ES4626-SFP Management Guide.pdf

More documents

Recommendations

Info

the destination port; the "no" form of this command disables this function Parameter:None Default:Disable the function by which the switch will check if the source port is equal to the destination port Command Mode:Global Mode Usage Guide:With this function enabled, the switch will be able to drop TCP and UDP data packet whose destination port is equal to the source port. This function can be used associating the “dosattack-check ipv4-first-fragment enable” function so to block the IPv4 fragment TCP and UDP data packet whose destination port is equal to the source port Example:Drop the non-fragment TCP and UDP data packet whose destination port is equal to the source port Switch(Config)# dosattack-check srcport-equal-dstport enable 2.6.3.5 dosattack-check tcp-fragment enable Command: [no] dosattack-check tcp-fragment enable Function:Enable the function by which the switch detects TCP fragment attacks; the “no” form of this command disables this function Parameter:None Default:This function is not enabled on the switch by default Command Mode: Global Mode Usage Guide:By enabling this function the switch will be protected from the TCP fragment attacks, dropping the data packets whose TCP fragment offset value is 1 or the TCP head is shorter than the specified value. Use “dosattack-check tcp-header” command to specify the length. Example:Enable the Checking TCP fragment attack function. Switch(Config)# dosattack-check tcp-fragment enable 2.6.3.6 dosattack-check tcp-header Command: dosattack-check tcp-header Function:Configure the minimum TCP head length permitted by the switch Parameter: is the minimum TCP head length permitted by the switch Default:The length is 20 by default which is the shortest TCP head Command Mode:Global Mode Usage Guide:To use this function the “dosattack-check tcp-fragment enable” function must be enabled Example: Set the minimum TCP head length permitted by the switch to 20 Switch(Config)# dosattack-check tcp-fragment enable Switch(Config)# dosattack-check tcp-header 20 110
2.6.3.7 dosattack-check icmp-attacking enable Command: [no] dosattack-check icmp-attacking enable Function: Enable the ICMP fragment attack checking function on the switch; the “no” form of this command disables this function Parameter: None Default:Disable the ICMP fragment attack checking function on the switch Command Mode:Global Mode Usage Guide: With this function enabled the switch will be protected from the ICMP fragment attacks, dropping the fragment ICMPv4/v6 data packets whose net length is smaller than the specified value Example: Enable the ICMP fragment attack checking function Switch(Config)# dosattack-check icmp-attacking enable 2.6.3.8 dosattack-check icmpv4-size Command: dosattack-check icmpv4-size Function:Configure the max net length of the ICMPv4 data packet permitted by the switch Parameter: is the max net length of the ICMPv4 data packet permitted by the switch Default: The value is 0x200 by default Command Mode: Global Mode Usage Guide: To use this function you have to enable “dosattack-check icmp-attacking enable” first Example: Set the max net length of the ICMPv4 data packet permitted by the switch to 100 Switch(Config)# dosattack-check icmp-attacking enable Switch(Config)# dosattack-check icmpv4-size 100 2.6.3.9 dosattack-check icmpv6-size Command:dosattack-check icmpv6-size Function:Configure the max net length of the ICMPv6 data packet permitted by the switch Parameter: is the max net length of the ICMPv6 data packet permitted by the switch Default:The value is 0x200 by default Command Mode:Global Mode Usage Guide:To use this function you have to enable “dosattack-check icmp-attacking 111
Page 1 and 2:
ES4624-SFP/ES4626-SFP L3 Gigabit Et
Page 3 and 4:
Content CHAPTER 1 SWITCH MANAGEMENT
Page 5 and 6:
2.10.7 Telnet server user configura
Page 7 and 8:
CHAPTER 6 MAC TABLE CONFIGURATION .
Page 9 and 10:
10.1.3 Commands for Layer 3 Interfa
Page 11 and 12:
15.3.4 anti-arpscan trust .........
Page 13 and 14:
17.9.3 MBGP4+ Examples.............
Page 15 and 16:
21.2.4 PIM-SM Typical Application..
Page 17 and 18:
CHAPTER 24 THE NUMBER LIMITATION FU
Page 19 and 20:
26.4 MRPP TYPICAL SCENARIO.........
Page 21 and 22:
ES4624-SFP/ES462 6-SFP Functional C
Page 23 and 24:
Copyright (c) 2001-2006 by Accton T
Page 25 and 26:
Step 2: Run Telnet Client program.
