OSPF ASEs. 

gated/ospf/ase# di 

ase 

------------------- 

preference: 

cost: 

expInterval: 

expLimit:0 

gated/ospf/ase# 

150 

1 

1 

100 


The preference is used to determine how OSPF routes compete with 

routes from other protocols in the GateD routing table. The default value 

is 150. 

cost cost 

The cost is used when exporting a non-OSPF route from the GateD 

routing table into OSPF as an ASE. The default value is 1. This may be 

explicitly overridden in the export policy. 

Because of the nature of OSPF, the rate at which ASEs are flooded must 

be limited. The parameters below can be used to adjust those rate limits. 

Parameter 

expInterval time 

expLimit routes 

Definition 

Specifies how often a batch of ASE 

link-state advertisements (LSAs) are 

generated and flooded in OSPF from 

the GateD routing table. The default 

is once per second. 

Specifies how many ASEs are 

generated and flooded into OSPF 

each time. The default is 100. 

312



Configuring the Backbone 

The backbone may only be configured with the keyword backbone. It 

may not be specified as area 0. The backbone interface may be a virtual 

link. 

gated/ospf/backbone# di 

backbone 

----------------- 

authType: none 

networks: 

stats 

lsaDb 

Each OSPF router must be configured into at least one OSPF area 

(area[x.x.x.x]). If more than one area is configured, at least one must be 

the backbone. 

authType {none | simple} 

OSPF specifies authentication scheme per area. Each interface in the area 

must use the same authentication scheme although it may use a different 

authentication key. The current valid values are none for no 

authentication and simple for simple password authentication. The 

default is none. 

networks ip_addr/l ... ip_addr/l 

Specifies the networks that compose the area. This helps reduce area 

LSA traffic. 

areaType {stub | nssa | normal} 

The type of area. Normal is the default setting. 

Type 

STUB 

NSSA 

NORMAL 

Description 

A stub area. No ASE and it uses the default route to 

external destination. 

A “not-so-stub area.” No ASEs flooded into area, 

but can generate ASEs within an area. 

Normal OSPF transit area. 

defRtCost defCost 

The cost is used for injecting a default route into OSPF stub or nssa area. 

It is only used by area border routers. The range is from 0 to 1000. The 

default is 1. 

313



Configuring OSPF Interfaces 

Interfaces are defined as the interfaces used by OSPF. The following are 

read-only parameters. 

gated/ospf/backbone/ 

if[172.28.95.175]> d 

if[172.28.95.175] 

------------------------- 

cost: 

tos: 

authKey: 

priority: 

helloInterval: 

transitDelay: 

retransInterval: 

deadInterval: 

neighbor: 

mediaType: 

dr: 

bdr: 

events: 

1 

0/1 

1 

10 

1 

5 

40 

BCAST 

172.0.0.175 

0.0.0.0 

2 

mediaType { bcast | p2p } 

Specifies the media type of the interface to which it is connected. The 

options are broadcast or point-to-point. Broadcast is the default media 

type. 

cost cost 

Specifies the default cost (i.e., type of service (TOS) 0 cost) of the link 

attached to the interface. The sum of the costs along links is the base of 

the SPF algorithm. 

tos tos/cost, .. tos/cost 

Specifies the TOS this interface supports. TOS 0 is always supported 

regardless the setting. The range is from zero (0) to 30. 

authKey {simple |none} 

Sets the authentication key for SIMPLE or no authentication (None). The 

key must be the same network wide. The key is: 

• one to eight decimal digits 

• one to eight hex digits preceded by 0x, or 

• one to eight characters between quotation marks (“”). 

314



priority priority 

Priority is used in designated router (DR) election. The router with the 

highest priority (highest number) becomes a designated router for the 

attached network. Priority 0 means the router is ineligible for DR. The 

priority range is from zero (0) to 255. The default is one (1). 

helloInterval time 

Specifies the number of seconds the hello packets are sent via the 

interface. The range is from one (1) to 120 seconds. The default is 10. 

transitDelay time 

Sets the estimated number of seconds it takes to transmit an LSA update 

over the interface. Transmission and propagation delays are counted. 

The range is from one (1) to 120 seconds. The default is one (1). 

retransInterval time 

Sets the number of seconds between LSA retransmissions. It should be 

greater then round trip transit delay time. The range is from one (1) to 

3600 seconds. The default is five (5). 

deadInterval time 

Specifies the number of seconds that a neighbor is not heard from, i.e., if 

a neighbor does not send any “hellos” during the time period, that 

neighbor is presumed to no longer function. It should be the same 

network wide. Typical value is four times the hello interval. The range is 

from one (1) to 3600 seconds. The default is 40. 

dr ip_addr 

The designated router (DR) of the subnet attached to the interface. 

bdr ip_addr 

The backup DR of the subnet attached to the interface. 

events number 

The number of times the OSPF interface changed its state. 

Virtual Links 

OSPF requires that every area connect to the backbone and that every 

area, including the backbone area, be contiguous. When an Area Border 

Router (ABR) cannot physically connect to the backbone, a virtual link 

is used to logically connect the ABR to the backbone. The virtual link 

uses a transit area that is connected to the backbone. The transit area 

315



cannot be a stub area. This link is treated as a point-to-point link 

belonging to the backbone. OSPF packets are sent to the neighbor IP 

address at the other end of the virtual link. 

A virtual link is part of the backbone area. It has more parameters than 

the normal OSPF interfaces. Virtual links are indexed by the routerID 

at the other end of the virtual link. 

gated/ospf/backbone/vLink[0.0.0.1]# di 

vLink[0.0.0.1] 

-------------------------- 

transitArea: 0.0.0.1 

authKey: 

helloInterval: 10 

transitDelay: 1 

retransInterval: 5 

deadInterval: 40 

events: 0 


transitArea areaID 

Specifies the transit area in which the virtual link is established. The 

transit area must be in this system. 

