Transcription
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideI
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideTable of ContentsChapter 1Using Command Line Interface. 1Chapter 2Basic Management Commands . 9Chapter 3802.1X Commands. 32Chapter 4Access Authentication Control (AAC) Commands . 58Chapter 5Access Control List (ACL) Commands. 104Chapter 6Access Control List (ACL) Egress Command List . 134Chapter 7ARP Commands. 153Chapter 8ARP Spoofing Prevention Commands . 159Chapter 9Asymmetric VLAN Commands . 161Chapter 10Auto Configuration Commands . 164Chapter 11Basic IP Commands . 167Chapter 12BPDU Attack Protection Commands. 178Chapter 13Cable Diagnostics Commands . 184Chapter 14CFM Commands . 187Chapter 15Command List History Commands . 217Chapter 16Command Logging Command List. 221Chapter 17Common Unicast Routing Command List . 224Chapter 18Compound Authentication Commands . 230Chapter 19Debug Software Command List . 241Chapter 20DHCP Local Relay Commands . 278Chapter 21DHCP Relay Commands . 282Chapter 22DHCP Server Commands . 300Chapter 23DHCP Server Screening Commands . 332Chapter 24DHCPv6 Relay Command List . 345Chapter 25DHCPv6 Server Commands . 350Chapter 26Digital Diagnostic Monitoring (DDM) Commands . 366Chapter 27Domain Name System (DNS) Relay Commands . 374Chapter 28Domain Name System (DNS) Resolver Commands . 379Chapter 29DoS Attack Prevention Commands. 386Chapter 30D-Link Unidirectional Link Detection (DULD) Commands . 391Chapter 31Energy Efficient Ethernet (EEE) Commands . 394II
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideChapter 32Ethernet Ring Protection Switching (ERPS) Commands . 396Chapter 33External Alarm Commands . 406Chapter 34FDB Commands . 408Chapter 35File System Management Commands . 417Chapter 36Filter Commands . 427Chapter 37Gratuitous ARP Commands . 430Chapter 38IGMP Proxy Commands . 436Chapter 39IGMP Snooping Commands . 441Chapter 40IGMP Snooping Multicast (ISM) VLAN Commands . 465Chapter 41IPv4/IPv6 Routing Commands . 477Chapter 42IP Tunnel Commands . 485Chapter 43IPv6 NDP Commands . 495Chapter 44IP-MAC-Port Binding (IMPB) Commands . 502Chapter 45Japanese Web-based Access Control (JWAC) Commands . 529Chapter 46Jumbo Frame Commands . 554Chapter 47LACP Configuration Commands . 557Chapter 48Layer 2 Protocol Tunneling (L2PT) Command List . 559Chapter 49Limited Multicast IP Address Commands . 564Chapter 50Link Aggregation Commands . 573Chapter 51LLDP Commands . 578Chapter 52Loopback Detection Commands . 602Chapter 53Loopback Interface Commands . 610Chapter 54MAC Notification Commands . 614Chapter 55MAC-based Access Control Commands . 619Chapter 56Mirror Commands. 636Chapter 57MLD Proxy Commands . 642Chapter 58MLD Snooping Commands . 647Chapter 59MLD Snooping Multicast (MSM) VLAN Commands . 668Chapter 60Modify Login Banner and Prompt Commands . 680Chapter 61Network Load Balancing (NLB) Commands . 684Chapter 62Network Management Commands. 690Chapter 63Network Monitoring Commands . 709Chapter 64OAM Commands . 729Chapter 65Packet Storm Commands . 737III
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideChapter 66Password Recovery Commands . 743Chapter 67Policy Route Commands . 746Chapter 68Port Security Commands . 750Chapter 69Power over Ethernet (PoE) Commands . 759Chapter 70Power Saving Commands . 764Chapter 71Precision Time Protocol (PTP) Commands . 771Chapter 4Protocol VLAN Commands . 790Chapter 5QoS Commands . 796Chapter 6Q-in-Q Command . 814Chapter 7Routing Information Protocol (RIP) Command List . 828Chapter 8RIPng Commands . 833Chapter 9RSPAN Commands. 837Chapter 10Safeguard Engine Commands . 844Chapter 11Secure File Transfer Protocol (SFTP) Commands . 847Chapter 12sFlow Commands. 850Chapter 13Single IP Management Commands . 862Chapter 14SMTP Commands . 872Chapter 15SNMPv1/v2/v3 Commands . 878Chapter 16Spanning Tree Protocol (STP) commands . 898Chapter 17SSH Commands. 912Chapter 18SSL Commands . 923Chapter 19Stacking Commands . 930Chapter 20Static MAC-based VLAN Commands . 937Chapter 21Static Replication Commands . 940Chapter 22Subnet VLAN Commands . 948Chapter 23Switch Port Commands . 954Chapter 24System Severity Commands . 958Chapter 25Tech Support Commands . 960Chapter 26Time and SNTP Commands . 963Chapter 27Traffic Segmentation Commands. 971Chapter 28UDP Helper Commands . 973Chapter 29Utility Commands . 979Chapter 30Virtual Router Redundancy Protocol (VRRP) Commands . 1006Chapter 31Voice VLAN Commands . 1013IV
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideChapter 32VLAN Commands. 1023Chapter 33VLAN Trunking Commands . 1041Chapter 34Web-based Access Control (WAC) Commands . 1046Chapter 35Weighted Random Early Detection (WRED) Commands . 1061Appendix APassword Recovery Procedure. 1069Appendix BSystem Log Entries . 1071Appendix CTrap Entries . 1103Appendix DRADIUS Attributes Assignment. 1109V