Page 27 and 28:
Step 2: Run HTTP protocol on the ho
Page 29 and 30:
CLI interface is familiar to most u
Page 31 and 32:
ethernet ethernetxx)# supported com
Page 33 and 34:
• vlan , parameter values are req
Page 35 and 36:
ES4624-SFP/ES4626-SFP switch shell
Page 37 and 38:
Chapter 2 Basic Switch Configuratio
Page 39 and 40:
Command: debug ssh-server no debug
Page 41 and 42:
Command: help Function: Output brie
Page 43 and 44:
2.1.1.16 language Command: language
Page 45 and 46:
VRF name: VPN Routing/Forwarding in
Page 47 and 48:
Function: Warm reset the switch. Co
Page 49 and 50:
terminal. If this command is config
Page 51 and 52:
can’t exceed 16 characters; Comma
Page 53 and 54:
Global Mode ip telnet server no ip
Page 55 and 56:
Switch(Config)#telnet-server securi
Page 57 and 58:
is 768 to 2048. The default value i
Page 59 and 60: on the path receives this datagram,
Page 61 and 62: 2.2.7.1.3 show history Command: sho
Page 63 and 64: same. 2.2.7.1.9 show interface swit
Page 65 and 66: Command mode: Admin Mode Usage Guid
Page 67 and 68: Severity Value Description emergenc
Page 69 and 70: example:Clear all information in th
Page 71 and 72: Command ip address [secondary] no
Page 73 and 74: 2.4 SNMP Configuration 2.4.1 Introd
Page 75 and 76: viewed and controlled by the suppor
Page 77 and 78: ] [notify ]] no snmp-server group
Page 79 and 80: get-request PDUs Number of packets
Page 81 and 82: command disables the switch to send
Page 83 and 84: Command: show snmp group Function:
Page 85 and 86: no snmp-server group {NoauthNopriv
Page 87 and 88: Function: Configure to permit to ac
Page 89 and 90: traps” command). and remember to
Page 91 and 92: [Boot]: Step 3: Under BootROM mode,
Page 93 and 94: establishes data connection on port
Page 95 and 96: (1) Start TFTP server (2) Configure
Page 97 and 98: press Enter,following hints will be
Page 99 and 100: 2.5.3.2.2.5 ftp-server timeout Comm
Page 101 and 102: Switch 10.1.1.2 computer 10.1.1.1 F
Page 103 and 104: user profile configuration files fr
Page 105 and 106: 331 User name okay, need password.
Page 107 and 108: dosattack-check enable srcip-equal-
Page 109: Usage Guide: By enabling this funct
Page 113 and 114: no jumbo enable Jumbo frames Disabl
Page 115 and 116: the “no” form of this command r
Page 117 and 118: Function: Configure the length of t
Page 119 and 120: Sample packet max len is 1400 Sampl
Page 121 and 122: TACACS+ terminal access controller
Page 123 and 124: 2.9.3.3 tacacs-server timeout Comma
Page 125 and 126: prompts of command-line interface,
Page 127 and 128: 2.10.2.3 Configure IP address of SN
Page 129 and 130: which has server file name is “no
Page 131 and 132: • Show running-config-to display
Page 133 and 134: 2.10.6 Telnet server configuration
Page 135 and 136: Command Interface Mode interface et
Page 137 and 138: Both fiber and copper Copper Copper
Page 139 and 140: Usage Guide: Run the exit command t
Page 141 and 142: Switch(Config-If-Port-Range)#rate-l
Page 143 and 144: 1000Mbps at full-duplex mode; noneg
Page 145 and 146: the optional parameter secondary is
Page 147 and 148: 3.2.3.2.2 interface ethernet Comman
Page 149 and 150: another port. The duplicated port i
Page 151 and 152: 3.4 Port Configuration Example Swit
Page 153 and 154: applied to port 1/1. Port list tabl
Page 155 and 156: Click Port configuration, Port mirr
Page 157 and 158: For Port Chansnel to work properly,
Page 159 and 160: otherwise, the group will be delete
Page 161 and 162:
Number of ports in group Maxports N
Page 163 and 164:
port state LACP activety . 1 LACP t
Page 165 and 166:
SwitchA SwitchB Fig 4-2 Configuring
Page 167 and 168:
“on” mode is completely joined
Page 169 and 170:
Chapter 5 VLAN Configuration 5.1 VL
Page 171 and 172:
Command Interface Mode switchport t
Page 173 and 174:
Ethernet ports their member ports.