Each area, including the backbone, has a link-state advertisement 

database (lsaDb). In GateD, it is a table of link state advertisements 

(LSAs). 

lsa {router | net | stub | ase1 | ase2 } 

The Link State Advertisements types include the following. 

LSA Types 

ROUTER LSA 

NETWORK LSA 

STUB AREA LSA 

NETWORK SUMMARY LSA 

ASE LSA 

Parameter 

router 

net 

stub 

ase1 

ase2 

lsidID 

The ID of an LSA, which could be a routerID, network address or 

interface address. It depends on the type of LSA. 

advRtr routerID 

The router ID which advertised the link state. 

316



age time 

The age of the LSA in the form d:h:m:s or h:m:s 

seq number 

The sequence number of the LSA which is used to detect outdated LSA 

or duplicated LSA. 

chksum number 

The LSA check sum Value used to detect any data corruption. 

OSPF Neighbor Table 

The OSPF neighbor table has two subtables. One table contains OSPF 

neighbors dynamically discovered over broadcast interfaces. Another 

table is the collection of configured OSPF neighbor or virtual links. Both 

tables are indexed by neighbor addresses. 

Read-Only Parameters 

nbrRtr 

The routerID of the neighbor router. It is provided as an IP address in 32- 

bit dotted decimal format. 

priority 

The priority of the neighbor in designated router (DR) election. 

state 

The state of the neighbor in establishing adjacency. Adjacency is a 

relationship formed between selected neighboring routers for the 

purpose of exchanging routing information. 

State Description 

DOWN 

ATTEMPT 

INIT 

2WAY 

EXSTART 

the neighbor is down 

attempt to talk with the neighbor (nbma) 

hello received, but one way only. 

two way communications established. 

negotiation for data-base exchange. 

317



State Description 

EXCHANGE 

LOADING 

FULL 

exchange database description 

loading database (delta) content. 

full adjacency established. 

mode 

The mode of the neighbor in the database exchange master. 

Mode 

MASTER 

SLAVE 

Description 

The neighbor with the master copy of the database. 

The neighbor that receives the database from the 

router. 

drBdr 

The role of the neighbor: 

Role 

DR 

BDR 

OTHER 

Description 

The neighbor is a designated router. 

The neighbor is a backup designated router. 

other 

lastHello 

The time when the last hello was received from the neighbor. 

lastExchange 

The time when the last database exchange occured. 

lsRetransQlen 

The current length of the retransmission queue. 

events 

The number of times in which the neighbor state has been changed. 

interface 

The interface on this route, which is on the same subnet as the neighbor. 

It is used to communicate with the neighbor. 

318



Virtual Neighbor 

A virtual neighbor describes the state and relationship with a router that 

is established via a virtual link. 

Read-only Parameters 

transitArea 

The area in which the virtual link is established and the neighbor that is 

at the other end of the link. 

The following parameters are the same as for neighbor. 

nbrRtr 

state 

mode 

lastHello 

lsRetransQlen 

lastExchange 

events 

OSPF Statistics 

Statistics are used for information gathering. 

gated/ospf/stats# di 

stats 

----------------------------- 

interfaces: 

neighbors: 

externLsa: 

chkSumExLsaDb: 

originatedLsa: 

receivedLsa: 

helloPktReceived: 

helloPktSent: 

dbPktReceived: 

dbPktSent: 

lsReqPktReceived: 

lsReqPktSent 

lsAckPktReceived: 

lsAckPktSent: 

lsUpdatePktReceived 

lsUpdatePktSent: 

0 

4 

21624 

12 

0 

0 

133 

0 

0 

0 

0 

0 

0 

0 

0 

319




interfaces 

The number of OSPF interfaces configured on the router 

neighbors 

The number of OSPF neighbors known by the router. 

externLSA 

The number of external OSPF LSA databases. 

chkSumExLSADb 

Checksum of OSPF external LSA database. Used to determine if the 

database is update to date. 

chkSumLSADb 

The checksum of the LSA database of this area used to determine if the 

database is up-to-date. 

originatedLSA 

Number of LSAs originated by this router including external LSA if this 

router is an AS border router. 

receivedLSA 

The number of LSAs received and installed by the router. 

helloPktReceived 

The number of hello packets the router has received. 

helloPktSent 

The number of hello packets the router has sent. 

dbPktReceived 

The number of database description packets the router has received. 

dbPktSent 

The number of database description packets the router has sent. 

lsReqPktReceived 

The number of link state request packets the router has received. 

lsReqPktSent 

The number of link state request packets the router has sent. 

lsAckPktReceived 

The number of link state acknowledge packets the router has received. 

320



lsAckPktSent 

The number of link state acknowledge packets the router has received. 

lsUpdatePktReceived 

The number of link state update packets the router has received. 

lsUpdatePktSent 

The number of link state update packets the router has sent. 

OSPF Area Link State 

Advertisement Database 

The OSPF Area Link State Advertisement Database (LsaDb) is a table of 

Link State Advertisements (LSAs). 


Entry 

The entry field displays the LSA number. The maximum is the number 

of entries in the LsaDb table. 

type 

The type field displays the parameter function of the LSA. The possible 

values are 

Type 

ROUTERLSA 

NETWORKLSA 

STUBAREALSA 

NETWORKSUMMARYLSA 

ASELSA 

Value 

router 

network 

stub 

ase1 

ase2 

321



lsidId 

Displays the ID of an LSA. The possible values are: 

• routerID 

• network address 

• interface address 

AdvRtr 

Displays the ID of the router which advertised the link state. 

age 

Displays the age of the LSA. Format: d:h:m:s or h:m:s 

seq 

Displays the sequence number of the LSA which is used to detect an 

outdated or duplicated LSA. 

chksum 

Displays the LSA checksum value used to detect any data corruption. 