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideChapter 1 Using Command LineInterfaceThe DGS-3420 Layer 2 stackable Gigabit Ethernet switch series are members of the D-Link xStack family. Ranging from 10/100/1000Mbps edge switches to core gigabit switches, the xStack switchfamily has been future-proof designed to provide a stacking architecture with fault tolerance, flexibility,port density, robust security and maximum throughput with a user-friendly management interface forthe networking professional.The Switch can be managed through the Switch’s serial port, Telnet, SNMP or the Web-basedmanagement agent. The Command Line Interface (CLI) can be used to configure and manage theSwitch via the serial port or Telnet interfaces.This manual provides a reference for all of the commands contained in the CLI. Every command willbe introduced in terms of purpose, format, description, parameters, and examples. Configuration andmanagement of the Switch via the Web-based management agent are discussed in the Web UIReference Guide. For detailed information on installing hardware please also refer to the HarwareInstallation Guide.1-1Accessing the Switch via the Serial PortThe Switch’s serial port’s default settings are as follows: 115200 baud no parity 8 data bits 1 stop bitA computer running a terminal emulation program capable of emulating a VT-100 terminal and a serialport configured as above is then connected to the Switch’s serial port via an RJ-45 to RS-232 DB-9convertor cable.With the serial port properly connected to a management computer, the following screen should bevisible.DGS-3420-28SC Gigabit Ethernet SwitchCommand Line InterfaceFirmware: Build 1.50.010Copyright(C) 2013 D-Link Corporation. All rights reserved.UserName:1
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideThere is no initial username or password. Just press the Enter key twice to display the CLI inputcursor DGS-3420-28SC:admin#. This is the command line where all commands are input.1-2Setting the Switch’s IP AddressEach Switch must be assigned its own IP Address, which is used for communication with an SNMPnetwork manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s default IPaddress is 10.90.90.90 (for normal port). You can change the default Switch IP address to meet thespecification of your networking address scheme.The Switch is also assigned a unique MAC address by the factory. This MAC address cannot bechanged, and can be found on the initial boot console screen – shown below.Boot r On Self Test .MAC AddressH/W Version100 %: 00-01-02-03-04-00: B1Please Wait, Loading V1.50.010 Runtime Image .UART init .Starting runtime imageDevice Discovery .Configuration init .100 %100 %100 %100 %Press any key to login.The Switch’s MAC address can also be found in the Web management program on the DeviceInformation (Basic Settings) window on the Configuration menu.The IP address for the Switch must be set before it can be managed with the Web-based manager.The Switch IP address can be automatically set using BOOTP or DHCP protocols, in which case theactual address assigned to the Switch must be known.Starting at the command line prompt, enter the commands config ipif System ipaddressxxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy. Where the x’s represent the IP address to be assigned to the IPinterface named System and the y’s represent the corresponding subnet mask.Alternatively, you can enter config ipif System ipaddress xxx.xxx.xxx.xxx/z. Where the x’srepresent the IP address to be assigned to the IP interface named System and the z represents thecorresponding number of subnets in CIDR notation.The IP interface named System on the Switch can be assigned an IP address and subnet mask whichcan then be used to connect a management station to the Switch’s Telnet or Web-based managementagent.2
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideDGS-3420-28SC:admin# config ipif System ipaddress 10.24.22.100/255.0.0.0Command: config ipif System ipaddress 10.24.22.100/8Success.DGS-3420-28SC:admin#In the above example, the Switch was assigned an IP address of 10.24.22.100 with a subnet mask of255.0.0.0. The system message Success indicates that the command was executed successfully.The Switch can now be configured and managed via Telnet, SNMP MIB browser and the CLI or viathe Web-based management agent using the above IP address to connect to the Switch.There are a number of helpful features included in the CLI. Entering the ? command will display a listof all of the top-level commands.DGS-3420-28SC:admin#?Command: ?.?cable diag portscdcfm linktracecfm lock mdcfm loopbackchange driveclearclear address binding dhcp snoop binding entry portsclear address binding nd snoop binding entry portsclear arptableclear attack logclear cfm pkt cntclear countersclear dhcp bindingclear dhcp conflict ipclear dhcpv6 bindingclear ethernet oam portsclear fdbclear igmp snooping data driven groupclear igmp snooping statistics counterCTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a AllWhen entering a command without its required parameters, the CLI will prompt you with a Nextpossible completions: message.3