Page 175 and 176:
access vlan” command deletes the
Page 177 and 178:
Switch(Config)#interface ethernet 1
Page 179 and 180:
Switch(Config-Vlan100)#switchport i
Page 181 and 182:
5.2.3.2 debug gvrp Command: debug g
Page 183 and 184:
Function: Display the global and po
Page 185 and 186:
Switch(Config-Vlan100)#switchport i
Page 187 and 188:
It is obvious that, the dot1q-tunne
Page 189 and 190:
Switch (Config-Ethernet1/10)#exit 5
Page 191 and 192:
ID to new VLAN ID according to the
Page 193 and 194:
Switch(Config-If-Ethernet4/1)#vlan-
Page 195 and 196:
description is as follows The MAC-b
Page 197 and 198:
Command Global Mode dynamic-vlan ma
Page 199 and 200:
with the IP protocol or else some a
Page 201 and 202:
Example: Display the port currently
Page 203 and 204:
Figure 5-5 Typical topology applica
Page 205 and 206:
Command Global Mode voice-vlan mac
Page 207 and 208:
Function: Configure the specified V
Page 209 and 210:
Chapter 6 MAC Table Configuration 6
Page 211 and 212:
time for MAC address entry in ES462
Page 213 and 214:
form to restore the aging-time to 3
Page 215 and 216:
1. Set the MAC address 00-01-11-11-
Page 217 and 218:
port-security violation {protect |
Page 219 and 220:
secure static MAC addresses must be
Page 221 and 222:
1 0000.0000.1111 SecureConfigured E
Page 223 and 224:
Chapter 7 MSTP Configuration 7.1 MS
Page 225 and 226:
egion to become the CST. The MSTI i
Page 227 and 228:
Command Global Mode spanning-tree m
Page 229 and 230:
Command Global Mode spanning-tree t
Page 231 and 232:
Command mode: MSTP Region Mode Defa
Page 233 and 234:
forward-time” restores the defaul
Page 235 and 236:
Switch(Config)#spanning-tree max-ho
Page 237 and 238:
Usage Guide: By setting the port co
Page 239 and 240:
Switch(Config-Ethernet-1/2)# 7.3.21
Page 241 and 242:
Route Cost Port 2 128 128 128 Port
Page 243 and 244:
SwitchD(Config-Vlan40)#exit SwitchD
Page 245 and 246:
7.5 MSTP Troubleshooting • In ord
Page 247 and 248:
Ethernet1/2 128.002 0 BLK ALTR 3276
Page 249 and 250:
Command: debug spanning-tree no deb
Page 251 and 252:
Set on port 1/1 route cost of the M
Page 253 and 254:
7.6.3.6 Set bridge priority of the
Page 255 and 256:
DSCP: Differentiated Services Code
Page 257 and 258:
Fig 8-4 Classification process Poli
Page 259 and 260:
Fig 8-6 Queuing and Scheduling proc
Page 261 and 262:
Command Global Mode policy-map no
Page 263 and 264:
queue mode wrr method; the “queue
Page 265 and 266:
Command Mode: Class-map Mode Usage
Page 267 and 268:
“ command. Example: Setting a pol
Page 269 and 270:
defines DSCP mark down mapping, whe
Page 271 and 272:
Example: Creating and deleting a po
Page 273 and 274:
set the default QoS value of the po
Page 275 and 276:
Switch(Config)#mls qos Switch(Confi
Page 277 and 278:
Command mode: Admin Mode Example: S
Page 279 and 280:
Classified In-profile out-profile T
Page 281 and 282:
to previously created classmap and
Page 283 and 284:
Chapter 9 Flow-based Redirection 9.