Route Table 

The route table defines the how the router forwards packets. The 

destination address of each packet is used to perform a route table lookup 

based on a best-match search of the table. Each IP (Internet Protocol) 

packet destination address is compared with each prefix (path) in the 

table. The best match is the entry with the longest match in the table. 

Read-only parameters 

route 

The route field is a prefix of an IP destination address used in the best 

match search of the route table. Each prefix is composed of an IP address 

x.x.x.x (in 32 bit internet address dotted decimal notation) and a length l. 

Bits not included in the length are zero (e.g., 128.10.0.0/16). 

path 

The path field is an index used to enumerate multiple routes. 

state 

Displays if the entry can be used for route table lookup. 

322



The possible values are listed below: 

Value 

ACTIVE 

ELIGIBLE 

HIDDEN 

PENDING 

DELETE 

Description 

Used in kernel forwarding table 

Eligible to become active 

Not used because of policy. 

pending due to hold down on another route. 

Deleted and subject to removal 

nextHop 

Displays where the packet is sent next by the router. The next hop is an 

IP address. 

ifSend 

Displays the local interface on which the packet is sent to the nextHop 

address. 

srcGateway 

Displays the gateway from which the route entry was learned. The value 

is an IP address, and is zero for static and local route entries. 

protocol 

Displays the method used in calculation of the route entry. If the protocol 

is OSPF, it indicates the type of OSPF route. The possible values are: 

intra-area route ase type 1 

inter-area route 

ase type 2 route 

route 

preference 

Displays the weighting factor used when adding entries to the routing 

table. It is usually determined by the preference of protocol unless policy 

changed it for the path. The range is from 1 to 100. 

tos 

Displays the type of service value (TOS) for the entry. When installed, 

only traffic with this TOS value is sent using this path. It is normally 0, 

and is only valid for protocols that support it. the range is from zero to 

30. 

323



metric 

Displays the cost to the destination specified by the prefix. A metric is 

only valid for protocols that support it (distance vector based protocols 

such as RIP). The range is from 1 to 16. 

age 

Displays the number of seconds since last update on the path. 

type 

Displays router processing for the entry. Possible values include: 

Value 

RETAIN 

REJECT 

BLACKHOLE 

MULTICAST 

Description 

Keep path in system after gated died. 

Reject packets to the route. 

Silently drop packets to the route. 

a multicast route. 

324

& 

Appendix C: 

Technical 

Information

Support Services 

Intel offers a range of support services for your new product. You can learn about the options 

available for your area by visiting the Intel® NetStructure 6000 support Web site at http:// 

www.intel.com/network/services and choosing your geography. 

Worldwide Access to Technical Support 

Intel has technical support centers worldwide. Technicians who speak the local languages staff 

many of the centers. Visit our Web site at http://support.intel.com/. 

North America only 

For support, call (800) 838-7136 or (916) 377-7000. 

For support, call +81-298-47-0800. 

Japan only 

Other areas 

For support in other countries, use the following table to dial the toll-free support number. Using 

the table, locate the country from which you are calling, dial the access number, await the dial tone 

and then dial the listed 800 number. 

Country 

Dialing Information 

Australia Dial 1-800-881-011, await dial tone, dial 800-838-7136 

China 3 Dial 10811, await dial tone, dial 800-838-7136 

Hong Kong Dial 800-1111, await dial tone, dial 800-838-7136 

India 5 Dial 000-117, await dial tone, dial 800-838-7136 

Indonesia 2 Dial 001-801-10, await dial tone, dial 800-838-7136 

Korea 1 Dial 0-911, await dial tone, dial 800-838-7136

A P P E N D I X C 

Technical Information 

Country 


Malaysia 4 Dial 800-0011, await dial tone, dial 800-838-7136 

New Zealand Dial 000-911, await dial tone, dial 800-838-7136 

Singapore Dial 800-0111-111, await dial tone, dial 800-838-7136 

Sri Lanka Dial 430-430, await dial tone, dial 800-838-7136 

Taiwan 1 Dial 0080-10288-0, await dial tone, dial 800-838-7136 

Thailand 5 Dial 0019-991-1111, await dial tone, dial 800-838-7136 

Austria 1 4 Dial 022-903-011, await dial tone, dial 800-838-7136 

Belgium 1 Dial 0-800-100-10, await dial tone, dial 800-838-7136 

Denmark Dial 8001-0010, await dial tone, dial 800-838-7136 

Finland 1 Dial 9800-100-10, await dial tone, dial 800-838-7136 

France (Includes Andorra) Dial 19-0011, await dial tone, dial 800-838-7136 

Germany Dial 0130-0010, await dial tone, dial 800-838-7136 

Italy (Includes Vatican City) 1 Dial 172-1011, await dial tone, dial 800-838-7136 