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideDGS-3420-28SC:admin#config accountCommand: config accountNext possible completions: username DGS-3420-28SC:admin#In this case, the command config account was entered with the parameter username . The CLI willthen prompt to enter the username with the message, Next possible completions:. Everycommand in the CLI has this feature, and complex commands have several layers of parameterprompting.In addition, after typing any given command plus one space, users can see all of the next possiblesub-commands, in sequential order, by repeatedly pressing the Tab key.To re-enter the previous command at the command prompt, press the up arrow cursor key. Theprevious command will appear at the command prompt.DGS-3420-28SC:admin#config accountCommand: config accountNext possible completions: username 15 DGS-3420-28SC:admin#In the above example, the command config account was entered without the required parameter username , the CLI returned the Next possible completions: username prompt. The up arrowcursor control key was pressed to re-enter the previous command (config account) at the commandprompt. Now the appropriate username can be entered and the config account command reexecuted.All commands in the CLI function in this way. In addition, the syntax of the help prompts are the sameas presented in this manual angle brackets indicate a numerical value or character string, braces{ } indicate optional parameters or a choice of parameters, and brackets [ ] indicate requiredparameters.If a command is entered that is unrecognized by the CLI, the top-level commands will be displayedunder the Available commands: prompt.4
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideDGS-3420-28SC:admin#theAvailable uploadcable 8SC:admin#The top-level commands consist of commands such as show or config. Most of these commandsrequire one or more parameters to narrow the top-level command. This is equivalent to show what? orconfig what? Where the what? is the next parameter.For example, entering the show command with no additional parameters, the CLI will then display allof the possible next parameters.DGS-3420-28SC:admin#showCommand: showNext possible completions:802.1p802.1xaaaaccess profileaccountaccountingacct clientaddress bindingarp spoofing preventionarpentryasymmetric vlanattack logauth clientauth diagnosticsauth session statisticsauth statisticsauthenauthen enableauthen loginauthen th controlboot filebpdu protectionbroadcast ping replycfmcommandcommand historycommunity encryptionconfigcpucurrent configddmdevice statusdhcpdhcp local relaydhcp relaydhcp serverdhcpv6dhcpv6 relaydhcpv6 serverdnsrdos preventiondot1v protocol groupdscpduldeeeegress access profileegress flow meterenvironmenterpserrorethernet oamexternal alarmfdbfilterflow metergratuitous arpgreeting messagegvrphol preventionhost nameigmpigmp proxyigmp snoopingip tunnelipfdbipifipif ipv6 link local autoipmc vlan replicationipmc vlan replication entryiprouteipv6ipv6routejumbo frame5
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guidejwacl2protocol tunnellacp portledlimited multicast addrlink aggregationlldplldp medloglog save timinglog software moduleloopbackloopdetectmac based access controlmac based access control localmac based vlanmac notificationmax mcast groupmcast filter profilemirrormld proxymld snoopingmulticastmulticast fdbname servernlbout band ipifpacketpassword recoveryper queuepoepolicy routeportport groupport securityport security entryport vlanportspower savingprivate vlanptppvidqinqradiusrcpripripngrmonrouterouter portsrspansafeguard engineschedulingscheduling mechanismserial portsessionsflowsftpsimsmtpsnmpsntpsshsslstack devicestack informationstacking modestorage media infostpsubnet vlanswitchsyslogsystem severitytacacstech supporttelnetterminaltftptimetime rangetraffictraffic segmentationtraptrusted hostudp helperutilizationvlanvlan precedencevlan translationvlan translation profilevlan trunkvoice vlanvrrpwacwredDGS-3420-28SC:admin#In the above example, all of the possible next parameters for the show command are displayed. At thenext command prompt, the up arrow was used to re-enter the show command, followed by theaccount parameter. The CLI then displays the user accounts configured on the Switch.1-3Command Syntax SymbolsThe following symbols are used to describe how command entries are made and values andarguments are specified in this manual. The online help contained in the CLI and available through theconsole interface uses the same syntax.Note: All commands are case-sensitive. Be sure to disable Caps Lock or any otherunwanted function that changes text case.Syntaxangle brackets DescriptionEncloses a variable or value. Users must specify the variable or value.For example, in the syntaxcreate ipif ipif name 12 { network address } vlan name 32 {secondary state [enable disable] proxy arp [enable disable]6