Page 285 and 286:
Examples: Switch(Config)# show flow
Page 287 and 288:
Global Mode interface vlan no inte
Page 289 and 290:
while obtaining a globally unique I
Page 291 and 292:
(1) Configure DAD neighbor query me
Page 293 and 294:
[no] ipv6 nd suppress-ra Forbid IPv
Page 295 and 296:
(5)Configure Tunnel 6to4 Relay Comm
Page 297 and 298:
directly for tunnel router. Example
Page 299 and 300:
Usage Guide:The minimum time interv
Page 301 and 302:
10.2.2.3.1.12 ipv6 neighbor Command
Page 303 and 304:
Parameter: is the ipv4 address of t
Page 305 and 306:
configure IPv4 address 192.168.3.1
Page 307 and 308:
ipv6 address 2002::2/64 ! interface
Page 309 and 310:
SwitchA(Config-if-Vlan2)#ipv4 addre
Page 311 and 312:
Frags: 0 reassembled, 0 timeouts 0
Page 313 and 314:
IPv6 ICMP: sent type Src Dst fro
Page 315 and 316:
ND RA MTU is 0 ND advertised reacha
Page 317 and 318:
Switch#show ipv6 neighbors IPv6 nei
Page 319 and 320:
ipv6 enable has been on IPv6 transm
Page 321 and 322:
10.4.2 URPF Operation Mechanism At
Page 323 and 324:
Parameter:None Usage Guide: Enable
Page 325 and 326:
10.5.3.2 clear arp-cache Command: c
Page 327 and 328:
Displayed information Total arp ite
Page 329 and 330:
DHCP packets so that the DHCP packe
Page 331 and 332:
ip dhcp excluded-address [] Exclud
Page 333 and 334:
Function: Configures default gatewa
Page 335 and 336:
Switch(dhcp-1-config)#host 10.1.128
Page 337 and 338:
Example: Setting the lease of DHCP
Page 339 and 340:
configuration as well as various co
Page 341 and 342:
4. Disable DHCP relay from forwardi
Page 343 and 344:
Switch(Config-If-Vlan1)#ip helper-a
Page 345 and 346:
Switch(dhcp-A1-config)#client-name
Page 347 and 348:
11.5.1.1 show ip dhcp binding Comma
Page 349 and 350:
Message Received Statistics for DHC
Page 351 and 352:
11.6.1.5 Client WINS server configu
Page 353 and 354:
11.6.1.9 Excluded address Click DHC
Page 355 and 356:
11.6.2.5 Show conflict-logging Clic
Page 357 and 358:
SubOpt: the sequence number of sub-
Page 359 and 360:
ip dhcp relay information policy {d
Page 361 and 362:
Switch(Config)#service dhcp Switch(
Page 363 and 364:
Vlan2: Vlan3: ip dhcp relay informa
Page 365 and 366:
pool { range 192.168.102.21 192.168
Page 367 and 368:
Chapter 13 DHCP snooping Configurat
Page 369 and 370:
Command Globe mode ip dhcp snooping
Page 371 and 372:
13.2.2.1 debug ip dhcp snooping pac
Page 373 and 374:
Command:ip dhcp snooping binding us
Page 375 and 376:
mutually exclusive to“ ip dhcp sn
Page 377 and 378:
is relative to the type of the swit
Page 379 and 380:
Ethernet1/16 untrust none 0second 0
Page 381 and 382:
port maxnum of alarm info The max n
Page 383 and 384:
Chapter 14 SNTP Configuration 14.1
Page 385 and 386:
14.2.3 sntp poll Command: sntp poll
Page 387 and 388:
14.4.2 Request interval configurati
Page 389 and 390:
3. Configure trusted ports 4. Confi
Page 391 and 392:
Command:anti-arpscan port-based thr
Page 393 and 394:
Default Settings:Enable the automat
Page 395 and 396:
Ethernet1/6 untrust N 0 Ethernet1/7
Page 397 and 398:
In the network topology above, port
Page 399 and 400:
There are many sniff, monitor and a
Page 401 and 402:
Function : Forbid ND automatic lear