Netherlands 1 Dial 06-022-9111, await dial tone, dial 800-838-7136 

Norway Dial 800-190-11, await dial tone, dial 800-838-7136 

Poland 1 3 Dial 0-0-800-111-1111, await dial tone, dial 800-838-7136 

Portugal 3 Dial 05017-1-288, await dial tone, dial 800-838-7136 

Russia 1 2 3 Dial 755-5042, await dial tone, dial 800-838-7136 

Spain Dial 900-99-00-11, await dial tone, dial 800-838-7136 

Sweden Dial 020-795-611, await dial tone, dial 800-838-7136 

Switzerland 1 Dial 0-800-550011, await dial tone, dial 800-838-7136 

United Kingdom (Mercury) 3 Dial 0500-89-0011, await dial tone, dial 800-838-7136 

United Kingdom (BT) 3 Dial 0800-89-0011, await dial tone, dial 800-838-7136 

327



Country 


RSA (South Africa) Dial 0-800-99-0123, await dial tone, dial 800-838-7136 

Philippines Dial 105-11, await dial tone, dial 800-838-7136 

Vietnam Dial 12010288, await dial tone, dial 800-838-7136 

Pakistan Dial 0080001001, await dial tone, dial 800-838-7136 

Notes: 

1 Public phones require coin or deposit 

2 Use phones allowing international access 

3 May not be available from every phone 

4 Public phones require local phone payment through the call duration 

5 Not available from public phones 

328



Regulatory 

Information 

FCC Part 15 Compliance Statement 

This product has been tested and found to comply with 

the limits for a Class A digital device pursuant to Part 15 

of the FCC rules. These limits are designed to provide 

reasonable protection against harmful interference when 

the equipment is operated in a commercial environment. 

This product generates, uses, and can radiate radio frequency 

energy and, if not installed and used in accordance 

with the instruction manual, may cause harmful 

interference to radio communications. However, there is 

no guarantee that interference will not occur in a particular 

installation. If this equipment does cause harmful 

interference to radio or television reception, which can 

be determined by turning this equipment off and on, the 

user is encouraged to try to correct the interference by 

one or more of the following measures: 

. Change the direction of the radio or TV antenna. 

. To the extent possible, relocate the radio, TV, or other 

receiver away from the product. 

. Plug the product into a different electrical outlet so 

that the product and the receiver are on different 

branch circuits. 

. If these suggestions don’t help, consult your dealer or 

an experienced radio/TV repair technician for more 

suggestions. 

Canada Compliance Statement 

(Industry Canada) 

Cet appareil numérique respecte les limites bruits 

radioélectriques applicables aux appareils numériques 

de Classe A prescrites dans la norme sur le matériel 

brouilleur: “Appareils Numériques,” NMB-003 édictée 

par le Ministre Canadien des Communications. 

This digital apparatus does not exceed the Class A limits 

for radio noise emissions from digital apparatus set out 

in the interference-causing equipment standard entitled: 

“Digital Apparatus,” ICES-003 of the Canadian Department 

of Communications. 

CE Compliance Statement 

The Intel® NetStructure 6000 Switch complies with 

the EU Directive, 89/336/EEC, using the EMC standards 

EN55022 (Class A) and EN55024. This product also 

complies with the EU Directive, 73/23/EEC, using the 

safety standard EN60950 A1/A2/A3/A4/A11. 

CISPR 22 Statement 

Warning 

This is a class A product. In a domestic environment 

this product may cause radio interference in which 

case the user may be required to take adequate measures. 

Taiwan Class A EMI Statement 

NOTE This device complies with Part 15 of the FCC 

Rules. Operation is subject to the following two conditions: 

(1) This device may not cause harmful interference, 

and (2) this device must accept any interference 

received, including interference that may cause undesired 

operation. 

CAUTION If you make any modification to the equipment 

not expressly approved by Intel, you could void 

your authority to operate the equipment. 

VCCI Class A (Japan) 

Australia 

329


Technical Information 

Limited Hardware Warranty 

Intel warrants to the original owner that the hardware product delivered in this package will be free from defects in material and 

workmanship for one (1) year following the latter of: (i) the date of purchase only if you register by returning the registration card 

as indicated thereon with proof of purchase; or (ii) the date of manufacture; or (iii) the registration date if by electronic means provided 

such registration occurs within thirty (30) days from purchase. This warranty does not cover the product if it is damaged in 

the process of being installed. Intel recommends that you have the company from whom you purchased this product install the 

product. 

INTEL RESERVES THE RIGHT TO FILL YOUR ORDER WITH A PRODUCT CONTAINING NEW OR REMANUFAC- 

TURED COMPONENTS. THE ABOVE WARRANTY IS IN LIEU OF ANY OTHER WARRANTY, WHETHER EXPRESS, 

IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTY OF NONINFRINGEMENT OF 

INTELLECTUAL PROPERTY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR ANY WARRANTY 

ARISING OUT OF ANY PROPOSAL, SPECIFICATION, SAMPLE OR OTHERWISE. 

This warranty does not cover replacement of products damaged by abuse, accident, misuse, neglect, alteration, repair, disaster, 

improper installation or improper testing. If the product is found to be otherwise defective, Intel, at its option, will replace or 

repair the product at no charge except as set forth below, provided that you deliver the product along with a return material authorization 

(RMA) number either to the company from whom you purchased it or to Intel (North America only). If you ship the product, 

you must assume the risk of damage or loss in transit. You must use the original container (or the equivalent) and pay the 

shipping charge. Intel may replace or repair the product with either new or remanufactured product or parts, and the returned 

product becomes Intel’s property. Intel warrants the repaired or replaced product to be free from defects in material and workmanship 

for a period of the greater of: (i) ninety (90) days from the return shipping date; or (ii) the period of time remaining on the 

original one (1) year warranty. This warranty gives you specific legal rights and you may have other rights which vary from state 

to state. All parts or components contained in this product are covered by Intel’s limited warranty for this product; the product 

may contain fully tested, recycled parts, warranted as if new. For warranty information call one of the numbers below. 