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide{local [enable disable]}}users must supply an IP interface name for ipif name 12 and a VLANname for vlan name 32 when entering the command. DO NOT TYPETHE ANGLE BRACKETS.square brackets [ ]Encloses a required value or list of required arguments. Only one value orargument must be specified. For example, in the syntaxcreate account [admin operator power user user] username15 {encrypt [plain text sha 1] password }users must specify either the admin-, operator-, power user-level or userlevel account when entering the command. DO NOT TYPE THESQUARE BRACKETS.vertical bar Separates mutually exclusive items in a list. For example, in the syntaxreset {[config system]} {force agree}users may choose config or system in the command. DO NOT TYPE THEVERTICAL BAR.braces { }Encloses an optional value or a list of optional arguments. One or morevalues or arguments can be specified. For example, in the syntaxreset {[config system]} {force agree}users may choose config or system in the command. DO NOT TYPE THEBRACES.parentheses ( )Indicates at least one or more of the values or arguments in the precedingsyntax enclosed by braces must be specified. For example, in the syntaxconfig dhcp relay {hops int 1-16 time sec 0-65535 }(1)users have the option to specify hops or time or both of them. The "(1)"following the set of braces indicates at least one argument or value withinthe braces must be specified. DO NOT TYPE THE PARENTHESES.ipif ipif name 12 12 means the maximum length of the IP interface name.metric value 1-31 1-31 means the legal range of the metric value.1-4Line Editing KeysKeysDescriptionDeleteDelete character under cursor and shift remainder of line to left.BackspaceDelete character to left of cursor and shift remainder of line to left.CTRL RToggle on and off. When toggled on, inserts text and shifts previoustext to right.Up ArrowRepeats the previously entered command. Each time the up arrow ispressed, the command previous to that displayed appears. This way it is7
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guidepossible to review the command history for the current session. Use thedown arrow to progress sequentially forward through the commandhistory list.Down ArrowThe down arrow will display the next command in the command historyentered in the current session. This displays each command sequentiallyas it was entered. Use the up arrow to review previous commands.Left ArrowMove cursor to left.Right ArrowMove cursor to rightTabHelp user to select appropriate token.The screen display pauses when the show command output reaches the end of the page.1-5Multiple Page Display Control KeysKeysDescriptionSpaceDisplays the next page.CTRL CStops the display of remaining pages when multiple pages are to bedisplayed.ESCStops the display of remaining pages when multiple pages are to bedisplayed.nDisplays the next page.pDisplays the previous page.qStops the display of remaining pages when multiple pages are to bedisplayed.rRefreshes the pages currently displayed.aDisplays the remaining pages without pausing between pages.EnterDisplays the next line or table entry.8
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideChapter 2 Basic ManagementCommandscreate account [admin operator power user user] username 15 {encrypt [plain text sha 1] password }enable password encryptiondisable password encryptionconfig account username 15 {encrypt [plain text sha 1] password }show accountdelete account username 15 show sessionshow switchshow environmentconfig temperature [trap log] state [enable disable]config temperature threshold {high temperature -500-500 low temperature -500-500 }(1)show serial portconfig serial port {baud rate [9600 19200 38400 115200] auto logout [never 2 minutes 5 minutes 10 minutes 15 minutes]}(1)enable clipagingdisable clipagingenable telnet { tcp port number 1-65535 }disable telnetenable web { tcp port number 1-65535 }disable websave {[config pathname log all]}reboot {force agree}reset {[config system]} {force agree}loginlogoutclearconfig terminal width [default value 80-200 ]show terminal widthshow device status2-1create accountDescriptionThis command creates user accounts. The username is between 1 and 15 characters, the password isbetween 0 and 15 characters. The number of accounts (including admin, operator, power-user anduser) is up to eight.Formatcreate account [admin operator power user user] username 15 {encrypt [plain text sha 1] password }9
xStack DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference GuideParametersadmin - Specify the name of the admin account.operator - Specify the name of the operator account.power user - Specify a power user level account. The power user level is lower than the operatorlevel and higher than the user level.user - Specify the name of the user account. username 15 - Specify a username of up to 15 characters.encrypt - Specifies the encryption used.plain text - Specify the password in plain text form.sha 1 - Specify the password in SHA-1 encrypted form. password - The password for the user account. The length of a password in plain-text formand encrypted form are different. For a plain-text form password, the password must be aminimum of 0 characters and a maximum of
The DGS-3420 Layer 2 stackable Gigabit Ethernet switch series are members of the D-Link xStack family. Ranging from 10/100/1000Mbps edge switches to core gigabit switches, the xStack switch family has been future-proof designed to provide a stacking architecture with fault tolerance, flexibility,