Page 403 and 404:
Fig 16-1 Prevent ARP ,ND Spoofing E
Page 405 and 406:
Chapter 17 Routing Protocol 17.1 Ro
Page 407 and 408:
Static route 1 RIP 120 OSPF ASE 150
Page 409 and 410:
matching conditions for Community-l
Page 411 and 412:
3. Define the match clause in route
Page 413 and 414:
set vpnv4 next-hop no set vpnv4 ne
Page 415 and 416:
here can define a “permit 0.0.0.0
Page 417 and 418:
17.2.3.7 match metric Command: matc
Page 419 and 420:
The check sequence among nodes is i
Page 421 and 422:
17.2.3.16 set community Command: se
Page 423 and 424:
compared. To extend the comparison
Page 425 and 426:
Switch#config terminal Switch(confi
Page 427 and 428:
mode items can be defined first to
Page 429 and 430:
Set clauses: metric 10 Displayed in
Page 431 and 432:
no ip route { | /} [ | ] [] Functi
Page 433 and 434:
network, mask, next-hop address, in
Page 435 and 436:
Switch(config)#ip route 10.1.1.0 25
Page 437 and 438:
The Layer3 switch modifies its loca
Page 439 and 440:
protocols to be introduced in RIP)
Page 441 and 442:
5)configure the split horizon Comma
Page 443 and 444:
address-family ipv4 vrf no address
Page 445 and 446:
ospf only delete OSPF routes from t
Page 447 and 448:
Example: Switch# config terminal Sw
Page 449 and 450:
Function: Set the password used in
Page 451 and 452:
Default: Version 2 Command Mode: In
Page 453 and 454:
statistics command. Example: Switch
Page 455 and 456:
17.4.3.28 redistribute Command: red
Page 457 and 458:
is the valid period of the key in s
Page 459 and 460:
SwitchA(Config-Vlan2)# switchport i
Page 461 and 462:
SwitchA(config-router-af)#network V
Page 463 and 464:
Default redistribution metric is 1
Page 465 and 466:
Parameter: Specifies the name of VP
Page 467 and 468:
17.5 RIPng 17.5.1 Introduction to R
Page 469 and 470:
1. Enable RIPng protocol (required)
Page 471 and 472:
[no] [] offset-list {in|out} Conf
Page 473 and 474:
Default: No default configuration C
Page 475 and 476:
Usage Guide:The command can configu
Page 477 and 478:
Command Mode: Router mode Example:
Page 479 and 480:
17.5.5 RIPng Troubleshooting The RI
Page 481 and 482:
3000:1:1::1/64 fe80::203:fff:fe01:4
Page 483 and 484:
17.6 OSPF 17.6.1 Introduction to OS
Page 485 and 486:
andwidth required in the network. O
Page 487 and 488:
3)Configure the cost for sending pa
Page 489 and 490:
ip ospf transit-delay no ip ospf t
Page 491 and 492:
Parameter: is the area number whic
Page 493 and 494:
Command: area range [advertise| n
Page 495 and 496:
AUTH_KEY= authentication-key : A p
Page 497 and 498:
17.6.3.13 distance Command: distanc
Page 499 and 500:
cancels the authentication Paramete
Page 501 and 502:
17.6.3.21 ip ospf disable all Comma
Page 503 and 504:
notation Default: Check mtu size in
Page 505 and 506:
Command Mode: Interface Mode Usage
Page 507 and 508:
Usage Guide: For Specifying the rea
Page 509 and 510:
oute-map point to the probe of the
Page 511 and 512:
tag is the identification label of
Page 513 and 514:
SwitchB(config-if-vlan3)#no shut-do
Page 515 and 516:
SwitchA0 and Switch11, and network
Page 517 and 518:
SwitchB(config-If-Vlan2)#ip ospf au
Page 519 and 520:
SwitchB Interface vlan1:10.1.1.1/24
Page 521 and 522:
areas should only be connected to o
Page 523 and 524:
17.6.5.1.8 show ip ospf Command: sh
Page 525 and 526:
Function: Display the OSPF link sta
Page 527 and 528:
192.168.1.1 1 Full/Backup 00:00:32
Page 529 and 530:
Routing Protocol is "bgp 0" Outgoin
Page 531 and 532:
switches to form a link-state datab
Page 533 and 534:
1. Enable OSPFv3 (required) (1) Ena
Page 535 and 536:
IPv6 ospf dead-interval [instance-
Page 537 and 538:
area or NSSA area Example: Set the
Page 539 and 540:
Example: Switch#config terminal Swi
Page 541 and 542:
Switch#config terminal Switch(confi
Page 543 and 544:
packet is not received within the i
Page 545 and 546:
Example: Switch#config terminal Swi
Page 547 and 548:
(assume vlan2 interface of layer3 S
Page 549 and 550:
SwitchD(config-if-vlan2)#exit Confi
Page 551 and 552:
Command Mode: Admin mode and global
Page 553 and 554:
Network-LSA (Area 0.0.0.0) Network
Page 555 and 556:
Default: Not displayed Command Mode
Page 557 and 558:
BGP stands for a Border Gateway Pro
Page 559 and 560:
• EBGP:External BGP When BGP runs
Page 561 and 562:
9.Adjust BGP Announcement Interval
Page 563 and 564:
neighbor {|} distribute-list {||} {
Page 565 and 566:
aggregate-address [summary-only] [
Page 567 and 568:
neighbor peer-group no neighbor
Page 569 and 570:
oute-map {in | out} route-map {in
Page 571 and 572:
13. Configure BGP routing redistrib
Page 573 and 574:
gp always-compare-med no bgp always
Page 575 and 576:
[as-set]: Show AS on the path in li
Page 577 and 578:
Function:Compare route ID; the “n
Page 579 and 580:
Switch(config-router)# bgp confeder
Page 581 and 582:
Usage Guide: This command is usuall
Page 583 and 584:
1771, namely not checking the AS in
Page 585 and 586:
different parameters (such as addre
Page 587 and 588:
Switch(config-af)#route-target both
Page 589 and 590:
command is for setting the route wh
Page 591 and 592:
when transmitting the BGP route in
Page 593 and 594:
originating side will then send an
Page 595 and 596:
Usage Guide: Configure the policies
Page 597 and 598:
: AS-PATH access-list name configur
Page 599 and 600:
no neighbor {|} override-capability
Page 601 and 602:
17.8.3.61 neighbor prefix-list Comm
Page 603 and 604:
Switch(config)#route-map test permi
Page 605 and 606:
Function: Disconnect the neighbor c
Page 607 and 608:
connection. The hold time is the ti
Page 609 and 610:
17.8.3.77 neighbor weight Command:
Page 611 and 612:
: Character string which is the nam
Page 613 and 614:
*>i100.1.1.0/24 10.1.1.68 0 100 0 2
Page 615 and 616:
SwitchB(config-router-bgp)#redistri
Page 617 and 618:
SwitchA AS100 vlan1:11.1.1.1 AS300
Page 619 and 620:
AS200 SwitchH vlan1:8.8.8.8 SwitchG
Page 621 and 622:
Metric=0 AS100 SwitchA vlan1:4.4.4.
Page 623 and 624:
importing routes. Direct-link route
Page 625 and 626:
17.8.5.1.4 show ip bgp community-in
Page 627 and 628:
Min penalty (floor) : 375 Total num
Page 629 and 630:
17.8.5.1.10 show ip bgp paths Comma
Page 631 and 632:
Network Next Hop Metric LocPrf Weig
Page 633 and 634:
Parameter: : Name of BGP instance :
Page 635 and 636:
SwitchC vlan1:2002::3 vlan2:2003::3
Page 637 and 638:
Chapter 18 IGMP Snooping 18.1 Intro
Page 639 and 640:
18.3 Commands for IGMP Snooping 18.
Page 641 and 642:
vlan query command, i.e. either sn
Page 643 and 644:
Example: Switch(config)#ip igmp sno
Page 645 and 646:
Multicast Router Group 1 Group 2 Sw
Page 647 and 648:
messages Command Mode:Admin Mode Us
Page 649 and 650:
Chapter 19 Multicast VLAN 19.1 Intr
Page 651 and 652:
enabled on a switch. Examples: Swit
Page 653 and 654:
Chapter 20 IPv4 Multicast Protocol
Page 655 and 656:
224.0.0.14 RSVP Encapsulation 224.0
Page 657 and 658:
Multicast transmission table entry
Page 659 and 660:
20.2.3.1 ip pim accept-register Com
Page 661 and 662:
hello_holdtime is configured but le
Page 663 and 664:
Switch (config)# 20.2.3.10 ip pim s
Page 665 and 666:
“no debug pim timer sat” comman
Page 667 and 668:
Usage Guide: Display the PIM buffer
Page 669 and 670:
20.2.5.1.7 show ip mroute case. It
Page 671 and 672:
(3) SPT Switch When the Multicast r
Page 673 and 674:
ip pim bsr-candidate {vlan | }[ ][
Page 675 and 676:
and is used to configure PIM-SM inf
Page 677 and 678:
hello-interval” command restores
Page 679 and 680:
created, this connection can’t be
Page 681 and 682:
command modifies Keepalive-period v
Page 683 and 684:
no ip pim ssm Function: Configure t
Page 685 and 686:
Switch (Config)# ip pim bsr-candida
Page 687 and 688:
Switch# debug ip pim event Switch#
Page 689 and 690:
debug pim timer hello ht debug pim
Page 691 and 692:
10.1.4.3 Vlan1 0 v2/S 1 1 10.1.4.3
Page 693 and 694:
10.1.4.3 Vlan3 00:00:17/00:01:29 v2
Page 695 and 696:
20.4 DVMRP 20.4.1 Introduction to D
Page 697 and 698:
Prune/Graft 4、 Configure DVMRP tu
Page 699 and 700:
Command Mode: Interface Configurati
Page 701 and 702:
20.4.4 DVMRP Configuration Examples
Page 703 and 704:
prune[prune-expiry-timer|prune-retx
Page 705 and 706:
20.4.5.1.5 show ip dvmrp pr Command
Page 707 and 708:
consequently guarantee the transmis
Page 709 and 710:
Global Configuration Mode [no] acce
Page 711 and 712:
not 0.0.0.0/0 in other access-list.
Page 713 and 714:
20.5.3.5 ip multicast destination-c
Page 715 and 716:
20.5.3.9 ip multicast source-contro
Page 717 and 718:
ip multicast destination-control is
Page 719 and 720:
to save all relationships of all ho
Page 721 and 722:
2)Configure the maximum response ti
Page 723 and 724:
20.6.3 Commands for IGMP 20.6.3.1 i
Page 725 and 726:
Parameter: : is group address Defau
Page 727 and 728:
or not; that is, if configuring the
Page 729 and 730:
Parameter: None Default: Disabled C
Page 731 and 732:
Source Address V3 Exp Fwd Flags gro
Page 733 and 734:
the multicast-forwarding item (S, G
Page 735 and 736:
21.1.3.1 ipv6 pim accept-register C
Page 737 and 738:
configure tunnel carefully. Example
Page 739 and 740:
no ipv6 pim state-refresh originati
Page 741 and 742:
21.1.5.1.2 debug ipv6 pim timer srt
Page 743 and 744:
Num Ifindex Name Addr 2000:1:111::1
Page 745 and 746:
case. It can check interface inform
Page 747 and 748:
(2) Multicast Source Registration W
Page 749 and 750:
Configure the value of holdtime dom
Page 751 and 752:
is used to configure PIM-SM informa
Page 753 and 754:
modified to 3.5*hello_interval, oth
Page 755 and 756:
Example: Configure vlan’s pim nei
Page 757 and 758:
Usage Guide: If this value is confi
Page 759 and 760:
Command Mode: Global Mode Usage Gui
Page 761 and 762:
Switch (Config-If-Vlan2) # ipv6 add
Page 763 and 764:
Default: Disabled Command Mode: Adm
Page 765 and 766:
no debug ipv6 pim timer hello ht no
Page 767 and 768:
Parameter: None Default: None Comma
Page 769 and 770:
Ver DR Priority/Mode Pim version ,v
Page 771 and 772:
Info source Priority Source of Boot
Page 773 and 774:
ipv6 mld query-interval no ipv6 ml
Page 775 and 776:
host-query messages periodically. T
Page 777 and 778:
Function: Configure the sources of
Page 779 and 780:
21.3.4 MLD Typical Application As s
Page 781 and 782:
Usage Guide: This switch can be ena
Page 783 and 784:
21.4.2 MLD Snooping Configuration T
Page 785 and 786:
snooping” command disables MLD Sn
Page 787 and 788:
21.4.3.7 ipv6 mld snooping vlan mro
Page 789 and 790:
Parameter: vlan-id: vlan id, valid
Page 791 and 792:
Command: show mac-address-table mul
Page 793 and 794:
Fig 16-5 Switches as MLD Querier Fu
Page 795 and 796:
There are two access-list actions a
Page 797 and 798:
access-list {deny | permit} igmp {
Page 799 and 800:
Creates an extended [no] {deny | pe
Page 801 and 802:
[no]{deny|permit}{any-source-mac|{h
Page 803 and 804:
access-list{deny|permit}{any-source
Page 805 and 806:
[no]{deny|permit}{any-source-mac|{h
Page 807 and 808:
[no]absolute-periodic{Monday|Tuesda
Page 809 and 810:
Make configurations effective withi
Page 811 and 812:
34(0x22): IGMP V3 REPORT packet 19(
Page 813 and 814:
{any-destination-mac|{host-destinat
Page 815 and 816:
Command Mode: Global mode Default C
Page 817 and 818:
Examples: Create a name extended IP
Page 819 and 820:
no entry will be created Example: C
Page 821 and 822:
} | any-destination | {host-destina
Page 823 and 824:
untagged-802-3 format of untagged e
Page 825 and 826:
of TCP/UDP source interface No., In
Page 827 and 828:
Functions: Create the name of time-
Page 829 and 830:
access-list 100 deny ip any any-des
Page 831 and 832:
Parameters: word assign name of tim
Page 833 and 834:
22.5.3 Configure the numeric extend
Page 835 and 836:
• Operation type -Add or Remove T
Page 837 and 838:
Chapter 23 802.1x Configuration 23.