Returning a Defective Product (RMA) 

Before returning any product, contact an Intel Customer Support Group and obtain an RMA number by calling: 

North America only: (800) 838-7136 or (916) 377-7000 

Other locations: Return the product to the place of purchase. 

If the Customer Support Group verifies that the product is defective, they will have the Return Material Authorization Department 

issue you an RMA number to place on the outer package of the product. Intel cannot accept any product without an RMA number 

on the package. 

LIMITATION OF LIABILITY AND REMEDIES 

INTEL SHALL HAVE NO LIABILITY FOR ANY INDIRECT OR SPECULATIVE DAMAGES (INCLUDING, WITHOUT 

LIMITING THE FOREGO-ING, CONSEQUENTIAL, INCIDENTAL AND SPECIAL DAMAGES) ARISING FROM THE 

USE OF OR INABILITY TO USE THIS PRODUCT, WHETHER ARISING OUT OF CONTRACT, NEGLIGENCE, TORT, OR 

UNDER ANY WARRANTY, IRRESPECTIVE OF WHETHER INTEL HAS ADVANCE NOTICE OF THE POSSIBILITY OF 

ANY SUCH DAMAGES, INCLUDING, BUT NOT LIMITED TO LOSS OF USE, INFRINGEMENT OF INTELLECTUAL 

PROPERTY, BUSINESS INTERRUPTIONS, AND LOSS OF PROFITS, NOTWITHSTANDING THE FOREGOING, 

INTEL’STOTAL LIABILITY FOR ALL CLAIMS UNDER THIS AGREEMENT SHALL NOT EXCEED THE PRICE PAID 

FOR THE PRODUCT. THESE LIMITATIONS ON POTENTIAL LIABILITIES WERE AN ESSENTIAL ELEMENT IN SET- 

TING THE PRODUCT PRICE. INTEL NEITHER ASSUMES NOR AUTHORIZES ANYONE TO ASSUME FOR IT ANY 

OTHER LIABILITIES. 

Some states do not allow the exclusion or limitation of incidental or consequential damages, so the above limitations or exclusions 

may not apply to you. 

Critical Control Applications: Intel specifically disclaims liability for use of the hardware product in critical control applications 

(including, for example only, safety or health care control systems, nuclear energy control systems, or air or ground traffic 

control systems) by Licensee or Sublicensees, and such use is entirely at the user’s risk. Licensee agrees to defend, indemnify, and 

hold Intel harmless from and against any and all claims arising out of use of the hardware product in such applications by Licensee 

or Sublicensees. 

Software: Software provided with the hardware product is not covered under the hardware warranty described above. See the 

applicable software license agreement which shipped with the hardware product for details on any software warranty. 

330



Limited Hardware Warranty (Europe only) 

Intel warrants to the original owner that the hardware product delivered in this package will be free from defects in material and 

workmanship for one (1) year following the latter of: (i) the date of purchase only if you register by returning the registration card 

as indicated thereon with proof of purchase; or (ii) the date of manufacture; or (iii) the registration date if by electronic means provided 

such registration occurs within thirty (30) days from purchase. This warranty does not cover the product if it is damaged in 

the process of being installed. Intel recommends that you have the company from whom you purchased this product install the 

product. 

INTEL RESERVES THE RIGHT TO FILL YOUR ORDER WITH A PRODUCT CONTAINING NEW OR REMANUFAC- 

TURED COMPONENTS. THE ABOVE WARRANTY IS IN LIEU OF ANY OTHER WARRANTY, WHETHER EXPRESS, 

IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTY OF NONINFRINGEMENT OF 

INTELLECTUAL PROPERTY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, OR ANY WAR- 

RANTY ARISING OUT OF ANY PROPOSAL, SPECIFICATION, SAMPLE OR OTHERWISE. 

This warranty does not cover replacement of products damaged by abuse, accident, misuse, neglect, alteration, repair, disaster, 

improper installation or improper testing. If the product is found to be otherwise defective, Intel, at its option, will replace or 

repair the product at no charge except as set forth below, provided that you deliver the product along with a return material authorization 

(RMA) number either to (a) the company from whom you purchased it or (b) to Intel, North America only (if purchased 

in Europe you must deliver the product to "(a)". If you ship the product, you must assume the risk of damage or loss in transit. You 

must use the original container (or the equivalent) and pay the shipping charge. Intel may replace or repair the product with either 

new or remanufactured product or parts, and the returned product becomes Intel’s property. Intel warrants the repaired or replaced 

product to be free from defects in material and workmanship for a period of the greater of: (i) ninety (90) days from the return 

shipping date; or (ii) the period of time remaining on the original one (1) year warranty. 

This warranty gives you specific legal rights and you may have other rights which vary from state to state. All parts or components 

contained in this product are covered by Intel’s limited warranty for this product; the product may contain fully tested, recycled 

parts, warranted as if new. For warranty information call one of the numbers below. 

Returning a Defective Product (RMA) 

Before returning any product, contact an Intel Customer Support Group and obtain an RMA number by calling the non-toll free 

numbers below: 

Country Number Language 

Franch +33 (0) 1 41 91 85 29 French 

Germany +49 (0) 69 9509 6099 German 

Italy +39 (0) 2 696 33276 Italian 

UK +44 (0) 870 607 2439 English 

If the Customer Support Group verifies that the product is defective, they will have the Return Material Authorization Department 

issue you an RMA number to place on the outer package of the product. Intel cannot accept any product without an RMA number 

on the package. 

LIMITATION OF LIABILITY AND REMEDIES 

INTEL SHALL HAVE NO LIABILITY FOR ANY INDIRECT OR SPECULATIVE DAMAGES (INCLUDING, WITHOUT 

LIMITING THE FOREGO-ING, CONSEQUENTIAL, INCIDENTAL AND SPECIAL DAMAGES) ARISING FROM THE 

USE OF OR INABILITY TO USE THIS PRODUCT, 

WHE THER ARISING OUT OF CONTRACT, NEGLIGENCE, TORT, OR UNDER ANY WARRANTY, IRRESPECTIVE OF 

WHETHER INTEL HAS ADVANCE NOTICE OF THE POSSIBILITY OF ANY SUCH DAMAGES, INCLUDING, BUT NOT 

LIMITED TO LOSS OF USE, INFRINGEMENT OF INTELLECTUAL PROPERTY, BUSINESS INTERRUPTIONS, AND 

LOSS OF PROFITS, NOTWITHSTANDING THE FOREGOING, INTEL’S TOTAL LIABILITY FOR ALL CLAIMS UNDER 

THIS AGREEMENT SHALL NOT EXCEED THE PRICE PAID FOR THE PRODUCT. THESE LIMITATIONS ON POTEN- 

TIAL LIABILITIES WERE AN ESSENTIAL ELEMENT IN SETTING THE PRODUCT PRICE. INTEL NEITHER 

ASSUMES NOR AUTHORIZES ANYONE TO ASSUME FOR IT ANY OTHER LIABILITIES. 

Critical Control Applications: Intel specifically disclaims liability for use of the hardware product in critical control applications 

(including, for example only, safety or health care control systems, nuclear energy control systems, or air or ground traffic 

control systems) by Licensee or Sublicensees, and such use is entirely at the user’s risk. Licensee agrees to defend, indemnify, and 

hold Intel harmless from and against any and all claims arising out of use of the hardware product in such applications by Licensee 

or Sublicensees. 

Software: Software provided with the hardware product is not covered under the hardware warranty described above. See the 

applicable software license agreement which shipped with the hardware product for details on any software warranty. 

331

, 

Index 

Symbols 

? command 218 

Numerics 

802.1d Spanning Tree 62, 167 

802.3ad draft Link Aggregation 146 

A 

Access Control List 56, 220 

(see also IP Access Control) 187 

aging time of forwarding database 

disabling 233 

setting 270 

ASE routes 312 

B 

backbone 110, 313 

backup non-volatile RAM 183 

savenv 269 

batch files 

defining configuration information in 

224 

boot image mode 142 

BOOTP Relay Agent 60, 133 

BOOTP/RARP 131 

bootp command 225 

how switch uses 131 

Broadcast and Multicast Storm Control 

61, 185 

C 

carrier tray 

installing 15 

chassis 

setting up 14 

clear commands 

clear counters 228 

clear fdb 228 

clear fdb IP 228 

clear sysfails 294

I N D E X 


Command Console Interface 134 

configuration information 

defining in a batch file 224 

Configure Management menu 66 

date & time 68 

password, basic 68 

password, privileged 69 

ping 70 

SNMP configuration 71 

system at a glance 67 

Telnet to console 70 

Console Commands 135 

console commands 

? 218 

acl 189, 220 

arp 220, 223 

batch 224 

bootp 225 

date 230 

di 231 

diag reset 232 

disable 233 

enable 236 

fdb 240 

gated 242 

help 243 

history 244 

ifconfig 135, 245 

igmpsnoop 174, 249 

kill 252 

loaddefaults 253 

loadnv 254 

logout 255 

netstat 135, 257 

ping 135, 261 

ps 263 

relay 265 

savenv 269 

set 270 

upgrade 297 

upgradelue 298 

upgradewp 299 

vlan 300 

control processor 

installing 16, 28 

counter values 

displaying 283 

CP 16, 28 

D 

data transmission settings 125 

date command 230 

defining configuration information 

in a batch file 224 

deleting a route 268 

DHCP Client 132 

di command (see show command) 231 

diag reset command 144 

diagnostics 142 

disable commands 

disable acl 233 

disable aging 233 

disable dns 234 

disable et0ipfwd 127, 234 

disable help 233 

disable igmpsnoop 234 

disable port 122, 234 

disable portmirror 176, 234 

disable ppp 234 

disable slip 138, 235 

disable spantree 235 

disable syslog 185, 235 

disable telnetd 137, 235 

disable web 235 

334

I N D E X 


display commands 

di 231 

show 282 


contents of IP routing table 260 

counter value 283 

counters for Internet Group Management 

Protocol 259 

counters for TFTP 

firmware version number 296 

IGMP Snooping statistics. 259 

memory buffers in use 260 

memory resource usage 287 

network protocol statistics and routing 

information 257 

SNMP manager addresses 290 

Spanning Tree configuration 291 

statistics for ICMP 

statistics for Internet Protocol 258 

switch information configuration and 

operation 282 

switch’s MAC address 131 

system configuration 294 

DNS 53, 140 

Domain Name Service. (see DNS) 