Page 839 and 840:
needing to access the LAN via the a
Page 841 and 842:
Protocol Version: Represents the ve
Page 843 and 844:
The authentication can either be st
Page 845 and 846:
Fig 23-9 the Authentication Flow of
Page 847 and 848:
design of protocol and security is
Page 849 and 850:
access the network, while the other
Page 851 and 852:
3) Configure RADIUS Service paramet
Page 853 and 854:
Global Mode dot1x max-req no dot1x
Page 855 and 856:
Command mode: Global Mode Parameter
Page 857 and 858:
enabled on the port, or the port is
Page 859 and 860:
Default: The default maximum user a
Page 861 and 862:
Command: dot1x re-authentication no
Page 863 and 864:
switch will send accounting packets
Page 865 and 866:
etransmission count reaches the ret
Page 867 and 868:
Fig 23-14 User Joining Guest VLAN A
Page 869 and 870:
authentication-triggering messages
Page 871 and 872:
23.5.1.2 debug dot1x Command: debug
Page 873 and 874:
.Udp Port = 1813 .Is Primary = 0 .I
Page 875 and 876:
Global 802.1x Parameters Global 802
Page 877 and 878:
23.6.1.2 RADIUS authentication conf
Page 879 and 880:
• EAP relay authentication mode -
Page 881 and 882:
• Authentication type -Authentica
Page 883 and 884:
Limiting the number of MAC and ARP
Page 885 and 886:
show mac-address dynamic count {vla
Page 887 and 888:
Enable the number limitation functi
Page 889 and 890:
Switch(Config-if-Vlan1)#no ip arp d
Page 891 and 892:
Switch(Config)# show arp-dynamic co
Page 893 and 894:
dynamic nd and the number of nd on
Page 895 and 896:
24.4 The Number Limitation Function
Page 897 and 898:
Chapter 25 VRRP Configuration 25.1
Page 899 and 900:
Configures the simple authenticatio
Page 901 and 902:
Example: Configuring vrrp monitor i
Page 903 and 904:
Priority is always 254 for IP Owner
Page 905 and 906:
25.4 Typical VRRP Scenario As shown
Page 907 and 908:
Example: Enter created Virtual Rout
Page 909 and 910:
Chapter 26 MRPP Configuration 26.1
Page 911 and 912:
Packet Type Hello packet (Health ex
Page 913 and 914:
Enable Enable MRPP ring, format “
Page 915 and 916:
Switch(mrpp-ring-4000)#primary-port
Page 917 and 918:
Switch(Config)# mrpp ring 4000 Swit
Page 919 and 920:
nodes of MRPP ring, configures prim
Page 921 and 922:
Chapter 27 Cluster Configuration 27
Page 923 and 924:
Command Explanation Global Mode clu
Page 925 and 926:
address pool. The “no cluster ip-
Page 927 and 928:
Command: rcommand commander Functio
Page 929 and 930:
Parameter: is the interval of hear
Page 931 and 932:
command switch Command Mode: Admin
show all

ES4626-SFP Management Guide.pdf

Create successful ePaper yourself

Delete template?

Save as template?