E 

enable commands 

enable acl 189 

enable aging 237 

enable dns 141, 237 

enable et0ipfwd 127, 237 

enable help 236 

enable igmpsnoop 172, 237 

enable port 238 

enable portmirror 176 

F 

enable ppp 139, 238 

enable slip 138, 238 

enable spantree 166, 238 

enable syslog 135, 239 

enable telnetd 130, 136, 239 

enable web 239, 256 

fan assembly 

replacement 23 

fault tolerance 10 

fdb commands 

fdb add 240 

fdb del 240 

fdb lookup 240 

fdb mode 241 

firmware 

displaying version number of 296 

upgrading 143 

flash memory 

programming new system firmware 

into 297, 298, 299 

forwarding database 

listing contents of 284 

G 

gated 194, 242 

ASE routes 312 

backbone 313 

components 195 

configuring 197 

default route 201 

interfaces 195, 199, 306, 310, 314 

OSPF 193, 204 

OSPF area link state advertisement 

335

I N D E X 


H 

database 321 

OSPF neighbor table 317 

OSPF statistics 319 

preference 195 

RIP 193, 202, 309 

route table 322 

routing protocols 194 

static routes 195, 199, 308 

virtual links 207, 315 

hardware version 285 

help command 129, 243 

history command 244 

I 

ICMP 

displaying statistics 259 

ifconfig 130, 131, 138, 245 

IGMP 259 

displays counters for 259 

IGMP Snooping 86, 172 

Intel Device View 

configuring switch for management 

35 

installation 32 

managing a switch 35 

starting, Web version 34 

starting, Windows version 34 

using the device tree 36 

viewing RMON information 39 

interface state 

changing 247 

enabling 247 

interfaces 

adding 199 

configuring OSPF 314 

internet control message protocol (see IC- 

MP) 

internet group management protocol (see 

IGMP) 

Internet Protocol statistics 



(see also Access Control List) 187 

adding a deny rule 190 

adding a permit rule 189 

adding an end rule 190 

deleting a rule 191 

displaying the rule list 191 

modifying a rule 190 

moving a permit or deny rule 190 

IP address 

changing interface addresses 247 

configuring for an interface 247 

setting 130 

setting for SNMP manager 275 

IP routing table 

adding generic default route 268 

adding route 267 

displaying the contents of 260 

manipulating information in 267 

IP statistics 


K 

kill command 252 

L 

Layer 2 

336

I N D E X 


frame prioritization 146 

switching 146 

layer 3 187 

LEDs 21 

Link Aggregation 65, 146 

loaddefaults command 136, 253 

loadnv command 182, 254 

logout command 129, 255 

M 

MAC address 


management console port 126 

memory buffers 

displays how many in use 260 

memory resource usage 


modules 

installing 17 

replacing 29 

N 

netstat commands 

netstat icmp 259 

netstat igmp 259 

netstat igmpsnoop 259 

netstat ip 258 

netstat mbuf 260 

netstat routes 260 

netstat tcp 257 

netstat tftp 260 

netstat udp 258 

network interface 

displaying all information about 245 

network interface commands 267 

arp 220, 223 

fdb 240 

gated 242 

ifconfig 245 

netstat 257 

ping 261 

network interface commands netstat 257 

network mask 

setting 130 

network statistics 


NVRAM 

backup 115, 182 

restoring 116, 183 

O 

OSPF 107, 193, 204, 311 

area link state advertisement database 

321 

interfaces 314 

neighbor table 317 

statistics 319 


P 

password 

changing basic in Web Device Manager 

68 

changing privileged command password 

274 

privileged mode 129 

ping 261 

in Web Device Manager 70 

pinout 

for serial connection 125 

337

I N D E X 


for the RJ-45 connection 126 

point-to-point protocol. (see PPP) 

Port Mirroring 59, 176 

Port VLAN Identifier. (see PVID) 

power cords 

connecting 20 

power supplies 52 

installing 19 

replacement 27 

Web Device Manager 51 

PPP 

displaying status 140 

logging connections 140 

starting 139 

privileged command mode 

accessing 129 

changing password 127, 274 

setting access to 275 

programming 

new system firmware into flash memory 

297, 298, 299 

ps command 263 

PVID 157 

R 

rack mount brackets 

attaching 13 

relay agent 

BOOTP/DHCP 133 

replacing modules 29 

Reset 114 

Reset & Update menu 

NVRAM, Restore 116 

NVRAM, Save 115 

Reset and Update menu 

reset switch 115 

update CP firmware 118 

update lookup engine 118 

updating with the Web Device Manager 

117 


diag reset command 144 

RIP 193, 202, 309 

interface configuration 310 

preference 195 

Routing menu 

RIP Configuration 105 

RJ-45 management console port 126 

RMON 182 

routes 

adding 267 

adding generic default route 268 

adding non-standard netmask address 

267 

deleting 268 

route commands 267, 268 

routing 

backbone 110, 313 

gated 194 


layer 3 187 

OSPF 107, 204 

RIP 105, 202 

routing management 192 


Routing menu 


routing parameters 102 


virtual links 111 

RS-232 port 123 

338

I N D E X 


S 

savenv command 182, 269 

serial IP connections. (see SLIP) 

serial port 

RS-232 port 123 

set commands 

set agingtime 270 

set baud 125, 271 

set community 135, 271 

set dns 271 

set dns primary 141 

set help 270 

set link 149, 150, 272, 273 

set passwdbasic 128, 273 

set passwdpriv 129, 274 

set portmirror 176 

set ppp 140, 274 

set priority 177, 275 

set priv 129, 143 

set prompt 275 

set snmpmgr 135, 275 

set snmpSecurityLevel 181, 276 

set spantree 166, 276 

set storm 185 

set syslog 280 

set timeout 137, 281 

setting 

a password 127 

access to privileged command mode 

275 

data and time 68 

IP address of an SNMP manager 275 

network mask 130 

switch’s calendar 230 

show commands 

show community 283 

show counters 135 

show dns 141, 283 

show fdb 135 

show help 282 

show hwversion 285 

show lastboot 285 

show link 286 

show memstats 287 

show microtime 288 

show port 149, 288 

show port group 149 

show portinfo 289 

show portmirror 177, 289 

show ppp 140, 289 

show priority 290 

show snmpmgr 290 

show snmpSecuirtyLevel 291 

show spantree 170, 171, 291 

show sprom 293 

show storm 186, 293 

show sys 135, 294 

show sysfails 27, 294 

show syslog 185, 295 

show temperature 24, 295 

show timeout 137, 295, 296 

show treetype 296 

show version 296 

site requirements 13 

SLIP 

enabling 238 

starting 138 

SNMP 71 

displaying addresses 290 


MIBs 12 

SNMP Agent 178 

SNMP manager, setting address of 

275 

Spanning Tree per VLAN 169 

339

I N D E X 


Rapid Port Activation 171 

Rapid Reconfiguration 170 

Spanning Tree Protocol 12, 62, 166 

displaying configuration 291 

static routes 195, 199, 308 

Web Device Manager 


Storm Control 61, 185 

subnetwork 

setting the IP and broadcast address 

before 248 

switch calendar 

setting 230 

switch configuration and operation 

displaying information about 282 

enabling 236 

SYSLOG 184 

logging commands 184 

system administration commands 

bootp 225 

date 230 

diag reset 232 

loaddefaults 253 

loadnv 254 

logout 255 

relay 265 

savenv 269 

upgrade 297 


upgradewp 299 

system configuration commands 

acl 220 

disable 233 

enable 236 

igmpsnoop 249 

set 270 

vlan 300 

system failures 

show sysfails command 27 

system firmware 

updates 297, 298, 299 

system restart times 

listing seconds and microseconds 

since last 288 

T 

TCP 


Telnet 70, 136, 137 

disabling 137, 235 

enabling 239 

TFTP 


Transmission Control Protocol (see TCP) 

Trivial File Transfer Protocol (see TFTP) 

troubleshooting 22 

checklist 22 

U 

UDP 


upgrade 144 

upgrade command 297 

upgradewp command 299 

use with TFTP 144 


upgrading 117 

CP firmware in Web Device Manager 

118 

lookup engine in Web Device Manager 

118 



340

I N D E X 


user datagram protocol. (see UDP) 

utility commands 

? 218 

batch 224 

clear 228 

help 243 

history 244 

kill 252 

ps 263 

V 

VID 76, 156 

View/Configure Device menu 

all ports at a glance 52 

BOOTP/DHCP relay agent 60 

broadcast and multicast storm control 

61 

configuring IP settings 54 

DNS configuration 53 


link aggregation 65 

module information 51 

port mirroring 59 

power supplies & fans 52 

Spanning Tree 62 

view CPU processes 66 

View/Configure menu 

power supplies and fans 51 


virtual neighbor 319 

VLAN commands 

set priority 177 

set priority ports port_list untrusted 

178 

vlan add port 300 

vlan add port(s) 157 

vlan create 300 

vlan del port 157 

vlan delete port 300 

vlan disable iproute 166 

vlan enable iproute 165 

vlan ifconfig 301 

vlan ifconfig create 301 

vlan ifconfig delete 301 

vlan move 158 

vlan move port 300 

vlan name 158, 301 

vlan port PVID 158, 302 

vlan ports admit any 164 

vlan ports admit tagonly 301 

vlan ports disable ingcheck 164, 302 

vlan ports enable ingcheck 164, 301 

vlan ports port_list admit tagonly 

165, 301 

vlan ports port_list enable ingcheck 

164, 301 

vlan print 157, 159, 302 

vlan reset 159, 303 

vlan tag/untag port 301 

vlan VID del port(s) 157 

VLAN identifiers. (see VID) 

VLAN menu 

configure port tagging 79 


VLAN Create/Delete 75 

VLAN FDB 92 

VLAN interface configuration 80 

VLAN port management 76 

VLAN reset 81 

VLAN security 81 

VLAN Spanning Tree 97 

VLAN Security 

802.1Q ingress checking 164 

Acceptable Frame Types 164 

341

I N D E X 


acceptable frame types 85 

ingress checking 82, 164 

trusted and untrusted tags 83, 163 

VLANS 

security 162 

VLANs 11 

configuration storage 159 

Configuring a VLAN with an IP Address 

165 

creating 156, 300 

frame tagging 160 

membership 159 

names 158 

overlapping 161 

PVID 157 

Spanning Tree per VLAN 97, 169 

VID 76, 156 

vlan commands 300 

vlan ifconfig 165 

vlan ports admit tagonly 165 

vlan ports trusted 163 

vlan ports untrusted 163 

VLAN routing configuration 165 

vlan tag/untag port{s} 160 

W 


accessing 43 

all ports at a glance 52 

backbone 

Routing menu 

backbone 110 

BOOTP/DHCP relay agent 60 

broadcast and multicast storm control 

61 

configure management 66 

configuring a port 48 

configuring IP settings 54 


data & time 68 

display options 45 

DNS configuration 53 

Help menu 119 

IGMP Snooping 



link aggregation 65 

module information 51 

monitoring statistics 49 

navigating 44 

NVRAM, Restore 116 

NVRAM, Save 115 

password, privileged password 

changing privileged in Web Device 

Manager 69 

password,basic 68 

ping 70 

port mirroring 59 

power supplies & fans 52 


RIP configuration 105 

Routing menu 100 

routing parameters 102 

SNMP configuration 71 

Spanning Tree 62 

system at a glance 67 

Telnet to console 70 

update Web Device Manager 117 

update, CP firmware 118 

update, lookup engine 118 

updating with the Web Device Manager 

117 

upgrading 114 

version information 50 

342

I N D E X 


view CPU processes 66 

view/configure device menu 50 

virtual links 111 

VLAN Create/Delete 75 

VLAN FDB 92 

VLAN interface configuration 80 

VLAN menu 74 

VLAN port management 76 

VLAN reset 81 

VLAN security 81 

VLAN Spanning Tree 97 

343

Intel® NetStructure™ 6000 Switch

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?